Sunday, December 16, 2012

Can We Solve the Security Dilemma?

I recently wrote a blog post about the need to strike the right balance between security and convenience. In this post, I'd like to examine the ways to find that balance amid ever raising security requirements. The challenge lies in the fact that the traditional security measures such as strong passwords are becoming increasingly insufficient. The computing power available to every hacker today is simply so immense that brute-force attacks are rather easy to execute. Note: a brute-force attack is an encryption decoding technique that uses vast computing power to quickly try all possible combinations of characters - until the right key is found.

So, how do we overcome this problem?

The solution isn’t easy, particularly given the security and convenience trade-off. Strong passwords force us to use longer passwords and passphrases that have to include a combination of letters, numbers, special characters, etc. that cannot be found in the dictionary. We all know that such passwords are less convenient, particularly when entering them on a smartphone but the benefit of this trade-off is higher security. Alas, not much higher, as strong passwords can be still broken with brute-force attacks.

Multi-factor authentication takes things to the next level by combining passwords with another authentication mechanism such as one time passcodes or tokens. My bank, for example, gave me a one-time passcode generator the size of a credit card that I use for some of the more important transactions. I don’t need it to check my account balance but I do need it for money transfers. That, by the way, is a good example of the security-convenience balance in a practical use case.

The next level of security can be provided by biometrics. Today, retina scans are the way the government identifies citizens at border crossings who use the Global Crossing or Nexus service. It seems to work and for a long time I thought this would solve the authentication problem for good. However, the biometric signatures can be falsified and even stolen which not only compromises the security but also introduces a new identity theft challenge. No, I am not talking about stolen fingers and eyeballs like we see in the movies - I am talking about the series of data points that biometric scanners look for. Same is true for a DNA-based authentication, by the way. I am not aware of any practical DNA authentication use cases outside of science fiction today, but the signature files for DNA samples could be falsified or stolen just like any password.

Biometric security could be even more vulnerable as a result of genetic research. There are various initiatives underway today to build an open source library of decoded human genomes for the purposes of genetic research. That is a great cause which I fully support. However, there may be a dark side to it - as there usually is with any scientific discovery. I am not a genetic scientist but I wonder if the human genome could be used to reproduce biometric features such as fingerprints, retinas, or DNA samples. After all, a lot of the genomic research is aimed at the ability to reproduce vital human organs...

One day, we might be voluntarily or involuntarily implanting chips into the human body for the purposes of strong, fast, and secure authentication. Some of this is already happening today. We are chipping our pets to find them when they get lost. We are tagging prisoners under home confinement. We are traveling with passports containing our biometric data. A chip using some type of RFID technology could transmit our identity to various applications to identify us. The chip could do so frequently - perhaps every few seconds - to continuously validate the identity of the user. That is, until someone finds a way to falsify the chip signature...

Clearly, solving the security dilemma is not easy. Just like any high stakes game, there may never be a perfect solution. Instead, it will be a race. We will keep inventing better authentication while trying to stay a step ahead of the bad guys. Every time the good guys invent a new security measure, the crooks will find a way to beat it. Hence a new level of security has to be invented - without completely sacrificing convenience. And so it will keep going round after round.


  1. One of the other risks with the security options, such as biometrics, is not just that the user has say a latex layer on his finger with someone else's blood in a la "Gattaca", but that the main server - or the network between the server and the device - is compromised and a real record is tampered with.

    This would result in the system believe that you are not you, or that someone else's print, iris scan etc is you. Given the recent hacks of places like RSA, Sony etc your "identity" could easily be amended/deleted etc at the source system as easily as it could at the device or transport layer.

    1. Thank you for your comment, Greg. You are bringing up an important point. The central point of potential vulnerability indeed. I agree with you that latex fingerprints are more interesting for science fiction movies. In the real life, the hackers would probably target the central server or the sensor/scanner which is likely less protected. Either way, nothing is foolproof!

  2. That's great these bio metrics not only provide the convenience of use but also provide the security by not entering of anyone inside the office.Google and Microsoft Offices have these kind of technology bio metric that can maintain your Instant Attendance Tracking as well as time plus security even.