RE: authentication and authorization (was: Question on the state of the security industry)

[Anton Stiglic]

>However, in some scenarios
>http://www.garlic.com/~lynn/2001h.html#61
>the common use of static data is so pervasive that an individual's
>information
>is found at thousands of institutions. The value of the information to the
>criminal is that the same information can be used to perpetrate fraud
>across all institutions and so the criminal value is enormous. However
>the value to each individual institution may be minimal. As a result
>there can be situations where an individual institution hasn't the
>infrastructure or the funding to provide the countermeasures necessary
>to keep the criminals away from the information (they simply don't
>have the resources to provide security proportional to the risk).
>
>The value of the static data authentication information to a criminal
>is far greater than the value of the information to the institution ...
>or the cost to the criminal to acquire the information is possibly
>orders of magnitude less than the value of the information (for
>criminal purposes).

Agreed.  This is where federated identity management becomes a tricky
problem to solve.  It is important to get something like the Liberty
Alliance right.

A solution that I like can be found here (there is also a ppt presentation
that can be found on the site):

http://middleware.internet2.edu/pki04/proceedings/cross_domain_identity.pdf


>Given such a situation  the infrastructures simply don't have
>the resources to provide the countermeasures adequate to meet
>the attacks they are going to experience (there is such a huge
>mismatch between the value of the information to the individual
>institutions and the value of the information to the criminal).

>Which results in my assertion that there has to be a drastic
>move away from the existing "static data" authentication paradigm
> because there is such a mismatch between the value
>to secure the information verses the value of attacks to
>obtain the information.

>It isn't that theory can't provide  mechanisms to protect
>the information  it that the information is spread far and
>wide and is in constant use by thousands of business processes,
>and that protection problem is analogous to the problem of
>having people  memorize a hundred different 8+character
>passwords that  change every month (which is also a shortcoming
>of the static data authenticaton paradigm).

Yes, theory is far more advanced than what is used in practice.
With Zeroknowledge proofs and attribute authentication, based on 
secrets stored on smart cards held by the proper owners, and possibility
to delegate part of the computation to a server (so clients can 
authenticate on low powered devices), without revealing information 
about the secret, etc...

I agree that what you call "static data" authentication paradigm
is the cause of many problems, including identity theft.  It is 
one reason why Identity Management is a hot topic these days; businesses
are loosing control of all these "static data" associated to the various
systems they have, and when an employee leaves a company he often has an
active account on some system even months after his departure.
This is the de-provisioning problem.

Not to sure about the wording however, if you take a zeroknowledge
Proof to authenticate possession of an attribute, prover will hold
some static data (some sort of secret), the only difference is that
the verifier doesn't need to know the secret, and in fact you can't
learn anything from looking at the communication link when the proof
is executed.  You can't learn anything either by modifying the protocol
from the verifier's point (malicious verifier).  But if you can steal
the secret that the prover possesses, than you can impersonate her.


--Anton 

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

RE: authentication and authorization (was: Question on the state of the security industry)

[Anne & Lynn Wheeler]

At 07:23 AM 7/5/2004, Anton Stiglic wrote:
Identity has many meanings.   In a typical dictionary you will find several
definitions for the word identity.  When we are talking about information
systems, we usually talk about a digital identity, which has other meanings
as well. If you are in the field of psychology, philosophy, or computer
science, identity won't mean the same thing. One definition that relates to
computer science that I like is the following:
"the individual characteristics by which a thing or person is recognized or
known".
another way of looking at it in an authentication/authorization infrastructure
is that some set of privileges are asserted ... this is typically done by 
having some
sort of identification associated with those privileges (like an account number
or userid). There can be some confusion whether what is being asserted is a
tag, identity or identification. if the tag being asserted, is something 
like a
person's name, the institution is likely just using it for a tag to look up 
the
set of privileges associated with that name (they may not actually care who
you are ... they want to know what privileges are associated with the 
name/tag).

then there is some sort of authentication as to the binding to those set of
privileges  aka 3-factor authentication taxonomy
* something you know
* something you have
* something you are
note, in some scenarios  it is possible that knowing the account
number provides both the privilege assertion as well as the "something you
know" authentication (aka knowing the account number is sufficient
to make withdrawals).
in any case there are frequently used institutional processes that can be
characterized by assertion of privileges and authentication. The taxonomy
of those processes can be considered independent of the terms used to
label the processes (is a guard really interested in who you are or just
finding out what privileges and permissions you have).
so we have an environment with institutions and CSOs and an attitude
that the institution and the institution integrity must be protected from
outsiders (and criminal insiders)
however, with the prevalent use of "static data" and "something you know"
authentication paradigms ... there is huge amounts of static data laying
around, ripe for the harvesting ... where the criminal impersonates an
individual. so one view is that the vulnerability is the extensive use
by institutions of "static data" and "something you know" authentication,
where the individual may have little or no ability to protect the majority
of the information. The crime appears to be against the individual and
the source of the information may be totally unrelated to where the
crime actually occurs. Assuming that the source of the vulnerability
are the institutional infrastructures, some laws have been passed to
try and hold the institutions responsible for the protection of
individual information. in some scenarios, institutions are
charged with protecting individual information from the institution
itself (which sort of inverts a security officers job of protecting
institution from others).
However, in some scenarios
http://www.garlic.com/~lynn/2001h.html#61
the common use of static data is so pervasive that an individual's information
is found at thousands of institutions. The value of the information to the
criminal is that the same information can be used to perpetrate fraud
across all institutions and so the criminal value is enormous. However
the value to each individual institution may be minimal. As a result
there can be situations where an individual institution hasn't the
infrastructure or the funding to provide the countermeasures necessary
to keep the criminals away from the information (they simply don't
have the resources to provide security proportional to the risk).
The value of the static data authentication information to a criminal
is far greater than the value of the information to the institution ...
or the cost to the criminal to acquire the information is possibly
orders of magnitude less than the value of the information (for
criminal purposes).
Given such a situation  the infrastructures simply don't have
the resources to provide the countermeasures adequate to meet
the attacks they are going to experience (there is such a huge
mismatch between the value of the information to the individual
institutions and the value of the information to the criminal).
Which results in my assertion that there has to be a drastic
move away from the existing "static data" authentication paradigm
 because there is such a mismatch between the value
to secure the information verses the value of attacks to
obtain the information.
It isn't that theory can't provide  mechanisms to protect
the information  it that the information is spread far and
wide and is in constant use by thousands of business processes,
and that protection problem is analogous to the problem of
having people  memorize a hundred di

RE: authentication and authorization (was: Question on the state of the security industry)

[Anton Stiglic]

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of John Denker
Sent: 1 juillet 2004 14:27
To: [EMAIL PROTECTED]
Cc: Ian Grigg
Subject: Re: authentication and authorization (was: Question on the state of
the security industry)

>1) For starters, "identity theft" is a misnomer.  My identity
>is my identity, and cannot be stolen.  The current epidemic
>involves something else, namely theft of an authenticator ...

Identity has many meanings.   In a typical dictionary you will find several
definitions for the word identity.  When we are talking about information
systems, we usually talk about a digital identity, which has other meanings
as well. If you are in the field of psychology, philosophy, or computer
science, identity won't mean the same thing. One definition that relates to
computer science that I like is the following:
"the individual characteristics by which a thing or person is recognized or
known".

A digital identity is usually composed of a set of identifiers (e.g. Unix
ID, email address, X.500 DN, etc.) and other information associated to an
entity (an entity can be an individual, computer machine, service, etc.).  
"Other information" may include usage profiles, employee profiles, security
profiles, cryptographic keys, passwords, etc.

Identity can be stolen in the sense that this information can be copied,
revealed to someone, and that someone can use it in order to identify and
authenticate himself to a system and get authorization to access resources
he wouldn't normally be allowed to.

The following document has a nice diagram on the first page of appendix A:
http://www.ec3.org/Downloads/2002/id_management.pdf

I came up with a similar diagram for a presentation I recently gave, but
instead of talking about primary and secondary identifying documents I
mention primary and secondary identifying information in general, and I also
have an "identifiers" circle situated beside the bigger circle, containing
identifiers that belong to an entity but are not linkable to the entity
(talking about nyms and pseudonyms).  Recall that there are basically 3
types of authentication:  individual authentication (such as via biometrics,
where you use primary identifying information to authenticate someone),
identity authentication (where the identity may or may not be linkable to an
individual), and attribute authentication (where you need reveal nothing
more than the possession of a certain attribute, such as can be done with
Stefan Brands digital credentials).

