RE: authentication and authorization (was: Question on the state of the security industry)
>However, in some scenarios >http://www.garlic.com/~lynn/2001h.html#61 >the common use of static data is so pervasive that an individual's >information >is found at thousands of institutions. The value of the information to the >criminal is that the same information can be used to perpetrate fraud >across all institutions and so the criminal value is enormous. However >the value to each individual institution may be minimal. As a result >there can be situations where an individual institution hasn't the >infrastructure or the funding to provide the countermeasures necessary >to keep the criminals away from the information (they simply don't >have the resources to provide security proportional to the risk). > >The value of the static data authentication information to a criminal >is far greater than the value of the information to the institution ... >or the cost to the criminal to acquire the information is possibly >orders of magnitude less than the value of the information (for >criminal purposes). Agreed. This is where federated identity management becomes a tricky problem to solve. It is important to get something like the Liberty Alliance right. A solution that I like can be found here (there is also a ppt presentation that can be found on the site): http://middleware.internet2.edu/pki04/proceedings/cross_domain_identity.pdf >Given such a situation the infrastructures simply don't have >the resources to provide the countermeasures adequate to meet >the attacks they are going to experience (there is such a huge >mismatch between the value of the information to the individual >institutions and the value of the information to the criminal). >Which results in my assertion that there has to be a drastic >move away from the existing "static data" authentication paradigm > because there is such a mismatch between the value >to secure the information verses the value of attacks to >obtain the information. >It isn't that theory can't provide mechanisms to protect >the information it that the information is spread far and >wide and is in constant use by thousands of business processes, >and that protection problem is analogous to the problem of >having people memorize a hundred different 8+character >passwords that change every month (which is also a shortcoming >of the static data authenticaton paradigm). Yes, theory is far more advanced than what is used in practice. With Zeroknowledge proofs and attribute authentication, based on secrets stored on smart cards held by the proper owners, and possibility to delegate part of the computation to a server (so clients can authenticate on low powered devices), without revealing information about the secret, etc... I agree that what you call "static data" authentication paradigm is the cause of many problems, including identity theft. It is one reason why Identity Management is a hot topic these days; businesses are loosing control of all these "static data" associated to the various systems they have, and when an employee leaves a company he often has an active account on some system even months after his departure. This is the de-provisioning problem. Not to sure about the wording however, if you take a zeroknowledge Proof to authenticate possession of an attribute, prover will hold some static data (some sort of secret), the only difference is that the verifier doesn't need to know the secret, and in fact you can't learn anything from looking at the communication link when the proof is executed. You can't learn anything either by modifying the protocol from the verifier's point (malicious verifier). But if you can steal the secret that the prover possesses, than you can impersonate her. --Anton - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
RE: authentication and authorization (was: Question on the state of the security industry)
At 07:23 AM 7/5/2004, Anton Stiglic wrote: Identity has many meanings. In a typical dictionary you will find several definitions for the word identity. When we are talking about information systems, we usually talk about a digital identity, which has other meanings as well. If you are in the field of psychology, philosophy, or computer science, identity won't mean the same thing. One definition that relates to computer science that I like is the following: "the individual characteristics by which a thing or person is recognized or known". another way of looking at it in an authentication/authorization infrastructure is that some set of privileges are asserted ... this is typically done by having some sort of identification associated with those privileges (like an account number or userid). There can be some confusion whether what is being asserted is a tag, identity or identification. if the tag being asserted, is something like a person's name, the institution is likely just using it for a tag to look up the set of privileges associated with that name (they may not actually care who you are ... they want to know what privileges are associated with the name/tag). then there is some sort of authentication as to the binding to those set of privileges aka 3-factor authentication taxonomy * something you know * something you have * something you are note, in some scenarios it is possible that knowing the account number provides both the privilege assertion as well as the "something you know" authentication (aka knowing the account number is sufficient to make withdrawals). in any case there are frequently used institutional processes that can be characterized by assertion of privileges and authentication. The taxonomy of those processes can be considered independent of the terms used to label the processes (is a guard really interested in who you are or just finding out what privileges and permissions you have). so we have an environment with institutions and CSOs and an attitude that the institution and the institution integrity must be protected from outsiders (and criminal insiders) however, with the prevalent use of "static data" and "something you know" authentication