I am looking forward to the stressors this places upon identity in the online world so we can develop something better than showing a picture of an ID card. Some sort of public/private key repository kept by licensing authorities would be a more preferable solution to me at an initial glance.
> Some sort of public/private key repository kept by licensing authorities would be a more preferable solution to me at an initial glance.
Everyone in possession of an ICAO 9303-compliant ID card / password (so, at least everyone in Europe) already has such a thing. These cards can be read by any NFC enabled smartphone that can act as a reader, and the chips themselves can act as a a secure element capable of a range of cryptography functions.
The problem is that while ICAO 9303 is a standard to retrieve and verify the data, it's fundamentally based on the assumption that it is just used to retrieve the data written in cleartext on the card as well as the biometric data so that you can build a staff-less boarding solution for air and sea ports. It's just a read-only dump of the data, signed with a certificate from the card issuer.
We'd additionally need a standard similar to what Germany and Croatia have done that allows a person to use their computer or phone as an NFC reader "proxy" to create a digital signature against a service-provided challenge that can then be traced back to the government's PKI.
Or, to put it in SSL terms, each government has a root CA, that issues a sub-CA certificate to the card producers ("can issue certificates for #.de"), who in turn have the card provision its own public/private keypair, and then sign the card's public key to use as a sub-CA ("can issue certificates for #.person-identifier.de").
>We'd additionally need a standard similar to what Germany and Croatia have done that allows a person to use their computer or phone as an NFC reader "proxy" to create a digital signature against a service-provided challenge that can then be traced back to the government's PKI.
Why bother with NFC if the phone itself has secure enclave and a biometry check to lock it down too?
And the best part of course, the federal government of US doesn't just have a standard, but actively uses all that for quite some time, just explicitly without NFC.
> Why bother with NFC if the phone itself has secure enclave and a biometry check to lock it down too?
There have been a lot secure-enclave exploits against both Apple [1] and everyone else [2], and fingerprint readers can also be bypassed. The Secure Enclave itself has a giant attack surface and is highly complex. (That however does not stop dreams of "digital driver's licenses" and whatnot, though, but that's another question)
In contrast to that, ISO 7816 smartcard stuff has been in use for decades, and (unless it's Javacard...) a very limited complexity. It's rare to see something else other than sidechannel attacks.
Fair enough. So the attack scenario is having a rogue state-sponsored app installed on everybody's device (think tik-tok), which steals everybody's private keys ... and does what? Registers an account on coinbase to launder money? Applies for a childcare subsidy and wires the money to insert country here?
> Fair enough. So the attack scenario is having a rogue state-sponsored app installed on everybody's device (think tik-tok), which steals everybody's private keys
The German AusweisApp2 is fully open-source (to protect against the first scenario), and it might be possible to do it in a web app assuming Web NFC gets more widely supported [1].
The second scenario is protected against by the keys being provisioned on the smartcard during manufacture (or, if the user so desires, at the touchpoint where they get handed over the ID card) and being unable to be exposed, at least not without either destructive methods or side-channel attacks.
Malware can go and dump the keys from the Secure Enclave. It's just the same mechanism that pirates use to crack the Widevine decryption, just that it's the strong digital identity of a person towards a government at stake here.
EU is working on an "EU Digital Identity Wallet". Which might be a good step in that direction. Even though it remains to be seen whether it won't be piggy-backed on some current weak authentication/identification methods in practical implementations.
Even US had it solved two decades ago on a peak of post 9/11 paranoia. Federal agencies use smartcards internally, there is federal root and the copy-cat of that was successfully rolled out in different flavors in several countries in Europe as well.
On the other side of the spectrum, there is Dutch digi Id, which is the only way to use any government service online and works either with pure and simple username+password or a second factor through the app. There is no rocket since involved -- government agency sends you an activation code to your registered address and you activate the app.
Then there is Ukrainian Diia, which is kinda both and also bundles government services themsevles and a digital id generator into the same app. But it's all built on top of existing PKI infrastructure that is used for decades before to tackle the problem of district tax office doing shenanigans with your tax reports.
Add:
And of course the most no brainer way to roll it out in a fragmented landscape of US is to let banks be Oauth2 providers, as they are already tasked with KYC stuff and have a license to lose. See https://www.bankid.com/en/
> And of course the most no brainer way to roll it out in a fragmented landscape of US is to let banks be Oauth2 providers, as they are already tasked with KYC stuff and have a license to lose.
Yeah, the same works in the Czech Republic, the banks provide an OIDC service, including document signing, see https://www.bankid.cz/en
> And of course the most no brainer way to roll it out in a fragmented landscape of US is to let banks be Oauth2 providers, as they are already tasked with KYC stuff and have a license to lose.