--Anton
 

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

authentication and authorization (was: Question on the state of the security industry)

[Nicholas Bohm]

At 12:26 PM 7/1/2004, John Denker wrote:

>The object of phishing is to perpetrate so-called "identity
>theft", so I must begin by objecting to that concept on two
>different grounds.

Subsequent posters have doubted the wisdom of quibbling with the term "identity 
theft".  I think the terminology deserves some attention of its own.

There is a long-established term, "impersonation", which is wholly adequate to 
describe what is now called "identity theft".  Is this just a change of fashion?  I 
suggest that there is more to the change.

"Impersonation" as a term focuses attention on the fact that the criminal is deceiving 
someone in order to gain advantage by claiming to have some valuable characteristics 
or authorisations in fact belonging not to the criminal but to some other person.  The 
person deceived is the primary victim in contemplation when this terminology is used.

"Identity theft", by contrast, suggests that the victim is the person impersonated, 
because his or her "identity" has been "stolen".

This way of looking at things implies that the losses which arise out of the 
impersonation fall on the person impersonated, rather than on the person deceived by 
the impersonation.

"Identity theft" as a label is attractive to, for example, banks who may wish to 
suggest that losses must be carried by their customers because they failed to take 
proper care of their "identity".

I think the use of the term "identity theft" should alert us to the risk that victims 
of crime are trying to pass the blame and the loss to someone else.

Regards

Nicholas

Salkyns, Great Canfield,
Takeley, Bishop’s Stortford CM22 6SX, UK

Phone   01279 871272(+44 1279 871272)
Fax 020 7788 2198   (+44 20 7788 2198)
Mobile  07715 419728(+44 7715 419728)

PGP RSA 1024 bit public key ID: 0x08340015.  Fingerprint:
9E 15 FB 2A 54 96 24 37  98 A2 E0 D1 34 13 48 07
PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF.  Fingerprint:
5248 1320 B42E 84FC 1E8B  A9E6 0912 AE66 899D D7FF  

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: authentication and authorization (was: Question on the state of the security industry)

[Anne & Lynn Wheeler]

At 12:26 PM 7/1/2004, John Denker wrote:
The object of phishing is to perpetrate so-called "identity
theft", so I must begin by objecting to that concept on two
different grounds.
there are two sides of this  some amount of crime statistics call it 
ID-theft  which plausibly could be either identity or identification 
... but in general involves situation where criminal is impersonating you 
to one degree or another to perform some fraudulent action.

there has been some attempt to distinguish impersonation events between 
fraudulently extracting money from existing accounts and fraudulently 
creating new accounts in your name.

practically, objecting to the label id-theft may be like objecting to the 
label suicide bomber.

in general, the problem is using any kind of static data for 
authentication. it applies to name, birthdate, mother's maiden name, pins, 
passwords, account numbers  any kind of static data. it worked for a 
long time ... but it was based on assumption that it had characteristics of 
1) shared-secret and 2) used uniquely, different static data in different 
security domains.

the growth of electronic environments has drastically affected this in lots 
of ways (invalidating the core assumptions that was behind the use of such 
static data for authentication, it wasn't that static data didn't work ... 
but it worked well only as long as the underlying assumptions were valid):

1) drastic increase in number of different electronic environments 
requiring unique shared secrets . basic human factors making it 
impossible to process unique shared secret for every possible (scores of 
unique) environment

2) drastic increase in number of different electronic environments ... 
drastically increasing the number of places that shared secrets are being 
used ... which increasing the places that shared secrets can be harvested 
(for criminal purposes)

3) drastic increase in electronic environments that contain information 
about individuals ... drastically increasing the number of places that 
personal information can be harvested (of the type that is likely to be 
used in shared-secret, static authentication information) for criminal 
purposes.

