Opportunistic Encryption to Combat Dragnet Surveillance

Posted June 29, 2013 in crypto https

The world is in shock and anger over recent revelations that NSA and GCHQ are conducting suspiciounless spying on every human with an internet or phone network connection. One of the ways they’re spying on the entire internet is by tapping the underwater fiber-optic cables that connect the continents and parsing and logging the firehose of packets as they fly by.

If we want to keep what we do on the internet private, a good way to do that is to encrypt as much of our internet traffic as possible. End-to-end encryption is hard to do right for end users because identity verification is really, really hard to scale. It’s not practical for everyone who wants to visit an HTTPS website to meet in person and read out SHA1 fingerprints for SSL certs.

The only real-world scalable identity verification system in widespread use right now is the collection of browser-trusted certificate authorities and their intermediaries. But it suffers from the problem where individuals and organizations without much power or money cannot compromise it’s security, but powerful organizations like NSA and GCHQ can easily compromise it to mount man-in-the-middle attacks.

However, I think global adversaries like NSA and GCHQ are hesitant to mount dragnet active attacks against HTTPS certificates because they run the very real risk of getting caught. If you run HTTPS Everywhere and opt-in to the decentralized SSL Observatory, your browser will warn you when the Observatory has detected a known malicious certificate (admittedly we don’t know of many malicious certs yet, but the more users we get the more likely we’ll spot attacks in the wild and can warn other about them). If you use Chrome it’s certificate pinning feature will also warn you about attacks against Google SSL certs. There are other tools out there too that make this detection possible.

If NSA and GCHQ want to eavesdrop on encrypted communications, even ones that they can easily MITM without being detected, they have to do active attacks. It can’t just be passive eavesdropping, it has to actually be modifying traffic in transit and serving malicious public keys. If they start doing dragnet active MITM attacks on large swaths of the internet they will get caught, and it will be a worse public relations and diplomatic nightmare than they’re already facing. There would be no sensible way to claim that the US wasn’t “hacking the Chinese” or, for that matter, hacking the Germans, the Brazilians, the Israelis, the Australians, the Tunisians, the Mexicans, and everyone else in the world.

But right now the web, and many other services on the internet, are still largely unencrypted. We need to fix this.

Wouldn’t it be great if every single HTTP request had automatic, opportunistic end-to-end encryption between the browser and the server? Anyone could MITM it, but at least they would be forced to do an active attack. If just a small percentage of people manually verify crypto keys, active attacks run the risk of getting caught.

Why stop at HTTP requests? Wouldn’t it be great if all TCP connections had automatic opportunistic encryption? Obviously these are enormous engineering projects that will completely break lots of technologies that people rely on, like intrusion detection systems. But I think it would be a big step in the right direction to make the internet secure from spy agencies.

It’s time we encrypt all the things.

Legacy comments, imported from previous version of this blog:

dedicated hosting

August 5, 2013 02:53 PM

Hello, i feel that i noticed you visited my site thus i came to go back the choose?.I'm trying to in finding things to enhance my site!I suppose its adequate to make use of some of your concepts!!|


July 29, 2016 07:12 PM

I haven’t picked up gloves yet, but I know they’re going to be one of the most important pieces of equipment I get for the winter. Any recommendations for waterproof riding gloves?I’m also realizing pretty quickly there’s a difference between a wet day, with a mist or a drizzle, and a rainy day with real drops. I think I’m good for the former, but woefully under-equipped (on or off a bike) for the latter.


May 17, 2017 06:34 AM

Hi Margareth, oven temp is very important with macarons – I just made some today and the oven had been turned off when I had not realized, even though I turned it straight back on they turned out cracked and with no foot – so yes I think your oven temp is the issue. Try 160 and if that does not work try a friends oven. It seems unusual to me the the oven would not go lower – it is not in degrees F is it? I am guessing not as you still managed to bake them and at 160 F they would not bake.


July 21, 2016 06:56 AM

Have you ever thought about creating an ebook or guest authoring on other blogs? I have a blog based on the same ideas you discuss and would love to have you share some stories/information. I know my viewers would value your work. If you are even remotely interested, feel free to shoot me an email.

professional web designer

December 19, 2015 05:14 PM

These tasks are to be restructured to fit into navigational concepts and structures. Obviously you're also going to need to possess the necessary equipment, as well as for something similar to this that will mean a pc and also the right web creating software for example Expensive or perhaps a similar program. ICT Quotes provides quotes for all web and graphic design companies for the provision of design services at affordable rates to the clients.


December 7, 2013 04:48 AM

Fantastic article!!

probably tcpcrypt is already a start into the direction you mention ... unfortunately not yet deployed on a wide enough scale and absent in most network nodes ... so not useful when it comes to fighting dragnet today.

Problem with https keys: Every such system of trust needs an ancher (like the CA). But nation states can easy muscle the CA into handing over they keys (or just infiltrate them and steal it). As you mention we need to make it (much) harder for them.

I spent a day in the ETSI eTrust eSecurity workshop last week, where the "future" of digital signatures was being discussed [1] (apparently). What left me disappointed was, there was NO mention of surveillance, the NSA or how to improve digital signatures, PKI, eTrust, ... in the face of dragnet. We are just about to face another revolution with IoT/M2M invading our lives and these systems will be based on outdated security models. How can the so called industry leaders discussing the future standards ignore this?

The monkeysphere (openPGP based) would be a creative alternative to the commercial CA[3]. But it's still far too complex for ordinary users to set up. As with openPGP, handling/maintaining the keys presents an unaccpetable learning curve for most.

When it comes to solving the underlying issue of trust we need to get back to our roots of what security-design is all about: trust nobody!!

If the NSA and GHCQ misbehave, it it's because they can! Any state (including Germany, Brazil, ...) will spy on it's people [4]. The only way to solve this is using more creative set-ups when it comes to structuring the contracts of data-centers [5] and cloud computing.

How come companies like google, amazon & co are incredibly creative when it comes to protecting their revenues from the IRS, yet they seem utterly useless when it comes to protecting their users data? Using a few contractual changes and simple algorithms would make it impossible for anybody to MITM. Using smarter setups would even defy complying to a local national court order when it comes to handing over user data. The reason is simply: money. If they lose money they'll fix it. Otherwise, why should they bother?

just my 2 cents, Joachim [1] http://www.etsi.org/index.php/technologies-clusters/technologies/security/electronic-signature [2] http://web.monkeysphere.info/ [3] http://lair.fifthhorseman.net/~dkg/tls-centralization/ [4] https://en.wiktionary.org/wiki/Bundestrojaner [5] http://valbonneconsulting.wordpress.com/2013/07/30/never-mind-the-nsa-because-america-is-not-a-country-its-a-business/


December 23, 2016 10:34 PM

That's an expert answer to an interesting question