two-factor authentication problems
Anne & Lynn Wheeler
lynn at garlic.com
Tue Mar 8 09:08:16 EST 2005
Gabriel Haythornthwaite wrote:
> RSA SecureID and OATH technology have some great virtues:
> - they cost nothing to integrate at the client end - there is no client
> "footprint" so there's nothing to go wrong
> - they are relatively easy to understand and use
> - they're unquestionably better than reliance on user IDs and passwords.
note that there is typically some close relationship between a secureid
and the relying party .... that if everything is working correctly ...
the relying party is pretty sure that (most of the times) the response
originated from a valid token .... although there are various kinds of
attacks and vulnerabilities associated with originating that information
and/or transmitting it to the relying party.
most PKIs tend to focus on the integrity of the indiciation arriving at
the relying party. the digital signature is an indication that something
occured at the remote end ... namely some entity accessed and used a
private key. however, almost all PKI descriptions fail to focus on the
primary event (that a digital signature is suppose to indicate) is that
some form of 3factor authentication actually occured in the access and
use of a private key. A lot of PKI has shifted the focus from the
fundamental authentication business process (the integrity of the access
and use of a private key) to the integrity of the communication that
some (any arbitrary) access and use of a private key (while failing to
establish the there was any fundamental integrity actually associated
with the actual access and use of the private key).
aka ... digital signatures are a secondary factor associated with the
primary integrity event of concern. the primary integrity business
process is the actual access and use of the private key. a digital
signature is a secondary integrity factor ... the indication or
communication that some access and use of a private key has occured (w/o
having any indication about the actual integrity of that access and use).
the actual access and use of the private key would be the primary
integrity event of concern. the (high integrity) communication that such
an access and use has concerned is secondary to the actual access and
use (although both can be considered as attack targets or vulnerabilities).
note that integrity of the actual access and use of the private key,
establishing some form of 3factor authentication
http://www.garlic.com/~lynn/subpubkey.html#3factor
and the communication that some actual access and use of the private key
has occured with a digital signature
is orthogonal whether the relying party is relying on a (offline,
unconnected) PKI model or a certificate-less
http://www.garlic.com/~lynn/subpubkey.html#certless
The PKI model was original met to target the scenario where the relying
party has had no prior relationship with the originating party and/or
has no access and/or recourse to any other source of information
(especially online access) about the originating party.
However, PKI descriptions have frequently obfuscated that there is other
business processes requiring integrity issues (aka anything other than
those related to certificate generation and use).
The actual core process that everything depends on is the integrity
surronding the access and use of the private key .... and all other
processes are scaffolding intended to provide a remote relying party
some indication that the access and use of a private key has occured.
PKI models frequently fail to even bother to describe that the primary
integrity issue is the access and use of the private key (and everything
else is secondary). PKI models also frequently fail to describe that
they are intended for the offline, unconnected business environment ...
which has become the small minority of actual business processes in the
world today.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list