WEDNESDAY, 1 NOVEMBER 2000
He begins calmly, gently, and slowly to explain. Globally, two percent of credit card transactions involve deceit of some kind. And, he adds, fifty percent of those two percent take place on the Internet. He pauses rather a long time to allow me to absorb the information. How do we avoid such duplicity? In order for fraud to take place in the first place there must be some kind of data misrepresentation or alteration. Otherwise, by definition, the facts are being accurately presented and there is no fraud. So we must consider which facts, when misrepresented would benefit the fraudster? Combining this with which scams are technically practical would give an idea of the types of deception likely to take place."Technical practicality is the most important issue for banks. Crimes can only occur if there are vulnerabilities in the system and can only be avoided for certain if these vulnerabilities are fixed." The banks are not prepared to wait for social reform, that point is clear.
"Can you explain it all to a blonde?" Elvezio clears his throat. He is obviously fluent. "There are two main routes for fraud on the Internet. The first concerns the transfer of data from one location to another. The second concerns the open nature of the Internet. The two main questions for the banks are, 'is the subject really the subject?' And 'are the data really the data?' These are potentially the two sources of fraudulent threat. The next question is how the data or subject may be practically altered in order to benefit the imposter? And how could such an alteration be avoided?" He continues, calmly. "In the banking context - online banking, remote banking, or home banking, the subjects involved are the bank's customer, and the bank's web server application. The data involved are the personal and financial data of the customer."
Fraud may occur where there is a lack of security about the subject's identity. For example, the customer might incorrectly believe him/herself to be in contact with the bank's server application, or the bank may wrongly believe itself to be accessed by the registered user. In both these examples the matter constitutes an 'authentification problem' (where 'authentification' refers to the ability to check in advance the identity of the counterpart) as well as a 'non-repudiation problem' (where 'non-repudiation' means that in this case neither party can claim to have been involved as the unique possible sender or receiver).
He stops for a moment, giving me some time to take this in. "So that was an example of where the subject is not the subject. Now for where the data are not the data." Fraud may occur where there is a lack of security in end-to-end data integrity. In this case, the received message may not match the message sent. "Only one bit of alteration would be enough to cause an integrity violation" he emphasises. Data fraud may also occur due to a lack of security in data confidentiality. "This may be the result of data being conveyed without an encrypting function or the result of encrypting keys not being used efficiently." In this case, 'efficiency' refers to the effective splitting of encrypting keys into smaller components managed by different security officers.
"What kind of security system would be able to avoid these types of problem we've described, specifically on the Internet?" He wasn't expecting an answer. "The Internet allows subjects to interact with each other without a prior knowledge and verification of their physical existence, consistency, dimension, obicazione." Obicazione? He doesn't know the word in English but I do catch his drift.
"While closed networks work on the basis of bilateral agreements about security procedures between each couple of members, open networks ideally require an alternative practice."
In closed networks, bilateral agreements between users make the overall geometry of interrelationships 'symmetric'- to ensure data confidentiality partners may exchange a key, referred to as a 'transport key.' This key is used by both the sender to encrypt and the receiver to decrypt.
On the other hand, an open system requires the 'asymmetric' geometry of the 'Public Key Infrastructure' (PKI). Here, using a mathematical function called an 'RSA algorithm' (Rivett, Shamir, Aldeman), two keys are generated, of which one is the 'private key' and the other is the 'public key.' What is encrypted with the 'private' key can only be decrypted using the 'public' key, and vice versa. Furthermore, if the keys are long enough (we commonly here use keys around the size of 1024 bytes) it is practically impossible to work the value of one key out using the value of the other. The holder of the asymmetric keys asks a specialised body, operating as a 'certification authority' to issue and publish in a directory the virtual certificate of his public key, an equation in the form of 'Mr Smith = his public key.' Nobody else can be associated with, or share the same key.
"A gibbon could crack a four figure code." Elvezio leans back smugly, pleased with his solution. He goes on to explain that the key is very long, and almost impossible to crack. "That sounds very difficult to remember", I reply, "who types the key in?" The key isn't typed in at all, instead a piece of software is used to activate the key by entering a passcode. "So effectively, the key is the passcode? Was there any need to pay tens of thousands of Lire to the mathematicians that came up with all of those impressive algorithms?" He reminds me that tens of thousands of Lire would hardly be enough to buy each mathematician an ice cream. "Ok then, millions of Lire." Billions of Lire, he says. More than your country has spent on this, he adds. "So you have spent billions of Lire on the process of creating an uncrackable key when all that you need is a four figure code to activate it? A gibbon could crack a four figure code." He does not understand what a gibbon is but he does catch my drift. "It would simply be impossible" he notes, as the key is written into the chips of the computer. Which means you can only send such messages from one computer?
"Well, we are still working on interoperability." I just had to laugh. "Although we have recently developed a system involving a security card that can activate the key from a different location." Wouldn't that put us back in the situation where all we have is a passcode and a card? And don't we all write our PIN numbers down anyway? He assures me that it is only stupid people who write their PIN numbers down. I ask him to name a security system that had ever failed due to overestimating the stupidity of people. He smiles, "you win on that one."
Leaning forwards he gently softens his eyes. An expert, indeed. I will not fall for it. "Your timing was perfect," he says. "Next weekend I am in Venice. Last weekend, Vienna." How is Vienna? "Beautiful. As always." As always. It has been a while since I have been. I must think of a reason to visit again. Perhaps someone to interview. "Elvezio," I try to maintain a cool professionalism. "How kind of you to spare so much of your time explaining all this to me." "Of course," he replies, with an inappropriate smile, "my apartment is much improved already. Perhaps you would like to stay?" It's considerate, but I must go back to Cambridge to write up this article for Varsity.
Rend S. Shakir is a Ph.D. student in Psychiatry at St. Catharine's