[Cryptography] FW: IAB Statement on Internet Confidentiality

ianG iang at iang.org
Mon Nov 17 04:00:36 EST 2014 

On 17/11/2014 04:54 am, alex at alten.org wrote:
> Hmm...the Reddit posting has had no responses.

https://www.reddit.com/r/technology/comments/2mhirs/iab_statement_on_internet_confidentiality/

Curious.  Reddit is read by geeks, I guess, whereas most of the twitter 
response I saw was less directed.  OK, that's speculative.

https://twitter.com/iang_fc/status/533407378256199680
https://twitter.com/iang_fc/status/533412858638659584

> On a more serious note, the IAB statement below opens up a whole can of
> worms.
>
> 1. The vast bulk of the Internet protocols now and in the future already
> exist. How are we going to retrofit them or somehow deal with them?  New
> secure protocols will be a tiny percentage of the installed base of
> insecure protocols.


Well, the approach is more to retrofit the key ones.  TCP is in play, 
there is a group called TCPInc which is looking at a few ways to make it 
opportunistic.  There is already a protocol fielded for that called 
TCPcrypt, which has some serious lab testing.

http://tcpcrypt.org/



> 2. You can't just encrypt/authenticate without dealing with key
> management, which adds more complexity and state to a protocol and
> supporting software.


The approach is opportunistic.  Eg., for TCP, do a key exchange startup 
using the optional extensions capability.  If that works, use it for 
packets, if it doesn't, back off to unencrypted.

Then, as a bonus, the key exchange result is made available to wider 
protocols through some undefined socket mechanism.  Applications are 
then capable of using the kex to do wider authentication.  Also, there 
is scope for saving the key and using it a new startup.  But these 
things are more for later phases.


> Is the IETF going to design a one-size fits all key
> management protocol?


Gawd no, I hope not.  They're a committee, they're not competent to do 
new work that the rest of us have failed to do.


> 3. You can't just add key management without dealing with policy
> adjudication. And you can't adjudicate without a (globally) scalable way
> to deal with the identity of humans and programs.  How do we represent
> and store policy attributes and rules? Is this beyond the purview of the
> IAB? If so, whom does the IAB coordinate with?


Let's call it beyond purview, but I'd rather say it is missing the 
point.  The goal is unauthenticated encryption, first and foremost.


> 4. You can't encrypt without dealing with legal issues, like supporting
> judicial warrants for "wire taps". We cannot ignore most (democratic?)
> societies' need to investigate crime. (I expect to get heated flame mail
> over this point.)


Wot?  I encrypt all the time without dealing with legal issues.  No idea 
what this means for a protocol, what are you going to do, arrest a 
packet and read it it's rights?


> 5. You can't successfully secure your comm links if your nodes are
> insecure.  At the very least we will need to have operating systems that
> support something like a Biba integrity model for processes.  And to do
> this we need some sort of Reference Monitor inside each OS.  How can we
> do this without hardware support?  And how do we get all the OS vendors
> to agree to secure their OS's in manner that supports these new (and
> retrofitted) protocols keying and policy needs?


Nah.  You are thinking 1990s full security models, tracing back to 
military aggressive threat models.  This is not what this is about.

This is opportunistic security, where the attacker is moved from 
pervasive surveillance passivity to an active decision making.  He must 
attack!  He must knock down the protocol if he wants to eavesdrop.  No 
more free lunches, no more rolling over and playing doggy.


> Quoting ianG <iang at iang.org>:
>
>> For what it is worth, I twittered the below statement last night, and
>> it got 2 orders of magnitude more response than anything I've ever
>> said.  I conclude that the IAB's statement has struck a public nerve;
>> there is clear approval in the public's mind.
>>
>> iang
>>
>> ps; I submit that this is a sensible top-post ;)
>>
>>
>> On 14/11/2014 13:46 pm, Salz, Rich wrote:
>>>
>>> -----Original Message-----
>>> From: IAB Chair [mailto:iab-chair at iab.org]
>>> Sent: Friday, November 14, 2014 4:26 AM
>>> To: IETF Announce
>>> Cc: IAB; IETF
>>> Subject: IAB Statement on Internet Confidentiality
>>>
>>> Please find this statement issued by the IAB today.
>>>
>>> On behalf of the IAB,
>>>   Russ Housley
>>>   IAB Chair
>>>
>>> = = = = = = = = = = = = =
>>>
>>> IAB Statement on Internet Confidentiality

More information about the cryptography mailing list