Hitoshi Kokumai

2年前 · 2 分の読書時間 · visibility 0 ·

chat 著者への問い合わせ

thumb_up 関連性 message コメント

Removal of Passwords and Its Security Effect


Assume that the password has been removed from digital identity. Then digital identity platforms would have only two authenticators - physical tokens and biometrics.

Biometrics by its nature requires a fallback measure against false rejection, and only the physical token could be the fallback measure for biometrics here. We have only two scenarios.

(1) authentication by a physical token, with an option of adding another token. Its security effect is plainly illustrated below.

Removal of Passwords and Its Security Effecthe lock authenticates the key.
The key authenticates the lock.


Does the key authenticate
the person who holds it?

(2) authentication by a biometrics deployed in ‘multi-entrance’ method with a physical token as the fallback measure, with an option of adding another token. Its security is even lower than (1) as quantitatively examined at  https://www.bebee.com/producer/@hitoshi-kokumai/quantitative-examination-of-multiple-authenticator-deployment

We reckon that quite a few professionals of cyber security and identity management are well aware of these facts but something seems to prevent them from speaking out. Possibly, once they had touted those powerless solutions and recommendations to millions of clients, it might be embarrassing to admit the facts.

But it’s never too late to return. They are expected to speak out.

< Excerpt from Quantitative Examination .... >

Vulnerability (attack surface) of an authenticator is generally presented as a figure between 0 and 1. The larger the figure is, the larger the attack surface is, i.e., the more vulnerable. Assume, for instance, as just a thought experiment, that the vulnerability of the PKI-enabled token (x) be 1/10,000 and that of the password (y) be 10 times more vulnerable, say. 1/1,000. When the two are deployed in ‘multi-layer’ method, the total vulnerability (attack surface) is the product of the two, say, (x) and (y) multiplied. The figure of 1/10,000,000 means it is 1,000 times more secure than (x) alone.

 On the other hand, when the two are authenticators deployed in ‘multi-entrance’ method, the total vulnerability (attack surface) is obtained by (x) + (y) – (xy), approximately 0.0011. It is about 11 times less secure than (x) alone.

 So long as the figures are below 1, whatever figures are given to (x) and (y), deployment of 2 authenticators in ‘multi-layer’ method brings higher security while ‘multi-entrance’ deployment brings lower security. As such ‘multi-layer’ and ‘multi-entrance’ must be distinctly separated when talking about security effects of multiple authenticators.

The same calculation applies to biometrics used in cyber space where it has to rely on a fallback password/PIN deployed in ‘multi-entrance’ method against false rejection. You might assume that biometrics deployed with a password/PIN in ‘multi-layer’ method should bring us a very high security. But, very sadly, this scenario never comes true. When rejected by biometrics, what can we do? We will only see that we are unable to login even if we can feed our password/PIN. 

< Related Articles >

Big Myths in Digital Identity

History, Current Status and Future Scenarios of Expanded Password System

thumb_up 関連性 message コメント

その他の記事 Hitoshi Kokumai

1ヶ月前 · 2 分の読書時間

Maximizing Entropy of Secret Credentials while Minimizing Burden on Citizens

There is actually a valid methodology that enable ...

1ヶ月前 · 2 分の読書時間

How Best to Bring Comfort to Cyber Criminals

Another topic for today is “Passwordless made simp ...

2ヶ月前 · 2 分の読書時間

Publishing by aiTech Trend

https://aitechtrend.com/quantum-computing-and-pass ...