How to make the Internet secure
Phillip Hallam-Baker <phill@hallambaker.com> Wed, 01 February 2017 17:53 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 123441294DD for <ietf@ietfa.amsl.com>; Wed, 1 Feb 2017 09:53:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.596
X-Spam-Level:
X-Spam-Status: No, score=-2.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ogkgj9_UtwyS for <ietf@ietfa.amsl.com>; Wed, 1 Feb 2017 09:52:59 -0800 (PST)
Received: from mail-wm0-x22a.google.com (mail-wm0-x22a.google.com [IPv6:2a00:1450:400c:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BEF661294CF for <ietf@ietf.org>; Wed, 1 Feb 2017 09:52:58 -0800 (PST)
Received: by mail-wm0-x22a.google.com with SMTP id t18so31159196wmt.0 for <ietf@ietf.org>; Wed, 01 Feb 2017 09:52:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:from:date:message-id:subject:to; bh=Dp1k30oAAxrUWD9fA8V6hR+AhrNuTwFbil30dRFgocg=; b=SvdHUmS0I1uPGg33bX/boqlNfj2VdBMpxe/vYHUYUoH+Mbs3bhjLTuvqO47Buv+dhG +rwc96Q1OUXKhKtTDEG7O+fkFegduU5LfQP7NxRjtdF3VHmn8WWGkIPJFd8Qp862yDIO dLnn4XB/CX51XNyG16xiIKOVAlgRebwG0UvkV4P+A+QUy+5yA+H6EMW7Ofi8mFxACMNW aUr+BenQA8H+DstBNZ0S2tNaqTADks1WpgorrytCvUVDPhom97Nx6f3AoqySQ8YJRtLp BHjqJoXXNAmk8coy5EW9P4Ui6Kw2acVNqTu0RIwRFcqyNfOn/6iqteBH64GoJuIl/e3Z B/sw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to; bh=Dp1k30oAAxrUWD9fA8V6hR+AhrNuTwFbil30dRFgocg=; b=lDtqTGFtmwokB3/xcIXM6LmdIZlJRHpxAeBsBIcU6SOd3NQvuwR8826xMX01cr13kd 13oeIkts3xp5ktkEawoQCpOSpEoVdFp6iIijpxO0TEnvrPF2P9hkKPfLf29nGxnqptS4 cQWDcoQu9Noq1p26lJH812Xtn6dCMRjJKRUxVhWH9w+hDagN6jpUpEUa4ImEdCyXLOhb EIgmofjI+vDFazXcrbfuTH4+6J+6qjXFTJszFVC87RAk6KjYeNyBb3haYYYgDoQMhzTb RL9OZfU4A49MshfngSOicFZCt64ObK6vTQJBoX4Z3Os9SkxgM19W+JaFUnXuom6wqI8l Vx4Q==
X-Gm-Message-State: AIkVDXJeSIwokaggPqsrnVxPd1CbkbldCSEFfvww077WAyNJDhXQJt3gC0OWFORZnvdIoZSD9VqjXEq4PoH6eA==
X-Received: by 10.223.155.197 with SMTP id e5mr3671583wrc.133.1485971576853; Wed, 01 Feb 2017 09:52:56 -0800 (PST)
MIME-Version: 1.0
Sender: hallam@gmail.com
Received: by 10.194.221.6 with HTTP; Wed, 1 Feb 2017 09:52:56 -0800 (PST)
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Wed, 01 Feb 2017 12:52:56 -0500
X-Google-Sender-Auth: tTXsCqn4MISox5RlQQC3gU4Se-Q
Message-ID: <CAMm+LwhYoEF=hsh-XuEWfU4eRgWrujzNgD2cdU3BGp8-YUucPQ@mail.gmail.com>
Subject: How to make the Internet secure
To: IETF Discussion Mailing List <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c1b4e60fc220a05477bb7b1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/PD6XmVtPW1vcSMKazOBcUofSYqw>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Feb 2017 17:53:02 -0000
One of the big problems I have found in trying to argue for ways we can improve Internet security is that there are two camps. The incrementalists will only look at solutions that provide an improvement on the status qujo in one area and the perfectionists insist that any solution that does not solve every possible problem isn't worth considering. How about we do both? Also to save time: * Yes, I understand the deployment problem very well, I worked with the guy who solved the network hypertext deployment problem after 20 years of people failing. * Yes, everything is end to end secure, * Yes the transport is also secure to prevent metadata attacks. * Yes it works with OpenPGP * Yes it works with S/MIME * Yes you can use it with SMTP/IMAP/POP * Yes you can use it with Jabber * No, you do not have to use a CA * Yes, you may use a CA where a CA adds value * Yes, I have considered the lock in problem * Yes, you can bolt in your own trust model * REST/HTTPS/JSON. * AES/RSA/DiffieHelman, moving to CurveX for production. * Yes it is unencumbered, apart from one part which will unlock this year. * Yes I have a strategy for QRC * No, it is not a walled garden * Yes, you can adapt the system to use escrow cryptography but not without the parties knowing so this is a frontdoor, not a backdoor. * My employer