The future of security

[Arnold G. Reinhold]

At 8:21 PM +0100 4/26/04, Graeme Burnett wrote:
>Hello folks,
>
>I am doing a presentation on the future of security,
>which of course includes a component on cryptography.
>That will be given at this conference on payments
>systems and security: http://www.enhyper.com/paysec/
>
>Would anyone there have any good predictions on how
>cryptography is going to unfold in the next few years
>or so?  I have my own ideas, but I would love
>to see what others see in the crystal ball.
>

Here are my thoughts on the future of cryptography:

A major use of crypto will be in efforts to restrict the 
dissemination of information to the public (corporate security, 
digital rights management, state censorship)

Human factors will be regarded as equal in importance with algorithms 
and protocols.

Servers and workstations will incorporate video and other sensors to 
provide self protection against physical intrusions.

As cellphones and PDAs merge there will be a new generation of 
privacy applications for text messaging and/or  voice that use light 
weight protocols and, perhaps symmetric keys.

Cellphone cameras will be used for stenographic communication.

Cellphones and PDAs will be used as security tokens for 
desktop/laptop access, perhaps using Bluetoth

Self-booting, open source CDs will become available that turn any PC 
into a secure messaging system with private keys and messages stored 
on an encrypted disk image on a memory stick.

4096-bit RSA keys will become the standard (RSA is already 
recommending 1024-bit keys be phased out by 2010.)

Key stretching techniques will be enhanced and standardized to allow 
password-based security to remain viable.

Password entry will be done using mouse and display screen, rather 
than keyboards because of all the risks keyboards represent (software 
and hardware loggers, video cameras, acoustic analysis, etc.)

Desktop systems with no hard drive and no I/O ports will become 
required for processing confidential information.

One or more secure networks will emerge that parallel the existing 
Internet. They will use IPv6 and have mandatory encryption and 
authentication.

Cameras and audio recorders will be equipped with GPS, digital 
signing and secure time stamping technologies to restore confidence 
in  recorded evidence.

Stored value smart-cards will finally become popular in the U.S. 
through use in public transportation systems.

Hashcash will be used to bring spam under control and to protect 
networks against zombie attacks.

Anti-spam white listing will be the killer app that finally creates a 
universal public key infrastructure.

Patent concerns will be a major barrier to progress.


Arnold Reinhold

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com