Creation of a flexible entity authentication protocol for medium-scale systems.
- Jim Mahoney
- Matt Ollis
- Michael Fischer, Yale University
This Plan is a study of modern cryptographic algorithms and protocols, with particular emphasis placed on the foundations of the mathematical reasoning applied to cryptography and the bounds thereof, especially with respect to entity authentication. The first component introduces an entity authentication protocol that demands unlikely behavior from communities of narrow demographics. The second component is an attempt to provide definitions and discussion for analysis of such schemes, as well as an application of that framework to a survey of those in current use. The final paper, Elliptic Curves and their Cryptographic Applications, explains itself through its title. Since elliptic curve cryptography has been of particular use for entity authentication, the common subject is a lessened but still present focus as well.
We have mentioned on multiple occasions the necessary attitude that must exist amongst entities in a system using our protocol, and it is worth expanding on. In addition, a discussion of the scale of systems at which our protocol can be effectively operational is of use as well. For the former, of primary importance is our conception of communal trust. Although the letter of its principle denotes how we expect entities in a system with sufficient communal trust to act, it does not describe the makeup of those systems themselves. In particular, although our protocol – through the use of multisignatures for record keeping and the central registry approach to revocation – has mechanisms for analyzing and punishing behavior within the system, our concept of communal trust requests a base inclination amongst entities away from testing those mechanisms. If the entities in the system can be expected to push and prod at an instantiation of the protocol to find weaknesses then they will likely find them, particularly by exploiting the social dynamics within the community of entities.
As assurance of with whom you are communicating is a security demand of many communications systems, determining the authorship of messages within such a system falls within the bounds of cryptography’s problem space. However, the mathematical toolkit which the field brings to bear against the problems within its domain is unfit to provide suitable solutions for this task of entity authentication. This incapability is inherent to the nature of the problem, as although we can make proving rigorous we can not do similarly for the concepts of entity and identity. Identity is a means by which entities refer to and acknowledge one another – in other words, it is a method of recognition. As such, an identity cannot be proven from first principles, as it becomes valid only when it is accepted by the entities in a system. Without the ability to anchor itself in meaningful axioms, mathematics cannot supply useful results to its study. Therefore, although mathematical techniques allow proving to be placed on firm foundations, identity must remain suspended, carefully balanced on webs of recognition and reference.