-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 lynX's review of the upcoming Web conference in London. Interesting and funny as well. Except GNS is not a DHT, but a name system that uses a local name root with global-secure-non-memorable cryptograhic public keys optionally available over a DHT--that is you can exchange them with people, and/or advertise them to the DHT, and local-secure-memorable aliases under the .gnu top-level domain, whose root authority is you.
See also https://www.w3.org/2014/strint/report.html == hk - -------- Original Message -------- Subject: [secu-share] What STRINT has to offer... paper review Date: Sat, 8 Feb 2014 23:38:49 +0100 From: carlo von lynX <[email protected]> To: [email protected] Maybe I was a bit too loudmouthed in my post to secushare-announce. Let's look at those papers at https://www.w3.org/2014/strint/report.html more closely and see if anything has a similar spirit or otherwise a chance of fixing the net. Surely the list of authors is impressive. //// 1. Privacy Protected Email | Phillip Hallam-Baker adds fingerprints to the email address. addresses one fundamental critique that has been articulated for over a decade - the public key MUST be part of the routing strategy to help protect against impersonations. still, it's email - therefore the other 14 reasons not to start using PGP still apply. not to mention S/MIME. Sorry, I will skip a lot of papers because they are just too many... 2. Opportunistic Encryption for MPLS | Stephen Farrell, Adrian Farrrelll 3. Overcoming the Friend-or-Foe Paradigm in Secure Communication | Sebastian Gajek, Jan Seedorf, Marc Fischlin, Oezguer Dagdalen 4. Flows and Pervasive Monitoring | Ted Hardie 5. BetterCrypto.org Applied Crypto Hardening | Aaron Zauner, L. Aaron Kaplan 6. A Complimentary Analysis | Andrei Robachevsky, Christine Runnegar, Karen O'Donoghue, Mat Ford 7. Trust Issues with Opportunistic Encryption | Scott Rose, Stephen Nightingale, Doug Montgomery 8. Challenges with End-to-End Email Encryption | Jiangshan Yu, Vincent Cheval, Mark Ryan 9. Strengthening the path and strengthening the end-points | Xavier Marjou, Emile Stephan, Jean-Michel Combes, Iuniana Oprescu 10. SIP is Difficult | Jon Peterson 11. Thoughts of Strengthening Network Devices in the Face of Pervasive Surveillance | Dacheng Zhang, Fuyou Miao 12. Opportunistic Encryption for HTTP URIs | Mark Nottingham 13. CyberdefenseÂOriented Multilayer Threat Analysis | Yuji Sekiya, Daisuke Miyamoto, Hajime Tazaki 14. A Threat Model for Pervasive Passive Surveillance | Brian Trammel, Daniel Borkmann, Christian Huitema 15. Why Provable Transparency is Useful Against Surveillance | Ben Laurie 16. Withheld A surprise guest with a surprise opinion! :-D 17. Monitoring message size to break privacy - Current issues and proposed solutions | Alfredo Pironti Some serious scientific talking on security issues here. How to improve encryption so that statistical analysis will not give us trouble. The author proposes some extensions and improvements to TLS which sound similar to strategies that have been employed by GNUnet and other tools. I think fundamentally the usage patters have to change. Pond is a nice demonstration on how e-mail can be a lot more secure if it drops the requirement to be immediate. The web could be a lot more anonymous if it was a push medium rather than pull. Multicast is a very natural way of providing better privacy. As long as browsers try to fetch things in real-time, Tor can only do its best. So the architecture of the web is fundamentally b0rked and should only be used when inevitable. 18. Withheld Another one. Very curious about these. :) 19. Making The Internet Secure By Default | Michael H. Behringer, Max Pritkin, Steinthor Bjarnason Cisco employees recommending that we can trust all of our devices because they will come with certificates signed by the manufacturer. 