Re: PKIs and trust
2003-12-15 14:42:14
At 6:08 +0900 12/16/03, Masataka Ohta wrote:
Stephen Kent;
I'm having a feeling that you call a set of software/hardware
to handle certs a PKI.
no, there is a lot more to a PKI than hardware and software.
The problem for such PKI is that, if we have certs based on
existing trust (e.g. I trust some organization have an authority
to issue passports) relationships, we can exchange shared secret
using the relationships that we don't need any public keys.
In principle, yes, but in practice it is preferable to use public
keys for a variety of security reasons,
In practice, I see no security reason not to use shared key
cryptography. See below about the practice of the cases
you choose (passports, frequent traveller cards, etc.)
not to mention the existence of a lot of software that can make use
of certs and public keys.
I'm afraid you are saying we should have PKI because we have PKI.
why do we use browsers to access many databases where other
mechanisms might be more appropriate? because we all have "free"
browsers, users and developers are comfortable with the paradigm, ...
This is what happens in the physical world with most physical
credentials: passports, frequent traveller cards, etc.
Our trust relationships in these cases are so strong that we
can be delivered not only PINs (shared secret) but also physical
credentials.
Yes, but it is cheaper to issue credentials in the form of certs
and avoid postage and related physical credential costs.
In all (passports and frequent traveller cards) cases, it is
required that applicants physically contact authorities.
True for an initial contact for a passport, not for renewal. When I
referred to frequent traveller cards I had in mind the
airline/hotel/car rental frequent traveller programs to which I
belong, not credentials that get me through security with less
examination. (Although my frequent flyer cards DO get me into
shorter lines in many airports.)
In Japan, and maybe in other countries, use of material mail is
inevitable to get passport, because it is the way to confirm the
addresses of applicant.
The address of an applicant is not even printed on a US passport. It
is not part of what the U.S. Department of State attests to when
issuing a passport.
One can pick up frequent travellor cards, at least paper ones, at
airport.
I can get my form of frequent traveller card via a web interaction,
with no physical presence!
Also, PINs are meant to be remembered by users and thus are mire
vulnerable to guessing than key pairs. So we have to put into place
attack monitoring and response schemes, e.g., locking down an
account after N bad login attempts, which creates DoS
opportunities! So there are many reasons to prefer PKI here,
although there are downsides too.
Here, we are talking about physical credentials optionally accompanied
by PINs. So, long PINs may be securely stored in the physical
credentials (maybe with additional short PINs to activate the physical
credentials, which is also the case for devices storing secret keys of
public key cryptography). DoS is to steal the physical credentials.
I think we are talking about different use models. If I have a
frequent flyer account with web access, and if someone tries to break
in by guessing my PIN, the airline will have to shut down the account
after some small number of tries, to prevent an effective guessing
attack. This denies ME access, and it imposes costs for the airline,
because I may have to make a toll free call to someone to cause my
account to be reactivated. That is a DoS attack that could be
avoided if we used crypto keys for auth.
The next question is, does a, two or millions of PKIs worth having?
I don't think they do.
I don't know how many we need. But, when I look in my travel bag I
see about 30+ paper and plastic credentials, all of which could be
turned into certs under the right circumstances, without creating
new "trusted" organizations,
I think we can, at least, agree that we need no "new trusted
organizations" or commercial CAs.
agreed!
and with the benefit of greater security and less bulk (bits are
thin and light weight!).
That you have paper and plastic credentials means that you don't
need much security.
not really. I rarely uses most of those credentials today. They are
largely replaced by web accesses where knowledge of the account
number and a PIN provides the authentication that used to be inferred
by physical possession of the card.
That you have an IC card containing 30+ secret keys activated with
a short PIN does not mean so much security. How do you think about
an IC card erases all the secret information after N bad PINs, which
creates DoS opportunities?
I am not too worried about physical security for a crypto hardware
token, because I am careful to not lose such tokens, just like I am,
careful to not lose physical (paper/plastic) cards today. The
advantage to using crypto for authentication is that the keys are
longer and more random than PINs, and I don't have to remember all of
them. The advantage to using public key crypto is that I can employ
existing PKI features in browsers for authentication AND I don't have
to worry that sloppy security procedures at the web sites will
disclose private keys that could be used to impersonate me.
Steve
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: PKIs and trust, (continued)
- Re: PKIs and trust, Masataka Ohta
- Re: PKIs and trust, Leif Johansson
- Re: PKIs and trust, Valdis . Kletnieks
- Re: PKIs and trust, Keith Moore
- Re: PKIs and trust, Stephen Kent
- Re: PKIs and trust, Masataka Ohta
- Re: PKIs and trust, Stephen Kent
- Re: PKIs and trust, Masataka Ohta
- Re: PKIs and trust,
Stephen Kent <=
- Re: PKIs and trust, Masataka Ohta
- Message not available
- Re[2]: PKIs and trust, Anthony G. Atkielski
- Re: PKIs and trust, Franck Martin
Re: ITU takes over?, Ole J. Jacobsen
Re: ITU takes over?, Ole J. Jacobsen
www.isoc.org unreachable when ECN is used [was: Re: ITU takes over?], Simon Leinen
Re: www.isoc.org unreachable when ECN is used [was: Re: ITU takes over?], Stig Venaas
Re: www.isoc.org unreachable when ECN is used, Simon Leinen
|
|
|