In a recent post, Bruce Schneier writes about the problem of authenticating credentials when it’s not common knowledge how to distinguish fake credentials from real ones. He references a story about a man being pulled over by an officer who turns out to be a fake. And as Bruce states, “There’s no obvious way to solve this.”
There are many different scenarios that represent this type of problem, and there is no solution that works for all of them. Regarding the specific situation of determining whether the cop pulling you over on a deserted road is really a copy, I’ve thought of a possible solution that might be easy to implement, though it too is imperfect.
My solution is, when you register your vehicle, you provide a passcode, that is available to police. So when they pull you over, they enter you plate number into their computer and it gives them your password. Then when they come to your window and say, “License and Registration, Please…Poopysnotface.” You know they are a real cop.
It could work, but it would only be implemented if the public thought this was a serious enough problem that it needed solving and there was enough public outcry to force implementing such a system.
Another problem is that since the passcode is tied to the vehicle and not the person, every driver would need to know it. Though for the one off instances of someone borrowing a friends car, the fact that you will just have to take the officers word without the added benefit of the passcode is probably an acceptable risk and in the case where there is more than one regular driver of the car they should all know the passcode.
So in a sense you are able to verify the officer’s credentials because part of his credentials were created by you.
Bruce also mentions a scenarion where you are on a flight and two people claim they are air marshalls. How can the general public who may not be familiar with what a real air marshall id looks like know which one is real and which is fake? A variation of the above solution could work here too.
Imagine if, before boarding a flight, all the passengers could digitally sign some token, that would be provided to an air marshall if one was going to be on that flight. Then if you could verify the real air marshall since he is the one with the token you signed.
This could work in a low tech way like this:
All passengers boarding flight 375 to San Francisco will be given a charm. Please inscribe some identifiable marking in your charm and then return it to the gate agent when boarding the flight. In the event that an air marshall is on this flight, he will be provided with a charm bracelet containing these charms.
If during the flight any person claims to be an air marshall he must present the charm bracelet for the passengers to inspect.
Or instead of a charm bracelet you could mark up a playing card which will be placed into a deck of cards and given to the marshall. Let’s just hope the imposter isn’t a magician.
Of course my examples are meant to be silly here, but I think this pattern has potential for situations like this.