CRCS Act with Andrew Neff: "The Internet Identity Mess and Opportunities for Improvement"

Date: 

Monday, April 11, 2016, 11:30am to 1:00pm

Location: 

Maxwell Dworkin 119, 33 Oxford Street, Cambridge

CRCS Informal Discussion

Discussion leader: Andrew Neff

Title: "The Internet Identity Mess and Opportunities for Improvement"

Abstract: Well into the mainstream Internet's third decade, news about large scale theft of private personal data, including authentication information such as passwords, still comes out with alarming frequency. Meanwhile, even when it isn't stolen, this information is generally perceived to be misused and monetized in ways that disadvantage and disempower the average person. Frustratingly, academicians have known since the 1980s how to dramatically mitigate threats on both fronts by way of public key techniques. These techniques may have been impractical for mass Internet use as recently as a decade ago, but genuine technology availability and usability problems no longer exist. All that seems to stand in the way now are significant, but surmountable standards and adoption hurdles.

This discussion will cover some of the history of failures, and propose an initial, robust authentication prototype that is especially light weight and easy to deploy. Historically, it has been hard to convince the general public that data security and privacy are "worth the effort." But perhaps it is now possible to make the effort required small enough that a critical mass of people will adopt. If that happens, additional interesting opportunities to improve, and perhaps decentralize other important everyday transactions quickly open up.

Discussion Related Links

Sampling of (In-)Security News

Internet Structural Issues