20. Increasing HTTP Transport Confidentiality with TLS Based Alternate Services | Patrick McManus 21. Balance - Societal security versus individual liberty | Scott Cadzow 22. Strengthening the Extensible Messaging and Presence Protocol (XMPP) Peter Saint-Andre Honest summary of the sorry status of the XMPP network. Respect. 23. The Internet We Want or the Internet We Deserve? | David Rogers 24. Beyond Encrypt Everything: Passive Monitoring | Mark Donnelly, Sam Hartman 25. Examining Proxies to Mitigate Pervasive Surveillance | Eliot Lear, Barbara Fraser 26. Spontaneous Wireless Networking to Counter Pervasive Monitoring | Emmanuel Baccelli, Oliver Hahm, Matthias WÀhlisch 27. Is Opportunistic Encryption the Answer? Practical Benefits and Disadvantages | John Mattsson 28. Clearing off the Cloud over the Internet of Things | Carsten Bormann, Stefanie Gerdes, Olaf Bergmann Carsten wins the award for best backronym: "state-level tenacious attackers with significant infrastructure (STASI)" He presents ten laws of "clear sky" (as opposed to the cloud) that we can indeed agree upon, in particular number 8: "Communication must be direct between the enti- ties that actually need to communicate, with no diversion to additional parties simply for imple- mentation convenience." In the secushare scenario these laws are actually easy to abide since secushare does not delegate any trust concerning user data to any entity that isn't a final recipient. Law number 5 however is the old "open standard" thinking which we consider debatable and potentially harmful. 29. The ARPA2.net project; Integrating and bundling hardened services for normal users | Michiel Leenars, Rick van Rein Michiel from NLnet is completely right here: We need to make tools like Tor, GNUnet or I2P the "NEW NORMAL." The new way to use the Internet so that users of these tools do not stick out in the crowd. That's why secushare is targeting Facebook as the primary application and target crowd. But then Michiel presents the "ARPA2" project being a cloud-oriented "open source solution" for old-fashioned things such as "secure mail," "key distribution" (LDAP!), "forward secrecy" (XMPP! SIP!) and even OStatus for public messaging. Basically ARPA2 is a bundling of technologies that we think are bound to disappear. Why? Because those servers accumulate large amounts of clear meta data (the social graph etc) if not actual cleartext data and are thus big pots of honey for surveillance intrusion. 30. The Trust-to-Trust Model of Cloud Services | Alissa Cooper, Cullen Jennings 31. Linkability Considered Harmful | Leif Johansson 32. Simple Opportunistic Encryption | Andrea Bittau, Michael Hamburg, Mark Handley, David MaziÚres, Dan Boneh A nice plan to add encryption by default to all TCP sessions. Very susceptible to man in the middle and does not protect meta data nor against analysis, but still better than nothing. But not better than a redesign of the Internet. 33. An Architecture for a Secure Cloud Collaboration System | Cullen Jennings, Suhas Nandakumar 34. Security and Simplicity | Steven Bellovin 35. Privacy at the Link Layer | Piers OâHanlon, Joss Wright, Ian Brown 36. Erosion of the moral authority of middleboxes | Joe Hildebrand The XMPP man at Cisco raises some hot issues concerning business interests in "middle boxes" having access to unencrypted traffic. - Caching - Enterprise policy controls - Service provider acceleration of mobile data - Advertisement insertion for "free" networks Best paragraph: "Some middlebox capabilities are currently implemented using the same mechanisms employed by attackers, including passive capturing of plaintext data, active imper- sonation, and denial of service." He concludes: "When the moral authority of middleboxes is eroded, arguments by their