By Chris Edwards, Chief Technical Officer, Intercede.
The Intercede event at The Shard on Tuesday 24 November brought together some interesting perspectives on the subject of trust within the context of an increasingly connected world.
The Futurist’s view: considerations for a digitally interdependent world
Kicking off the event with a view into the future, Lubna Dajani encouraged us to consider the wider ramifications of the path that we seem to be inexorably pursuing towards ever greater connectivity and automation. The increasing reliance upon networked communication to monitor and control our critical services, personal environments and social infrastructure brings with it a rapidly escalating degree of fragility. As we stack the technology tower ever higher, we need to take a serious look at exactly how solid its foundations are.
Once the more tangible and measurable aspects such as physical interconnects and data transport are addressed, we get to the layer where measurements, commands, requests and instructions are transferred between two or more elements in the network. Whether these are people, simple sensors, AI-based systems or industrial controllers, the data connection now requires the concept of trust. In order to establish trust, any two components will need a means of identifying one another. The desired level of confidence in these identities will vary considerably according to the nature of the communication between them, but as we move the technology into increasingly critical systems that initial authentication must become correspondingly stronger.
The discussion considered people having embedded chips as an example of more positive identification. With all such technologies though, there is a downside. In this case, the ability to operate anonymously, given that an individual has no real means to establish the trustworthiness of every system with which they might interact in such a broadly connected world. The play-off here has now moved from the two-way ‘security versus convenience’ to introduce the third corner of the triangle – privacy.
The cost of getting it wrong
Having stretched our minds into the future, the next panel considered the legal and financial impact of digital transactions and systems. It is clear that the significant data breaches of the past decade are, if anything, escalating (or at least attracting more publicity). The wider public is more aware of the risks than was the case a year or two ago. Reference was made to the Intercede ‘millennials’ consumer survey that showed the worryingly (though clearly justified!) lack of trust in the current digital ecosystem, infrastructure and service providers. It is evident that security concerns and real failures are having significant financial impact on e-commerce, both through discouraging consumers to participate, reputational damage to company’s image and through fines imposed by regulators. However, evidence seems to suggest that the reputational damage is variable – most stocks and businesses seem to recover from the impact of the initial negative publicity relatively quickly, even though the short-term financial impact can be considerable. It would appear though that as more competing service providers emerge in each sector, sustaining consumer trust is going to become ever more important to achieving commercial success.
Solving the password problem
Having considered the problems that have to be addressed, the event then moved on to discuss how current and emerging technology can be used to address many of these issues and concerns. One of the most significant factors affecting security and usability of connected services is the globally discredited use of passwords. This problem has been with us for a considerable time and for much of that period the answer has been to make passwords more complex. While this raises the bar a little to the ‘brute force’ attacks on systems, it has a disproportionate impact on the user experience. The cognitive load of recalling dozens of complex character sequences that mustn’t be reused and must change regularly has made this completely unfit for purpose.
Worse than the poor usability aspects though is the fact that for the most part passwords offer very poor security. Whether the servers leak data or get hacked, or users inadvertently sign on to phishing sites, or key-loggers and insecure network connections allow third party interception of passwords, the net result is that everyone is exposed to a high level of risk. As long as you authenticate with some form of secret that can be stolen and replayed without your knowledge, the system is inherently insecure.
Cryptographic solutions to this problem have been available for a considerable time. Cryptographic ‘challenge-response’ solutions where a secret key is used to indirectly authenticate a user are already used in many aspects of connected life. The most obvious case in point is PKI authentication of the websites and services that are used by millions every day. Without a high level of trust in the connections to those sites, e-commerce would be unable to continue operating. However, until recently, the difficulty has been how to achieve an equivalent level of trust in the opposite direction; how can I identify myself to the service provider with an equally high level of assurance.
This problem primarily distils down to two concerns. (a) How can I securely distribute, store and protect cryptographic keys so that only I can use them and (b) how can I limit the unwanted sharing of my personal data and behaviour either by direct information leakage or indirect data aggregation. As the third session explained, the emergence of the current generation of mobile devices has brought with it the very technology that we need to deliver these elevated levels of trust. For a few years now, the ARM processor chips that power the vast majority of smart phones, tablets and other devices have included a ‘trustzone’ architecture in the design of the silicon. This is in effect a small, self-contained execution environment that runs alongside the main operating system and can support cryptographic operations, a trusted user interface and ‘locked down’ security components to enable key storage and even biometric authentication.
In other architectures, we have seen ‘trusted platform modules’ capable of providing a low-level hardware-backed key storage and crypto-processing services on laptops and desktop machines. These are actually mandated in the newer versions of Windows for example. What has been missing until very recently are the services necessary to exploit this inherent capability.
So the challenge is no longer ‘what can we use to authenticate’ but ‘how quickly can we deploy viable services to utilise these features’.
This is where the final section of the day’s event then focused. Intercede Labs is a new venture from Intercede (a well-established UK and US credential management software and service provider) that aims to work with partners to explore and market-test a range of innovative, potentially disruptive solutions that build upon the existing components and skills of the company. Operating from its base in Silicon Valley, Intercede Labs has already started making waves with its RapID project. RapID offers a highly secure client authentication platform for mobile apps that requires just a few lines of code to implement in the client and server, it uses a dedicated cloud credentialing service for each relying party and preserves anonymity. Better still, it doesn’t require a new communications protocol – it uses client TLS authentication that is universally implemented, but has until now been constrained by the difficulties of key distribution, storage and lifecycle management. RapID directly addresses those problems and delivers an extremely smooth user experience where a simple fingerprint or common PIN can be used to authenticate securely to multiple sites without any special knowledge or extensive infrastructure.
It looks like exciting times are ahead, Intercede Labs is actively seeking partners to collaborate on this, and other security initiatives over the coming months – if you’re interested, contact the team for further information.
Highlights of Intercede’s Digital trust…or bust! event can be viewed here on our YouTube channel.