Cryptography Reference
In-Depth Information
Somewhere the claimant is located (proof by location).
The last category of authentication technologies is nonstandard. It is, however,
assumed that the use of information about the current location of a communicating
entity will become more and more important in the future, and it is therefore
considered as a category of its own for the purpose of this topic.
Some exemplary authentication techniques are overviewed and briefly dis-
cussed next. Note that the techniques are not mutually exclusive, and that they com-
plement each other quite nicely. So, in practice, two or more techniques (of different
categories) are usually combined in some way or another.
17.2.1
Proof by Possession
In a proof by possession , the claimant proves to the verifier his or her identity
by showing possession of a physical token. On the verifier side, the proof can be
verified manually or automatically. In the second case, a corresponding detecting
device (hardware or software) is required. Examples of physical tokens include:
Physical keys;
Identification cards;
Magnetic stripe cards;
Smart cards;
Universal serial bus (USB) tokens.
Physical keys have been in use for many centuries (in varying forms). Contrary
to this, all other examples itemized above are relatively new. For example, the use of
smart cards to store and make use of cryptographic keys has evolved in the last two
decades (e.g., [3]). USB tokens are even more recent possibilities to store and make
use of cryptographic keys.
The major advantage of a proof by possession is that it is relatively simple and
straightforward to use by human beings, whereas the major disadvantage is related to
the difficult production, distribution, and management of the physical tokens and the
corresponding detecting devices (if the proofs must be verified automatically). As
a result of this disadvantage, large-scale deployment is often prohibitively complex
and expensive.
Search WWH ::




Custom Search