[Cryptography] Follow up on my password replacement idea

Tue Sep 22 16:35:55 EDT 2015

On Tue, Sep 22, 2015 at 11:59 AM, Bill Cox <waywardgeek at gmail.com> wrote:

> On Mon, Sep 21, 2015 at 12:28 AM, Ilya Kasnacheev <
> ilya.kasnacheev at gmail.com> wrote:
>
>> What do you think of that? Because current situation with passwords on
>> the internet is unmanageable and replacement is needed - waterproof enough
>> to do users more good than harm.
>>
>
>
> I agree that a replacement, or at least a significant upgrade, is needed
> to passwords.
>

I disagree.

I think what is needed is a mechanism for managing a personal PKI so that
there is no need for device authentication.

So what I do with the mesh right now.

* Every user has their own profile with a master signing key.
* Fingerprint of the profile is the fingerprint of the master signing key.
* Every device has a device profile
* Every device profile contains a unique signature key.

So if Alice has a master signature key with the fingerprint:

MB2GK-6DUF5-YGYYL-JNY5E-RWSHZ

Anyone can go to the Mesh and pull the profile for that fingerprint. That
contains a collection of device profiles which are signed under an
intermediary key which is in turn signed by the master signature key.

So from a protocol point of view, I think it is obvious that we can very
easily set up a scheme so that the device can prove that it has knowledge
of a private key that has a credential chain under MB2GK... to authorize
use as an authentication key. Further I think we all know good ways to
ensure that the private key can only be unlocked if a passphrase is entered
into the device to give a second factor (e.g. x = y + H(passphrase))

What I need to show then is how easy it is for Alice to add and remove
devices from her profile published in the mesh.

To add a device like a cell phone Alice has to do the following

1) Post a connection request to her mesh profile through her chosen portal
(e.g. alice at cryptomesh.org).

2) Check that the request is posted to the right profile by verifying that
the profile tool returns the correct fingerprint.

3) Confirm the connection request from a device that is authorized for
administration and has the right key.

At this point the profile manager on the admin device adds the new device
to the profile and posts the update to the mesh.

Removing devices is trickier because it amounts to revocation of an
assertion. That means that the portal has to be trusted to actually post
updates to the mesh.

And that is a known hard problem. We can bound it in time by requiring
Alice to log into one of her admin devices once a month so that an updated
profile gets pushed. We can also use blockchain/CT like techniques to make
default visible. I have several solutions that work, it is a question of
how much effort is required for how much security.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150922/f224194c/attachment.html>