paradigms ... there is huge amounts of static data laying around, ripe for the harvesting ... where the criminal impersonates an individual. so one view is that the vulnerability is the extensive use by institutions of "static data" and "something you know" authentication, where the individual may have little or no ability to protect the majority of the information. The crime appears to be against the individual and the source of the information may be totally unrelated to where the crime actually occurs. Assuming that the source of the vulnerability are the institutional infrastructures, some laws have been passed to try and hold the institutions responsible for the protection of individual information. in some scenarios, institutions are charged with protecting individual information from the institution itself (which sort of inverts a security officers job of protecting institution from others). However, in some scenarios http://www.garlic.com/~lynn/2001h.html#61 the common use of static data is so pervasive that an individual's information is found at thousands of institutions. The value of the information to the criminal is that the same information can be used to perpetrate fraud across all institutions and so the criminal value is enormous. However the value to each individual institution may be minimal. As a result there can be situations where an individual institution hasn't the infrastructure or the funding to provide the countermeasures necessary to keep the criminals away from the information (they simply don't have the resources to provide security proportional to the risk). The value of the static data authentication information to a criminal is far greater than the value of the information to the institution ... or the cost to the criminal to acquire the information is possibly orders of magnitude less than the value of the information (for criminal purposes). Given such a situation the infrastructures simply don't have the resources to provide the countermeasures adequate to meet the attacks they are going to experience (there is such a huge mismatch between the value of the information to the individual institutions and the value of the information to the criminal). Which results in my assertion that there has to be a drastic move away from the existing "static data" authentication paradigm because there is such a mismatch between the value to secure the information verses the value of attacks to obtain the information. It isn't that theory can't provide mechanisms to protect the information it that the information is spread far and wide and is in constant use by thousands of business processes, and that protection problem is analogous to the problem of having people memorize a hundred di
RE: authentication and authorization (was: Question on the state of the security industry)
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Denker Sent: 1 juillet 2004 14:27 To: [EMAIL PROTECTED] Cc: Ian Grigg Subject: Re: authentication and authorization (was: Question on the state of the security industry) >1) For starters, "identity theft" is a misnomer. My identity >is my identity, and cannot be stolen. The current epidemic >involves something else, namely theft of an authenticator ... Identity has many meanings. In a typical dictionary you will find several definitions for the word identity. When we are talking about information systems, we usually talk about a digital identity, which has other meanings as well. If you are in the field of psychology, philosophy, or computer science, identity won't mean the same thing. One definition that relates to computer science that I like is the following: "the individual characteristics by which a thing or person is recognized or known". A digital identity is usually composed of a set of identifiers (e.g. Unix ID, email address, X.500 DN, etc.) and other information associated to an entity (an entity can be an individual, computer machine, service, etc.). "Other information" may include usage profiles, employee profiles, security profiles, cryptographic keys, passwords, etc. Identity can be stolen in the sense that this information can be copied, revealed to someone, and that someone can use it in order to identify and authenticate himself to a system and get authorization to access resources he wouldn't normally be allowed to. The following document has a nice diagram on the first page of appendix A: http://www.ec3.org/Downloads/2002/id_management.pdf I came up with a similar diagram for a presentation I recently gave, but instead of talking about primary and secondary identifying documents I mention primary and secondary identifying information in general, and I also have an "identifiers" circle situated beside the bigger circle, containing identifiers that belong to an entity but are not linkable to the entity (talking about nyms and pseudonyms). Recall that there are basically 3 types of authentication: individual authentication (such as via biometrics, where you use primary identifying information to authenticate someone), identity authentication (where the identity may or may not be linkable to an individual), and attribute authentication (where you need reveal nothing more than the possession of a certain attribute, such as can be done with Stefan Brands digital credentials). --Anton - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: authentication and authorization (was: Question on the state of the security industry)
