Some different ways to authenticate people

[everhart at gce.com (Glenn Everhart)]

Some authentication ideas I have come up with may bear mention
given all the attention problems of authenticating folks remotely
have been getting.

Let us suppose to introduce the ideas that we have some token we give
folks such that it displays a number sequence (that may vary with time 
or with uses, in the latter case being tracked) and such that an 
authenticating agency can tell what it will display. Let us suppose 
further that (seeing we don't want to be total fools) each such token 
has an identifying number visible to users, but generates a different 
number sequence from any other token. (This can be done easily by just 
having an internal counter encrypted with a key, and using a different 
key for every device. The authenticating agency needs to know the keys 
but nobody else does.)

This is pretty common stuff. After all, SecureID has been around for 
years, and ciphers - of - the - day have been around for centuries.

However it can be used for more than has been common.

If we want an authenticating agency to prove its identity to the token
holder, how about having the token holder report half the display and
have the agency then tell the holder the other half?

To prove that a known person is present, and not just that the token is
present, it has been customary to have the person transmit a PIN and 
ALSO the display value. For people who like to type a lot this is ok, 
but lots of systems only have room to send back 3 or 4 digits, and if a 
PIN is entered in plaintext, webcams, keyloggers, or other agents can 
then capture the PIN.

There's a better way.

Let's suppose your display looks like this (forgive ASCII art):

           +---+---+---+---+---+---+---+
           | 7 | 5 | 2 | 9 | 1 | 0 | 3 |
           +---+---+---+---+---+---+---+
             a   b   c   d   e   f   g

             01  23  45  67  89

where the part in the boxes is the number. (I have drawn it with no 
repeated digits for clarity.)

Now we can ask the person, ahead of time, to pick 3 positions of the 
display (he can use 3 letters to remember if he likes). This is like 
getting into your car door these days, but simpler. (Car doors often ask 
for 5 numbers.)

Suppose the person's pattern is "feb". (Can be anything, but some will 
choose to spell things. It'd be OK to print the whole alphabet, a few 
letters to a digit, if we wanted a larger selection.)

Now to identify himself and his token, a person would get the token to 
generate a number, then pick out the digits at the positions he 
selected. In the above example that would be digits 0 1 5.

Note that because the display changes every time, the chosen digits 
change every time, yet they authenticate the user and the token together 
at a stroke, and are hard to capture because the token is not connected 
to anything, and mostly won't be in range of a webcam or other spy 
gadget. Notice too that giving this information is a conscious act, not 
something a chip can be fooled into doing.

Finally, where a transaction is used, and it is desired to get a 
person's OK to spend, say, $539 on something, he could be asked to 
please pick the positions above the little digits corresponding to 539 
on his display. In the picture above, that would be the "45", the "23", 
and the "89" positions, and if the display read as shown the customer 
could key in "251" to give his OK. (This would be most important for 
large purchases and in internet type settings.)

Now this would give better authentication than we now get, without 
changing payment networks. (Credit/debit card authentication codes are 3 
digits long, for example. I'd rather use something like this than a 
fixed PIN where a PIN was needed, too.)

However there's a cheaper way to use these same schemes. Instead of 
sending out tokens (which would be considered "unproven"), if you are an 
authenticating agency you can send out "bingo cards". These would be 
printed with each one different and having again some serial number.

Suppose I try again to draw a crude one. There are more variants here,
since at each intersection can be long or short numbers. For 
illustration let me presume that at each intersection there is another 7 
digit number like the putative token display above. So the card might 
start like:



          a        b        c        d        e        f        g
      1  3265891  5276903  4437921  0513277  7902168  3180245  7421056
      2  6387009  8711244  5037837  9091234  1234567  0987654  7634216


     ... and so on.

A real card would have a lot of these printed.

Now when the authenticator wants to prove to you who he is, you send the 
coordinates (row and column) and he can tell you the number there.

For you to authenticate yourself you can again pick a pattern to select 
out of any display, and the authenticator can give you the coordinates 
to use. You then pick out your pattern of 3 or 4 positions and report 
the digits there, using the number on the bingo card. (If your pattern 
were as above, the 6th, 5th, and 2nd digits, and you had to report using 
the number on your card at d2 above (which is 9091234 above), you'd pick 
  3 2 0 and report "320".)

It is possible of course to scratch off a number and just use that, 
reporting your pattern, if it is hard to transmit a coordinate to use. 
The authenticator would be able to track what you used. This kind of 
thing is most useful for network authentication though where some added 
communication is easy.

If you were asked to approve an amount string or the like with a bingo 
card, I would suspect it easiest if you got prompted first with a 
picture of what digit positions to pick out and with a coordinate.  You 
would be able to see the digit pattern if you wanted to check that it 
was reasonable but someone who did not have your card, and had not 
authenticated himself with your pattern moments before, would not get 
that far with the transaction.

Variants of using the number could be used to check payee names if the 
need should arise.

The beauty of schemes like this, while they are a little more effort 
than some, is they need only simple devices and rely on the fact that 
the devices are not connected to any tappable things, and that people 
are pretty good at remembering simple patterns. This would after all be 
much easier than getting into your car, and would be used often enough 
not to be a problem to recall. (If you have several of them, and use the 
same position pattern for all of them, it's no big deal: the random 
display kinda/sorta encrypts the transmission for you so it is really 
hard to intercept.)

If people start stealing inputs because some sites don't authenticate to 
the user or omit the "amount check", it will still be tough to fake a 
site that does the above stuff. (Obviously the initial pattern needs to 
be transmitted separately from the bingo card or token.)

An authentication scheme that people will use ought to be voluntary and 
conscious like this, moreover. Fingerprints can be stolen in 10 seconds 
with tape, and in general biometrics must be kept un-stolen for ~100 
years...a long time once every 7-11 clerk can get to them. RFID might be 
read without your knowledge (much less consent). This is a little more 
like the old signet rings barons and kings used to use...you know you 
are using it, and for what. Also it is possible to have several of them 
pretty easily if you must, each authenticating your relationship to one 
authenticator. In effect multiple such authenticators could act like a 
"web of trust" where you show "I am a customer of x bank, y bank, z 
company, and a member of r and s clubs" if you need to use more than 
one, and that might very well be plenty to convince merchant W to grant 
you credit.

Glenn C. Everhart
everhart at gce.com