minor reference to the account based scenario  security proportional to 
risk
http://www.garlic.com/~lynn/2001h.html#61

and then there is the whole thing about frequent confusion of 
identification and authentication:
http://www.garlic.com/~lynn/aepay3.htm#mcomm (my) misc. additional comments 
on X9.59 issues.
http://www.garlic.com/~lynn/aepay7.htm#3dsecure 3D Secure Vulnerabilities? 
Photo ID's and Payment Infrastructure
http://www.garlic.com/~lynn/aadsm9.htm#pkcs12b A PKI Question: PKCS11-> PKCS12
http://www.garlic.com/~lynn/aadsm14.htm#40 The real problem that https has 
conspicuously failed to fix
http://www.garlic.com/~lynn/aadsm14.htm#41 certificates & the alternative view
http://www.garlic.com/~lynn/aadsm17.htm#13 A combined EMV and ID card
http://www.garlic.com/~lynn/aadsm17.htm#16 PKI International Consortium
http://www.garlic.com/~lynn/aepay11.htm#66 Confusing Authentication and 
Identiification?
http://www.garlic.com/~lynn/aepay11.htm#72 Account Numbers. Was: Confusing 
Authentication and Identiification? (addenda)
http://www.garlic.com/~lynn/aepay11.htm#73 Account Numbers. Was: Confusing 
Authentication and Identiification? (addenda)
http://www.garlic.com/~lynn/2003j.html#47 The Tao Of Backup: End of postings


Anne & Lynn Wheelerhttp://www.garlic.com/~lynn/ 

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: authentication and authorization (was: Question on the state of the security industry)

[John Denker]

Ian Grigg wrote:
The phishing thing has now reached the mainstream,
epidemic proportions that were feared and predicted
in this list over the last year or two. 
OK.
>  For the first
time we are facing a real, difficult security
problem.  And the security experts have shot
their wad.
The object of phishing is to perpetrate so-called "identity
theft", so I must begin by objecting to that concept on two
different grounds.
1) For starters, "identity theft" is a misnomer.  My identity
is my identity, and cannot be stolen.  The current epidemic
involves something else, namely theft of an authenticator ...
or, rather, breakage of a lame attempt at an authentication
and/or authorization scheme.  See definitions and discusions
in e.g. _Handbook of Applied Cryptography_
  http://www.cacr.math.uwaterloo.ca/hac/about/chap10.pdf
I don't know of any "security experts" who would think for a
moment that a reusable sixteen-digit number and nine-digit
number (i.e. credit-card and SSN) could constitute a sensible
authentication or authorization scheme.
2) Even more importantly, the whole focus on _identity_ is
pernicious.  For the vast majority of cases in which people
claim to want ID, the purpose would be better served by
something else, such as _authorization_.  For example,
when I walk into a seedy bar in a foreign country, they can
reasonably ask for proof that I am authorized to do so,
which in most cases boils down to proof of age.  They do
*not* need proof of my car-driving privileges, they do not
need my real name, they do not need my home address, and
they really, really, don't need some "ID" number that some
foolish bank might mistake for sufficient authorization to
withdraw large sums of money from my account.  They really,
really, reeeally don't need other information such as what
SCI clearances I hold, what third-country visas I hold, my
medical history, et cetera.  I could cite many additional
colorful examples, but you get the idea:  The more info is
linked to my "ID" (either by writing it on the "ID" card or
by linking databases via "ID" number) the _less_ secure
everything becomes.  Power-hungry governments and power-
hungry corporations desire such linkage, because it makes
me easier to exploit ... but any claim that such linkable
"ID" is needed for _security_ is diametrically untrue.
===
Returning to:
>  For the first
> time we are facing a real, difficult security
> problem.  And the security experts have shot
> their wad.
I think a better description is that banks long ago
deployed a system that was laughably insecure.  (They got
away with it for years ... but that's irrelevant.)  Now
that there is widespread breakage, they act surprised, but
none of this should have come as a surprise to anybody,
expert or otherwise.
Now banks and their customers are paying the price.  As
soon as the price to the banks gets a little higher, they
will deploy a more-secure payment authorization scheme,
and the problem will go away.
(Note that I didn't say "ID" scheme.  I don't care who
knows my SSN and other "ID" numbers ... so long as they
cannot use them to steal stuff.  And as soon as there
is no value in knowing "ID" numbers, people will stop
phishing for them.)
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]