begin quoting DJA as of Thu, Mar 16, 2006 at 09:50:04PM -0800: [snip] > Neither does your private key, it only identifies itself. It's just as > useful to a thief as it is to you. The only real security comes with a > password which is known _only_ to its owner. PKI keys, whether public or > private only identify computers, not whoever is sitting in front that > computer, or whoever physically possesses the key.
The problem is, the "something you know" must be revealed in order to use it. "Something you have" is easier to keep track of, but also can be easily lost (not that passwords/passphrases can't be easily lost as well). That's why the security types burble about "multi-factor authentication". :) > Having a valid key expresses possession, and only implies permission. > Requiring a secret passphrase for every access expresses permission (the > results of torture and/or maiming expressed earlier notwithstanding. Ultimately, it all comes down to bits on a wire. What you need for security depends on where you put the trust boundaries, and what sort of attacks you want to defend against. A lot of real-world security problems come from users sharing passwords; "something you know" is hard to control; a physical token is much easier. Users also share physical tokens... but they can get 'em back. Unless it's just a USB stick with a private SSH key. [snip] > Which of course has the same weaknesses of keys as well. Physical keys? Cryptographic smart-cards are better than physical keys in many cases -- they aren't as easy to pick, for one. :) -- _ |\_ \| -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
