Förderverein Informationstechnik und Gesellschaft

Authenticating consumer electronic devices

21 May 1999

To: Subject: Research announcement - the resurrecting duckling Date: Fri, 21 May 1999 17:58:02 +0100 From: Ross Anderson <>

Some time ago I mentioned that we were working on some ideas which would significantly reduce the perceived requirement for central monitoring of consumer electronic equipment.

The paper's now out; it's

The Pentium 3 could have been just the tip of the iceberg. Many people have dreamed of a huge global PKI that would authenticate every PC, DVD player, hi-fi, and the like. This would be very expensive, and politically unacceptable (as the Pentium row should have made clear).

Yet the problem of authenticating consumer electronic devices won't go away. How can we solve it in a way which is both affordable and privacy-friendly?

We think we've cracked it. Our approach may also solve a number of apparently unrelated problems, such as managing telemetry keys (e.g., the key used to prevent tampering with the communications between a taxi meter and the gearbox sensor which feeds it with data).

Our design challenges a lot of the computer security community's conventional wisdom, and is also likely to challenge the assumptions being made by legislators. For example, we introduce a new kind of public key certificate, which has no name in it at all (not even a pseudonym or serial number). If bearer certificates turn out to be useful, then the law should not declare them to be invalid.