Logics of authentication, lieing and obscurity · Logics of AuthenticAtion, Lieing And obscurity...

Logics of authentication, lieing and obscurity

ORATIENOVEMBER 22Nd 2012

PROf.dR. duskO PAvlOvIc

6093 Oratieboekje Pavlovic.indd 1 13-12-12 12:15

PROf.dR. duskO PaVlOVic


3

NOVEMBER 22Nd 2012

iN auguRal lEctuRE giVEN tO MaRk tHE asuMPtiON Of tHE POsitiONas PROfEsOR Of

sEcuRity PROtOcOls

at tHE faculty Of ElEctRical ENgiNEERiNg, MatHEMatics aNd cOMPutER sciENcE at tHE uNiVERsity Of tWENtEON tHuRsday NOVEMBER 22Nd 2012By

PROf.dR. duskO PaVlOVic

logics of authentication, liEiNg and obscurity


4

Logics of AuthenticAtion,Lieing And obscurity

cOnTEnTs

1 Introduction...............................................................................5

2 Question.....................................................................................6

3 Protocols....................................................................................9

4 Authentication..........................................................................13

5 Impersonation..........................................................................18

6 Science.....................................................................................22

7 Obscurity,socialcontext,andtheendoflying........................25

8 Lieingbeyondlying...................................................................28

9 Thanks......................................................................................30


5

1 introduction

MijnheerdeRector,bestecollega’senstudenten,damesenheren.Het

isvoormeeenbijzonderplezieromhetambtvanhoogleraarjuisthier

inNederlandtemogenaanvaarden.

Hoewel ik tot nu toe bij de universiteiten vanmaar lieftst 7 landen

in dienst ben geweest, en zelfs nu alleenmaar een vijfde vanmijn

tijd inNederlandwerkzaamben,ende restelders—heb ik toch in

Nederland afgestudeerd en gepromoveerd, in Nederland een beetje

logicageleerd,en ikhebookweltweeNederlandsekinderen.Maar,

op ditmoment zijnmijnNederlandse kinderen in LosAngeles, and

myCaliforniansonLukaandmywifeAbbyarehere.Sowhile Istill

feelhomehere,IhopethatyouwillpermitmetocontinueinEnglish.


6

2 Question

Myinterestinlying,whichIwantedtotellyouabout,startedfarfrom

here,alongtimeago.IspentmychildhoodinSarajevo,Bosnia,which

usedtobeapartofasocialistcountrycalledYugoslavia.Inaddition

tofreeeducation,freehealthcare,andnottoomanyworkpressures,

socialism gave us an abundance of political life,whichwas carried

outinaparticularpoliticallanguage.Watchingmygrandfatherwatch

theTVnews,listeningtomymotherexplainherviewsofourcountry

to a curious police inspector, I started askingmyself: ”Can a lie be

recognizedbyitsgrammaticalform?”

SoIwentontostudyphilosophy,andquicklylearnedthataliecould

notberecognizedbyitsgrammaticalform.Therearedeepandskilful

philosophicalargumentsforalmostanything.Forinstance,therewas

aGreekphilosopherParmenides,apre-Socratic,whoarguedthatthere

wasnomovementintheUniverse.AndwhileParmenideswasexplaining

thatallmovementwasjustanillusion,amerewrinkleonanimmobile

Truth (αληθεια), his disciple Zeno paced up and down, mobilizedby the logical paradoxes arising from the concept of movement.

SoIwenttostudymathematics.Mathematicsis,ofcourse,alsonot

gearedtowardsrecognizinglies,buttowardsprovingthetruths:ifyou

canproveatheorem,andifitsassumptionsaretrue,thenthetheorem

mustbetrue.Orifyouknowthattheconclusionisfalse,thensomeofthe

assumptionsmustbefalse.Youmaynotbeabletodecidewhichparticular

assumptionisfalse,butyouknowthattheycannotbetruetogether.

Somathematicshelpsustorecognizesomeliesthroughtheirmutual

inconsistencies.Butthismaytakeanyamountoftime,andmoreover

manyliesareperfectlyconsistent,andcannotberecognizedinthisway.

Infact,realmathematiciansareusuallynotsointerestedinwhatistrue

andwhatnot;theyjustlookforhardproblemstosolve.Thedifference


7

betweenamathematicianandaprogrammeristhatthemathematician

seeks out hard problems,whereas the programmer avoids them

wheneverhecan,andonlyscalestheobstaclesthathecannotavoid.

