Interview: Johan Eklund and Tham Wickenberg

27 Apr 2008

Interview: Johan Eklund and Tham Wickenberg Interview with Tham Wickenberg and Johan Eklund of Primekey for the upcoming FSCONS 08 andtheir presentation: Secure communications with Open Source PKI For a little background, can you describe the general topic of your presentation and tell us what is new in the last few months? Johan : Everyday Public Key Infrastructure is very mature and easy to use by now and that is what we are trying to show in the presentation. We will briefly end the session with some notes about federation trends, electronic signatures and the brand new EU passport PKI. Can you give a summary of what you will present? Why should someone choose to come to your presentation? Tham : You should come to our presentation if you want to be sure someone is who he says he is on the internet, or if you want to communicate privately without someone evesdropping. We will present technologies that are currently being used by corporations and government agencies and show that they are available to anyone and how to use them! When you say it is easy to use, do people find it easy to understand why they have to protect their private key from more or less everything? Johan : I think most people have no problem understanding that anyone having a copy of the key could perform the same things as the original owner. If I copied your apartment keys, I would be able to access your home just like you would. It's really not much more complicated than that. In a perfect world, people would always use smartcards, so there is only one instance of the key. Have people changed attitude towards encrypting their data over the last 5 years? Johan : I would definitely say that awareness about secure communication and privacy has increased. But I also believe that phenomenas like social networking and technology for mining user data has increased even faster. GPG and the web of trust is an excellent example of a simple system that can be used for achieving better security in a distributed environment without any authority. PKI simplifies this even further when there exists a common trusted node. What is the most common misconception about encryption and the current technologies? Johan : That it's a silver bullet. Encryption always exist in some context and the weakest link will be the most likely point of failure. I mean, why bother breaking AES-256 for the rest of eternity if you can simply read the file from an unencrypted swap-disk. Encrypting emails is good to protect the data in the email, but wont protect against traffic analysis (who is communication with who, how much, when and from where). Encrypting emails is good to protect the data in the email, yet one can make pretty much analysis on a person by looking at what people he/she communicates with. Are there any discussions somewhere regarding this? Tham : I'm glad you brought that up, this is one of the things we plan to bring up during our presentation. Johan : In fact, using asymmetric encryption with a smartcard links the involved users tighter to the data and sometimes plausible deniability might be more important. So it is very important to get the threat analysis right. Do you have any comments on technology chosen for the EU passport, which was cracked some years ago? Tham : The intention has been to prevent people from changing the information on the passport not from reading the information. The signature does a very good job of making sure of this. Given the design goals I think it was a reasonable solution. Johan : I would much rather have seen that the Schengen-ID-smartcards as the new worldwide passport standard so we could use regular X509 PKI and protect the data with a PIN. But I'm not president of the world yet, so I'm stuck using a Faraday firewall for my passport. =) However I think it's a nice that the passport readers will have to authenticate themselves to the passport before releasing biometric data with the new PKI and I like the federated approach, but then again, this could have been a much simpler solution. If you look at EJBCA, which is a project you're involved in, what tools do you use to communicate between each other? Johan : We try to be as open as possible so drop by #ejbca at irc.freenode.net and join the party! We also use the developer mailing list at sourceforge. For private communication we usually use SMIME encrypted email. Tham : Also since most of the core developers are all employed by PrimeKey a lot of the communication is IRL. Where do the feature requests come from and who takes the decision on what feature to work on? Tham : Some of our users request features on SourceForge or our mailinglist. Many bigger organisations contact our company, (PrimeKey), when they need some major features and/or professional support. Johan : Bug-fixes and paying customers always have priority, but after that we try to implement as many ideas as possible from our awesome community. Tomas Gustavsson is the project lead and has the final word. Feature requests and ideas are welcome at http://jira.primekey.se , where you also can find the roadmap for our projects. How involved are you in the gpg (Gnu Privacy Guard) project? Tham : We recently helped a customer to use GPG with PKCS11 smartcards. It took a whole lot of debugging and we ended up sending a bug report and a patch to the project, but that is as far as our involvement goes. Have you looked into OpenID? Johan : Not that much. I strongly believe that there exists a need for simpler identity management on the web. I suspect that the drawback of the OpenID approach is that it's much easier to mine userdata once you have a unique identity. If we could use web-sites entirely without providing any personal information except this identifier and we trust the provider, privacy could increase. I think the Open Source Eclipse Higgins project has a very interesting approach to this subject and follows open standards by OASIS. It's definitely worth checking out. In my opinion the basic problem with the EU passport is not the encryption but rather the fact that one *can* read data from it from a distance. Using a PIN would have been good, but wouldn't it be better if the card could not been read from a distance at all? Johan : I absolutely agree. That's why I would like to see smartcard-like passports without rfid and I personally use a Faraday-cage for my passport. Using a PIN to release biometric data would at least ensure some level of consent from the owner, but the most important thing is that the readers are auhtenticated by the card. The problem with smartcard readers is that they are worn out, but they don't cost too much so I don't think this would be a huge problem. Tham : I could not agree more. It would take a little more creativity in designing the cardreaders, since we still need to be able to put ink stamps in the passport, but I think it would have been worth the extra effort. How did you get involved in Free Software and in what way is it important to you? Johan : I've always had a hard time accepting that you can own a pattern of zeros and ones. The licenses created by the free software movement works more like invention really works: invention is all about solving a problem by combining existing ideas and perhaps adding that little extra. By making more existing ideas available we can make the world better much faster. Tham : I agree, and I think that's true for science and technology as well as art and culture. Is there any other particular presentation you'll be going to? Why is that topic of interest? Johan : Well.. there is just so many.. I'm very interested in the security aspect of Fredrik Jonsson's presentation about "Ubuntu Deployment for Your Enterprise". I would also like to hear Oscar Swartz perspective on "The End of free communication?", since there is a lot more to truly free communication than just encrypting data, like e-mails. Tham : I'm especially looking forward to the free culture presentations because its the area I know least about. Original post: http://fscons.org/2008/node/81