Interview with Werner Koch on STEED and GnuPG

During the 2012 RMLL Security topic, we are going to host two talks that will speak about about privacy and personal information management on the Internet.

The first talk will be done that will done by Jean-Yves Perrier from Mozilla. Jean-Yves will present Mozilla Persona/BrowserID project. During the second talk, Werner Koch, will speak about STEED, a project about simplifying and generalizing the usage of email encryption.

Let’s talk a little with Werner Koch, the main developer of GnuPG and g10code founder.

Question : Hello Werner. Your colleague, Marcus Brinkmann, came last year to present at RMLL a talk whose the start was "Why email encryption has failed" and that exposes the first ideas behind STEED, the project you launched in October 2011. For people who are behind GnuPG, the de facto standard for free software email encryption, "Why email encryption has failed" is a quite strong assertion. Can you explain your thoughts about it and introduce us the STEED project ?

Werner Koch : Some time ago, Marcus and me worked on crypto integration into mobile phones. That work included many long train rides and thus we had the opportunity to talk about the unusable state of end-to-end encryption. Since Phil came up with PGP 20 years ago, the technical base for proper encryption is readily available. Even today were most people are addicted to the net, usage of encryption for private communication is virtually non existent. We hackers desired to make it as good and secure as possible but we only had the maths and engineering in mind. We neglected the real world of communication: Targeted attacks by mail are very rare for most people; there is usually no man in the middle. Thus we can do without all the high security stuff we are used to. We don’t need mounted couriers with handcuffed briefcases full of keys to communicate with someone we don’t really know yet.

We looked at a couple of existing ideas like SSH and PKA to described a system to make encryption mostly invisible. STEED is our concept on how to glue these ideas together and add them to existing mail software. The basic idea is simple: If your mail program figures that you don’t have a key for your current mail account, it creates a key in the background. The public key will then be sent off to a global database. Eventually you receive a mail notification from that database that your key is now globally available. Now when you are about to send a mail, STEED capable mail programs will look up the key of the recipient in that global database. If a key was found, the mail will be encrypted; if not, it goes out in the clear. Later when you send another mail, the global database is queried as usual but the result will also be looked up in a local database, so to check whether the returned key matches the one used for the previous mail - if not a bell goes off and a quick messages explains that there is a possibility of a man in the middle attack.

Question : What step have you reached on the roadmap of the project : white paper, first proof of concept, exchange with several identity providers ?

Werner Koch : I gave several talks on the project and we did revised paper for GUUG conference this spring. LWN ran an article on it and I am glad there we have gained a bit of attention. These is not much new code because we have nearly everything implemented in GnuPG. The next step will be to to the concept to a mail client. However, before we can do that, we need to have a way to store the keys.

Question : In the white paper, the database used to store the keys is the DNS. Have you been able to exchange with some DNS providers to see if they would be OK to open their infrastructure to their users to store that kind of information ? Do you need more contacts with infrastructures providers ?

Werner Koch : Unfortunately, I had no success. I talked to some providers but the general tendency seems to be: No experiments. They expect a direct return on investment and can’t see how encryption can do this. Frankly, I understand this position. Over the last 15 years it was promised, that encryption will soon be commonly used for mail. We all know that this did not happen. It is like the paper-less office people dream for 25 years. We need to change the strategy. If there is no direct way to get the mail providers attention, we need to do setup a fallback system based on a proxy identity provider managed by us.

Question : For the Mozilla Persona/BrowserID architecture that is also going to be presented at 2012 RMLL, Mozilla manages a service to help to bootstrap the project and so, for not having to wait for a a massive openness of their infrastructure by the identity providers (intheir case, email providers). Would it be an interesting idea to reuse for STEED or not ? If yes, in what way ?

Werner Koch : Exactly. I pondered with the idea of setting up a bunch of independent identity providers below where each would take care of a partition of all mail addresses. That could be done by hashing the address, base32 encode the hash and use that as a key into the DNS. We would need to write an easy to install system to provide this infrastructure and delegate it to trusted people. Obviously Mozilla had the same idea due to the same problems. I am glad, that you pointed be towards; it is much simpler to piggyback on a similar system than to start a similar one. It even gives a better user experience. BrowserID could be an incentive to try our STEED. Technically we would implement it by looking up a special record at the canonical mail provider which indicates whether the provider is STEED compatible. If that fails, we will fallback to a based public key store.

Question : What kind of help you really need from the community in order to accelerate the project development ?

Werner Koch : First, tell your friends that mail encryption is - even in the age of Facebook - important. They may regret latter that they neglected to take care of some basic privacy. Second, take part in the system, once it has been implement. By that I mean, to actually use the system and to help adding it to more mail clients. We also need ideas to cope with spam in a decentralized way.

Question : What is your most important next project step ?

Werner Koch : Find a way to finance maintenance and development of GnuPG. This is a prerequisite to implement the STEED system.

Question : Last : you come to 2012 RMLL. What do you expect from a presentation in an event like RMLL with very eclectic attendees (free software enthusiasts, kernel hackers, sysadmins etc) ?

Werner Koch : The STEED idea is not well enough known yet. I am glad that I will have the opportunity to present it at a large technical conference and hope to gain the attention of other creative people. Talking in person is often better than discussin only by mail. I have been to RMLLs 3 or 4 times in the past and remember good talks with interesting people. It is a pity that I can only stay for 2 days.

Interview of Werner Koch done by email in June 2012 by Christophe Brocas, RMLL 2012 Security topic co chairman.