Re: [Secdispatch] [Smart] New Version Notification for draft-lazanski-smart-users-internet-00.txt

Phillip Hallam-Baker <> Fri, 12 July 2019 18:40 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B056212083C for <>; Fri, 12 Jul 2019 11:40:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.106
X-Spam-Status: No, score=-0.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.247, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, PDS_NO_HELO_DNS=1.295, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id apFTP3vZ6FrD for <>; Fri, 12 Jul 2019 11:40:52 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 70A93120499 for <>; Fri, 12 Jul 2019 11:40:52 -0700 (PDT)
Received: by with SMTP id a127so8018102oii.2 for <>; Fri, 12 Jul 2019 11:40:52 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=goZ1W/qUS37NwsTXBe/YvFKXHRR+lVSncml/c9V2Nlo=; b=UvQV/c3lS48pAzRDRwQpp35Om9jhrzmI0pfyjTtuolE5T9y1A14wyRjCQF6srvqrCY YPF9MuV7/ryiLGM9P6Bq/F2CHt1/APlsdWgTgOa2kI6G+FohjhsEioIf5QLd27A1ynxY uReG8jhyYVLveRHHwU5WTu5NkEsrNcVHazbhjO0XBDBMk3eyDnOomX4X8OIknzwiUEju 35s6JOaWb0gzfAN2HeXKhlj1SqvH7lOrMKwGYJqinDAfRefF9pRVrRDM56NMr0YQXx4t DaJp3nrHvFHZFmLf4ZHDISDsrVneUakM72guajCqwxTakUm6TXNiJMdaODf8/tuV0T5H oxuw==
X-Gm-Message-State: APjAAAX4TDIEyTxJHbp+llBQ9pxlXAfMdXhWBBU3XE0y56E93Liv1JA6 TiHNRYYjz/jcmTpl6fF4h0DdyajlMcvTQ4rrZWg=
X-Google-Smtp-Source: APXvYqx7KmhYZP3A03w7CURLbAzcKecxz6smevOmxbomgClUROWJUIgH0d0UoMKZ/nsiSf1QhbTtAwtGHF77QM5xNx4=
X-Received: by 2002:aca:4255:: with SMTP id p82mr6983694oia.6.1562956851260; Fri, 12 Jul 2019 11:40:51 -0700 (PDT)
MIME-Version: 1.0
References: <> <> <> <>
In-Reply-To: <>
From: Phillip Hallam-Baker <>
Date: Fri, 12 Jul 2019 14:40:39 -0400
Message-ID: <>
To: Bret Jordan <>
Cc: Dominique Lazanski <>,, IETF SecDispatch <>
Content-Type: multipart/alternative; boundary="000000000000eb32a8058d803f84"
Archived-At: <>
Subject: Re: [Secdispatch] [Smart] New Version Notification for draft-lazanski-smart-users-internet-00.txt
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 12 Jul 2019 18:40:56 -0000

Applied properly, the cloud service never has anything but encrypted data
and a pile of random numbers.

Mesh group encryption is genuinely end to end. There is never plaintext on
the server. The server never has sufficient information to decrypt.
Assuming only that the random numbers used to split keys are unguessable,
the system is information theroretic secure with respect to the requirement
for two keys to be used to decrypt.

There will always be an endpoint vulnerability in that data has to be
decrypted to present it to the user, edit it, etc. But reducing the attack
surface from every server and every endpoint in the enterprise to the dozen
or so endpoints with a need to know the information is powerful.

I have not considered the ransomware issue in depth because the solution is
pretty obvious - take backups, verify the ability to recover at regular
intervals. That said, obvious solutions can be very complex to deploy.

This is actually one of the very few applications that Blockchain or at
least the Haber-Stornetta hash chain could help us with. A DARE container
is an append only log with optional Merkle Tree integrity checking. So we
can do a continuous backup to a write only storage array behind a very very
simple and limited firewall that only allows the backup requests through.
If the online system is compromized, we recover from the firewalled,
write-only array.

Getting to that point in the mesh is likely to take five years. But
Microsoft owns GitHub. And Git could at least in theory be extended to
provide some of this functionality.