SoIgraduallydroppedoutofmath,andbecameaprogrammer.That’s

howIgotstuckwithcomputers.Ifthereisonethingthathappened

duringmy lifetime, that is, of course, computers. Later I ended up

workinginmathsagain,butonlyasmuchasmathsdrivescomputers.

SoforawhileIforgotaboutlyingandobscurity,becauseitseemedthatfor

computers,itdoesn’tmattersomuch.Youcannotreallylietoacomputer.

Acomputerprogramcannotbe trueor false. Itcanbe fastorslow,

simpleorcomplicated,safeorunsafe,correctorincorrect;butitcannot

bealie.Sotheproblemdisappeared,andwealllivedhappilyeverafter.

ButthentheInternethappened,andtheWebontopofit,anditallgot

mixedup again: people and computers andphones and advertising

andpolitics.Itallstartedbrewinginthisbigpotofinformationonthis

globalnetworkofnetworks,whichbecame thenewComputer. The

Computerusedtobeabox,firstbigboxandthensmallerandsmaller,

butinanycaseyoucouldsitsomewherenexttothisthingandprogram

it.Withtheadventofnetworks,thecomputationreallyescapedfrom

thisbox;itspreadaroundtheworld,andtheComputerdisappeared:

thecomputations that I initiateonmy laptopdonothappenonmy

laptop,butsomewhereelse.Theycallothercomputationsthathappen

stillfurtherafield.Soforallpracticalpurposes,thesecomputationscan

bethoughtofashappeningeverywhere,whichisthesameasnowhere

inparticular.TheComputerdisappeared.Andcomputationbecamea

formoflife,spreadingviruses,swarmingintobotnets,robbingcyber

casinosandimpersonatingrichwidowsfromNigeria.Lyinginoneform

or another came to be one of the central technical problems of

computersecurity,andcomputersecuritycametobeoneofthebest

paid jobsevenforamoderatelynerdypersonlikeme.SoIendedin

computersecurity.


8

Tocutthestoryshort,afterawhileofdoingthatinCalifornia,Ibecame

ProfessorofSecurityProtocolshereinEnschede.Somepeoplebecome

professors ofMathematics, or of Computer Science; others become

professorsofPhilosophy,orofChemistry,orofQuantumMechanics.

AndIbecameaProfessorofSecurityProtocols.

Iexpect thatmanyofyouarenowtemptedtoask:”What kind of a

science is that — Security Protocols?”

Well,thatsciencehappenstobethislogicsofauthentication,andlying

andobscurity,thatIwanttotellyouabout.


9

3 ProtocoLs

To begin, let us look at a security protocol. Here is one that

mostofyouprobablyknow:theonlinebankingprotocol.

IstolethepicturefromourfriendsinNijmegen.Youusethisprotocol

ittopayyourbillsfromhome.Youprobablyusedtodothisbylogging

in into your bank’s web site with a password. This worked until a

coupleofyearsago.Sincethepasswordsareofteneasytoguess,this

turnedouttobeinsecure,sotheyimprovedtoprotocol,andnowin

additiontoyourpassword,youalsoneedyourbankcardtologininto

yourbank’swebsite.Thisiscalledtwo-factor authentication. Thetwo

factorsarethepasswordandthebankcard.Theauthenticationisthis

processwherebythebankmakessurethatthepaymentrequests,that

claimtobefromyou,arewreallycomingfromyou.Thisonlinebanking

protocolauthenticatesyouastheonlypersonwhohasyourbankcard,

andmoreoverknowsthecorrespondingPINandyourpassword.Inthe

timebeforecomputers,thetraditionalbankingprotocolsrequiredthat

youcometoyourbank,andauthenticateyourselfbyshowingaphoto

ID.YouwereauthenticatedastheonlypersonwhohadyourphotoID,

andwholookedlikeyou.

Mostofyouare,ofcourse,familiarwithmanyprotocolslikethis.But

letmeshowyouareallyoldone,goingbacksome6000years.


