IETF Floats Draft PRISM-Proof Security Considerations

hypnosec writes "PRISM-Proof Security Considerations, a draft proposal to make it harder for governments to implement and carry out surveillance activities like PRISM, has been floated by the Internet Engineering Task Force (IETF). The draft highlights security concerns as a result of government sponsored PRISM-like projects and the security controls that may be put into place to mitigate the risks of interception capabilities. Authored by Phillip Hallam-Baker of the Comodo Group the draft is however very sparse on details on how the Internet can be PRISM-proofed."

Re:IETF is better than NIST, how?

[icebike]

I can't imagine what difference it would make.

Well not being owned by the US Government might be a good start, don't you think?

There is some (debated) evidence that NIST was compromised by directions from above, by external control of its budget, etc.

Lets face it, security and privacy were not designed into the protocols we use on the internet today, they were bolted on afterward, and the government played a big (and self serving) part of that effort. Any amount of data hardening would be welcome at this point. There will still be metadata that can be collected but content should be able to be kept private by default.

I would rather have a community of enraged engineers driving the design and management than a bunch of federal paper pushers with a police mentality.

Re:

[george14215]

Like the 100k civilian dead in Iraq? How in the world do we have any right pontificating on Syria?

Re:

[Score Whore]

You do realize that nobody was suggesting that anyone get involved in Syria when it was only 100,000 dead. It was when they started using CW that the concern was expressed. Not a legit moral position to take, but certainly your argument is rebutted.

Personally I think the US should go to the UN and say, "Hey, CW are bad. MMMKAY?" And if China and/or Russia say, "Yes, but ...". Then the US and the rest of the Western world should respond with, "Oh, so CW proliferation is not a big deal now? Then we'll go ahea

Re:

[george14215]

GF implied that intervention was called for based on 100k dead. Anyway, so we are outraged at 4000 killed by CW and that's the red line? The first 100k dead didn't matter? It makes the current case for intervention even more absurd.

Re:

[Score Whore]

My point is that the reason US pols started getting antsy had nothing to do with how many people were killed, it was the way they were killed.

According to the internet, over a quarter million people die every day. A portion of those can't be saved, but a good portion probably could. Where's the line drawn between sacrificing the future well being of my immediate family for the benefit of someone I've never met, never would meet and quite possibly who will, no matter what outside parties try to do, continue

Re:IETF is better than NIST, how?

[SuricouRaven]

The number of civilians killed in the 9/11 attack was approximately equal to a little over a month of fatal traffic accidents in the US for 2001. If the government had spent even a fraction of the money spent on security and military action after 9/11 on road safety and public transport instead, they could have prevented several 9/11s each year.

Politics and public reaction are not rational.

Re:

[causality]

My point is that the reason US pols started getting antsy had nothing to do with how many people were killed, it was the way they were killed.

Yes. When the news reports about the chemical weapons first started coming out, they kept making a big deal out of this. I kept wondering, "and if those people had been shot instead, would that make you feel better?" Seems I'm not the only one to think of that.

Re:

[causality]

Politics and public reaction are not rational.

More like, the media discovered long ago that sensationalism sells better than rational thinking because emotions are much easier to manipulate. Being mostly followers who have been conditioned not to think critically, the public and thus the public's representatives simply follow.

Re:

[daem0n1x]

If you are really so concerned about the Syrian people, stop arming foreign terrorists and sending them there. Haven't you learned anything from all the fuck-ups you did before?

Before anyone calls me an anti-American, that goes for France and UK, too.

Re:

[hedwards]

I'm sorry, but that has nothing to do with Syria.

The reason that there are 100k Iraqi civilians dead has nothing to do with the decision about whether or not to invade. The 100k is an argument for actually spending the time to make sure the plans are realistic. Had there been an adequate number of troops in Iraq that would never have happened.

It's beyond me how idiots like you can confuse the issue.

Re:

[george14215]

That's small comfort to the 100k DEAD and their friends/family, idiot. Very convenient rationalizing 100k dead based on an "if". Oops! bureaucratic mistake, no harm no foul! How asshats like you can be so cavalier about human life is beyond me.

Re:

[daem0n1x]

I'm European. As far as I'm concerned you can keep your troops and guns at home, thank you very much.

I'm pretty sure most of my fellow Europeans feel the same.

But then, where would you spend all those shiny weapons your military-industrial complex keeps making and selling you?

Re:

[Anachragnome]

"Lets face it, security and privacy were not designed into the protocols we use on the internet today, they were bolted on afterward, and the government played a big (and self serving) part of that effort."

For those that doubt that statement, please read the documentation provided by the none other than the NSA itself.

http://www.nsa.gov/ia/programs/suiteb_cryptography/ [nsa.gov]

That page was posted by the NSA 4 1/2 years ago and updated in May 2013. Surprisingly, they name names--exactly who worked on what--and even

Anything is better than NIST

[Taco Cowboy]

If the IETF is serious about foiling NSA's PRISM scheme, there is one item that they should add in their proposal ...

