Opportunistic Encryption to Combat Dragnet Surveillance

The world is in shock and anger over recent revelations that NSA and GCHQ are conducting suspiciounless spying on every human with an internet or phone network connection. One of the ways they’re spying on the entire internet is by tapping the underwater fiber-optic cables that connect the continents and parsing and logging the firehose of packets as they fly by.

If we want to keep what we do on the internet private, a good way to do that is to encrypt as much of our internet traffic as possible. End-to-end encryption is hard to do right for end users because identity verification is really, really hard to scale. It’s not practical for everyone who wants to visit an HTTPS website to meet in person and read out SHA1 fingerprints for SSL certs.

The only real-world scalable identity verification system in widespread use right now is the collection of browser-trusted certificate authorities and their intermediaries. But it suffers from the problem where individuals and organizations without much power or money cannot compromise it’s security, but powerful organizations like NSA and GCHQ can easily compromise it to mount man-in-the-middle attacks.

However, I think global adversaries like NSA and GCHQ are hesitant to mount dragnet active attacks against HTTPS certificates because they run the very real risk of getting caught. If you run HTTPS Everywhere and opt-in to the decentralized SSL Observatory, your browser will warn you when the Observatory has detected a known malicious certificate (admittedly we don’t know of many malicious certs yet, but the more users we get the more likely we’ll spot attacks in the wild and can warn other about them). If you use Chrome it’s certificate pinning feature will also warn you about attacks against Google SSL certs. There are other tools out there too that make this detection possible.

If NSA and GCHQ want to eavesdrop on encrypted communications, even ones that they can easily MITM without being detected, they have to do active attacks. It can’t just be passive eavesdropping, it has to actually be modifying traffic in transit and serving malicious public keys. If they start doing dragnet active MITM attacks on large swaths of the internet they will get caught, and it will be a worse public relations and diplomatic nightmare than they’re already facing. There would be no sensible way to claim that the US wasn’t “hacking the Chinese” or, for that matter, hacking the Germans, the Brazilians, the Israelis, the Australians, the Tunisians, the Mexicans, and everyone else in the world.

But right now the web, and many other services on the internet, are still largely unencrypted. We need to fix this.

Wouldn’t it be great if every single HTTP request had automatic, opportunistic end-to-end encryption between the browser and the server? Anyone could MITM it, but at least they would be forced to do an active attack. If just a small percentage of people manually verify crypto keys, active attacks run the risk of getting caught.

Why stop at HTTP requests? Wouldn’t it be great if all TCP connections had automatic opportunistic encryption? Obviously these are enormous engineering projects that will completely break lots of technologies that people rely on, like intrusion detection systems. But I think it would be a big step in the right direction to make the internet secure from spy agencies.

It’s time we encrypt all the things.

7 thoughts on “Opportunistic Encryption to Combat Dragnet Surveillance

  1. dedicated hosting

    Hello, i feel that i noticed you visited my site thus i came to go back the choose?.I’m trying to in finding things to enhance my site!I suppose its adequate to make use of some of your concepts!!|

  2. valbonneconsulting

    Fantastic article!!

    probably tcpcrypt is already a start into the direction you mention … unfortunately not yet deployed on a wide enough scale and absent in most network nodes … so not useful when it comes to fighting dragnet today.

    Problem with https keys: Every such system of trust needs an ancher (like the CA). But nation states can easy muscle the CA into handing over they keys (or just infiltrate them and steal it). As you mention we need to make it (much) harder for them.

    I spent a day in the ETSI eTrust eSecurity workshop last week, where the “future” of digital signatures was being discussed [1] (apparently). What left me disappointed was, there was NO mention of surveillance, the NSA or how to improve digital signatures, PKI, eTrust, … in the face of dragnet. We are just about to face another revolution with IoT/M2M invading our lives and these systems will be based on outdated security models. How can the so called industry leaders discussing the future standards ignore this?

    The monkeysphere (openPGP based) would be a creative alternative to the commercial CA[3]. But it’s still far too complex for ordinary users to set up. As with openPGP, handling/maintaining the keys presents an unaccpetable learning curve for most.

    When it comes to solving the underlying issue of trust we need to get back to our roots of what security-design is all about: trust nobody!!

    If the NSA and GHCQ misbehave, it it’s because they can!
    Any state (including Germany, Brazil, …) will spy on it’s people [4]. The only way to solve this is using more creative set-ups when it comes to structuring the contracts of data-centers [5] and cloud computing.

    How come companies like google, amazon & co are incredibly creative when it comes to protecting their revenues from the IRS, yet they seem utterly useless when it comes to protecting their users data? Using a few contractual changes and simple algorithms would make it impossible for anybody to MITM. Using smarter setups would even defy complying to a local national court order when it comes to handing over user data. The reason is simply: money. If they lose money they’ll fix it. Otherwise, why should they bother?

    just my 2 cents,
    [1] http://www.etsi.org/index.php/technologies-clusters/technologies/security/electronic-signature
    [2] http://web.monkeysphere.info/
    [3] http://lair.fifthhorseman.net/~dkg/tls-centralization/
    [4] https://en.wiktionary.org/wiki/Bundestrojaner
    [5] http://valbonneconsulting.wordpress.com/2013/07/30/never-mind-the-nsa-because-america-is-not-a-country-its-a-business/

  3. professional web designer

    These tasks are to be restructured to fit into navigational concepts and structures.
    Obviously you’re also going to need to possess the necessary
    equipment, as well as for something similar to this that will
    mean a pc and also the right web creating software for example Expensive or perhaps a similar program.
    ICT Quotes provides quotes for all web and graphic design companies
    for the provision of design services at affordable rates to the clients.

  4. http://www./

    Have you ever thought about creating an ebook or guest authoring on other blogs? I have a blog based on the same ideas you discuss and would love to have you share some stories/information. I know my viewers would value your work. If you are even remotely interested, feel free to shoot me an email.

  5. http://www./

    I haven’t picked up gloves yet, but I know they’re going to be one of the most important pieces of equipment I get for the winter. Any recommendations for waterproof riding gloves?I’m also realizing pretty quickly there’s a difference between a wet day, with a mist or a drizzle, and a rainy day with real drops. I think I’m good for the former, but woefully under-equipped (on or off a bike) for the latter.

  6. http://www.wowrestaurantmarketing.com/

    Hi Margareth, oven temp is very important with macarons – I just made some today and the oven had been turned off when I had not realized, even though I turned it straight back on they turned out cracked and with no foot – so yes I think your oven temp is the issue. Try 160 and if that does not work try a friends oven. It seems unusual to me the the oven would not go lower – it is not in degrees F is it? I am guessing not as you still managed to bake them and at 160 F they would not bake.


Leave a Reply to http://www./ Cancel reply

Your email address will not be published. Required fields are marked *