10

Ontherightyouseethe”bankcards”thatwereusedinUruq(Iraq)

inYoungNeolithic,around3700BC.Ontheleftyouseeapictureof

a”bankingprotocol”wheretheseearly”bankcards”wereprobably

used.AlicehasalambandBobhasbuiltasecurevault,perhapswith

multiple security levels, spacious enough to store both Bob’s and

Alice’sassets.This vault canbe thoughtof asanearlybank.When

Alicewould go for a vacation, shewould leave her sheep in Bob’s

bank.Butoneyear,whenshecamebackfromhervacation,andasked

forhersheep,Bobsaid:”Whichsheep?”Luckily,Bobwasonlyjoking,

andheeventuallygavebackAlice’ssheep.

But next year, when Alice needed to go for a vacation again, she

askedBobtogiveheraproofthatshelefthersheepwithhim.Bob

theninventeda security token:hemadealittleclaytablet,anddrewa

pictureofAlice’ssheeponit,orapictogramcorrespondingtoamark

on thesheep.Alice took thisclay token,andwent for thevacation.

Butwhenshecameback,shebroughtwithher3such tokens,and

requested3sheep.Thejokegotsomehowresolvedagain,ornot;but

inanycase,Boblearnedthelesson.

NextyearwhenAlicecametodeposithersheepinBob’sbankagain,

Bob invented a tamper resistant security token. This time, he didn’t


11

giveAlicejust3claytokenscorrespondingtohersheep.Hefirsttook

abiggerlumpofclay,madeahollowsphereofit,liketheonethatyou

seeonthepicture.Suchspheresarenowadayscalledbullæ,andkept

inmusea.TheoneonthepictureiffromLouvre.Bobusedthisbullaon

thepictureasanenvelope:heputthetokensinsideit,andthenbaked

it,sothatthetokenscanonlybeaccessedifthebullaisbroken.Now

Alicecannotaddtokensonherown,notwithoutbreakingthebulla.

Theprotocolsaysthat

• onlyBobisallowedtoopenthebulla;

• Alicemustsubmitthebullatogetthesheep;

• Bobmustreleasethesheepwhenthebullaissubmitted;

• anyonewhosubmitsthebullagetsthesheep.

It is interestingtonotethatAlicecould,andonoccasionsurelydid,

passonherbullawiththesheeptokenstoCarol,inexchangeforsome

of Carol’s goods, say an amphora full of olive oil,which could also

bestoredinBob’sbankandsecuredbyatokenenclosedinanother

bulla.Sobytradingtheirbullæ,AliceandCarolcouldtradetheirgoods

without ever moving them from Bob’s bank.Whenever needed, of

course,theycouldwithdrawtheirgoodsfromthebankbysubmittingto

Bobthebullæthattheyownatthatmoment.Carolcouldalsopassher

sheepbullatoDave,andsoon.Thisishowmarketeconomywasborn.

Obviously,asthemarketexpanded,morerobusttokenswereneeded.

Thetokensusedinthebullæevolvedintotheearliestformsofmoney,

andthe inscriptionsonthemledtotheearliestnumeralsystems,as

wellas toSumeriancuneiformscript,whichwasoneof theearliest

alphabets.Authenticationprotocolsthuspredatedliterature,science,

mathematics,andevenmoney.

Infact,theyevenpredatethecivilization,asthereisalotoflyingand

authenticationinnatureevenwithoutus.Hereisareallyoldprotocol.


12

Lookatthislittlebirdontheleft.Itisawren.Itsmainpurposeinlife

istoraiseitschicks.Buteveryonceinawhile, insteadofraisingits

ownchicks,itendsupraisinganotherbird’schicks.Ontherightyou

seethelittlewrenfeedingacuckoochick,whichgrewwithinacouple

ofweekstobelargerthanitsunwittingadoptiveparent.Thecuckoo

eggwassecretlylaidintowren’snest.Thepoorwrenwasunableto

tellitsownchicksfromthecuckoochickwhenthechickswerelittle.

Sothewrenfedallchicksthathatched in itsnest.Thecuckoosnot

onlydevelopedthetricktolayeggsinwren’snests;thecuckoochicks

developedthetricktopushwren’schicksoutofthenest,andtakeover.

In response to these tricks, thewrens developed an authentication

protocol.Recentlyithasbeenshownthatsomebabywrenslistento

theirmother’schirpswhilestillintheegg,andchirpliketheirmother

as soon as they hatch. Themother then only feeds the chicks that

chirpinherparticularway.Thecuckoosstilldidn’tdevelopacapability

to chirp like wrens, so they don’t pass this authentication test.

