[liberationtech] Announcing a privacy preserving authentication protocol

[Guido Witmond]

On 03/21/2013 09:02 PM, Rich Kulawiec wrote:

> True, but phishing is not currently a solvable problem anyway; it falls
> into a class of problems that can't be solved no matter how much clever
> technology is developed because all of that technology presumes that
> end user systems are secure...annnnnd they're not.

Sir, you are entirely correct.

End user systems are insecure. That ship has left in 1980-1990 when 
everyone and their grandmother wanted a PC instead of an account on a 
managed main frame. We are suffering since.

My protocol relies on the *assumption* that the end user system is 
secure. But it's ITs dirty little secret that *every* other protocol 
relies that the end user system is secure!

- Passwords: no keylogger;
- password manager: no malware;
- encrypted password manager: no malware with sufficient patience;
- crypto smart cards: no malware in the crypto layer;
- TAN-generators for banks: I don't know if the transaction I'm 
authorising is the one that's displayed in my browser. One of my Dutch 
banks requires me to type in the amount in the tan-generator so the 
thieves are limited to that amount.

> A substantial percentage of end user systems are already compromised
> (in full or part) and more of them are being compromised while you're
> reading this.  So unless this proposal or one like comes with a plan
> to remediate a few hundred million systems, it may be beautiful in theory,
> but it won't work in practice.

Acceptance is the first step on the road to recovery.

And I think the theory of my solution is more beautiful than the current 
ugly truth. If the only thing it gives is hope out of the current 
misery, I consider it a success. It may plant the seed for someone to 
change their current lousy operating system to something slightly more 
secure. That seed is what I want to plant.

Please see: [1] on how a computer should behave towards its owner.


> In passing, let me note that banks and other financial institutions are
> aiding and abetting phishers by doing extremely stupid things like
> (a) sending email marked up with HTML (b) sending email with URLs (c) sending
> email with with web bugs (d) outsourcing their email.  The irony is that
> while those entities are busy *training* their customers to be phished,
> they're constantly whining about how terribly awfully bad the situation is.
 >
> There is insufficient scotch to dull the pain of that much stupid.

Again, you're completely correct.

With my protocol, that problem is out of the way when the banks and 
customers deploy it. But it's only a little step on the journey.

The good thing, those who want can choose to use it. No need for the 
world to change.


Regards, Guido.


1: http://witmond.nl/blog/2012/11/09/asimovs-laws-for-security.html