Re: [saag] Is opportunistic unauthenticated encryption a waste of time?
Nico Williams <nico@cryptonector.com> Sat, 23 August 2014 04:05 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EDA31A6FF5; Fri, 22 Aug 2014 21:05:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.666
X-Spam-Level:
X-Spam-Status: No, score=-1.666 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VOq17MANXcJA; Fri, 22 Aug 2014 21:05:53 -0700 (PDT)
Received: from homiemail-a87.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id 7C9DC1A6FED; Fri, 22 Aug 2014 21:05:53 -0700 (PDT)
Received: from homiemail-a87.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a87.g.dreamhost.com (Postfix) with ESMTP id 3F93C26C063; Fri, 22 Aug 2014 21:05:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=cryptonector.com; bh=cBy02uYXMZytlJ voogNnClkF0a0=; b=m6QyjLa6rLQrzlkipE6uS670//KFCIiNB2qhpvz2UVRPKd UNDwN5OoqpLHZ0WC/8Pq+I777TPAuMTFN3PYyafuj65q4xSF4BZ8so/mf4GRYKDm MVz3db8l8az9aD7wWk8cy53iQ37QJWiTQLkWQaRQFJcBuTf9zlF14ZcPcsHJQ=
Received: from localhost (108-207-244-174.lightspeed.austtx.sbcglobal.net [108.207.244.174]) (Authenticated sender: nico@cryptonector.com) by homiemail-a87.g.dreamhost.com (Postfix) with ESMTPA id D691426C05E; Fri, 22 Aug 2014 21:05:52 -0700 (PDT)
Date: Fri, 22 Aug 2014 23:05:52 -0500
From: Nico Williams <nico@cryptonector.com>
To: Bernard Aboba <bernard_aboba@hotmail.com>
Subject: Re: [saag] Is opportunistic unauthenticated encryption a waste of time?
Message-ID: <20140823040550.GQ5909@localhost>
References: <53F548E5.2070208@cs.tcd.ie> <53F54F1C.1060405@dcrocker.net> <53F5D303.1090400@cs.tcd.ie> <CAMm+LwhmJpnU8E9ifA47baneGB=qjHzU_cy+wepPYLXrOhB+Pg@mail.gmail.com> <20140821160402.GT14392@mournblade.imrryr.org> <f5d8b5dc37b84f709c8f2df7c7a69daf@AMSPR06MB439.eurprd06.prod.outlook.com> <CAK3OfOgZzoXVnrE8Nbs6mwN2xD_snbzH9jT8TsYOVt8UASahYQ@mail.gmail.com> <a354d63505924d76a15b505e60e27a16@AMSPR06MB439.eurprd06.prod.outlook.com> <20140822140000.GE14392@mournblade.imrryr.org> <BLU181-W84354FE6BEF12305A2A7DB93D10@phx.gbl>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <BLU181-W84354FE6BEF12305A2A7DB93D10@phx.gbl>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/IdHRNch0Uh4TXluGNaLhaSrO9Vw
Cc: "saag@ietf.org" <saag@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Aug 2014 04:05:56 -0000
On Fri, Aug 22, 2014 at 07:13:54PM -0700, Bernard Aboba wrote: > > It used to be easy to dismiss opportunistic security as a waste of time, it is now clear to most that it is .... > > [BA] Merely a waste of money. > "Opportunistic unauthenticated encryption" that does not defend > against man-in-the-middle attacks has no value against targeted > surveillance. So if the goal is to protect dissidents, look > elsewhere. Unfortunately, the line between "targeted surveillance" > and "mass surveillance" is a thin one. For me OS is not about anti-PM, or at least not mainly anti-PM. See below. > The value against mass surveillance is predicated on the assumption > that "large scale targeted surveillance" is infeasible or that the > cost of large scale meta-data collection can be increased to the point > where it is too costly even for a nation-state. > > The first assertion, is likely to be proven false by the first gear to > include built-in man-in-the-middle attack support. Care to wager > which appears first, carrier-class gear supporting man-in-the-middle > attacks, or significant deployment of "opportunistic" encryption? MITM HW, if need be, will materialize and will be deployed. I don't doubt this. That doesn't mean that active attacks are not more costly than passive ones, or that it's not worth providing protection against passive attacks. Attackers not operating under the color of law can only really build a massive PM active attack system by building edge-most router botnets, which seems unlikely to go unnoticed, those routers almost certainly lacking the necessary CPU oomph... Therefore OS