Nature is full of this: animals lie just like we do, and they try to

detect lies, just like we do. We didn’t invent any of that. And to

detect lies, they evolve authentication protocols, just like we do.


13

4 AuthenticAtion

Sohowdoauthenticationprotocolsuncoverlies?Firstofall,whatare

lies?

Tobegindefining lies, letussuppose thatwearegivena language,

say English, and we make statements that we all understand.

Suppose furthermore that we have a domain of interpretation for

thesestatements,saythisroom.Soeachstatement in itself iseither

trueorfalse,dependingonthestateofaffairsinthisroom.Forsome

statementswecandirectlyobservewhethertheyaretrueorfalse;for

otherswe cannot. For instance, I couldmake a statement that this

deskisflat,andthatIamanaccomplishedpianist.Fromyourposition,

youcanprobablyseethatthefirststatementistrue;butthesecond

statement might be a lie. It is difficult to establish its truth value,

becausemy capability as a pianist is not directly observable in this

room. So that is something that you might need to authenticate.

Authentication is theprocesswherebyweestablish theconnections

between the observable and the unobservable properties. More

precisely, an authentication protocol allows us to conclude that an

unobservablepropertyissatisfiedfromthefactthatacloselyrelated

propertyhasbeenobserved:

ObservableUnobservable

For instance, intheonlinebankingprotocol, thebankwasonlyable

toobservethemessagesreceivedfromthecustomer,whowashome

at his computer, and could not be directly observed. The protocol

was then designed to guarantee that, if the messages received

by the bank are in a certain form, then thesemessagesmust have

beensentby thecustomer;andmoreover that thecustomer indeed

intendedtorequestthetransactionsexactlyasinterpretedbythebank.


14

Buthowisthispossible?Whyisitsoundtodrawconclusionsabout

whatisunobservablefromwhatisobservable?

Suchconclusionsare,ofcourse,notsound ingeneral.But insome

cases,weknowthatsomethingthatweseemusthavebeencaused

bysomethingthatwedonotsee.Asuddenrippleonaperfectlycalm

water surface,without a breath ofwind in the air,must have been

causedbyamovementunderthesurface.Aparticularchirpthatonly

my babywrens can produce,must have been produced by one of

mybabywrens.Amessage thatcouldonlybecomputedbyAlice’s

smartcardenabledbyherPIN,musthavebeenproducedbyAlice.

Someobservablephenomenacanonlyariseundersomeunobservable

conditions.Ifweobservesuchphenomena,thenwecanbesurethat

the unobservable conditions must have been satisfied. That is the

essenceofauthentication.

Hereistheprimordialexampleofauthentication.

On the left, I observe that I think. In the comicbook language, the

statement that I see that I thinkmeans that I can seemy cloud of

thoughts.Moreover,Ialsoknowthatingeneral,acloudofthoughts

cannot ariseon itsown: itmustbeabove someone’shead. Itmust


15

beacloudofsomeone’s thoughts.And I alsoknow that ingeneral,

everyone can only observe their own thoughts. They cannot read

anyone else’s thoughts. So these thoughts that I observe must be

someone’sthoughts,andthatsomeonemustbeme.Inthisway,Ican

concludewhatIcannotobserve:sincemythoughtsarethere,Imust

alsobethere,underthiscloudofthoughtsthatIsee.Thisis,roughly,

how Descartes authenticated himself, and in the end reached the

well-knownconclusion:”Cogito, ergo sum”. Ithink,thereforeIexist.

JustastepbeyondRenéDescartes’authanticationofhimselfisBob’s

cryptographicauthenticationofAlice,presentedonthenextpicture.

AlthoughAlicemaybefarawayfromBob,andthereforeunobservable

tohim,ifBobreceivesamessageboundtoAlice’ssignature,thenhe

canbesure that themessagemusthaveoriginatedfromAlice.This

kind of reasoning, supported by cryptography, underlies the online

bankingprotocol,fromwhichwestarted.JustlikeRenésaidtohimself:

”Ithink,thereforeIexist”,BobsaidtoAlice:”Youdecrypt,therefore

youexist.”


