{"id":938,"date":"2008-03-09T19:59:59","date_gmt":"2008-03-10T03:59:59","guid":{"rendered":"\/?p=938"},"modified":"2008-03-09T20:11:10","modified_gmt":"2008-03-10T04:11:10","slug":"ralf-bendrath-on-the-credentica-acquisition","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=938","title":{"rendered":"Ralf Bendrath on the Credentica acquisition"},"content":{"rendered":"

Privacy, security and Internet researcher and activist Ralf Bendrath<\/a> is a person who thinks about privacy deeply. The industry has a lot to learn from him about modelling and countering privacy threats. Here is his view <\/a>of the recent credentica acquisition<\/a>:<\/p>\n

Microsoft has acquired<\/font><\/a> Montreal-based privacy technology company Credentica<\/font><\/a>. While that probably means nothing to most of you out there, it is one of the most important and promising developments in the digital identity world.<\/p>\n

My main criticism around user-centric identity management has been that the identity provider (the party that you and others rely on, like your credit card issuer or the agency that gave you your driver's license) knows a lot about the users. Microsoft's identity architect Kim Cameron explains<\/font><\/a> it very well:<\/p>\n

[W]ith managed cards carrying claims asserted by a third party authority, it has so far been impossible, even for CardSpace, to completely avoid artifacts that allow linkage. (…) Though relying parties are not able to collude with one another, if they collude with the identity provider, a set of claims can be linked to a given user even if they contain no obvious linking information.<\/p><\/blockquote>\n

This is related to the digital signatures involved in the claims flows. Kim goes on:<\/p>\n

But there is good news. Minimal disclosure technology allows the identity provider to sign the token and proof key in such a way that the user can prove the claims come legitimately from the identity provider without revealing the signature applied by the identity provider.<\/p><\/blockquote>\n

Stefan Brands<\/font><\/a> was among the first to invent<\/font><\/a> technology for minimal disclosure or “zero knowledge” proofs in the early nineties, similar to what David Chaum did<\/font><\/a> with his anonymous digital cash concept. His technology was bought by the privacy firm Zero-Knowledge until they ran out of funding and gave it back to Stefan. He has since then built his own company, Credentica<\/font><\/a>, and, together with his colleagues Christian Paquin and Greg Thompson, developed it into a comprehensive middleware product called “U-Prove”<\/font><\/a> that was released a bit more than a year ago. U-Prove works with SAML, Liberty ID-WSF, and Windows CardSpace.<\/p>\n

The importance of the concept of “zero-knowledge proofs” for privacy is comparable to the impact public key infrastructures (PKIs) described<\/font><\/a> by Witfield Diffie and Martin Hellmann had on internet security. The U-Prove technology based on these concepts has been compared to what Ron Rivest, Adi Shamir and Leonard Adleman (RSA) did for security when they were the first to offer an algorithm<\/font><\/a> and a product based on PKIs.<\/p>\n

When I was at the CFP conference<\/font><\/a> in Montreal last May, I was meeting Kim and Stefan, and a colleague pointed me to the fact that Kim was being very<\/span> nice to Stefan. “He has some cool patents Microsoft really wants”, my colleague said. Bruce Schneier recently<\/font><\/a> also praised U-Prove, but questioned the business model for companies like Credentica. He added, “I\u2019d like to be proven wrong.”<\/p>\n

Kim Cameron is now bragging<\/font><\/a> about having proven Bruce wrong (which is hard to imagine, given the fact<\/font><\/a> that “Bruce Schneier feeds Schr\u00f6dinger's cat<\/font><\/a> on his back porch. Without opening the box”), while admitting that he still has no business model:<\/p>\n

Our goal is that Minimal Disclosure Tokens will become base features of identity platforms and products, leading to the safest possible intenet. I don\u2019t think the point here is ultimately to make a dollar. It\u2019s about building a system of identity that can withstand the ravages that the Internet will unleash. That will be worth billions.<\/p><\/blockquote>\n

Stefan Brands is also really happy<\/font><\/a>:<\/p>\n

For starters, the market needs in identity and access management have evolved to a point where technologies for multi-party security and privacy can address real pains. Secondly, there is no industry player around that I believe in as much as Microsoft with regard to its commitment to build security and privacy into IT systems and applications. Add to that Microsoft\u2019s strong presence in many of the target markets for identity and access management, its brain trust, and the fact that Microsoft can influence both the client and server side of applications like no industry player can, and it is easy to see why this is a perfect match.<\/p><\/blockquote>\n

