If you are fortunate enough to tour the Fort Worth campus of the United States Bureau of Engraving and Printing, you’ll get a primer on the techniques the BEP uses to make it difficult to replicate U.S. paper currency. But if you ask the staff of the BEP’s on-site museum to name the discipline that comprises these techniques, the answer you’ll get is “counterfeiting deterrence.” Such a cumbersome designation is unfortunate, because it’s hard to fully develop and appreciate an idea for which we lack a nomenclature.
And this matters because these concepts are relevant, often vital, to all kinds of interactions we have both in the physical world and the digital realm. My goal is to establish a taxonomy, demonstrate the crucial importance, and propose some best practices in applying these ideas to software design.
Let’s start with a wieldier name for this discipline: antiforgery.
⚓︎︎Security, Cryptography, and Antiforgery
A student of the software industry might, at this point, be confused. Aren’t these practices, in the software world, just called security? Moreover, aren’t the digital equivalents of the BEP’s myriad printing techniques just cryptography?
In fact, in BEP jargon, “security” is synonymous with counterfeiting deterrence; with what we’re calling antiforgery. But outside of currency design “security” has a much broader meaning. A bank has security concerns that go beyond forged currency or documents. Such as, quintessentially, robbery.
And in the software field, a lot of what we call “security” is focused on threats that are more like robbery than counterfeiting and defenses that are more like locksmithing than intaglio printing.
So “security” is too broad. What about “cryptography”? While much of cryptography is certainly devoted to antiforgery, a lot of it is devoted to secrecy also. But there’s a bigger gap we need to examine, and to do that, let’s go back to currency design.
⚓︎︎Technical vs. Practical
The antiforgery techniques implemented by the BEP actually have two distinct goals: one technical, and one practical. The technical goal is to make it difficult to exactly replicate currency. The practical goal is for any attempt at replication to alert even the casual observer.
Technical antiforgery requires exclusive access, knowledge, skills, materials, or technologies which are unavailable to a would-be counterfeiter. Practical antiforgery uses those technical capabilities to produce hard-to-replicate elements that are tangible and unmistakable.
Cryptography, then, can provide technical antiforgery, but it is ultimately up to user interfaces to deliver practical antiforgery.
It’s all too easy, however, for conversations about antiforgery to both start and end with the technical. This makes sense where intractable technical failures exist, as they do for personal checks, caller ID, and email. After all, it is usually incoherent to seek practical antiforgery in the absence of a technical foundation.
But too often, even when an industry spends billions of dollars solving the technical problems, the practical side is neglected. In reality, technical antiforgery without practical antiforgery is also often moot.
Those boffins at the BEP know it’s not feasible to have an expert (or a sophisticated machine) examine every bill in every cash transaction. It’s not enough to make forgery difficult or even (technically) impossible: we also must make authenticity obvious. We need practical antiforgery.