Encompassing the Whole World Front Page /// Categories /// Site Index


Up until fairly recently (1869), except in unusual circumstances (for example titular line of sucession and inheritance), if you introduced yourself with a name, that was who you were.

Only with the introduction of the Habitual Criminals Act of 1869 in the United Kingdom did the need to prove who you were become significant to more than the select few, and the approach taken was to have a central verifying authority which everyone trusts for the purpose to maintain a central registry of identity.

Of course over time this has been extended into other areas of law (including finance), and has resulted in the crime of Identity Theft.

In the UK, Identity proof has evolved to work using multiple silver standard (moderately hard to forge) documents like driving licences and passports, in combination with other documents like bills to show that you have lived in the same place for a while.

Because of the increase in Identity Theft, various solutions have been tried, but decades of research into Secure Computing Environments tells us there are only really 3 methods of proof.

These are:

  1. What you Know (for example pin numbers, passwords, mother's maiden name, etc)
  2. What you Have (passport, Driving License, ID Card, or some other Token)
  3. What you Are (ie fingerprints, DNA, retina scan, your appearence, etc)

What you Know

The problem with this approach is that it only realy works as long as nobody else can easily find the information.

Good examples of this failing is the compromise of the american national defense computer in the movie "War Games, because the chief programmer used a password for his son which was easily guessable (joshua5, his name and age), and the Chip and Pin fiasco for credit and debit cards.

What you Have

The problem with this approach is that it only works as long as nobody else can get it. Unfortunately they usually can.

Good examples of this method failing include the availability of fake passports, the theft of your car keys, and the cloning of your mobile phone or credit cards.

Another problem has been seen with the crook in america who managed to steal a military id, get arrested, and then jump bail, and the guy who's ID it was still gets stopped by the police and has to carry a proof of non-identity document with him at all times to prove he is not the crook, because the military id was not revokable.

What you Are

The problem with this approach is that if the id system is compromised, you cannot change your details, as they are fundamentally you. Also, if the system doesn't check you are alive at the time, it can put you in danger.

Good examples of this problem include the man in johannesburg with the thumb print ignition who had his thumb removed by thieves so they could steal his car, and the warden of the Cryoprison in the movie "Demolition Man" who had his eye removed by a prisoner to fool the retina scanner so he could leave.


Different solutions are best for different problems, but generally it is near impossible (and very expensive) to come up with a Gold Standard (not worth the difficulty of forging) solution, and the existance of such a solution actually increases the value of suceeding with forging the solution.

Usually if you need a more secure than average system, you end up using some combination of silver standard solutions to spread the vulnerability.


Something which has recently apeared in the open source community might end up giving us a solution by turning the whole thing on it's head. Rather than having to trust the central authority for everything, we get the idea of Web of Trust Networks being developed.

Rather than having some arbitry document being standardised and help by the central authority, which you have to jump through various beaurocratic hoops to get, instead you generate a numeric key yourself using standard tools.

Specifically, this is a PGP Public Key which may or may not be the one you use for digitally signed email. If it gets compromised, you just generate a new one, and you don't have to trust the government about anything.

What happens then, is that when people meet who know each other by email, chat, letter or phone, they can recognise each other from the totality of shared details which they have disclosed in past conversations, including how they each characteristically use language.

At some point during the meeting, all the participants (who by now have vouched for each other) get together (sometimes called a Key signing Party) and make sure they have copies of the keys which they have previously generated for themselves.

Over time you end up with a spreading network of people who trust each other to be who they say they are (even if they don't know each other), without the problems of the central repositary acting as a focus of failure.

If you then combine this with other communications technology, it rapidly becomes extremely usefull, and could cheaply be added to most pdas, mobile phones and computers because they already need most of it to do digitaly signed email.

For example you could go into your local bank branch with your phone containing your public and private keys, be recognised by the cashier as you, and swap keys with the bank. All either side knows is how to send secure messages to the other party, but not how to read the messages they sent.

If the key gets compromised, you can tell the bank "here is my new key, and report anyone trying to pretend to be me to the police", and they can do it. If you use your key in the same way in shops when making a credit card payment, then the bank can tell the shop that it is a fraudster because they know that it was revoked.

Because of this spreading pattern of trust and revokation, it becomes much harder to gain from ID theft, and all the bank does in the example is speed up the spread of the information.

last modified 04:04 2007/01/07