[Cryptography] The role of the IETF in security of the Internet: for or against the NSA? for or against the security of users of the net?

[ianG]

...
> For HTTP/2, all of Firefox, Chrome, and IE are all doing (immediately or soon after) various degrees of http: URI's over TLS.

Yeah.  The irony is too deep for me, I'm drowning already.  Especially,
couple that above admission of shame by browser players to the comment
seen on the other crypto list about TOR leakage of SSL certs, and the
PKIX's desire to commit institutional Seppuku seems like not an overreach.



It is becoming clearer from evidence that the IETF has totally failed
the Internet community in terms of cryptography and security.  Here's
one more piece of evidence, which many will find intensely disturbing.

https://prod01-cdn02.cdn.firstlook.org/wp-uploads/sites/1/2014/03/hammer-vpn.jpg

Let's assume the following tactics of the NSA in their meta-goal of
owning the net [0]:

   1.  make sure that only very few people used cryptography.
   2.  make it spectacularly complex to use.
   3.  channel all users of crypto through TTPs.


Now, the reason for tactic #1 is a bit more subtle.  If very few people
use crypto, then those that really care are marking themselves out;
crypto is easy to spot in a harvest of plain straw.  OTOH, if very many
people use crypto, then targets aren't clearly marking themselves out,
and the NSA is forced to attack everyone equally, thus spreading their
precious expensive resources too thinly.

The choice then was whether we would make crypto into our haystack, or
whether the NSA makes crypto be their needle to us?



This is where the IETF has played the NSA game.  Thanks to the IETF's WG
platform of bringing together industry players, the emphasis is on
protecting only *those who use the product*.  Which meant that anyone
not using the product was irrelevant.  According to IETF unwritten
policy, as enforced by industry players, everyone had to pay the price
of admission in order to be considered worthy of protection.

Which, allied to tactic 2, made tactic 1 a winner.  The IETF then became
the compass that spun the needle, rendering our haystack transparent and
irrelevant.

Once the NSA separated out the people (tactic 1) who really care from
those who just do what is easiest -- thanks to the IETF and its platform
that elevated industry players to power which lead to WG obsession with
protecting the direct users^H^H^H^H^Hbuyers of its products and thus
total ignorance of everyone outside that circle -- the above slide
became possible.

1.  Collect everything [1].
2.  Pre-proccess to strip out meta-data (because it's there).
3.  Go to the TTPs and extract their cooperation.
4.  Attack the connections.

Look at the bottom right corner.  From "NSA Net" we go out through a Web
Services Gateway through some machine and out to something called CA
Resources.

Then we get "VPN attack orchestration" [2].  One that is presumably
protected by a CA's certificate.

The term "CA Resources" could refer to an internal unit, but "Web
Services Gateway" suggests it could equally well refer to direct access
to something outside the NSA's network ;-)

Either way, that slide suggests that the CAs are owned.

Which we've known for a long time from security & governance principle;
 the term CVP or centralized vulnerability party was coined at least a
decade ago by Mark Miller, from memory.  And, I can confirm from
personal experience that CAs are considered legitimate targets by the
spooks, with intent to breach [3].



The challenge then for IETF and browser players and all the industry is
not to bring the URLs into the protection of SSL, it's way too late for
that.  The challenge is how to reform their working practices such that
they serve the security of the Internet, rather than the NSA and its
insecurity mission.



iang



[0]  Those tactics are claims, but I hope we can avoid the "oh you can't
prove that, therefore you can't say it" thing these days, now that we
understand that very rejoinder is just another weapon of theirs.

[1]  I'm using English today, not the NSA's Big Brother Redefinition of
the word "collect".  See Schneier in yesterday's crypto-gram or here:
http://www.theguardian.com/commentisfree/2014/feb/27/nsa-robots-algorithm-surveillance-bruce-schneier

[2]  It turns out their use of the word attack is similar to the English
meaning of the word, which helps a lot.  Schneier again:
http://www.theatlantic.com/technology/archive/2014/03/theres-no-real-difference-between-online-espionage-and-online-attack/284233/

[3]  CAcert has a write up on its strategy for dealing with attacks of
this natuere here:
http://wiki.cacert.org/Risks/SecretCells/ThreatsAndAssumptions