Financial identity is *dangerous*? (was re: Fake companies, real money)

[R.A. Hettinga]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 9:49 AM -0400 10/12/04, John Kelsey wrote:
>Hmmm.  I guess I don't see why this story supports that argument all
>that well.

More like the straw that broke the camel's back, admittedly.

A long time ago I came to the conclusion that the closer we get to
transaction instantaneity, the less counterparty identity matters at
all. That is, the fastest transaction we can think of is a
cryptographically secure glop of bits that is issued by an entity who
is responsible for the integrity of the transaction and the quality
of assets that the bits represent. Blind signature notes work fine
for a first-order approximation. In other words, an internet bearer
transaction.

In such a scenario, nobody *cares* who the counterparties are for two
reasons. The first reason is existential: title to the asset has
transferred instantaneously. There is *no* float. I have it now, so I
don't *care* who you were, because, well, it's *mine* now. :-).

Second, keeping an audit trail when the title is never in question
is, in the best circumstances superfluous and expensive, and, in the
worst, even dangerous for any of a number of security reasons,
depending on the color of your adversary's hat, or the color your
adversary thinks his hat is, or whatever. Keeping track of credit
card numbers in a database is an extant problem, for instance, with a
known, shall we say, market cost. We'll leave political seizure  and
other artifacts of totalitarianism to counted by the actuaries.

> Clearly, book entry systems where I can do transactions in your
>name and you are held liable for them are bad, but that's like
>looking at Windows 98's security flaws and deciding that x86
>processors can't support good OS security.

I'm walking out on a limb here, in light of what I said above, and
saying that when there's *any* float in the process, your liability
for identity theft increases with the float involved. Furthermore,
book-entry transactions *require* float, somewhere. They are
debt-dependent. Someone has to *borrow* money to effect a
transaction. (In a bearer transaction, the shoe's on the other foot,
the purchaser is *loaning* money, at zero interest, but that's what
the buyer wants so the system compensates accordingly, but that's
another story.) Because the purchaser has to borrow money to pay, and
because you *cannot* wring the float out of a transaction (that is,
you can get instantaneous execution, but the transaction clears and
settles at a later date; 90 days is the maximum float time for a
non-repudiated credit-card transaction, for instance), I claim that
book-entry transactions will *always* be liable for "identity" theft.

Put another way, remember Doug Barnes' famous quip that "and then you
go to jail" is not an acceptable error handling step for a
transnational internet transaction protocol.

I would claim that enforcement of identity as a legal concept costs
too much in the long run to be useful, and that the cheapest way to
avoid the whole problem is to go to systems which not only don't
require identity, but they don't even require book-entry *accounts*
at all to function at the user level.

Financial cryptography has had that technology for more than two
decades now, so long that the patent's about expired on it, if it
hasn't already.

>The aspect of this that's generally spooky is not the existence of
>book entry payment systems, it's the ease with which someone can get
>credit (in one form or another) in your name, based on information
>they got from public records and maybe a bit of dumpster diving,
>some spyware installed on your machine, or a phishing expedition.
>How the payment systems are cleared isn't going to change that,
>right?  (I know you've thought about this stuff a lot more than I
>have, so maybe I'm missing something....)

See above. When you use book-entry transactions, by definition, you
need identity. Biometric, is-a-person,
go-to-jail-if-you-lie-about-a-book-entry identity. With bearer
transactions, digital/internet or otherwise, you don't have identity.
You don't *need* identity to execute, clear, and settle the
transaction, primarily because all three happen at once. There's no
float between the three activities. You don't have to send someone to
jail if they lie, because the transaction never executes in the first
place if they do.

Now, there are tradeoffs. The first one is key management, which as
Schneier likes to point out, is a hard problem. Personally, I think
that if you don't have to associate a key with a flesh-and-blood body
in meatspace, a whole continent full of problems just disappears. In
a bearer transaction, it's orthogonal to the issue of security
anyway, and all it does is cost you money to do for no added benefit.

The second one is security of the digital bearer notes and coins
themselves, which, frankly, scares people in the finance business
most of all. However, I would claim that all organizations, and even
people :-), do their *database* and document backups already, and
that proper system hygiene will evolve, particularly if literal money
is involved. Frankly, there already is a market for distributed data
storage, and there are even working systems using m-of-n distributed
data storage, which would be the most secure way to solve the
problem. And, as we all know, digital bearer transactions are the
best *way* to pay for those kinds of m-of-n services anyway, so it
feeds on itself nicely.


I think that it's less of a chicken-and-egg problem than it used to
be, and I think that reality is catching up to all the theory we've
kicked around on these lists for more than a decade now.  The
ultimate solution to the problem of identity theft is to not use
identity at all, and, frankly, not even to use book-entries at all.

Cheers,
RAH






-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3

iQA/AwUBQWvvMcPxH8jf3ohaEQK7sQCgv7HrWERRq8oJwZWq+6K/Ekiq4mMAoKCc
sc4xGjfFFKMysKjV2hRDjSsy
=C/Ar
-----END PGP SIGNATURE-----

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'