Hacker News new | past | comments | ask | show | jobs | submit login

The security and privacy implications of this are horrifying to me, as are they to enough of the population that I doubt this will get widespread adoption.



Putting aside the embedded beneath the skin aspect (I share your concerns), this concept can actually work - see FIDO2 and U2F protocols. They're actually pretty good from a privacy perspective too, and give you unlinkability between services (as the key you present is derived from factors including the verified origin, i.e. URL, of the resource you're authenticating to).

Clearly the verified URL origin of something in the real world is complex, but there are ways to potentially make this work. Devices might have certificates for a URI, and this URI could be verifiable and convey attributes like the GPS coordinates to within 25m, that you can verify before authenticating. Users could presumably also whitelist certain origins (garagedoor.home.mydomain.net)

All of this apart from the subdermal part actually could work out well - a small number of people already do this via U2F, or even traditional smartcards.


I've thought about this a lot—I'm very interested in both security and privacy, so I wouldn't want to do this if I thought it would compromise either.

My current solution is that the device has three functions: encrypt/sign with private key, decrypt with private key, and send public key. They would be protected by a PIN—probably a six-digit alphanumeric pin. You might want to rate limit PIN attempts to one per second, as well.

With this scheme, I can't see how it would compromise privacy or security. No one can just scan your hand and know your identity, since you need the PIN to get your public key. And since all encryption/decryption happens on the chip, the chance that your private key gets stolen is pretty much as low as possible.

If you see any flaws with this scheme—I certainly wouldn't be surprised if there are, I just can't see any right now—please critique away!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: