[cap-talk] Definition of Authentication on wiki.erights.org

Matej Kosik kosik at fiit.stuba.sk
Sat Sep 5 18:17:55 EDT 2009 

Rob Meijer wrote:
> On Sat, September 5, 2009 21:35, Matej Kosik wrote:
>> Rob Meijer wrote:
>>> On Sat, September 5, 2009 13:04, Matej Kosik wrote:
>>>> Karp, Alan H wrote:
>>>>>> Another example: You have a piece of software. We already know how to
>>>>>> follow POLA and POLA may be enforced over that software which is good
>>>>>> but it is always interesting (if a given software does not work as
>>>>>> expected) to determine its genuinity. You can blame vendor only for
>>>>>> genuine software not for fakes.
>>>>>>
>>>>> An example of authentication that doesn't involve identity.  For
>>>>> example, if someone you trust gives you the hash code of the software,
>>>>> you can authenticate it without knowing who wrote it.
>>>> I think identity is still present. My authentication process determines
>>>> whether hashes were issued by subject(s) I trust.
>>> There may be identity involved, but if you use a hash (from any trusted
>>> source) to authenticate a piece of software with a trusted hash, you are
>>> validating a property of the software (its integrity), not trying to
>>> find
>>> out which of your friends might have signed it.
>> I disagree. When I download some package via apt-get, given package is
>> digitally signed. During authentication procedure I check whether that
>> given package was released by Debian developers. In other words, I check
>> who is at the other end of the communication channel through which I
>> downloaded that package.
> 
> Please stop changing the examples mid-way, we were talking about a hash,
> not a signature.
> 
>> Do not confuse this with checking of integrity. This is not what happens
>> here. Debian developers could distribute a modified version of the
>> software. In order to check itegrity, I would have to have those hashes
>> in advance which I do not have. I therefore rely on downloading software
>> from trusted source. Authentication does not reveal any other fancy
>> thing but whether at the other end of the communication channel are, in
>> my case, Debian developers.
>>
>> So this example of authentication fits definition 1.
> 
> If you keep bending the examples every example will fit definition 1.
> 
> 
>> Are there examples covered by definition 1 which should not be covered?
> 
> No, 1 defines a perfectly good subset of authentication. That is, 1
> defines 'subject identity authentication'.
> 
>> Are there examples not covered by definition 1 which should be covered?
> 
> Yes, authentication that validates object properties (like the one Alan
> mentioned),

Do you mean that:
- I have some file (e.g. foo.tar.gz)
- I know its correct md5sum has
  (e.g. 0308e7b8c023f1021702bfe033c392a4)
- if I verify (with md5sum program) that
  my copy of `foo.tar.gz' has correct hash
Then I have performed authentication? In my opinion it is mere
verification that given file is the one we want. This case not only does
not fall under definition 1 and that is fine.

The example changed mid-way, on the other hand, falls under definition 1
and that is fine too.

Are there examples covered by definition 1 which should not be covered?
Are there examples not covered by definition 1 which should be covered?
-- 
Matej Kosik

More information about the cap-talk mailing list