On 09/05/2010 01:09 PM, Arshad Noor wrote:
http://www.strongauth.com/pdf/identityFirewalls1.0.pdf
I'm commenting on it out of order, mostly backwards.
Digital certificate credentials using cryptographic tokens, can follow in the successful footsteps of the ATM card.
You know that ATM cards are frauded all the time, right? http://www.wired.com/threatlevel/2010/08/tsurikov-extradition/ "In a global coordinated heist, the cashers simultaneously hit more than 2,000 ATMs with the fraudulent cards, netting about $9.5 million in less than 12 hours."
Even if customers were still duped into going to a “phishers” web-site instead of a legitimate business', the fact that the “phisher” does not have the 2-factor cryptographic token in their possession will eliminate the risk of stealing the legitimate customer's identity.
Why wouldn't the phished customer be willing authenticate with his second factor as well as the first? Why couldn't the phisher be able to forward that credential nearly as easily as a password? Even if those issues were addressed, identity and authentication is more than logging into a web site: http://www.theregister.co.uk/2010/08/11/zeus_cyberscam_analysis/ "While earlier versions simply recorded banking login credentials and forwarded them back to hackers, the latest version of Zeus also performs illegal online banking transactions."
When a new baby is born at a hospital, the baby should be issued its first digital certificate to serve its authentication needs in the healthcare industry. The certificate will be unusual in that it will be the only one of the seven credentials that will have an otherName value in the SubjectAltName extension to store a one-way hash of the digital representation of the newborn child's DNA.
Dude, this is messed up. There are a couple of influential books you might consider reading: http://en.wikipedia.org/wiki/Brave_New_World http://en.wikipedia.org/wiki/Nineteen_Eighty-Four
When a child goes to enroll at a preschool or kindergarten, proof of residency and the date of birth can be provided to the school by having the hospital of birth e-mail a digitally signed birth certificate to the school admissions office (the guardian will actually request it through an application on the hospital's site, after authenticating him/herself with their own healthcare credential, or their child's credential).
Is there really such a problem today with preschoolers being enrolled with fake identities that it could possibly justify such an infrastructure?
As such, the one-time grandfathering process will consist of individuals providing sworn testimonies, attesting to their identity, and establishing a digital DNA hash at an approved healthcare institution to receive their healthcare industry digital credential.
I get the sense that maybe you a like just a little bit the idea of performing cryptography on your fellow humans? You could probably figure out how to incorporate RFID somehow, too. So what problem is this trying to solve again? Maybe this is the problem statement:
Most people – including security-conscious professionals – resort to using similar passwords (or small set of passwords), or writing them on a piece of paper for the multitude of credentials in their possession. [...] access to sensitive information, which was controlled in the past, is now a mere login-screen away to anyone in the world with an Internet connection. This has given rise to new forms of attacks – most notably, phishing and keystroke-loggers - to siphon away credentials to valuable service accounts.
All this, to fix that? Still, most people would consider having seven hardware tokens to be a "multitude of credentials". The proposal includes little or nothing to address basic credentials forwarding attacks. Nor does it help anyone who ever authenticates from one of the "59% of PCs hit by malware": http://news.cnet.com/8301-1009_3-10363373-83.html Such a highly-structured system is only going to make things worse for people when their credentials are compromised. A bad outcome would be a situation where "The court finds Ms. Jones liable for the $1M she borrowed from her home PC because the transaction was authenticated by her 16384-bit RSA key unlocked by her secret 4-digit PIN and she clearly displayed prior criminal tendencies when she wrote on the desk in first grade". The only solution is common sense and an adaptable, organic system which recognizes the limitations of technology to address what are inherently human problems. Maybe sometimes it is a little extra work to apply good judgment rather than cranking the handle of some mechanistic rules engine. But we certainly can do without creating a machine which (literally) runs off the blood of newborn babies. - Marsh _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
