Skip to content

Authentication Based on Shared (Semi-)Public

August 15, 2013

Few systems, whether technological, economic, or otherwise, are likely to operate as intended or desired if their fundamental assumptions are flawed or unsatisfied.  Many authentication methods rely on the premise that some value (a “something you know”, like a password) can be presented only by the valid holder of an identity; the holder and verifier share what’s assumed to be be a secret value not known to others.  (It’s actually common and technically preferable for the verifier to maintain an identity’s validation data in a different form, like a hash, but I’ll elide that refinement for now.)

Things get qualitatively weaker and worse when the shared “secret” value isn’t actually secret, even though it’s implicitly expected to be.  US Social Security numbers (SSNs) provide an example here; despite regulations covering their scope of use, they can still fall into the hands of identity thieves. Knowledge of information, whether authorized or not, can become increasingly broad over time but rarely narrows once it’s been exposed or shared. It strikes me that use of an SSN (or a birthdate, relative’s name, or comparable personal attribute) as a basis for authentication reflects a confusion between two properties:

  • something that someone’s expected to know about themselves
  • something that no one else is expected to know about someone

They’re related, but clearly aren’t the same.  They’re confused at our peril.

From → Uncategorized

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: