Re: [perpass] Cops hate encryption but the NSA loves it when you use PGP
Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 31 January 2016 18:53 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B7EA1B2BC0 for <perpass@ietfa.amsl.com>; Sun, 31 Jan 2016 10:53:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.602
X-Spam-Level:
X-Spam-Status: No, score=-1.602 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id svVz75Y5w4s2 for <perpass@ietfa.amsl.com>; Sun, 31 Jan 2016 10:53:23 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 968581B2BBF for <perpass@ietf.org>; Sun, 31 Jan 2016 10:53:23 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 99DBBBE59; Sun, 31 Jan 2016 18:53:21 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YMeL73Fd9xwn; Sun, 31 Jan 2016 18:53:17 +0000 (GMT)
Received: from [10.87.48.75] (unknown [86.42.24.192]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 4D459BE58; Sun, 31 Jan 2016 18:53:17 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1454266397; bh=fgOAdt2un1mMNgduoLtaywtMWrGB57c2cCL2Tu4hTXk=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=zZl05Lan6sqIifPeiWpLBJaOZKjcRlDJ91CZJj7iLDLnM8NxSYeN0DvUaVVc+0f99 AGFYiw/zTdZc5TjqKArViOjmsNdRvosGQlHb2MiqMBfavg/ClIjeXluPudUMIwy26A 5rbMMM3QxExQ5ng+M+zFyIasFJxY7cVuznlAfNEQ=
To: Nicholas Weaver <nweaver@icsi.berkeley.edu>, "Matthijs R. Koot" <matthijs@koot.biz>
References: <56ACE9FF.3080606@dcrocker.net> <56ACFFE5.5000506@cs.tcd.ie> <5295c0797c43debce5367771cd87fdfb.w00t@mrkoot.com> <394C9C42-5E56-4271-A90B-8486D4A16011@icsi.berkeley.edu>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <56AE581B.7050507@cs.tcd.ie>
Date: Sun, 31 Jan 2016 18:53:15 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <394C9C42-5E56-4271-A90B-8486D4A16011@icsi.berkeley.edu>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="5MT8SQiLQjaTWR6I2SmV8uaab7OV12lAN"
Archived-At: <http://mailarchive.ietf.org/arch/msg/perpass/smSvyiWT8ksBwghvABhAKdF6S4I>
Cc: perpass@ietf.org, dcrocker@bbiw.net
Subject: Re: [perpass] Cops hate encryption but the NSA loves it when you use PGP
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Jan 2016 18:53:26 -0000
Hi Nick, I had a look at the slides and while it's hard to know from just those, I didn't see too much that was new in that so far. But maybe when you build some n/w monitoring kit there may be more to report. As far as using PGP goes, I'm nowhere near as pessimistic as it you appear to be (from the slides). Given that much SMTP is now transmitted over TLS, I think the opportunity for the likes of NSA to record all the PGP ciphertext has to be have been significantly diminished. (They can still do it since much SMTP/TLS is still opportunistic but I hope the significant transitions we have already seen from cleartext to opportunistic ciphertext to mutually-authenticated ciphertext continues to evolve in the right direction.) And there is work on PGP being done now in the revived PGP WG [1] - while that is starting with modest goals, (to just update crypto), if that goes well, then there are some folks who'd love to try extend the work to address the real issues that exist with exposed non-body content. (I'm not calling it meta-data, as there's really sooooo much in the envelope that it's more than meta-data). I am sure that your (and other's) assistance with that work would very much be appreciated. So my take-aways here are: - it'd be great if folks worked on measuring the proportion and kind(s) of plain and ciphertext leaving/entering their networks and developing tooling to help us figure out what is a good next target to try to protect - reports on that would be really interesting to see on this list - more work on interpersonal messaging is needed, (e.g. with PGP, but not only that), and any of us can help with that simply by doing it. Cheers, S. [1] http://tools.ietf.org/wg/openpgp On 30/01/16 19:52, Nicholas Weaver wrote: > >> On Jan 30, 2016, at 11:32 AM, Matthijs R. Koot <matthijs@koot.biz> wrote: >> >> Hi Stephen, >> >>> Anyone got a link to Nick's slides/paper? >> >> Slides (38MB .pdf): >> http://www1.icsi.berkeley.edu/~nweaver/enigma_weaver.key.pdf >> >> Paper: does not exist ( >> https://twitter.com/ncweaver/status/693516094003281920 ). >> >> Video (20 min): https://www.youtube.com/watch?v=zqnKdGnzoh0 >> >> Regards, >> Matthijs > > And how the NSA can rip through PGP (like we know they rip through MS2) > > https://medium.com/@nweaver/extra-unofficial-xkeyscore-guide-b8513600ad24#.83bkhqx1v > > > -- > Nicholas Weaver it is a tale, told by an idiot, > nweaver@icsi.berkeley.edu full of sound and fury, > 510-666-2903 .signifying nothing > PGP: http://www1.icsi.berkeley.edu/~nweaver/data/nweaver_pub.asc >
- Re: [perpass] Cops hate encryption but the NSA lo… Hugo Connery
- [perpass] Cops hate encryption but the NSA loves … Dave Crocker
- Re: [perpass] Cops hate encryption but the NSA lo… Stephen Farrell
- Re: [perpass] Cops hate encryption but the NSA lo… Matthijs R. Koot
- Re: [perpass] Cops hate encryption but the NSA lo… Nicholas Weaver
- Re: [perpass] Cops hate encryption but the NSA lo… Robin Wilton
- Re: [perpass] Cops hate encryption but the NSA lo… Stephen Farrell
- Re: [perpass] Cops hate encryption but the NSA lo… Dave Crocker
- Re: [perpass] Cops hate encryption but the NSA lo… Stephen Farrell
- Re: [perpass] Cops hate encryption but the NSA lo… Paul Kyzivat
- Re: [perpass] Cops hate encryption but the NSA lo… Hugo Maxwell Connery
- Re: [perpass] Cops hate encryption but the NSA lo… Paul Wouters