Design Goals

Eccentric Authentication has these goals:

1. Make security EASY.

This is the most important goal. It must be easy to use. So easy, in
fact, it must be a no brainer. All the difficult cryptographic bits
must be invisible. Yet, it must be there all the time, doing the
protection for you.

To make it so easy that it becomes a hassle to get it wrong.

2. Make privacy EASY.

The current security tools on the internet offer security, but no
privacy. Yet, there is a lot of demand for privacy. In fact, eveyone
expects their privacy to be respected but in reality, it’s the
opposite.

Users decide when and how to reveal their identities. Not web sites.

We make privacy the default. When you sign up for an account a web
site, you don’t have to provide any personal identifying
information.

If you don’t provide any personal details to a web site you’re as good as
anonymous. You don’t have to worry if they are going to sell out.
If a site asks for an email address, run away.

3. Eliminate the need to trust a third party to get security.

Current global certificate authorities require you to trust them to
so you can have security. The problem is that you have a Hobsons
Choice: You have to trust these CAs or you do without any security
benefits they might offer.

Trust that is forced is not trust, it’s coercion.

We replace this coercion with verification. With Eccentric
Authentication, your computer can verify that the security properties
have not been violated. That gives you the trust that you can communicate
safely. It’s completely upside down.

4. Create world wide unique, secure and yet human memorizable names, without a central authority.

That’s a whole mouthful.

Create pseudonyms that no one can impersonate.

You can write one of these pseudonyms on a business card and everyone
can retrieve the correct keys. People can look up the key that belongs
to the name and use that to write encrypted messages. Safe against
disclosure and tampering. This forms the basis for secure email,
without any difficulties.