On this post the blogger ( mentions that Estonia is going to issue an OpenID for all its citizens as part of a national electronic identity project they already have implemented.
The blogger makes a rather bold claim:
"Those OpenID�s are very secure because smart cards are required which make phishing and identity theft impossible."
But as Simon Willson asks - how?
This is a classic case of being more positive than realities because when it comes to security - nothing is ever truly impossible. It can be harder - but hardly impossible. History is littered with examples where the "impossible" happened -
The Great Wall of China. Maginot Line. Titanic. 9/11.
And So am I really completely wrong? As far as I know scammers need a smart card as well to log in even if they know my password.
Here are some ways I could see how this system could fail:
- A person could be threatened or bribed into activating their smart-card for someone else to use
- The openid service itself could be hacked and thus faked
- The smart cards could be forged
- Valid smart cards could be given to false identities either through forged documents or dishonest government employees
- Someone could figure out how to simulate a valid smart-card authentication
- The openid server could have a bug that allowed for cross-site scripting attacks
- A phishing site might discover a way to capture a valid authentication and replay it later
And smart-card authentication is generally more secure than simple username & password.
But we should be keeping in mind how these things can fail and adjust our trust levels as necessary.
Comments (1)
Even more importantly, there is no standard way for relying parties to know that a smart card was used.
Posted by Phil Hunt | May 25, 2007 3:07 PM
Posted on May 25, 2007 15:07