Call for Questions: Dr. Stefan Brands, cryptographer, public key infrastructure expert

Posted 22 May 2002 at 17:59 UTC by pkiforum Share This

We have arranged to interview Dr. Stefan Brands, an internationally-recognized cryptographer and an expert on public key infrastructure, electronic credential systems and electronic cash. He is also author of the book "Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy" (MIT Press).

He has agreed to answer questions from the public about digital security, public key infrastructure, electronic credentials, trust systems and related topics. Post your questions here or e-mail them to

If you need inspiration you can look at our interview with Dr. Eugene Spafford

For those of you unfamiliar with Brands' work a brief biography follows.

Dr. Stefan Brands is an internationally recognized cryptographer whose work focuses on privacy. The major areas he has worked on include private cash, for online and offline use, and privacy-enhancing credential systems to replace current PKI designs. Dr. Brands completed his undergraduate degree in mathematics at the University of Utrecht and received his Ph.D. from the Technical University of Eindhoven in 1999.

From February 1992 until February 1996 he was affiliated with the Center for Mathematics and Computer Science (CWI) in Amsterdam. His research during this period focused on the design of privacy-protecting electronic cash systems, and resulted in a number of publications. The electronic cash system he published in 1993 (and extended and improved later on) forms the core of a full-fledged system implemented and tested by CAFE, an ESPRIT project with 13 academic and commercial member organizations from seven European countries. Dr. Brands has presented his work for many institutions and companies including MIT (Boston), ETH (Zurich), ENS (Paris), AT&T (New Jersey), IBM (Zurich), Johan Wolfgang Goethe-University (Frankfurt am Mainm), and the University of San Diego.

From 1996 until mid-1998 Dr. Brands pursued several commercial opportunities related to his technology, and performed consultancy in the area of electronic cash. Following this, Dr. Brands spent a year working on his thesis and a book on electronic cash.

Dr. Brands' thesis "Rethinking Public Key Infrastructures and Digital Certificates -- Building in Privacy" dealt with the much broader topic of privacy in electronic communication and transaction mechanisms, and was written completely from scratch. It describes techniques that are generalizations, extensions, or improvements of Dr. Brands' electronic cash techniques, as well as an array of completely new privacy and security techniques. The reading committee for his thesis included two of the world's leading cryptographers -- Adi Shamir (Weizmann Institute of Science) and Ronald L. Rivest (Massachusetts Institute of Technology), two of the three co-founders of RSA Data Security.

Dr. Brands is the owner of eight international patents on electronic cash and digital certificates. In February of 2000 he joined Zero-Knowledge Systems, a developer of Internet privacy and identity-management systems, as Distinguished Scientist to further develop and implement electronic cash and private credential systems for the online and physical worlds.

Dr. Brands is an Adjunct Professor at the McGill University School of Computer Science in Montreal, Canada.

In January this year Dr. Brands co-founded the start-up Credentica, which builds on his ideas.

Chicken & Egg, posted 23 May 2002 at 17:45 UTC by bbense » (Journeyer)

How do you address the chicken and egg problem of PKI? What I mean is that PKI infrastructure is relatively expensive to set up and maintain as single domain island. The extra costs can only be justified if PKI gains you access to a larger global (cross-domain ) security infrastructure.

As yet this larger infrastructure does not exist in any meaningful way. What do you think can be done in the long and short term to make PKI a worthwhile investment?

- Booker C. Bense

PKI is a bad joke, posted 24 May 2002 at 03:15 UTC by vab » (Journeyer)

First, the standards are all a mess. Second, it's not something you can really implement in the real world because there's no good clear ROI. It just doesn't make sense for anyone to use a micro scale PKI system. Hence, there's no market and demand for the technology. PKI in its economy of scale remains out of reach and any attempt at deployment has to start from near absolute zero and fight bad patents all the way up.

As someone who works on crypto software for the Free Software Community, I'd like nothing more than to see the idea of traditional PKI disappear along with all the dirty useless corporate standards that don't even exist as implementations in the real world.

I wish advogato had negative certs so I could mod PKIForum down. The account isn't even a person, it's a lame marketing spambot for a couple guys trying to make a buck off a useless vapor technology.

If this looser Dr. Brands and his buddy Spam-ford are such great computer scientists why do they need to continually spam a community of free software developers to sell some lame book?

I should know better than to respond to a troll, but...., posted 24 May 2002 at 05:21 UTC by pkiforum » (Journeyer)

Hundreds and thousands of subscribers and visitors to our site -- computer scientists and researchers, developers, military and financial cryptographers, infosecurity specialists, technology officers, major governmental organizations, financial institutions and even Advogatans -- disagree with vab (and we reach only a small fraction of people involved in the PKI field). They have invested their considerable talents, efforts and intellects (not to mention many millions of dollars) in building and implementing PKIs. It seems that there is a good, clear return on investment (ROI), even if vab can't see it.

Question to vab: What do you mean when you say PKI?

I'd suggest that vab do a lot more reading before making sweeping prounouncements that have little (if any) basis in fact. I suppose he can be forgiven for not knowing who Stefan Brands is, but for someone who says he is involved with crypto/security software, vab's ignorance of who Eugene Spafford is -- and the insulting reference to him as 'Spam-ford' -- is surprising.

As for not being a real person, I can only assure vab I am.

As an aside, I agree with vab that it would be nice if Advogato had negative certs so the users could mod down rants like vab's. Nobody needs to be subjected to them. That kind of noise is why many here left Slashdot.

Now, if we can get back on topic, there's still time for Advogatans to post or submit their questions. Thanks to those of you who have already posted here or e-mailed us -- we've received some interesting ones and we should be able to squeeze in a few more.

On the subject of self-promotion, posted 26 May 2002 at 00:45 UTC by raph » (Master)

The attack-resistant trust metric at the core of this site was originally developed as part of a PKI design intended to avoid the single point of vulnerability problem in classical CA's.

Are these single points of vulnerability a serious problem in reality?

Are users (particularly businesses) comfortable with them as long as there is a clear party to be held accountable?

Do you hold out much hope for "web-of-trust" approaches to PKI?

Do you think automated trust computations (especially the attack-resistant breed) are relevant?



CIO Magazine: PKI: Only Mostly Dead, posted 29 May 2002 at 01:03 UTC by vab » (Journeyer)

PKI is long dead. Corporate and personal greed in the form of bad patents and bad standards killed it. People who actually write code have known that for a long time. There's some false hope out there, but PKI is dead.

"RIP PKI. Why a security platform never took off PKI is dead. Mercifully. PKI arrived as a gimpy pony in the first place, and by now we are pretty tired of beating a dead horse.

If you think it seems naive to summarily dismiss an entire platform, I would agree. Writing its obit wasn't my idea. It was a leading PKI vendor's idea."

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!

Share this page