16

In general, authentication thus derives something unobservable

fromsomethingobservablebytrackingdownaninvisibleactionthat

musthavecaused thevisible reaction, thatweobserve.This logical

derivationisoftenformalizedasinformationflowthroughachannel,

ormorepreciselythroughanauthentic channel.Anauthenticchannel

canbeimaginedasNewton’scradlebutsuchthatyoucanonlyseethe

reactionononeside,andyoucannotdirectlyobservetheactiononthe

otherside.Theactionisattheinputofthechannel,thereactionatthe

output,andyouonlyseetheoutput.Sowhenyouobservethereaction

attheoutputofthechannel,thenyoucanbesurethattheactionmust

havetakenplaceattheinput,althoughyoucannotobserveit.Thatis

authentication.

All examples of authentication that we have seen are based on

authentic channels: René’s introspection into his thinking is an

authenticchannel,AliceandBob’scryptographyprovidesanauthentic

channel,thebankcardsareanotherone,theneolithicclaybullæare

anotherone,babybirds’biometric chirping is yet another authentic

channel.Designingauthenticationprotocolsmainlyconsistsoffinding

andutilizingsuchchannels,andpushingsomeunobservableactionsat

theinputtogetthecorrespondingobservablereactionsontheoutput.


17

Authentication protocols allow us to prevent and detect many lies.

Social life isatissueformedbymyriadsofprotocols.Someofthem

are obvious,many are invisible. An inaugural lecture iswovenwith

many authentications. The Professor authenticates her academic

background. The University authenticates its academic roots.Many

authentications are embedded in the redundanciesof the language,

initsgrammatical,stylistic,orthographicconventions,uncoveringour

buriedsecrets,talents,andshortcomings.Mydressstyle,mannerisms,

demeanor are the social projections thrown into the space of

codes that that evolved in order to authenticatemy social position.

Protocols prevent us from lying that we are someone else. But

protocols alsoenableus toprove thatweare someoneelse—when

we manage to defeat a protocol and impersonate someone else.


18

5 imPersonAtion

Thereisaninterestinggeneralmethodthatletsyougetawaywithalie

bydefeatingalmostanyauthenticationprotocol.

Forinstance,supposethatyouwanttoauthenticatenotjustwhether

someonebelongs to thisor that socialgroup,butwhether theyare

humanatall.AlanTuringcameupwiththisauthenticationtaskalmost

immediately after he invented the concept of computer. Here is a

pictureofTuring’scomputer,theTuringMachine.

Thismachinewas proposed as an abstract,mathematicalmodel of

computer,butitisfairtosaythatalldigitalcomputersarereallybased

onthismodel.Thearchitectureofourcomputersgoesunderthename

von Neumann architecture,butJohnvonNeumannhimselfattributed

toAlanTuringthefundamentalideaofauniversalcomputer,capable

toperformallpossiblecomputationsbyexecutingdifferentprograms.

Havingprogrammed thisabstractcomputer foracoupleofyears in

theearly1930s,AlanTuringrealizedthat,inprinciple,suchcomputers

couldgeneratecorrect sentences, say inEnglish.Maybe theycould

be programmed to generatemeaningful sentences?Maybe even to

maintainaconversation?Soheraisedthequestionwhetheryoucould

specifyanauthenticationprotocol,areceipthowtorunaconversation

withsomeoneyoudon’t seeorhear, justbyexchangingmessages,


19

somethinglikeemail,orinstantmessaging.Nowcouldyourrunthis

conversationinsuchawaytobeabletoeventuallytellwhetheryou

areconversingwithacomputerorwithahuman?Whatwouldyou

askthem?SuchanauthenticationprotocolisknownasaTuring test.

Turing raised this question in 1950, in the articlewith the titleCan

machines think?Therehasbeenalotofphilosophyaboutthis,butin

themeantime,thisbecameapracticalquestion,andyouarenowadays

required to undergo a Turing test whenever you want a free web

service,e.g.toopenanewwebmailaccount.Themostfamiliarform

ofTuringtestareCAPTCHAs.

CAPTCHAsweredesignedatCarnegieMellonUniversityandthename

stands forCarnegieAutomatedPublic Turing test to tell Computers

andHumansApart.Theyare those littlegraphicfiles thatdisplay in


20

yourbrowseroftwirlycharacterstrings.Whenallworkswell,ahuman

caneasilytellwhichcharactersaredisplayedinthescreen,whereas

abot(whichisjustacomputerprogramcapableoftravellingonthe

Internet) cannot. So the humans pass the test, and the bots don’t.

