[Cryptography] Moving forward on improving HTTP's security

ianG iang at iang.org
Tue Nov 26 09:49:03 EST 2013 

On 23/11/13 06:07 AM, James A. Donald wrote:
> On 2013-11-22 18:58, ianG wrote:
>> To a large extent is all comes back to WYTM? or what's your threat model?
>>
>> I'm assuming here, today, we are adding the NSA's mass surveillance into
>> the equation as a valid and important threat model.  That's an
>> assumption that can be challenged...
>>
>> If NSA mass surveillance is our threat model (addition), then the
>> solution to that is probably mass opportunistic encryption, to force
>> them to go active.
>
>
> Because powerful organizations wish to observe without being observed, a
> moderate chance of detection of active attacks is sufficient to deter,
> sufficient to reduce the number of active attacks to very low levels
>
> The more powerful the adversary, and the less powerful you, the more
> valuable information about the adversary, and the less valuable
> information about you, therefore, the less attractive active attacks
> that suffer some risk of detection.
>
> The more powerful the adversary, the less attractive active attacks are
> to that adversary.
>
> Any organization powerful enough to perform active attacks on the wire,
> is apt to be powerful enough that observation of its attacks provides
> information about the organization that likely is of more value than the
> information obtained by the attack.


Indeed.  As with all security, the game is to push the attacker to a 
place he doesn't want to go.  So he heads off for easier pickings. 
Information released in l'affaire Snowden confirms that the NSA is 
indeed economic about its operations.

It's also worth pointing out to the economically-challenged amongst the 
stakeholders (CAs and browsers) that if you can get the entire browsing 
activity over to HTTPS in opportunistic mode, then the step up to 
authenticated mode is of much lower cost.

It will likely increase the size of CA sales by an order of magnitude.

Unfortunately, in the minds of the stakeholders, an opportunistic 
encryption is a lost sale, rather than an opportunity, and must be 
attacked at all costs.  Sad failure of marketing, that one.



iang

More information about the cryptography mailing list