can go a long distance relative to criminals in many situations. Sovereign powers will be able to do build active PM systems, no doubt. But if the end-state for OS is something like DANE then the sovereigns will either have to MITM DNSSEC or force services to furnish them with authentication keys. Both of those are potentially very expensive politically (because they will be noticeable intrusions). If not, then they will at least be clarifying. If a nation's people don't mind their government monitoring them, they still ought to be able to get protection relative to third parties (routers, criminals, foreign powers). Nico --
- Adept Encryption: Was: [saag] DANE should be more… Phillip Hallam-Baker
- Re: Adept Encryption: Was: [saag] DANE should be … Paul Wouters
- Re: Adept Encryption: Was: [saag] DANE should be … Stephen Farrell
- Re: Adept Encryption: Was: [saag] DANE should be … Nico Williams
- Re: Adept Encryption: Was: [saag] DANE should be … Dave Crocker
- Re: Adept Encryption: Was: [saag] DANE should be … Scott Kitterman
- RE: Adept Encryption: Was: [saag] DANE should be … l.wood
- Re: Adept Encryption: Was: [saag] DANE should be … Stephen Farrell
- Re: Adept Encryption: Was: [saag] DANE should be … Phillip Hallam-Baker
- Re: Adept Encryption: Was: [saag] DANE should be … Stephen Kent
- Re: Adept Encryption: Was: [saag] DANE should be … Viktor Dukhovni
- Re: Adept Encryption: Was: [saag] DANE should be … Viktor Dukhovni
- Re: [saag] Adept Encryption: Was: DANE should be … Nico Williams
- RE: Adept Encryption: Was: [saag] DANE should be … Christian Huitema
- Re: Adept Encryption: Was: [saag] DANE should be … Nico Williams
- RE: Adept Encryption: Was: [saag] DANE should be … l.wood
- Re: [saag]: Review of: Opportunistic Security -03… Viktor Dukhovni
- Re: [saag] Adept Encryption: Was: DANE should be … Nico Williams
- RE: [saag] Adept Encryption: Was: DANE should be … l.wood
- Re: Adept Encryption: Was: [saag] DANE should be … Stephen Farrell
- Re: [saag] Is opportunistic unauthenticated encry… Viktor Dukhovni
- Re: [saag]: Review of: Opportunistic Security -03… Paul Wouters
- Re: [saag] : Review of: Opportunistic Security -0… Stephen Kent
- Re: [saag] Adept Encryption: Was: DANE should be … Stephen Kent
- RE: [saag] Is opportunistic unauthenticated encry… Bernard Aboba
- Re: [saag] Is opportunistic unauthenticated encry… Theodore Ts'o
- RE: [saag] Is opportunistic unauthenticated encry… Christian Huitema
- Re: [saag] Is opportunistic unauthenticated encry… Nico Williams
- RE: [saag] Is opportunistic unauthenticated encry… Bernard Aboba
- Re: [saag] Is opportunistic unauthenticated encry… Stephen Farrell
- RE: [saag] Is opportunistic unauthenticated encry… Bernard Aboba
- Re: [saag] Is opportunistic unauthenticated encry… Viktor Dukhovni
- Re: [saag] Is opportunistic unauthenticated encry… Stephen Farrell
- Re: [saag] Is opportunistic unauthenticated encry… Fernando Gont
- Re: Is traffic analysis really a target (was Re: … Eric Burger
- Re: Is traffic analysis really a target (was Re: … Michael StJohns
- Re: [saag] Is opportunistic unauthenticated encry… Dave Crocker
- Re: Is traffic analysis really a target (was Re: … Brian E Carpenter
- Re: [saag] Is opportunistic unauthenticated encry… joel jaeggli
- Re: [saag] Is opportunistic unauthenticated encry… Fernando Gont
- Re: [saag] Is opportunistic unauthenticated encry… joel jaeggli
- Re: [saag] Is opportunistic unauthenticated encry… Fernando Gont
- Re: Is traffic analysis really a target (was Re: … Mark Andrews
- Re: [saag] Is traffic analysis really a target (w… Henry B (Hank) Hotz, CISSP
- Re: Is traffic analysis really a target (was Re: … Ted Hardie
- RE: [saag] Is opportunistic unauthenticated encry… Hosnieh Rafiee
- Re: Is traffic analysis really a target (was Re: … Brian E Carpenter
- Re: Is traffic analysis really a target (was Re: … Nico Williams
- Re: Is traffic analysis really a target (was Re: … Eric Burger