CAPTCHAs were developed because the spammers needed a lot

of webmail addresses to send spam, so they wrote bots to open

thousandsof freewebmail addresses every day atHotmail, Yahoo!,

Gmailetc.Theseprovidersdidnot likethis,sotheyneededaTuring

testtorecognizethebots.

But as soon as the CAPTCHAs were developed and deployed, an

unknownspammerdevisedthefollowingmethodtodefeatanyTuring

test.

Hesetupafreepornsite,thesecondrectanglefromtherightonthe

pictureabove.Sinceitisfree,therearesomehumanvisitorsthereat

alltimesofdayandnight.Soabotgoestosetupawebmailaccount

withGmail,orYahoo.Thebot is thesecondrectangle fromthe left,

playedbyAgentSmithfromthemovieMatrix.NowGmailasksAgent

SmithtosolveaCAPTCHA.AgentSmithisjustapieceofcode,sohe

doesn’tseetheCAPTCHA.Butheforwardsthegraphicfiletotheporn

site,andthepornsitedisplaystheCAPTCHAtooneofthevisitors,and

askshimtosolveit,inexchangeforbeingabletocontinuebrowsing

for free. Thevisitor solvesheCAPTCHA, theporn site forwards the

solutiontoAgentSmith,thebotthensubmitsthesolutiontoGmail,

Gmailgiveshimanaccount.AgentSmithhasimpersonatedahuman.


21

Such impersonations are often called Man-in-the-Middle attacks,

becausetheattacker,whichisinthiscaseateamconsistingofAgent

Smithandthepornsite,sitsinthemiddlebetweentheauthenticator,

suchasGmail,andtheauthenticatedclient,inthiscaseahuman,and

justforwardsthemessagesbetweenthem.Itiseasytoseethatasimilar

attackcanbesetupinanynetworkconnectinghumansandcomputers.

In a network, it is thus impossible to distinguish between the two.

So we have seen how authentication protocols prevent lying by

findingandutilizingsomeauthenticchannels;andwehaveseenhow

impersonationattacksdefeatauthenticationprotocolsbyfindingand

utilizingsomeunintendedauthenticchannels.


22

6 science

Besides authentication protocols, there is another important realm

of human endeavor which mainly consists of finding and utilizing

authenticchannels.ThisrealmofhumanendeavoriscalledScience.

Experimentalscientists,likemywife,spendtheirdaysauthenticating

their results, and testing whether their theories about some

unobservable phenomena are confirmed by their observations.

Galileo’stelescopeandLeeuwenhoek’smicroscopearejustchannels

thatmake visible what used to be invisible. Rembrandt’s Professor

Tulpdissectscadaverstoobservesomeotherwiseunobservableparts

of human body. The Large Hadron Collider provides a channel to

subatomicparticles.Scienceadvances throughprotocoldesign,and

theexperimentprotocolsauthenticatelawsofnature.

Inasense,scienceisaspecialcaseauthentication.Inanothersense,

authentication is also a special case of science. Either way, both

scienceandauthenticationboildowntothesamething:testingsome


23

specifiedhypotheses,provingthosethataretrue,anddisprovingthose

thatarefalse.Asabyproduct,werecognizesomelies.

ButlistentowhatRichardFeynman,oneofthegreatestscientistsof

XXcentury,hastosayaboutthis.

Ifwehaveadefinitetheory,fromwhichwecancomputethe

consequenceswhichcanbecomparedwithexperiment,then

inprinciplewecanprovethattheorywrong.

But notice that we can never prove it right.

Supposethatyouinventatheory,calculatetheconsequences,

and discover every time that the consequences agreewith

theexperiment.Thetheoryisthenright?No,itissimplynot

provedwrong.Inthefutureyoucouldcomputeawiderrange

ofconsequences,therecouldbeawiderrangeofexperiments,

andyoumightthendiscoverthatthethingiswrong.

That iswhy laws likeNewton’s laws formotion of planets

last such a long time. He guessed the law of gravitation,

and it took several hundred years before the slight error in

themotion ofMercurywas observed.During all that time,

thetheoryhadnotbeenprovenwrong,andcouldbetaken

temporarilytoberight.—Weneveraredefinitelyright;we

canonlybesurewhenwearewrong.

This is fromFeynman’s lecturesaboutThe Character of the Physical

Law.


24

Sohereisthebestkeptsecretofscience:

• Scienceneverprovesthetruelawsofnature.

– Itnevermakesanydefiniteassertionsoftruth.

