when a fraud is a sale, Re: Rubber hose attack

[David Jablon]

Authentication of people is an especially subtle engineering problem.

Yet, strong network-based authentication of people does not require
complex secret information ... if "complex" means demanding
at least {64, 80, 128} random bits.

With emerging strong password schemes, your average one-in-a-thousand
or one-in-a-million kind of secret can do some pretty neat things --
in some cases with no need at all for stored secrets,
as in a [SP]EKE password-encrypted chat session.

Password-based techniques is one of the subjects being addressed by the
IEEE P1363 working group, and the apparently successful job of a
number of schemes, some of which are listed here:
http://grouper.ieee.org/groups/1363/StudyGroup/submissions.html

(But please don't ask me how this relates to "Rubber hoses".)

At 11:24 AM 11/5/01 -0600, Rick Smith wrote:
>If we look at authentication as an engineering problem, then
>you can only 'authenticate' between entities that share some
>fairly complex secret information. Anything else can be spoofed
>pretty easily. I don't think it's practical to speak of strong,
>network based authentication between 'users' unless we tie them
>to physical devices that store those secrets (private keys, etc.).

(See comments above.)

>Of course, this distinction simply illustrates the gap between
>our policy objectives (authenticate particular roles and/or
>entities) versus the available tools (verify ownership of hard
>to forge credentials).

I definitely agree that the "gap" is huge in most systems.

>Rick.
>smith at securecomputing.com            roseville, minnesota
>"Authentication" in bookstores http://www.visi.com/crypto/

-- David





---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com