The future of security
Arnold G. Reinhold
reinhold at world.std.com
Thu May 13 13:28:33 EDT 2004
At 8:21 PM +0100 4/26/04, Graeme Burnett wrote:
>Hello folks,
>
>I am doing a presentation on the future of security,
>which of course includes a component on cryptography.
>That will be given at this conference on payments
>systems and security: http://www.enhyper.com/paysec/
>
>Would anyone there have any good predictions on how
>cryptography is going to unfold in the next few years
>or so? I have my own ideas, but I would love
>to see what others see in the crystal ball.
>
Here are my thoughts on the future of cryptography:
A major use of crypto will be in efforts to restrict the
dissemination of information to the public (corporate security,
digital rights management, state censorship)
Human factors will be regarded as equal in importance with algorithms
and protocols.
Servers and workstations will incorporate video and other sensors to
provide self protection against physical intrusions.
As cellphones and PDAs merge there will be a new generation of
privacy applications for text messaging and/or voice that use light
weight protocols and, perhaps symmetric keys.
Cellphone cameras will be used for stenographic communication.
Cellphones and PDAs will be used as security tokens for
desktop/laptop access, perhaps using Bluetoth
Self-booting, open source CDs will become available that turn any PC
into a secure messaging system with private keys and messages stored
on an encrypted disk image on a memory stick.
4096-bit RSA keys will become the standard (RSA is already
recommending 1024-bit keys be phased out by 2010.)
Key stretching techniques will be enhanced and standardized to allow
password-based security to remain viable.
Password entry will be done using mouse and display screen, rather
than keyboards because of all the risks keyboards represent (software
and hardware loggers, video cameras, acoustic analysis, etc.)
Desktop systems with no hard drive and no I/O ports will become
required for processing confidential information.
One or more secure networks will emerge that parallel the existing
Internet. They will use IPv6 and have mandatory encryption and
authentication.
Cameras and audio recorders will be equipped with GPS, digital
signing and secure time stamping technologies to restore confidence
in recorded evidence.
Stored value smart-cards will finally become popular in the U.S.
through use in public transportation systems.
Hashcash will be used to bring spam under control and to protect
networks against zombie attacks.
Anti-spam white listing will be the killer app that finally creates a
universal public key infrastructure.
Patent concerns will be a major barrier to progress.
Arnold Reinhold
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list