• Scienceonlydisprovessomefalsehypotheses.

– Itdetectslies.

Detecting lies is not a byproduct of science. It’s the only

thing it does! If you seek certainty, something to rely upon

—science is thewrongplace togo to!Certainty isonlyclaimedby

religion.

Religion says:Thisisthetruthabouttheworld.Youcanrelyuponit.

Art says: Thisisastoryabouttheworld.Youcanrelaxandplaywitit.

Science says:Thisatheoryabouttheworld.Youshouldn’trelyupon

itmorethanyouhaveto.Youshouldn’trelax,butworktoimproveit.

Science is an important foothold in anyone’squest for amethod to

recognizelies.Butinourscience-drivencivilization,itmaybegoodto

alsorememberwhatscienceisnot.ItisnotThePathtotheTruth.Itis

justaquestforeverbettertheories.Justamethodtorecognizelies.


25

7 obscurity, sociAL context, And the end of Lying

ButFeynmancontinues:

Another thing that Imust point out is that you cannot prove vague

theory wrong.

Hereisanothersecretofscience: Itgetsstuckatobscurity.Science

bustles with untestable theories: string theory, intelligent design,

many-worlds interpretation, universe before the Big Bang. . . Since

theycannotbedisproved,theseobscureanduntestabletheoriesoften

persist longer than their clear and testable counterparts. For similar

reasons,theobscure,prejudicialdiscoursepatternsalsopersistinmany

areasof social life, frompolitics to raising children.Neither science

orauthenticationdon’treallyhaveanythingtosayaboutthepolitical

languagesthatmygrandfatherwaswatchingontheTV.Socialismis

gone,buttheTVnewsarestillplayed.Theymayseemmoreadvanced,

but Idon’tseeanessentialdifference.Differentbutsimilar logicsof

lyingpersistacrossthewholewideworld,andacrosstheWorldWide

Web.

Therewasatime,inthelate1990s,whenyouwouldenterakeyword

tosearchtheWeb,saytheword”Kilimanjaro”,andthesearchengine

wouldreturnnothingbutporn.Thesearchenginesatthattimeonly

indexed the keywords, and the porn sites stuffed their index pages

withmillionsofkeywords,usuallyhiddeninasinglepixel.Inthisway,

theyspoofedthesearchengines,andattractedwebtraffic.Thiswas

calledspamdexing,orkeywordstuffing.Lyingwaseasyandblatanton

theWeb,andthispollutionobliteratedgenuinecontent,andledtothe

demiseofWeb1.0.


26

Googlemadeanendtoallthat,Web2.0flourished,andwearenow

abletofindontheWebalotoftheinformationthatwearelookingfor.

TheyspelledtheEndofLyingontheWeb.Itisilluminatingtorecallhow

thiswasachieved.Inadditiontoindexingthekeywords,modernsearch

enginesalsoindexthehyperlinksleadingfromonewebpagetoanother,

andgathermanyothermetadatawhich allow them tomeasure the

reputationofthewebpages.Thisapproachmadetheinformationflow

ontheWebmorereliable,andchangedthewayweliveourlivesinmany

areas.Theconceptscannowberecognizedasthehighlyconnected

communitiesofnetworknodes,whichpresumablyusethoseconcepts.


27

Itisdifficulttooverestimatetheimportanceofthisparadigmshift.It

says:

• Aliecannotberecognizedbyitsgrammaticalform.

• Aliarcanberecognizedbyhissocialcontext.

In a sense the methods of concept analysis, underlying the

modern information technologies, led us back from Fregean formal

logicsofXXcentury,backtoNietzscheanquestion:

Who speaks?—asthemethodtoendlying.


28

8 Lieing beyond Lying

The trouble is, though, that not only liars can be recognized by

their social context. All kinds of people can be recognized by their

social context: alcoholics, hackers, professors, football supporters,

people who like classical music, people who are planning to

refurbish their house. You can recognize them all by their social

context and behavior on the web, and you can advertise to them!

You can convince them to buy what they otherwise wouldn’t buy.

You can make them believe what they otherwise wouldn’t believe.

Intheworldwithtoomanyauthenticchannels,wemustlearntolieto

protectourselvesfrombeingliedto.Aliarcanberecognizedbythe

socialcontextonlyifthesocialcontextisnotalie.Otherwise,creating

alieiscomputationallyeasierthandetectingit.Thereliesthesolution.