That doesn't stop banks from pulling all kinds of shit with their customers' identity or what they believe to be that. The amount of credit scams possible in the US is mind-boggling for me as an European.
I feel like the tolerance to fraud is just higher in US or something, as the alternative is being sent to GULAG right after having your federal id issued.
Wells Fargo employees for example got caught creating millions of accounts without the consent of the customers to meet unrealistic quota by their managers [1], and not just once, but at least three times (2016, 2018, 2023).
Here in Sweden we have a solution called BankID that is pretty much that. To get the key the first time you need to go physically to a location to identify yourself, after that you can use your BankID to get a new one when your first is about to expire(this is basically rolling your private cert)
Never heard of any successful identity thefts in this system, except where someone has been tricked into signing something with their BankID that they shouldn't have. That's pretty hard to defend against on a systematic level though, at least in a way that's fool-proof.
I think the argument against is that right now people know how terrible an authentication system this is and don't build actual security on top of it -- "we only have cardboard boxes so we installed cameras and encrypted the contents."
Once it's good people will outsource the work to what is essentially a CA system where every BMV in America is an issuer and I expect it to hold up at best as well as SMS verification.
I think the problem is that people are relying on this for actual security. The article demonstrates how easy it is to get companies to accept this form of fraudulent authentication (and the demand for this service speaks to its efficacy as well).
Why not let notaries or an authoritative agency issue cryptographically signed one time codes upon inspection of your physical ID? Frankly, it sounds like a superior system to me.
Cardboard boxes can be acquired without a record of their purchase and are easy to hide among other cardboard boxes, like a book in a library. Also can be used to hide from enemies while moving around under the box.
It can be. If my bicycle has no lock at all, I will not leave on a outdoor parking near the central railway station, because I know for sure it will be stolen. The value here comes not from imperfect security per se, but from my ability to predict the outcome. Now if my bicycle has a meh lock, the chance of it being snatched suddenly increases.
I'm saying that maybe people who chose to accept the id scan knowingly accept the risk, have a second line of checks somewhere, evaluate amount lost to fraud or fines against the cost of having full-fledged PKI and also knowingly make it your problem if their evaluation proves to be wrong.
The CAs have been hacked. Multiple times, in several different ways. And that's just the public ones we know about, which I have no reason to suppose are all of them or even necessarily a significant fraction of what we would consider compromises. At the scale of "everything done on the internet" or "all the money" you can't wave this issue away. It is difficult, if not impossible, to build a security system that is more expensive to break than "all the money and value in the world".
A government identity to do business with the government might just about be possible. A government identity to cover everything done by everyone everywhere is not. The value of cracking that system is just too high.
> A government identity to cover everything done by everyone everywhere is not. The value of cracking that system is just too high.
So the value of the system being broken is too high, yet we live in a world where it's broken, as anybody can make a photoshop of your driving license? I'm sorry I don't get the argument.
Basic principle of security: A security system should be more expensive to break for the attacker than the value of the thing it is securing to the owner.
This is generally a counter to people using binary thinking and believing that a security system is broken if there is any way in at all, thus thinking things are either in the categories "secure" or "insecure" without any further qualification. In fact those categories don't exist. It is intrinsically at a bare minimum a spectrum of security, and one can slice & dice more finely if one likes based on what sort of attacks various different types of attackers can mount, e.g., defending against whole-internet scans is one thing, nation-state attackers specifically targeting you quite another.
I'm using it in a different way: When what you want to lock behind your security system is essentially "all economic value in the world", such as "we'll solve all identity problems on the internet by just having the government provide identities", that means you need to create a security system that is more expensive to break than "all economic value in the world". However, you can't. Any conceivable security system is easier to break than that.
There is a sense in which it is simply necessary that there be a wide variety of independent identification systems, each individually covering sufficiently small amounts of value that they are possible to exist at all, and with a diversity of costs and strengths to cover the various cases.
It's a classic fallacy of "the old one may be extremely bad, but it's already there, so it's okay, but the new one needs to be perfect against anything any scenario someone can think about, no matter how far fetched". We have this pretty often here in Germany. The requirements for anything digital are so incredibly high compared to the non-digital version we have currently/had before (depending on whether we finally managed to introduce a digital version), it's just sad.
Let me send you that totally secure fax with my totally secure signature drawn by hand. Far more secure than a digital document signed by this scary, newfangled electronic signature, which could have been hacked and is therefore totally insecure.
And because of that a photo of your driver's license is at best a low-pass filter. A central identity system where you get strong identity verification will be relied on for real security and authentication making it a properly juicy target the level of Gmail for account compromises but the real life security of Verizon issuing phone numbers and sim cards.
