This is a great reason to bring in SmartCards + anonymizing Digital Signatures into the realm (IIRR Belgium has an interesting voting scheme around this).
Paper trails are a bunch of BS if you ask me. Why would anyone trust paper more than cryptography?
You need to be able to have multiple backends in different locations simultaneously being posted vote result envelopes.. as well as the individual machines containing their own logs. At the end of the day you'll have instant voter readout after you have the various machines correlate votes and make sure no duplicates/inconsistencies are made by the entitys.... this is the way to do it without the waiting involved with paper-based ballots.
Now.. OpenSource is a strong req end-to-end on the machines so that no invisible bogusity can be implanted. Why would you trust a black box to count your votes?
OpenID doesn't have any type of personal information. It's SReg and Attribute Exchange extensions help you autofill registration forms that may need more data than a simple identity, but no provider is expected to validate this information... thus no Relying Party should trust it more than a user filling in data.
OpenID has one purpose, provide a secured unique identity while optionally passing on user-provided information.
Erm... you must be talking about this OTP token. RSA is completely public and single keys have been under attack for years and years.... The largest key they've cracked so far is RSA-640.
RSA 1024 is a 'minimum' of sorts now and 2048 is to be commonplace soon.
Elliptic Curve is also on its way....
Rule of thumb w/ this security stuff... the growth-ratio of stronger crypto vs cracked crypto is speeding up... so by the time your thing is cracked, a new system is available.
This is completely different in that a MAC ID is a single piece of unique data that gets thrown around.
There's no need to do any hardware virtualization for emulation. You just need to use the public RSA algorithms to perform operations.
Cracking RSA is a huge undertaking requiring massive brute force.
The entire trick to this thing is that there is a piece of private data on the device that cannot be pulled off without extensive resources.
Now... if one were to lose your card, even in the remote chance that some evil mastermind got your card and were to crack it. It would take many many days and you could have reported your card missing and revoked the public information attached to it (thus clobbering the evil mastermind's plan).
This also assumes that an evil mastermind desperately wants YOUR data and not somebody who's gone and used a password... that's ALOT simpler to hack.
...
A lot of these dongles are write-only, however. You can write a key to the device, and you can delete the key, but you can't ever read it back. This prevents attacks where a malicious user steals the fob to extract the key, or where malicious software tries to do the same. They're really quite secure.
Even better than that, you can make the dongles generate a key so that nothing has ever seen the private key but the dongle from which it holds onto.
I worry whenever I see the word 'trust' juxtaposed with OpenID. I worry that organizations will misuse OpenID, and ignore its purpose: only provide an identification for a person, nothing else. It doesn't certify the person's character, background, politics, or financial base. If I say that I am user@server, then OpenID is just a bit of evidence supporting that. That's all. How would one certify said information? OpenID does offer an 'SReg' and Attribute Exchange to help provide additional information to OpenID consumers... There is no vetting.
What you're thinking of is CardSpace where certifications of such information is built into it.
The problem with this is that its no fun to have to enter _3_ pieces of data.
For security to work in this world, it either has to be no more work for a user, or make it easier.
Example usage:
* @ site A, enter openid.trustbearer.com as the ID (no need for username since it can be discovered w/ OpenID 2.0)
* Redirected to OpenID login page
* Enter X digit PIN
* Logged in
No entering username + password + long ugly number
Nothing at all.
What smart cards bring to the picture is the ability to send data to a device and get processed data back without the ability to see the key that is used to perform said processing.
It uses a tiny browser plugin (~1MB) that supports an array of devices. More devices can be added on the backend w/o messing with the plugin.
You install a plugin for flashy stuff, why not one to support security devices?
Example of how this plugin is different from what others is out there:
* Get Middleware stack that's about 10-50MB big (likely windows-only)
* Hook up PKCS11 module to your browser (or) hook up CSP for *shudder* IE
*... be stuck with that gargantuan stack for one device...
Plugin:
* Get browser extension ~1MB (cross-platform/cross-browser)
* Go to sites that use it and "It Just Works"
Not quite (although it 'could' in theory support it..)..
OTP != Strong Cryptographic Authentication
IIRR One of RSA's OTP Tokens has been proven to be breakable.
Slashdot Mirror
Which is great, but it's not so great if you are trying to produce audio.
When I plug my guitar in, I can notice a latency greater than 5ms. And greater than 25ms, it drives me insane.
