A slight modification of my comments on PKI.

Perry E. Metzger perry at piermont.com
Wed Jul 28 19:38:40 EDT 2010


A coda on today's voluminous discussion of X.509, browser security,
etc.

It is important to remember what we're trying to defend against.  As
many of us have learned through bitter experience, the costs and
benefits of security systems we deploy are the important part. No one
needs perfect security in the face of no attackers at all, and even if
attackers are numerous, if a system has low enough failure/fraud
rates, no one will complain much.

The problem is that the system we've built to date is, in fact,
yielding pretty high fraud rates. Attacking people is a full time
profitable business for a lot of people, not a rare sort of
thing. Stolen credentials are sold in the market for very low prices
because there is a glut of them. Yes, the majority of online
transactions are trouble free, but a shocking fraction of them are
not, and the majority of people I know have had a card stolen at least
once online. Things like bank account credential phishing are not only
possible but prevalent. All this may get worse. The cost is a large
fraction of the fees we all end up paying, directly and indirectly, to
do business.

What we would like is to get from the situation we are in now (which
reminds me in certain ways of the days of analog cellphone service
where cloning was trivial) to a situation where fraud still happens
but is much more difficult to pull off. (Certainly phone fraud still
happens, but it is no longer anything like it was in the NAMPS days
and the cost is manageably low.) This would also have the benefit of
radically reducing the number of people who can make a living as
professional attackers, which would have all sorts of salutary
effects.

To lower the fraud rate by significant margins, I think we'll need to
make some serious changes in the security systems we deploy. Logging
in to your bank's web site using a password protected by an SSL
session requires that too many things all go right and that the user
pay attention to whether they have all gone right. We need simpler
systems where, if the user is not paying attention, nothing much bad
can happen to them anyway.

No system can be perfect, but we could do a lot better than we are
doing now. I think this is achievable in theory. Whether it can happen
in practice, I have my doubts, though we can but try.


Perry
-- 
Perry E. Metzger		perry at piermont.com

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list