developers to allow unfettered access to the plaintext of traffic that traverses those boxes may be called into question. As an industry, we should look for other mechanisms to provide legitimate third-party value." Yes, and we have some ideas on how to do that. 37. Policy Responses, Implications and Opportunities | Joseph Lorenzo Hall 38. Is it time to bring back the hosts file? | Peter Eckersley The Technology Projects Director of the EFF suggesting we should, in the spirit of the pre-DNS era, share a data base of public key material worldwide, and keep it in sync on most devices. This plan probably scales worse than Bitcoin, but luckily we don't need this - we already have GNS. 39. Service concentration | Larry Masinter Larry, the man who invented the HTTP file upload form and is responsible for the ETag surveillance bug making it into the HTTP standard. He has some wise points: - Surveillance is not an "attack" - "Enryption Everywhere" can backfire. - "Enryption Everywhere" is not enough if you don't protect meta data. - "Enryption Everywhere" adds cost everywhere - Service concentration is a key factor in allowing pervasive monitoring I think we agree on all of this and have designed our tools accordingly. 40. Levels of Opportunistic Privacy Protection for Messaging-Oriented Architectures | Dave Crocker, Pete Resnick 41. What is fingerprinting? | Nicholas Doty 42. Eradicating Bearer Tokens for Session Management | Philippe De Ryck, Lieven Desmet, Frank Piessens, Wouter Joosen 43. STREWS Web-platform security guide: security assessment of the Web ecosystem | Martin Johns, Lieven Desmet 44. Pervasive Attack: A Threat Model and Problem Statement | Richard Barnes, Bruce Schneier, Cullen Jennings 45. Cryptech - Building a More Assured HSM with a More Assured Tool-Chain | Randy Bush 46. Replacing passwords on the Internet AKA post-Snowden Opportunistic Encryption | Ben Laurie, Ian Goldberg Ben from Google meets Prof. OTR. They suggest to persist Diffie-Hellman exchanges opportunistically in order to authenticate returning web customers without annoying them with having to remember passwords. It's a nifty plan but what if I want to use somebody else's computer to access Facebook? What if my hard disk crashes? Will I be cut out of my old account and have to make a new one? Why are we talking about client/server architectures anyway? 47. End-User Concerns about Pervasive Internet Monitoring: Principles and Practice | Tara Whalen, Stuart Cheshire, David Singer 48. Developer-Resistant Cryptography | Kelsey Cairns, Graham Steel 49. Kai Engert's Position Paper | Kai Engert "Attempts to control surveillance using legislation won't work." Depends on the legislation. "We rather need technical solutions that make surveillance difficult or impossible." That's the kind of legislation I promote. ;-) Kai has been proposing MECAI and DetecTor.io, which is very similar to our libcertpatrol: both are certificate pinning implementations in C. 50. Mike O'Neill's Position Paper | Mike O'Neill 51. Detecting MITM Attacks on Ephemeral Diffie-Hellman without Relying on a PKI in Real-Time Communications | Alan Johnston 52. Trust & Usability on the Web, a Social/Legal perspective | Rigo Wenning, Bert Bos 53. Hardening Operations and Management Against Passive Eavesdropping | Bernard Aboba 54. A few theses regarding privacy and security | Andreas Kuckartz We had quite some religious fights on this mailing list, but after meeting in person at 30c3 the disputes were off the table. Andreas specifically mentions projects that aim to protect the social graph (thank you). The core problem of insecure inter-server communications in federated architecture is addressed (SMTP, XMPP). 