Compare that to what I get with PluseAudio (usually): 100-150ms. No thank you.
Sounds like you need JACK, the linux audio system meant more directly for production. A low-latency tuned kernel could also help.
This is a great reason to bring in SmartCards + anonymizing Digital Signatures into the realm (IIRR Belgium has an interesting voting scheme around this).
... this is the way to do it without the waiting involved with paper-based ballots.
Paper trails are a bunch of BS if you ask me. Why would anyone trust paper more than cryptography?
You need to be able to have multiple backends in different locations simultaneously being posted vote result envelopes.. as well as the individual machines containing their own logs.
At the end of the day you'll have instant voter readout after you have the various machines correlate votes and make sure no duplicates/inconsistencies are made by the entitys.
Now.. OpenSource is a strong req end-to-end on the machines so that no invisible bogusity can be implanted. Why would you trust a black box to count your votes?
OpenID doesn't have any type of personal information. It's SReg and Attribute Exchange extensions help you autofill registration forms that may need more data than a simple identity, but no provider is expected to validate this information... thus no Relying Party should trust it more than a user filling in data.
OpenID has one purpose, provide a secured unique identity while optionally passing on user-provided information.
http://www.vimeo.com/688747 http://www.youtube.com/watch?v=krysgUj9_hU
Erm... you must be talking about this OTP token.
RSA is completely public and single keys have been under attack for years and years.... The largest key they've cracked so far is RSA-640.
RSA 1024 is a 'minimum' of sorts now and 2048 is to be commonplace soon.
Elliptic Curve is also on its way....
Rule of thumb w/ this security stuff... the growth-ratio of stronger crypto vs cracked crypto is speeding up... so by the time your thing is cracked, a new system is available.
This is completely different in that a MAC ID is a single piece of unique data that gets thrown around.
There's no need to do any hardware virtualization for emulation. You just need to use the public RSA algorithms to perform operations.
Cracking RSA is a huge undertaking requiring massive brute force.
The entire trick to this thing is that there is a piece of private data on the device that cannot be pulled off without extensive resources.
Now... if one were to lose your card, even in the remote chance that some evil mastermind got your card and were to crack it. It would take many many days and you could have reported your card missing and revoked the public information attached to it (thus clobbering the evil mastermind's plan).
This also assumes that an evil mastermind desperately wants YOUR data and not somebody who's gone and used a password... that's ALOT simpler to hack.
... A lot of these dongles are write-only, however. You can write a key to the device, and you can delete the key, but you can't ever read it back. This prevents attacks where a malicious user steals the fob to extract the key, or where malicious software tries to do the same. They're really quite secure.Even better than that, you can make the dongles generate a key so that nothing has ever seen the private key but the dongle from which it holds onto.
The problem with this is that its no fun to have to enter _3_ pieces of data. For security to work in this world, it either has to be no more work for a user, or make it easier. Example usage: * @ site A, enter openid.trustbearer.com as the ID (no need for username since it can be discovered w/ OpenID 2.0) * Redirected to OpenID login page * Enter X digit PIN * Logged in No entering username + password + long ugly number
Nothing at all. What smart cards bring to the picture is the ability to send data to a device and get processed data back without the ability to see the key that is used to perform said processing.
Consider this TrustBearer Live / OpenID as Self-Service PKI for the everyman. More of the PK, less of the I.
It uses a tiny browser plugin (~1MB) that supports an array of devices. More devices can be added on the backend w/o messing with the plugin. You install a plugin for flashy stuff, why not one to support security devices? Example of how this plugin is different from what others is out there: * Get Middleware stack that's about 10-50MB big (likely windows-only) * Hook up PKCS11 module to your browser (or) hook up CSP for *shudder* IE * ... be stuck with that gargantuan stack for one device...
Plugin:
* Get browser extension ~1MB (cross-platform/cross-browser)
* Go to sites that use it and "It Just Works"
What sort of tamper-proof? With smart-cards, if you disect it, its kaput. If you enter your pin bad x times, its dead.
They're in this to make their CardSpace more appealing.... but Microsoft has nothing to do with this system.
Erm... MAC ID is non-changing... In a simple example of how this works, it does a cryptographic challenge-response so you keep a private key...
Not quite (although it 'could' in theory support it..).. OTP != Strong Cryptographic Authentication IIRR One of RSA's OTP Tokens has been proven to be breakable.