Information Technology Reference
In-Depth Information
machine unless it is signed and authorised by, in this case, Deutsche Bank. The
operating systems verify the signature and prevent various viruses and other applications
being installed. By the way, we do the same for a very well-known Internet product,
ICQ. This product uses a singular mechanism to authenticate various plugs into it. We
failed; this was a one million dollar project in 1991 that we did for Deutsche Bank. The
intentions were good but we failed because it was too large a task for a single company to
solve. We just could not chase Microsoft in all the different versions of the operating
system. So we had a solution for one version of US DOS in those days. As soon as we
finished implementing it for that version, there came another version and yet another and
it is just unmanageable to chase the operating system companies to actually provide such
a solution. Today they are back to talking about exactly the same solution, only
Microsoft is now cooperating with Intel and National Semiconductors, etc. So far there
is a complete movement that might happen or might not, but they are talking about
installing, as part of every motherboard, a piece of silicon that allows you to perform
various signature and verification operations. There will be a chain of trust where this
component will test the biometrics and the biometrics will test wherever; there will then
be a testing of the operating system and this system will test the validity of the
applications. Maybe that will happen, maybe not, maybe that could give a solution to
verification or maybe not, but I am sidetracking here. Let us go back to your question.
First of all, even with the most secure solution, I can still cheat it and do so very easily.
I do not take away; I do not give you a weaker solution by separating authentication and
encryption. The only difference between my solution and the solution you are referring
to is that your solution has a smart card where the hash is centred and the smart card
performs the decrypt operation and returns the result. All I am saying is that I give you
another wire, and instead of having the smart card local to your machine, you have it in
the data centre. You send the hash securely to the data centre, it meets the digital
signature key there, the decrypt operation happens and results return to the application.
The reason that this is no less secure than a local smart card PC operation is that it is just
as equally secure and completely identical in terms of security; it still suffers from the
same virus attacks that you know your solution also suffers from. But in terms of the
digital signature solution it is exactly of equal security abilities and the authentication can
be made as strong as you want it to be. You can always have strong authentication and
you can also use strong certificate-based authentication. There is a slight difference
between authentication encryption and digital signatures that the professional community
understand is not a mathematical operation. The machine does not know if it is signing or
encrypting or performing an authentication mechanism; it is the same mathematical
formula. The only difference between encryption, authenticaton and digital signature is
in terms of key management. The most difficult problem to solve is encryption; people
should not be walking around with their encryption key if they have a USB token or a
smart card; the encryption key should not be resident on that smart card.
And another thing, when I get run over by a bus, the organisation has the right to go
through my e-mails and files and therefore it is not a personal or encryption key; it is an
organisational key. This key has to be very well-managed and backed-up; if you lose
that key, you lose all the material that was encrypted with that key. Digital signature
keys also need to be managed. What is important with digital signature keys is the audit
trail, which is important with current PKI technology. I know that someone has stolen
my key only when I start getting bills from a house in the Bahamas where someone has
signed a mortgage in my name. I notice the damage only after it happens because it is a
Search WWH ::
Custom Search