Security for Human Ends

Internet crime dramatically illustrates the need to improve the security of the Internet infrastructure. New security infrastructures are needed to present Internet users with the information they need to protect themselves in a transparent and intuitive manner. For such a system to be successful it must be deployed ubiquitously and must therefore be an open infrastructure built on open standards. Secure Internet Letterhead is an open technology built on existing standards that bridges the ‘authentication gap’ between the Web browser and the Web user establishing the identity of a trusted enterprise on the Internet using the same cue that is used in physical transactions – their trusted brand. Security for Human Ends The phenomenon of phishing illustrates two major flaws in the authentication mechanisms employed by Internet applications: • The access credentials employed by the majority of Internet applications to authenticate users are insecure. • It is too easy for criminals to impersonate a trusted party on the Internet. The archetypal phishing attack is a form of social engineering. The target receives an email message that purports to come from their bank that requires them to disclose their account username and password. The success of the attack depends on the existence of both security vulnerabilities. If it was not possible for the attacker to use a stolen access credential the attack would fail. If it was not possible for the attacker to impersonate the emails and Web site of the bank the attack would fail. Strong Authentication Credentials One solution to the particular problem of access credential theft is to replace password authentication with access credentials that resist or prevent appropriation by a third party such as One Time Password (OTP) Tokens and PKI Tokens (Smartcards). Credit card issuers in Europe have already begun a transition to using smartcards ‘chip and PIN’ for credit card transactions and many financial services providers in the US have already begun issuing OTP tokens to selected customers. While deployment of strong credentials is important the problem of Internet crime is not limited to theft of Internet credentials. The credentials most commonly targeted in phishing attacks are credit card account numbers. Deployment of strong authentication credentials is an important goal in its own right but one that is already being adequately addressed by existing standards and ongoing standards activities. This is not the area where W3C can add most value at the current time. Accountability based Security Civilization was invented as a response to the need to security. The great cities of the ancient world were ringed with city walls to protect the city from external threat. The cities most precious assets would be held in a closely guarded treasury, a fort within a fort. Early approaches to information security adopted a similar approach. The confidentiality and integrity of important information assets was protected by means of an access control mechanism built into the operating system. Access control lists provide an effective means of protecting a closely controlled, valuable asset against a well defined threat. Like the ancient guarded citadels the access control approach provides a very high degree of security within a very limited area. The city walls could protect the assets of the craftsmen and merchants living inside them and the lives of any peasants who might be taking temporary refuge within but there was no way to protect the peasant’s fields and houses without stretching the protective boundary so thin that all security was lost. Security is achieved in social systems through varying degrees of accountability. A merchant who supplies shoddy goods will quickly gain a bad reputation and customers would go elsewhere. A complaint might lead to disciplinary action by the guild possibly leading to a reprimand or in extreme cases expulsion from the guild and loss of livelihood. A particularly aggrieved customer who failed to receive satisfaction from the guild might bring a lawsuit against the merchant. If the merchant’s conduct broke the law a criminal prosecution might be made. The progress of civilization is the progress of accountability. Democratic government completes the accountability circle by making government accountable to the people. The early Internet did not have cryptographic security controls built into the infrastructure. Despite this apparent lack the early Internet had strong accountability mechanisms as a result was exceptionally secure in practice. Access to the network was understood to be a closely guarded privilege, not a right. Misconduct of any kind would put that access in jeopardy. As the Internet grew the accountability mechanisms that had kept it secure in its early stages were stretched beyond their capacity and failed. To secure the Internet we must restore accountability. Secure Internet Letterhead Current Internet infrastructure makes it possible for an attacker to effectively impersonate any other party they choose. The authentication mechanisms for email in particular are so poor that in some cases even an expert cannot determine whether a message is genuine or a carefully constructed forgery. Public Key cryptography is a flexible and robust technology that is used to secure millions of Internet transactions each day. Like every technology it is also subject to important limitations of scope. In particular Public Key cryptography is by itself a technology for authentication of information and information machines. Public key cryptography does not by itself provide an authentication technology for people or organizations. Public Key cryptography makes it possible to establish a near-infallible proof that a party to a communication used a computer system that had access to the secret component of a public key pair. The glue that is used to extend this technical authentication of machines to create a social mechanism for authentication of people and organizations is Public Key Infrastructure, in particular Trusted Third Parties also known as Certificate Authorities that issue digital certificates which assert the holdership of a public key pair by an identified subject that has met a specified authentication process. The processes involved in managing the lifecycle of a digital certificate and criteria by which relying parties can estimate the trustworthiness of an issued certificate have been examined at enormous length. The question how a non-expert human user might interpret the information provided has been given considerably less attention than it requires. Limitations of the SSL User Experience The most successful public key security protocol deployed to date is SSL, subsequently adopted by the IETF as TLS. The SSL protocol is used to secure millions of Internet transactions worth several billion dollars each day. Despite the considerable success of SSL in enabling Internet credit card payments the protocol is now 14 years old and has found applications far beyond the originally intended scope of use. Over the same time the community of Web users has expanded from approximately a million users mostly engaged in academic research to over a billion users whose primary uses are recreation and shopping. While the cryptographic component of the protocol has undergone substantial revision during that time to close certain cryptanalytic security vulnerabilities the SSL user experience is essentially unchanged since the original SSL 1.0 design. It should not be surprising therefore that the SSL user experience fails to meet current security needs. A user experience can fail by providing too little information or by providing too much. The SSL user experience fails in both ways. For clarity we consider only the Internet Explorer user experience but identical flaws are present in all the major browser applications. The first level of the SSL user experience is a padlock item that appears on a page that was received over an encrypted channel. As described below this provides the use with too little information. The second level of the SSL interface is activated by clicking on the padlock icon. This is itself problematic as the padlock icon is not presented in a manner that would lead an ordinary user to click on it, nor would it help the typical user much to do so as interpreting the information provided requires a sophisticated knowledge of the X.509 certificate standard.