DO NOT USE ANY CISCO DEVICE

All CISCO devices come with NSA backdoor pre-installed

Re:

[icebike]

The best encryption is the kind that even when they hand you the algorithm you can't break it.
If we could just get government spooks out of the development chain and do it all in opensource we could prevent the backdoors they demand.

If we went to a plug-able encryption module web servers, mail servers, etc could support many of them, and the user could take their choice.
There are a lot of methods we could improve, and every single one of them is easier than your recommended restructuring of government.

Re:

[AHuxley]

New Zealand and Australia may soon be getting the keys to the net encryption too.
http://www.smh.com.au/technology/technology-news/whistleblower-reveals-australias-spy-agency-has-access-to-internet-codes-20130906-2tand.html [smh.com.au]

Not an IETF Draft

[petithug]

An IETF draft starts with "draft-ietf-". This is merely a proposal by a member of the IETF to discuss this subject.

Re:

[Zero__Kelvin]

The summary doesn't say it is a draft standard, it specifically says: "a draft proposal". This means that he is proposing that they create a draft standard.

Re: Not an IETF Draft

[petithug]

What I mean is that "floating by the IETF..." is misleading. Anybody can submit an I-D for standard track. Few are adopted by the IETF.

Re:

[mellon]

Drafts aren't draft standards. They are drafts of documents that might someday become standards. Drafts that start with draft-ietf are drafts that have the consensus of some IETF working group to work on them, and are therefore somewhat closer to becoming standards. But they still aren't standards, and many of them die on the vine.

What PHB's document is is an individual submission. It's not got any kind of consensus yet. Not shocking, since the first version was published this morning. It's poss

Re: Not an IETF Draft

[Zeinfeld]

It is not even meant to be a proposal.

The point of the document is that I took all the points that had been made five or more times already and put them into one document so that we can move the discussion on to the next stage. Otherwise every time we get a new person joining the group we have to go through the same thing all over. And the third or fourth time round it becomes 'we already know that', 'NOO you are trying to censor me, NSA plant!'.

It isn't meant to become an IETF draft, they would make me take out all the fun parts. Like pointing out the abject incompetence of an organization that lets a 29 year old contractor with a pole dancer for a girl friend have access to that material six months after joining. Why do Alexander and Clapper still have jobs? And spying on US citizens and then trading the raw SIGINT with foreign powers that are certain to share it with my commercial competitors? What were these idiots thinking?

There is work going on in IETF and in fact we started before his Bruce-ship made his call to arms. I doubt the PRISM-PROOF branding will stick. But it is powerful mind share as this story proves. We have botched deployment of almost all the security protocols developed in IETF except for TLS and that succeeded before it went in. This is a chance to hit the reset button and fix the mindbogglingly stupid deployment gaps. Like having no standard way to discover recipient keys and having two different message formats (OpenPGP and S/MIME) forcing people to choose between two key endorsement schemes rather than allow them to pick the one suited to their needs.

Yes, I do think there was interference in the past efforts but I suspect it was subtler than most imagine and not coming from the NIST folk. Rather, I think the interference came from folk who would encourage both sides in technical disputes to dig in and refuse to compromise, folk who participate with no visible means of financial support and seem to have limitless time to write drafts but are not very technical.

Re:

[Anonymous Coward]

[Can't log in due to another slashfail, I wrote the draft]

Yeah, I did rather wonder about that when I got sent the Register article. They didn't even ask me for comment before publishing or I would have told them.

This is merely a summary I wrote of the traffic on a private list that we have been discussing PRISM on. It is not even all my work. And the main point is simply to set a baseline for the three drafts to follow so that we can avoid prolonged discussion of purported PRISM capabilities.

The next draft

Re:

[mellon]

Private IETF list? Do tell!

Re:

[Zeinfeld]

Not an IETF list.

It's called IPv6 DNSSEC

[VortexCortex]

Mandatory end to end security was in IPv6. The Feds didn't like that, so guess what? It got removed.

If you ask me, it's time to shit-can the IETF too.

Re:

[steelfood]

At this point, does it even matter? IPv6 is taking forever to adopt. By the time any new PRISM-proof standard gains any amount of traction, the NSA would have developed a new system to work around it. And that's assuming that the NSA hasn't sabotaged its efforts either by directly convincing the standard-writers to put in back doors, or indirectly by convincing companies not to adopt secure portions of the standards.

Communication has been, and always will be about trust. Without trust, no communication can

Re:

[AHuxley]

Only the GCHQ and NSA can shape international telco standards and end user cryptography. They set the early EU/NATO export grade cypher machine standards, the consumer digital age was theirs to shape. The idea that some country with some satellite dishes and mirroring all optical in their region can have global reach is a joke.
You need physical global reach and a deep under standing of the systems in use. Very few countries ever had that.

Re:

[rtb61]

Well, right now the US Administration has a choice, either get the NSA back under control or face the global exclusion of US software, hardware and computer services and US companies are fully entitled to send the bill for losses straight to the NSA. If fact they should start the court cases for damages right now.

