Chapter 3 (privacy, authentication, authorization, integrity, and non-repudiation) can all be derived through cryptography based mechanisms. Interestingly enough, one can also relate the bulla that we discussed in Chapter 7 to the provision of most of these same characteristics, but using tokens and containers rather than cryptographic processes. These characteristics and processes were covered briefly back in Chapter 6, but let’s expand just a bit on them here. We may be overly technical here, so the reader may want to skip over the mathematical part of our description.

Privacy is provided through encryption operations. Using the processes from a sub-field of cryptography termed symmetric key cryptography a number known as a key is applied through an algorithm to a string of bits. The algorithm scrambles the representation of the string of bits into a different, seemingly random string of bits. By passing the scrambled string back through the algorithm with the same key, the original string of bits is recreated. So, if one performs the encryption operation on a trusted platform, the scrambled bits can be conveyed across a channel that can be read by adversaries. However, unless they have the key, they’re not able to discern the original string of bits. Hence, one achieves privacy on the channel. If, at the other end of the channel, is another trusted platform, and the key is known on that platform (how it got there is unimportant for the moment) then the original string of bits can be recreated. Hence, we have established communication in the presence of adversaries. Code to perform cryptographic operations is a necessary ingredient of the transcendent personal device that is driven by its safety and security needs and those of its bearer. Using the mechanisms of symmetric key cryptography, the characteristics of authentication and non-repudiation are also achieved using the same encryption and decryption operations. Symmetric key operations tend to be computationally light-weight, but they incur a tremendous liability (as a general systems approach) because of the difficulty of distributing keys in a trustworthy manner such that a different key can be used to establish the identities of different people. We’ll review a potential system-level solution to this problem in aspects of public key infrastructures that we’ll discuss just a bit later.

The characteristic of information integrity is achieved through one-way functions. This process makes use of a key and an algorithm somewhat like a symmetric key encryption algorithm. However, in this case, rather than creating a bit-wise translation of the original string of bits (in other words, just as many bits come out of the algorithm as go into it), instead a relatively small, fixed number of bits is generated; perhaps something like 160 bits out for any sized string going in. In essence, the algorithm is used to create a unique index for the input bit string; an index sometimes referred to as a digital digest. Now, one can rather quickly recognize that it is impossible to compress potentially millions of bits of information into a unique string of 160 bits. The saving grace of this technique is that it is very hard to manipulate an input string to produce a given digest. So, this technique is actually a good way to tell whether any of the bits in the input string have been modified. If the same digest is created through the one-way algorithm, then the input bit string has not changed; hence, the integrity of the original bit string is guaranteed, and the original information is known to be intact.

Because it makes validation more difficult, complexity can play against security; and, trust derives from security. Hence, one generally will take special precautions to establish trustworthiness in more complex systems than might be the case in less complex systems. In the case of a two component transcendent personal device comprised of a body and a trusted core agent, these special precautions include an ongoing requirement for the two components to retain a secure and hence trustworthy relationship with each other. One way this is achieved is for the two to authenticate each other. This is done through the use of protocols (remember our discussions in the Preface). In this case, protocols that allow two parties to communicate about identity in the

Book available at Midori Press (regular)
Book available at Midori Press (signed)
Book available at Amazon (regular)