sells endpoint protection systems, the Mesh is not a substitute for endpoint protection, thank you for your interest. * Reference code runs on Windows, Linux and should run on OSX. It is all MIT license, so are the protocol compiler tools. * Yes, it is easy to use. In fact it is exactly as easy to use as the existing protocols because the user doesn't need to know that they are doing security * Yes it is easy to configure. * Yes, I need help, a lot of help OK so how is this possible? First observation is that we now have several protocols that provide users with end to end security that are really easy to use. The only real problem I have with those systems is that they operate inside walled gardens. They are not going to be a replacement for email. Second is that public key cryptography is now cheap in terms of both cost and performance. We couldn't do very interesting crypto in the 90s because machines bogged There are three contributions made by the Mathematical Mesh: 1) An infrastructure for managing and using client keypairs. Adding cryptography to a protocol is actually quite easy when both parties have public keypairs. So if we have an infrastructure that allows a user to 'glue' all their devices together into a personal mesh such that they all have keypairs provisioned for each cryptographic purpose they might need them for, cryptography becomes really easy for the user. 2) Extend a direct trust model into the DNS We all know about TOR and onion routing. Well what if I could have an email address that included my OpenPGP fingerprint? Well we can. Just use the xx-- DNS label prefix to mark the fingerprint as not an ICANN DNS labnel and we can make the fingerprint the TLD: alice@example.com.mm--MBTVK-ZKCWT-KHMTE-XM3I7-GSQNK-MLFYE This means, 'only send mail to this address in compliance with a policy signed under the fingerprint MBTVK...' Said policy could be an OpenPGP key or it could be a Mesh mail profile. 3) Use of Proxy Re-Encryption (Recryption) HTTPS provides end to end encryption between the user's client and the web site serving the content. Using Proxy Re-Encryption we can provide end to end encryption between the content creator and the user's client. This is the part of the system that will be locked until late this year, (not that I am sure the patent is valid, why bother checking when it expires) We all know that two key cryptography is better than one. It is better because encryption and decryption are different functions and using separate keys for separate functions allows these to be done by different parties. Recryption is three key cryptography and it is better than two key for the same exact reason. Using recryption allows us to develop protocols in which Alice is able to publish a single encryption key but read her email on three different devices, each of which has a separate decryption key so that she can mitigate the risk if one of the devices is lost. Job one is making it easy to manage client side keys. Once we have that infrastructure, all else becomes straightforward. My original goal with the Mesh was to make it easy to configure S/MIME and OpenPGP. David Clark asked me to add SSH which I immediately realized could be the killer app because the big problem with configuring SSH is that if you do it to a machine at a remote site, 1000 miles away and you screw up, someone has to get on a plane to fix it. However, any infrastructure that allows mail application to say 'here are the encryption keys to use to send mail to me and when to use them' can also say 'I accept JSON format nextgen mail'. So this is an infrastructure that allows us to lock down the legacy email systems as best as can be managed but also eliminates the biggest barrier to deployment of a successor system. I am looking for help to make this happen. http://prismproof.org/
- How to make the Internet secure Phillip Hallam-Baker