Re:

[Zero__Kelvin]

Hindsight is 20/20. If they did that today then I would agree with you, however I'm assuming that happened prior to the Snowden Enlightenment, in which case you are criticizing them for not knowing what you didn't know either at the time.

Re:

[Zero__Kelvin]

Bullshit. When IPv6 was first proposed (2000-10-05) hardware was far less capable, and requiring all systems that participated in the internet via IPv6 to do on the fly encryption was not a smart idea. Again, you are speaking as if this all happened today, with current knowledge of PRISM and current hardware capabilities.

Re:

[Zero__Kelvin]

They did make plans for the future. That is why end to end security is an option. End to End security has advantages and disadvantages, so it is pretty hilarious and ironic that you would accuse me (and the rest of the experts who know far more than you) of being the short-sighted ones.

"You really are a narrow-minded individual."

Thanks for that. I needed a good laugh this morning!

Re:

[cookYourDog]

Aren't you still trusting certs to a third party with DNSSEC? Hasn't the NSA already subverted that model of trust?

And doesn't this only protect resolution confidentiality and integrity? What about actual http requests?

Re:

[mellon]

You can publish your PKI cert in DNSSEC. This forces an attacker not only to get a CA to sign their fake cert, but also to subvert the DNSSEC hierarchy. The cert protects the integrity and confidentiality of the communication. So in fact DNSSEC can play a role in that, and result in a system that's harder to subvert.

Furthermore, the NSA hasn't entirely subverted that model of trust. It is not _as_ trustworthy as people thought, but systematically snooping on https traffic with faked certs is still s

Re:

[cookYourDog]

Good information, thanks for the reply. Unfortunately, I think it's far easier than faking certs. A national sec letter delivered to a CA seems to render the entire hierarchy useless. Am I wrong here?

Re:

[slick7]

Aren't you still trusting certs to a third party with DNSSEC? Hasn't the NSA already subverted that model of trust? And doesn't this only protect resolution confidentiality and integrity? What about actual http requests?

Here's the circle of trust and you're not in it.

Re:

[Burz]

Only encrypted onion routing such as this [geti2p.net] can provide end-to-end security that does not leave reams of metadata (all of the who / when / where details of our communications) on the NSA's front porch every morning. No carrier can tell you what your addressing or NAT scheme can be, nor interfere with packet delivery in any fashion other than all-on-or-all-off. You even get to decide the number-of-hops vs speed tradeoff for different applications, and your address doubles as the cryptographic key that affirms

Re:

[mellon]

Watching all Tor endpoints and coordinating the traffic between them is an O(N^2) problem. Not a problem for a targeted attack, not so easy for attacking everybody, unless not many people use it. So people who bittorrent through Tor are, ironically, doing a public service.

Re:

[mellon]

You can have end-to-end security any time you want. The problem is, most people don't know to want it.

Re:

[causality]

Why play cat and mouse with your own governing body? PRISM is illegal. Put effort towards ending it. Otherwise, you're helping terrorists... (rolls eyes)

Out-of-control governments are the real terrorists. Al-CIA-da would salivate at doing one one-thousandth the damage a cancerous government can do.

Maybe PRISM is a US government; I don't know.

[Zero__Kelvin]

"PRISM is reputed to be a classified US government that involves covert interception of a substantial proportion of global Internet traffic."

He repeats this line at least twice, which I am assuming is a result of copy and paste. Unless he is saying that PRISM is a second government, I guess my first suggestion would be to add the word "program" in there somewhere ;-)

Sparse Details

[Nethemas the Great]

the draft is however very sparse on details

Don't worry the NSA and GCHQ will help fill in those details.

Re:

[slick7]

the draft is however very sparse on details

Don't worry the NSA and GCHQ will help fill in those details.

And you still won't have a clue what they are.

Corrections

[WaffleMonster]

Anyone can submit an I-D for anything. With few exceptions they are uploaded automatically with no human review, zero buy-in, endorsement, weight..etc by anyone. This ID has not even been adopted by a particular WG.

Then theres question of what is it this draft proposes reads more like a hapazard list of one mans problems.

To be clear I'm not attacking the I-D I'm attacking the warped characterization of it by people who should know better.

First things first

[Mister Liberty]

Is this guy kosher?

Individual submission, not IETF document

[klapaucjusz]

This is an individual submission, not an IETF working group draft, and does not appear to either be proposed for an IETF wg draft or to be in the RFC Editor's queue [rfc-editor.org]. In short, it has nothing to do with the IETF.

Root Root Root for IETF

[John Reynolds]

We need this. Without a way to make sure the NSA isn't invading our privacy, we need to take matters into our own hands. Laws won't do the job. My God, the NSA's philosophy is "We're hunting terrorists. We don't need no stinking 4th Amendment." Unfortunately, I doubt that encryption will keep NSA out entirely, but it will make it harder for them to pick us out of the crowd. Decrypting still takes extra time & effort and that little bit of hassle may be enough to keep their noses out of your business.