A good overview of other reactions<\/font><\/a> is at Kim's latest blog post. The cruicial issue has, again, been pointed out<\/font><\/a> by Ben Laurie, who quotes the Microsoft Privacy Team's blog<\/font><\/a>:<\/p>\n

When this technology is broadly available in Microsoft products (such as Windows Communication Foundation and Windows Cardspace), enterprises, governments, and consumers all stand to benefit from the enhanced security and privacy that it will enable.<\/p><\/blockquote>\n

Ben sarcastically reads it like “the Microsoft we all know and love”, implying market domination based on proprietary technology. But the Microsoft we all know in the identity field is not the one we used to know with Passport and other crazy proprietary surveillance stuff. They have released the standards underlying the CardSpace claims exchange under an open specification promise<\/font><\/a>, and Kim assures us that they will have their lawyers sort out the legal issues so anybody can use the technology:<\/p>\n

I can guarantee everyone that I have zero intention of hoarding Minimal Disclosure Tokens or turning U-Prove into a proprietary Microsoft technology silo. Like, it\u2019s 2008, right? Give me a break, guys!<\/p><\/blockquote>\n

Well. Given the fact that U-Prove is not just about claims flows, but involves fancy advanced cryptography, they really should do everybody a favour and release the source code and some libraries that contain the algorithm under a free license, and donate the patent to the public domain.<\/p>\n

First of all, because yes – it's 2008, and “free is the new paid”<\/font><\/a>, as even the IHT has discovered in January 2007.<\/p>\n

Second, because yes – it's 2008, and there has been an alternative product out there under a free license for more than a year. IBM Research Labs Zurich have finished their Idemix<\/font><\/a> identity software that works with zero-knowledge proofs in January 2007. It is part of the Higgins identity suite<\/font><\/a> and will be available under an open source license. (The Eclipse lawyers seem to have been looking into this for more than a year<\/font><\/a>, though. Does anybody know about the current status?)<\/p>\n

Third, because yes – it's 2008, it's not 1882 anymore<\/font><\/a>, to quote Bruce Schneier again:<\/p>\n

A basic rule of cryptography is to use published, public, algorithms and protocols. This principle was first stated in 1883 by Auguste Kerckhoffs.<\/p><\/blockquote>\n<\/blockquote>\n

While I don't follow Ralf into every nook and cranny of his argument, I think he has a pretty balanced view.<\/p>\n

But Ralf, you should tell your friend I was being very<\/em> nice to Stefan in Montreal because\u00a0I find him very<\/em> amusing, especially with a scotch in him.\u00a0 I would have tried to get his technology into widescale use whether I liked him or not, and I would have liked him just as much if he didn't have any patents at all.<\/p>\n

I don't want to get into a “free is the new paid” discussion.\u00a0\u00a0As the article you cite states<\/a>, “Mass media given away freely or at low cost is hardly new, of course. In many countries, over-the-air television and radio have long been financed primarily by advertisers, at no direct cost to consumers.”\u00a0 So what is new here?\u00a0\u00a0When I can\u00a0apply this paradigm to\u00a0my next dinner, tell me about it.\u00a0<\/p>\n

This having been vented, I come to exactly<\/em> the same general conclusions you do:\u00a0 we want a safe, privacy-friendly identity infrastructure as the basis for a safe, privacy-friendly Internet, and we should do everything possible to make it easier for everyone to bring that about.\u00a0 So your suggestions go in the right direction.\u00a0 If we were ultimately to give the existing code to a foundation, I would like to know what foundation people in the privacy community would suggest.<\/p>\n

As for the business model issue, I agree with you and Bruce – and Stefan – that there is no obvious business model for a small company.\u00a0 But for companies like Microsoft, our long term success depends on the flourishing of the Internet and the digital economy.\u00a0 The best and most trustworthy possible identity infrastructure is key to that.\u00a0 So for the Microsofts, the IBMs, the Suns and others, this technology fits very squarely into our business models.<\/p>\n

As\u00a0for the Identity and Access group at Microsoft,\u00a0our goal is to have\u00a0the most secure, privacy-friendly, interoperable, complete,\u00a0easy to use and manageable identity products available.\u00a0\u00a0As the Internet's privacy and identity problems become clearer to people, this strategy\u00a0will attract many new customers and keep the loyalty of existing ones.\u00a0 So there you have it.\u00a0 To us,\u00a0U-Prove technology is foundational to building a very significant business.<\/p>\n","protected":false},"excerpt":{"rendered":"

“One of the most important and promising developments in the digital identity world…”<\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[52,37,24,47,40,42,11],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/938"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=938"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/938\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=938"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=938"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=938"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}