Alternatively, bring down the BitCoin infrastructure by auditing Tether and
the payment infrastrastructure that makes ransomware profitable would be

On Fri, Jul 12, 2019 at 12:05 PM Bret Jordan <> wrote:

> Unfortunately I think you are misunderstanding the attack surface how
> attacks can work and wrongfully assume how threat actors and intrusions
> sets operate.  It is not always about exfiltrating your super secret
> “recipe" as you call it.  So database encryption will not always help you,
> nor will putting your database on a block chain. Yes, it can reduce the
> attack surface or exposure of your data under legitimate use. But once the
> server is compromised, the attacker can simply pull decrypted information
> from memory. Or can continue to move laterally through the organization and
> pull the data of endpoints that do have access to the data.  Further, the
> threat actor may not be interested in exfiltrating the data at all.  But
> may simply be interested in using your “1980s” crypto as you call it to
> encrypt your database with their own key.  This attack is commonly called
> Ransomware.
> The key point is that you can not patch your way into security.  This is a
> common misunderstand that many people have outside of operational
> security.  End points are always weak and highly vulnerable to attack.  It
> does not matter if they are end user devices, servers, IoT devices, or
> components soldered in to SCADA systems.
> I would encourage you to look at the MITRE ATT&CK framework to better
> understand how these attacks work and how threat actors can disrupt,
> exfiltrate, and destroy a company.
> We have to realize that the security model has changed since some of these
> documents were written. Yes, pervasive monitoring of users on the internet
> is a problem, but it is only 1 piece of a large pie of problems.  We in the
> IETF need to communicate better with operational security, so that we can
> design solutions that hollistically help improve security and not make one
> part better at the huge expense of everything else.
> Thanks,
> Bret
> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
> "Without cryptography vihv vivc ce xhrnrw, however, the only thing that
> can not be unscrambled is an egg."
> On Jul 11, 2019, at 7:22 PM, Phillip Hallam-Baker <>
> wrote:
> It is an interesting read. But I see a very important distinction that
> needs to be made between compromise of user end points and compromise of
> server end points.
> Most breaches that occur are when an enterprise is penetrated and the
> firewall is the first and last line of defense. So Percy the Pinhead clicks
> on a link in an email and six hours later the attacker has root privilege
> on the corporate server. This is not Percy's fault, the fault is that a
> single mistake by a single employee results in compromise of data Percy was
> never authorized to access.
> So right now we have systems where one compromise at any one of 10,000
> endpoints results in a breach.
> Now lets consider using some 1980s style end to end cryptography. So that
> the ultra important recipe data is only available to the dozen members of
> group. This improves matters because we have reduced the points of
> compromise from 10,000 cooks and service staff to 12 trusted employees.
> That is a start but we are still vulnerable to a single end point
> compromise so lets apply threshold cryptography so members of group W only
> have one half of the decryption key, the other is on the server and both
> halves of the key are needed to perform decryption. In this scenario, we
> now require two separate compromises of two different end points.
> On Wed, Jul 10, 2019 at 11:29 AM Bret Jordan <>
> wrote:
>> Dominique,
>> I have read over your draft, and I think it highlights some very key
>> things we all need to look at and address. Thanks for putting these ideas
>> down on paper.  Hopefully this I-D can help us all start a broader
>> discussion to improve things.
>> SMART / SecDispatch,
>> If you have not yet read this I-D, I would encourage you to look at it.
>> It is a very fast read.
>> Thanks,
>> Bret
>> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
>> "Without cryptography vihv vivc ce xhrnrw, however, the only thing that
>> can not be unscrambled is an egg."
>> On Jul 8, 2019, at 12:54 PM, Dominique Lazanski <>
>> wrote:
>> Cross posting to this mailing list.
>> Dominique
>> A new version of I-D, draft-lazanski-smart-users-internet-00.txt
>> has been successfully submitted by Dominique Lazanski and posted to the
>> IETF repository.
>> Name:        draft-lazanski-smart-users-internet
>> Revision:    00
>> Title:        An Internet for Users Again
>> Document date:    2019-07-08
>> Group:        Individual Submission
>> Pages:        12
>> URL:
>> Status:
>> Htmlized:
>> Htmlized:
>> Abstract:
>>   RFC 3552 introduces a threat model that does not include endpoint
>>   security. In the fifteen years since RFC 3552 security issues and
>>   cyber attacks have increased, especially on the endpoint. This
>>   document proposes a new approach to Internet cyber security protocol
>>   development that focuses on the user of the Internet, namely those
>>   who use the endpoint and are the most vulnerable to attacks.
>> --
>> Smart mailing list
>> _______________________________________________
>> Secdispatch mailing list