At 12:26 PM 7/1/2004, John Denker wrote: The object of phishing is to perpetrate so-called "identity theft", so I must begin by objecting to that concept on two different grounds. there are two sides of this some amount of crime statistics call it ID-theft which plausibly could be either identity or identification ... but in general involves situation where criminal is impersonating you to one degree or another to perform some fraudulent action. there has been some attempt to distinguish impersonation events between fraudulently extracting money from existing accounts and fraudulently creating new accounts in your name. practically, objecting to the label id-theft may be like objecting to the label suicide bomber. in general, the problem is using any kind of static data for authentication. it applies to name, birthdate, mother's maiden name, pins, passwords, account numbers any kind of static data. it worked for a long time ... but it was based on assumption that it had characteristics of 1) shared-secret and 2) used uniquely, different static data in different security domains. the growth of electronic environments has drastically affected this in lots of ways (invalidating the core assumptions that was behind the use of such static data for authentication, it wasn't that static data didn't work ... but it worked well only as long as the underlying assumptions were valid): 1) drastic increase in number of different electronic environments requiring unique shared secrets . basic human factors making it impossible to process unique shared secret for every possible (scores of unique) environment 2) drastic increase in number of different electronic environments ... drastically increasing the number of places that shared secrets are being used ... which increasing the places that shared secrets can be harvested (for criminal purposes) 3) drastic increase in electronic environments that contain information about individuals ... drastically increasing the number of places that personal information can be harvested (of the type that is likely to be used in shared-secret, static authentication information) for criminal purposes. minor reference to the account based scenario security proportional to risk http://www.garlic.com/~lynn/2001h.html#61 and then there is the whole thing about frequent confusion of identification and authentication: http://www.garlic.com/~lynn/aepay3.htm#mcomm (my) misc. additional comments on X9.59 issues. http://www.garlic.com/~lynn/aepay7.htm#3dsecure 3D Secure Vulnerabilities? Photo ID's and Payment Infrastructure http://www.garlic.com/~lynn/aadsm9.htm#pkcs12b A PKI Question: PKCS11-> PKCS12 http://www.garlic.com/~lynn/aadsm14.htm#40 The real problem that https has conspicuously failed to fix http://www.garlic.com/~lynn/aadsm14.htm#41 certificates & the alternative view http://www.garlic.com/~lynn/aadsm17.htm#13 A combined EMV and ID card http://www.garlic.com/~lynn/aadsm17.htm#16 PKI International Consortium http://www.garlic.com/~lynn/aepay11.htm#66 Confusing Authentication and Identiification? http://www.garlic.com/~lynn/aepay11.htm#72 Account Numbers. Was: Confusing Authentication and Identiification? (addenda) http://www.garlic.com/~lynn/aepay11.htm#73 Account Numbers. Was: Confusing Authentication and Identiification? (addenda) http://www.garlic.com/~lynn/2003j.html#47 The Tao Of Backup: End of postings Anne & Lynn Wheelerhttp://www.garlic.com/~lynn/ - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: authentication and authorization (was: Question on the state of the security industry)
Ian Grigg wrote: The phishing thing has now reached the mainstream, epidemic proportions that were feared and predicted in this list over the last year or two. OK. > For the first time we are facing a real, difficult security problem. And the security experts have shot their wad. The object of phishing is to perpetrate so-called "identity theft", so I must begin by objecting to that concept on two different grounds. 1) For starters, "identity theft" is a misnomer. My identity is my identity, and cannot be stolen. The current epidemic involves something else, namely theft of an authenticator ... or, rather, breakage of a lame attempt at an authentication and/or authorization scheme. See definitions and discusions in e.g. _Handbook of Applied Cryptography_ http://www.cacr.math.uwaterloo.ca/hac/about/chap10.pdf I don't know of any "security experts" who would think for a moment that a reusable sixteen-digit number and nine-digit number (i.e. credit-card and SSN) could constitute a sensible authentication or authorization scheme. 2) Even more importantly, the whole focus on _identity_ is pernicious. For the vast majority of cases in which people claim to want ID, the purpose would be better served by something else, such as _authorization_. For example, when I walk into a seedy bar in a foreign country, they can reasonably ask for proof that I am authorized to do so, which in most cases boils down to proof of age. They do *not* need proof of my car-driving privileges, they do not need my real name, they do not need my home address, and they really, really, don't need some "ID" number that some foolish bank might mistake for sufficient authorization to withdraw large sums of money from my account. They really, really, reeeally don't need other information such as what SCI clearances I hold, what third-country visas I hold, my medical history, et cetera. I could cite many additional colorful examples, but you get the idea: The more info is linked to my "ID" (either by writing it on the "ID" card or by linking databases via "ID" number) the _less_ secure everything becomes. Power-hungry governments and power- hungry corporations desire such linkage, because it makes me easier to exploit ... but any claim that such linkable "ID" is needed for _security_ is diametrically untrue. === Returning to: > For the first > time we are facing a real, difficult security > problem. And the security experts have shot > their wad. I think a better description is that banks long ago deployed a system that was laughably insecure. (They got away with it for years ... but that's irrelevant.) Now that there is widespread breakage, they act surprised, but none of this should have come as a surprise to anybody, expert or otherwise. Now banks and their customers are paying the price. As soon as the price to the banks gets a little higher, they will deploy a more-secure payment authorization scheme, and the problem will go away. (Note that I didn't say "ID" scheme. I don't care who knows my SSN and other "ID" numbers ... so long as they cannot use them to steal stuff. And as soon as there is no value in knowing "ID" numbers, people will stop phishing for them.) - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]