Anders Rundgren wrote:
It seems that you don't believe much in technical solutions as
enablers.
In fact I do. But still there are non-technical issues to be solved for
which no technical solution exist. And I think that steadily inventing
new standards is not a solution for establishing a technology (here
cryptography in general).
Let me take a practical example. In the EU most on-line banks use
two-factor authentication. The majority of these use OTP (One Time
Password) solutions that definitely not are without cost as well as
susceptible to phishing. In addition OTP is not terribly convenient for
users but that is (of course) something the banks care a little bit less
about. So why don't they use PKI instead?
There are several reasons for that. One was that if you want to use
smartcards as key store for better security you have to install software
and hardware on the user's system. Most times the smartcard "middleware"
was quite buggy, sometimes it was simply unmaintained crap. Also the
card software was not available for all the client systems out there
(not everybody uses Windows). That's why e.g. HBCI never hit the mass
market.
Currently it gets a little bit better with some crypto tokens.
But crypto tokens are not suitable for S/MIME encryption keys because of
the growing key history needed. So one has to distinguish PKI-enabled
applications.
Some people say it is because PKI is difficult and introduces legal and
liability hurdles. IMNSHO this is total BS since a bank-local PKI isn't
designed to work outside of the bank's domain.
I agree here.
PKI in such a setup is just another kind of password.
Hmm, here I disagree since a password, even when used like in Kerberos,
leaves the user's system (directly or as shared secret) whereas a
private key used for signing something during authentication never
leaves the key store of the client's system.
So what is then real problem?
1. The European Smart Card industry who do not want to become suppliers
of commodities.
???
Each time I talked to smartcard vendors they were keen on selling their
stuff. The more the better.
2. Governments who believe that ID-cards and eID are natural combos in
spite of the fact that USB and USB memory sticks are everywhere, while
the traditional smart card interface is not.
3. Governments claiming that the use-case for physical IDs and eIDs are
essentially the same
4. Governments that do not understand that their eID concept does not
address more than a tiny fraction of their citizens' needs for
authentication on the Internet
5. Governments investing in stuff like CEN 15480 and ISO/IEC 24727
Do you think banks care for governments at all? They don't!
I saw some banking PKI fail since they believed: We're big enough and we
invent our own stuff which rules out everything else. They mainly
suffered from internal politics and the DOT.COM blurb.
6. Governments pushing bizarre Bridge CA concepts
BTW: The Bridge CA in Germany was not invented by the government. IIRC
the founders were a bank and a big telco company.
PKI for consumers will become bigger than OTP when PKI is housed in
mobile phones although initially OTP will be used in mobile phones
rather than by special-purpose devices.
I doubt that.
To achieve that we need a whole bunch of enablement technologies.
Most of the PKIX enrollment stuff will be obsolete in 5-10 years from
now
I'd never trust a system where the mobile phone vendor initializes a key
to avoid an enrollment process. If you really plan to establish such a
system be assured that I will fight against this.
The problems with mobile phone security issues are exaggerated and are
also in no way cast in concrete.
On which planet are you living?
If the requirement is "perfect" security,
There's no 100% security. We all know that. But e.g. given the Bluetooth
attacks I'm concerned of drive-by copying of private keys. And given the
strange customizing of mobile phones by the telco companies my trust is
even lower.
> we have to accept that nothing will happen.
Frankly I prefer having to deal with OTP when doing online banking over
using my handy with some obscure key container initialized by a vendor
on it.
Google's Android as well as Symbian 9.3 are not comparable to
Windows which indeed has a broken security model.
But many security reviewers know a lot about Windows (and Linux and Mac
OS X) in comparison to public knowledge about Android. So you can't tell
at this time.
I don't expect a reply on this because it will anyway take some five
years or so to figure out if the above is correct or not.
Well, mabye the problem is that I'm not as visionary as you are. ;-)
Ciao, Michael.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto