jump to navigation

Security : Authentication September 16, 2013

Posted by gregoryjansen in Security.

Security – Authentication

Greg Jansen

As early as 1975, experts in the field warned of the inadequacy of the simple single password authentication technique. [1] Authentication, in this context, refers to a means of verifying that the user is who he claims to be. As the authors (Saltzer and Schroeder) of the above-referenced article note, single password systems have “some notorious defects.” The first involves the choice of the password itself – if the user is allowed to set his own password, an intruder who knows that person might be able to guess it, as too many people use their own names, or birthdate, or the like. Second, especially if one avoids the self-chosen password problem by assigning complex random passwords, people forget their passwords. To remedy this, they write them down, and often leave the note near their computer. Third, the password must be exposed in order to be used – it will likely be sent out over an unsecured or unencrypted communication system, thus rendering it vulnerable to interception.

In viewing various security design principles in the abstract, one that stands out as relevant here is the principle of “separation of privilege.” Simply put, this involves requiring two “keys” in order to gain access to a system. A physical world equivalent would be with regard to bank safe deposit boxes – two actual keys are required to open the box. Another way to put it is that two conditions must be met before access is permitted.

Better approaches to security therefore include:

1)     The double password system. This is often deployed by use of a password (which must be of sufficient length and uniqueness to pass muster) and then something in the nature of a security question, which presumably only the user would know the answer to. A commonly employed secondary technique is to deny access after some specified number of unsuccessful attempts to enter.

2)     Encryption systems that “scramble” the signal that travels between the user and the system to which entry is sought. Even if the signal is intercepted, it can’t be read.

3)     To provide that crucial second key, one could employ an “unforgeable” key or device, such as a magnetically-striped card. Once more home computers have integrated or peripheral card readers, this would be a feasible approach.

4)     Finally, the best approach yet is likely to be biometric measures – e.g., a fingerprint (like the new iPhone 5s), a facial recognition system (like on Android phones), or retinal scans (often used now in highly secure environments). Once the home technology is more fully developed and distributed (both software and hardware), this should offer the best and most convenient method of authentication yet devised.

A question for the reader: Is the expense of a biometric system worth it? Or should we just live with a simple double key methodology? (I’m assuming that you are now convinced that a single key methodology is woefully inadequate). I welcome your thoughts.

[1] Saltzer, Jerome H., and Schroeder, Michael D., “The Protection of Information in Computer Systems”, Proceedings of the IEEE, Volume 63, Issue 9, Sept. 1975



No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: