Gervase Markham wrote: >Nelson B wrote: >> Florian Weimer wrote: >>> The universal client is not secure enough for most applications. As a >>> result, the purported non-repudiation part of such signing mechanisms >>> is potentially harmful to end users. >> >> Please elaborate.
>I think what he means is that average computers today are so overrun by >spyware and trojans that giving them a non-repudiatable way of >authenticating transactions is actually a big risk to the user. This message could though also be interpreted as: Due to the condition of current computers, weak authentication is preferable to strong authentication, as the latter may bind a user harder to an action than the former. Legal practice has shown that in principle "anything" may be used as evidence, including IP addresses and unsigned e-mail. Therefore I think the term "non-repudiation" should slowly be put to rest, even for digital signatures. We are rather dealing with "strength of authentication", but with an additional twist for digital signatures: Support for data integrity. >I've certainly heard this from banks in the UK. They are developing >portable smart card readers where users have to type numbers into the >machine from the screen and type numbers back into the computer from the >reader, just so they can have a secure platform for authenticating >transactions. They are bypassing the client entirely. "They are bypassing the client entirely" is a simplification. They are bypassing "fat" clients, platform dependencies, card reader installations, and non-standard signature software. In case the "client" is hacked deep enough this scheme is not secure (admittedly not an easy hack but to hack a signature client is about the same work). The UK system suffers from other weaknesses: One Time Passwords (OTPs) are subject to real-time phishing attacks that does not require any trojans or spyware at all, just a bad link in an e-mail. >This, of course, is a usability nightmare. :-( This is essentially where strong consumer authentication stands today. It is extensively used by for example the Scandinavian banks. Anders _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
