From owner-mcg-talk Thu Apr 30 21:11:52 1998 Received: (from majordom@localhost) by localhost (8.8.7/8.8.7) id VAA05522 for mcg-talk-outgoing; Thu, 30 Apr 1998 21:09:14 -0300 Message-Id: <199805010009.VAA05522@localhost> Date: Thu, 30 Apr 1998 21:09:09 -0300 (EST) From: "416720" To: MCG Subject: [MCG] What is needed on the Internet ... Sender: owner-mcg-talk@mcwg.org Status: RO X-Status: List: ...what is needed, is obvious to all -- security. What is less discussed is the need to bind a system of trust to the security systems. This is the only way that security will be truly achieved. What do I mean by this? Security is concerned with locks, fences and guards. Trust is about whether they work. In network terms, security is not just about encryption, but also is about authentication, digital signatures, data integrity and non-repudiation. Trust is about key management, digital certificates and policy--such as what your privileges are, what you are authorized or not authorized to do with your digital signature. Much of the public discussion and rhetoric is about encryption -- with little attention focused on what is needed to make its use trustworthy. The technology to bring good information security to networks is fairly well developed and understood. It is based on the use of public key encryption and digital signatures. The means to provide trust is less well understood and is called key management infrastructure. It is the system that binds public keys to users and provides the trust component in electronic security. . . . Efforts to provide key management infrastructure services for products with encryption are uncoordinated, immature and lagging the introduction of electronic commerce services. We cannot keep building new capabilities on a poor foundation of security. It is folly to hope that someday we can add needed elements before it's too late. The longer we wait, the more .... and the costlier it will be to address the problem. Think about it for a moment -- we share the same network with our adversaries. We are staking our future on a resource that we have not yet learned to protect. The number of known potential adversaries conducting research on information attacks is growing rapidly. Technology is increasing the sophistication of their capabilities. Meanwhile, if our security remains where it is now, the risks and costs of attacking us will keep getting lower. Even though the above text could have come almost verbatim from any of my postings here or from the papers at the MCG site (even some that date from last year) [1], it did not. Those are very recent words spoken by the U.S. Director of Central Intelligence -- George J. Tenet, in a talk at a NationsBank Policy Forum held at the Georgia Institute of Technology in Atlanta [2]. What is at stake here? Clearly, asymmetric cryptography solved the problem of key secrecy for multiple parties. But it did not solve the problems of key-distribution, key-binding and key-revocation. Thus, the syntatic problem is clearly cut -- mathematically solved. However, the semantic problem, aka the trust problem, has either received very little attention or is just brushed to the side ...under the oblivion carpet. Some say: "I don't care about trust, I just need to worry about keys, authorizations and liabilities." Which sounds a lot like that story about a foolish man that just wanted to have his house built with the third-floor in order to enjoy the vista -- since he had no need for the first two floors. However, it is easy to prove (i.e., mathematically) that certification must depend on two concepts: "proper trust" and "proper keys" [3]. Which, clearly, must first be adequately qualified in communication theory terms and then modeled in an useful way [4]. As has been extensively discussed here, the Internet is not any more a parochial and friendly network. Trust and keys cannot be seen to be approximately objective quantities any longer, in such an expanding Internet, but must be treated as fully subjective [3]. Thus, we need tools that can allow not only keys but also trust to be securely transferred from one party to another, with distinct requirements for either trust or keys -- i.e., regarding their respective acquisition, recognition, decay, revocation, validation, etc. Further, such needs must be recognized to be intersubjective in many ways, even regarding parties that may not be visible parts of a dialogue -- such as a CA. Mechanisms that allow tertiarily-based security (eg, extrinsic certification such as provided by CAs and X.509) must be supplemented by mechanisms that offer pure TTP-free binarily-based security (eg, intrinsic certification with MCs), if we really want to allay privacy and international concerns for e-commerce. Regarding possible certification encumberments by TTP legislation in some countries, there are several solutions that can complement the use of binarily-secure certification systems. The hash of a public-key can be used as a name (ie, a reference) and such was suggested here one year ago (without any political fuss) as a simple way to completely and legally circumvent privacy and international concerns caused by any of the proposed TTP legislations, while affording full security -- when that key is NOT included in the certificate (as it does NOT need to be). Which all bring the central issues to trust, not keys. Cheers, Ed References: [1] MCG 1997-1998 Report, in http://www.mcwg.org/report98.htm [2] (c) April 27, 1998, The McGraw-Hill Companies Inc. -- http://www.aviationweek.com/aviation/avi_edit.htm [3] http://www.mcwg.org/intrinsic.htm [4] http://www.mcwg.org/trustdef.htm ______________________________________________________________________ Dr.rer.nat. E. Gerck egerck@novaware.cps.softex.br http://novaware.cps.softex.br --- Meta-Certificate Group member, http://www.mcwg.org ---