The December 2022 issue of IEEE Spectrum is here!

Close bar

Tackling the Future of Digital Trust—While It Still Exists

Can the social web serve as ID? Is biometric identification over? Do we need new, national IDs?

4 min read
Tackling the Future of Digital Trust—While It Still Exists
Illustration: iStockphoto

Last week, some 50 cybersecurity experts and observers took on a unique challenge: imagining a future in which bad things have happened in the digital world, and figuring out how to recover from them. The event, designed to help form solutions to problems before they happen, rather than in a panicked reaction afterwards, was sponsored by the Hewlett Foundation and run by the Rand Corp. and the University of California at Berkeley’s Center for Long-Term Cybersecurity.

In the second of two workshops (I wrote about the first workshop, on IoT security, here), the participants, split into groups of eight or so, tackled the idea of digital trust. Among the important questions were: When digital trust is broadly compromised, how do we rebuild it? and How do people identify themselves in the meantime?

Here’s the scenario that kicked off our deliberations:

It is March 2021, and the trafficking of medical records is commonplace. Just last year, a four-year-old girl died after ER physicians administered a medication to which she was allergic. Her medical records had been stolen and sold, and the information had been modified to fit the profile of the buyer’s daughter. We also learned last year that the Drug Enforcement Authority IDs issued to about 100 doctors—the credentials that let them sign electronic prescriptions—were stolen. Looking back at recent events, we remember when the theft of electronic medical records—like the 2015 breach of 90 million health records held by Anthem and Premera—shocked us. (Though that 2015 data breach was folded into our cybersecurity fantasy scenario, it was, of course, not fictional.) 

Internationally, in 2018, local elections in India were disrupted when people with Muslim or Sikh surnames were turned away from the polls because their voting registrations had been deleted. In the U.S., a Department of Motor Vehicles database hack compromised 10 million driver’s license records. One state, fearing that imposters would vote multiple times in a close statewide election using phony credentials, reissued new licenses to all drivers in that state.

And, in early 2021, auditors discovered randomly added small amounts, on the order of pennies, to countless transactions at credit and debit clearing providers, with over $100 million stolen and systems shut down for a day to fix. Also in 2021, all three credit reporting agencies were hacked, with false histories created, and real histories altered. Finally, the Electronic Payments Network and the Automated Clearing House, both organizations that process transactions between financial institutions, was hacked. The hack was quickly discovered and patched, but the fix was bungled and phony transactions still went through—to the tune of billons of dollars. At this point, the clearinghouses are manually checking all transactions, slowing the system horribly. People are lining up at banks and ATMs looking to get their hands on cash, and paycheck and other automatic deposits are erratic.

That was the dire scenario. The challenge: Figure out how to restore and maintain trust in the global economy.

[shortcode ieee-pullquote quote=""This is like climate change. We are too far along to prevent bad things from happening in the future; we can just try not to make it worse."" expand=1]

My team focused on considering how people can identify themselves when the most common form of identification—the driver’s license—is no longer trusted. The group quickly eliminated the possibility of using biometrics, reasoning that, in this world, you’d have to assume that biometric data was also compromised. Instead, we talked about an expanded and automated form of multifactor authentication, in which cell phone location data and general behavior is used to identify people. This, of course, would trade off privacy for more secure identification. We also talked about financial records verification that would push a bit of a burden on the user—that is, pushing transactions information to a personal ledger, perhaps kept on a cell phone, to enable quick checks of credit card and other statements. And the group proposed a national consortium—a U.S. Trust Service similar to the U.S. Digital Service—that would help companies share best practices and work on building authentication tools.

Other groups suggested:       

  • Issue a Common Access Card (CAC) to every citizen. These smart cards are used by the military for identification; blanks, one participant reported, are stored around the country.
  • Create webs of trust. Develop a mobile phone app that links nearby users via NFC and asks them to sign off on the identity of people they know; use this information to create a social graph verifying identity; weaken the authority of people who seem to casually sign off on identities.
  • Use DNA to establish persistent identifiers of individuals
  • Create insurance policies for breaches of information that are not monetary, similar to the FDIC’s insurance on bank accounts
  • Let consumers freeze certain financial transactions. Allow a person to say, for example, that they are not going to buy a house, or make a certain sized withdrawal, for some number of years
  • Make two-factor authentication mandatory.
  • Issue each individual a public/private key pair at birth

Finally, one team expressed what seemed to be a common sentiment—that the best thing one could do is already impossible.

“We should go back to 1995 and get this right. This is like climate change, we are too far along to stop bad things from happening in the future; we can just try not to make it worse. We have already gathered too much personal identity information in insecure databases; the rupture will happen. When it does, we just have to make sure we don’t gather more information in response that makes it worse.”

Rand will publish the full details of these deliberations later this year.

The Conversation (0)

Metamaterials Could Solve One of 6G’s Big Problems

There’s plenty of bandwidth available if we use reconfigurable intelligent surfaces

12 min read
An illustration depicting cellphone users at street level in a city, with wireless signals reaching them via reflecting surfaces.

Ground level in a typical urban canyon, shielded by tall buildings, will be inaccessible to some 6G frequencies. Deft placement of reconfigurable intelligent surfaces [yellow] will enable the signals to pervade these areas.

Chris Philpot

For all the tumultuous revolution in wireless technology over the past several decades, there have been a couple of constants. One is the overcrowding of radio bands, and the other is the move to escape that congestion by exploiting higher and higher frequencies. And today, as engineers roll out 5G and plan for 6G wireless, they find themselves at a crossroads: After years of designing superefficient transmitters and receivers, and of compensating for the signal losses at the end points of a radio channel, they’re beginning to realize that they are approaching the practical limits of transmitter and receiver efficiency. From now on, to get high performance as we go to higher frequencies, we will need to engineer the wireless channel itself. But how can we possibly engineer and control a wireless environment, which is determined by a host of factors, many of them random and therefore unpredictable?

Perhaps the most promising solution, right now, is to use reconfigurable intelligent surfaces. These are planar structures typically ranging in size from about 100 square centimeters to about 5 square meters or more, depending on the frequency and other factors. These surfaces use advanced substances called metamaterials to reflect and refract electromagnetic waves. Thin two-dimensional metamaterials, known as metasurfaces, can be designed to sense the local electromagnetic environment and tune the wave’s key properties, such as its amplitude, phase, and polarization, as the wave is reflected or refracted by the surface. So as the waves fall on such a surface, it can alter the incident waves’ direction so as to strengthen the channel. In fact, these metasurfaces can be programmed to make these changes dynamically, reconfiguring the signal in real time in response to changes in the wireless channel. Think of reconfigurable intelligent surfaces as the next evolution of the repeater concept.

Keep Reading ↓Show less
{"imageShortcodeIds":[]}