we need better computers

On the mailing list (libertationtech@lists.stanford.edu) Seth David Schoen wrote:

Arvind Narayanan has just pushed a two-part paper in IEEE Security&
about exactly this point:


Narayanan argues that “a mis-alignment of incentives frequently occurs”
to discourage the use of cryptography to protect privacy (particularly
in the strongest end-to-end sense) and that there is minimal demand for
protecting data against intermediaries and service providers.

(I find this paper extremely depressing, but it does describe actual
events. If I were writing this paper, I would continue to ask how
we can increase demand for cryptographic privacy mechanisms rather
than declaring defeat.)

The point he refers to is that the world has progressed cryptography
to secure communications against tampering so we can have safe
electronic banking but there has hardly any progress with respect to
improving privacy.

Here is my reply to that list:

I’m not so depressed by it. In fact the paper clearly outlines the problems and the way out.

But there is the crypto-trap, it must be perfect or it is useless. It
doesn’t have to be that way. Here is a simple way to start. We won’t
start to solve the privacy problem. We attack other simpler problems
with crypto. From there we can venture into more privacy.

Here’s how.

With anonymous client certificates, we can solve the password problem
when people sign up for an account. It eases the usability of websites
(no more hassle with passwords or email addresses) and it makes site
building easier as client side crypto is already part of every mature
web server.

By making it easier, time will come that passwords are considered more
expensive than client certificates. The push comes from companies that
need to pinch money.

Once we’ve replaced password authentication, the same client
certificates can be used to write authenticated messages. At first, it
could be used by banks to communicate with their clients. By using
client certificates as third-level authentication (in addition to
pin-based TAN-generators) it can defeat most phishing attempts. Even
if the customer falls for it and tries to log in at the phishers’
site, the bank detects it and blocks the account.

Here the demand for crypto comes from the financial pressure on banks to solve the phishing problem.

The end user, although he has a wish to protect him/herself against
advertisment networks, neighbours doesn’t have a clue on how to get
that protection. He doesn’t need it. He needs computers that do the
protection for him. The system above to end the password problem and
phising problem is aligned with the financial pressure.

The things we need to get there are pointed out by Arvind Narayanan in his papers too:

  1. We need completely automated key management, invisible to the user;

  2. We need computers that are trustworthy.

The good news, is: there is light at the end of the tunnel.

I’ve been working on the first part with my eccentric-authentication
‘protocol’. It shows what we can do with anonymous client

And there are plenty of people working on the trustworthy
computers. Just like the drive to virtualisation on the server is a
drive to compartmentalization, we see a rise of operating systems that
bring that to client computers: genode.org, coyotos.org, qubes-os.org.

With the high speed of replacement in the mobile and tablet markets,
it offers opportunities that better not be wasted.


Here is an example of how two current trends might help to align the
security and privacy alignment.

  • To pick up on Narayanan’s argument, even if this kind of service is
    legal and even if carriers thought it was a reasonable service for
    them to offer, we might expect problems with demand for it. One
    problem for the level of demand for blinded e-cash payments for
    telecommunications services is that if users lose their mobile
    devices and don’t have suitable backups, they lose all of their
    prepaid account value (because it existed only in the form of e-cash
    on the devices).

To answer this with another current development: real time synchronization.

Many people already use dropbox to synchronize their phone with their
PC. Combine that with a fingerprint scanner (and pincode) at the phone
to identify yourself to the phone and the loss/theft of the phone
won’t mean the loss of data nor e-cash.

[1]. http://eccentric-authentication.org/