55. Meet the new threat model, same as the old threat model | Eric Rescorla Nice citation, seen from the perspective of "We used to hope we were just being paranoid" - from The Importance of Being Earnest: "It is a terrible thing for a man to find out suddenly that all his life he has been speaking nothing but the truth." Usability (1): Make it easy and automatic. Usability (2): Only make a secure version. Usability (3): Do something new or better. The man from Mozilla admits the X.509 certification authority scheme is suboptimal after all. But then concerning SSH's success "attempts to use a similar key continuity mechanism with HTTPS have seen only very limited usage." Well, you still haven't adopted CertPatrol as an official certificate pinning strategy! ... and help to handle the usability issues related to X.509. Eric concludes that server-based identification is the way of the future which leaves me hitting my head against the wall. Also, he gives up all hope on protecting meta data. 56. Itâs Time for Application-Centric Security | Yuan Gu 57. Sabatini Monatesti position paper | Sabatine Monatesti 58. Trust problems in pervasive monitoring | Melinda Shore, Karen O'Donoghue 59. Beyond "Just TLS Everywhere": From Client-encrypted Messaging to Defending the Social Graph | Harry Halpin, George Danezis Harry Halpin writes a tribute to the LEAP project. We have discussed in the past what the problems of the LEAP approach are. I kept them at http://about.psyc.eu/LEAP. What is George doing in the author list? He's a Tor developer, he should know better that the future of the Internet has something to do with DHT technology, not doctoring pre-DHT tech. 60. Network Security as a Public Good | Wendy Selzer 61. Statement of Interest on behalf of the W3C TAG | Dan Appelquist Probably a co-founder of the W3C, Dan ran an attempt to implement "One Social Web" over XMPP. With this position paper he suggests using more HTTPS with certificate pinning. The job that "Certificate Patrol" does. 62. Improving Security on the Internet | Hannes Tschofenig The chair of the workshop himself, who met and invited us at 30c3. He steers clear of controversy and presents a historic view on internet security lifecycles concluding that the deployment of technologies is insufficiently correlated to their development (especially when standards bodies are in the way ;-)). 63. Protecting customer data from government snooping | Orit Levin 64. Privacy Aware Internet Development Initiative 2014 | Achim Klabunde A point of view from the data protection authorities. 65. The Internet is Broken: Idealistic Ideas for Building a NEWGNU Network | Christian Grothoff, Bartlomiej Polot, Carlo von Loesch Here we are. Daring to say that BGP can be replaced by a DHT technology called GNS. DNS and X.509, also, by the way. And I few more drastic things. 66. Opportunistic Keying as a Countermeasure to Pervasive Monitoring | Stephen Kent //// Feel invited to fill in the gaps by reading the other papers.. :) - -- https://lists.tgbit.net/mailman/listinfo.cgi/secu-share -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJS9sBTXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFQ0IyNkIyRTNDNzEyMTc2OUEzNEM4ODU0 ODA2QzM2M0ZDMTg5ODNEAAoJEEgGw2P8GJg98ZcP/3p6PBeG0jPFu4i5ywOMCdKV bQuEp5kzDjXzjEASXrCek1+jqr5JbLSSQcdmoZtULp6KJlwnw+/JPIJSu2mbrvTH 8VLdkPrthXsbXu+9VMuWxrq/5pgDaBs2xAwQfPG+Dr25iZG4Hu4aEYiZ4tmRAZZr 9IJE3lM4x0bouqlwF8KEbzyUPkjIcgGHPwe/AuHRreeQq+Z3iELS9PUByLf8AMHa BBL2ip0bfHufahNZzUAoha57i3AigvO7ID+MGrKEbZpbHiAsfKZAMxssNjo3rvH4 xkXJ2ISLOpeUbzUG7BoFqClIyZLLwEBUPPim6ji0oKh2skBpJOaM/msWC0TomQaC SOyBnyAviuupK7x7AN06yRHWOrY2LFZqgatVxmx5suLF4dBF/333RPIDYbw4BpXC x03LT4iQdiXfpo9Qsk42f5sEgfnyo7gxa20744aKFpZMVM/I3CnMIp/lPTJNiZTJ KTQ3R4vFQs7V8TriMqSlPiuxx6HUOJpw6wbq8hzGqDTNwT7YLb1FJWQYkNoY0wie Ab6ZTym3rK1VIh0SaPEP2loYVOln/w9xWTU2e5J/pjmcEXIX5kK0utaMFrZlVAwL UQ2HpLXHOFKdLou75tQkkPNMmiPwktkg6Fz+vCF+vGhbA0ZxndtSCq/iSbEH3uD9 uiQ+Gow7cEr4SxKiJkBX =8Q0l -----END PGP SIGNATURE-----