29

Iuse”lieing”, themisspelledversionof theword”lying”, todenote

this movement towards rejecting the total network authentication.

Youmaydisliketheobscurityofthedistinctionbetweenlieingandlying.

Bothwordsarepronouncedthesame,andevenwhenyouseethem

written,theoddsarethatyoueitherwon’tnoticethedifference,orwill

assumethatthewritermadeamistake.Unlessyouknowthewriter

andtheirid-iosyncrasies.Theideaoflieingistouseidiosyncrasiesfor

watermarking.Theword”lieing”isanexampleofitself.

TheonlywaythatIcouldthinkoftoresistthetotalnetwork authentication

is to create multiple authentic identities. I call the general concept

creative privacy.Insteadoftryingtodamtheflowofprivatedata—a

futileeffort,itseems—,weshouldcreateanddisseminateafloodof

privatedata!

Watermarking can be used to distinguish what is authentic from

whatisnot.Yourfriends,thosewhoknowyoualready,willhavethe

informationneededtofindthewatermarks,theotherscannot.Hidden

in thetext, theword lieing isa toyexampleofsuchawatermark of

rejectionofthetotalnetworkauthentication.Onlythosewholookfor

itwillfindit.

ThisistheideaoflieingthatIwantedtotellyouabouttoday.


30

9 thAnks

In theend, I canonly try to thank thosewhohelpedme. It is truly

astonishinghow lucky Iwas tomeetallofyou.DirkvanDalenand

HenkBarendregtintroducedmetotheDutchSchoolofLogic,while

IekeMoerdijk andMartin Hyland tried to teachme some Category

Theory, as much as my lack of coordination and background

permitted. InMontreal,MikeBarr and JimLambek taughtme some

Mathematics, and back in London, Samson Abramsky taught me

someComputerScience. InPaloAlto,DougSmith taughtmesome

SoftwareEngineering,andCathyMeadowsandJohnMitchelltaught

mehowtothinkaboutsecurityprotocols,andhowtocollaborate.Bob

CoecketaughtmeabitaboutQuantumMechanics,andmychildren

Stefan,TemraandLukataughtmethatthereisnojusticeonEarth:I

wasateenagerfromhell,evenwhenIwas27,andtheyarelikeangels

(albeitoccasionallygrumpyangels),oratleastlikebutterflies.Andlast

andmostofall,mywifeAbbytaughtmethatitispossibletosettle,

andthatwecansurviveanything.

Butthen,ifyousquintalittleatthis,yourealizethatAbbydidn’treally

makemesettlebutleftherjobatStanfordandstartedmovingwithme

fromcountrytocountry.Inspiteofthebesteffortsofallofmyteachers,

thebestexpertsintheirrespectiveareasofscienceandcollaboration,

Ididn’t learnmuchaboutsecurity,oraboutQuantumMechanics,or

aboutSoftware,ComputerScience,Mathematics,CategoriesorLogic.

Ievencan’tspell.

We liveour lies. It is difficult to tell humans fromcomputers apart,

andit isevenhardertotellapartourliesfromourtruths.Butthisis

notabug,butafeatureofthesoftwareoflogics.Thisfeatureshould

be explored, and used, sincewe really need it.Moreover, the logic

of our stories is at least as interesting as the logic of our sciences

andmathematics.Justlikeouroldbeliefs,manyoftoday’sscientific


31

theories will be tomorrow’s religions, and some of today’s dreams

and fantasies will be realized. The distinction between science and

fantasy, between fact and fiction, between the lies and the truths

—isabitofa lie itself.Thedistinctionbetweenournightmaresand

daydreams on one side, and the reality on the other side, is itself

sometimesanightmare,sometimesadaydream,andonlysometimes

itisreal.DidI,likeChuangTzu,dreamthatIwasabutterfly,ordida

butterflydreamthatshewasaprofessor,andthatsheworeablack

toga, and gave an inaugural lecture in Enschede, on the obscure

topics of lieing? And how cartesianwas her introspectionwhereby

sheintheendreachedthewell-knownconclusion:”Ik heb gezegd”?


Logics of authentication, lieing and obscurity · Logics of AuthenticAtion, Lieing And obscurity...

Documents

Transcript of Logics of authentication, lieing and obscurity · Logics of AuthenticAtion, Lieing And obscurity...