|
In mid-March, the group dubbed by Wired Magazine 20 years ago as Crypto-Rebels and Anarchists—the IETF—is meeting in London. With what is likely some loud humming, the activists will likely seek to rain mayhem upon the world of network and societal security using extreme end-to-end encryption, and collaterally diminish some remaining vestiges of an “open internet.” Ironically, the IETF uses what has become known as the “NRA defence”: extreme encryption doesn’t cause harm, criminals and terrorists do. The details and perhaps saving alternatives are described in this article.
Formally known as the Internet Engineering Task Force (IETF), the group began its life as a clever DARPA skunkworks project to get funded academics engaged in collective brainstorming of radical new ideas for DOD. It never created an actual organization—which helped avoid responsibility for its actions. During the 1990s, the IETF became embraced as a strategic home for a number of companies growing the new, lucrative market for disruptive DARPA internet products and services—coupled with continued copious funding from the Clinton Administration which also treated it as a means for promoting an array of perceived U.S. political-economic interests.
Over subsequent years, as other industry technical bodies grew and prospered, the IETF managed to find a niche value proposition in maintaining and promoting its legacy protocols. During the past few years, however, the IETF’s anarchist roots and non-organization existence have emerged as a significant security liability. The zenith was reached with the “Pervasive Encryption” initiative, bringing Edward Snowden virtually to the IETF meetings, and humming to decide on radical actions that met the fancy of his acolytes.
The Pervasive Encryption initiative
The IETF began doing Snowden’s bidding with the “Pervasive Encryption” initiative as their common crusade against what Snowden deemed “Pervasive Monitoring.” The IETF activists even rushed to bless his mantra in the form of its own Best Current Practice turned into a mitigation commandment called RFC 7258.
The initiative will come to fruition at a humming session in London at the IETF 101st gathering in a few weeks. The particular object of humming is an IETF specification designated TLS 1.3 and designed to provide extremely strong, autonomous encryption for traffic between any end-points (known as “end-to-end” or “e2e”). TLS = Transport Layer Security. The specification has been the subject of no less than 24 versions and more than 25 thousand messages to reach a final stage of alleged un-breakability. In the IETF vernacular, the primary design goal of TLS 1.3 is to “develop a mode that encrypts as much of the handshake as is possible to reduce the amount of observable data to both passive and active attackers.” How this occurs leverages an array of cryptologic techniques to achieve perfect “forward secrecy.”
There are perceived short-term benefits for some parties from the essentially invisible traffic capabilities between two end-points on devices anywhere in the world that are described below. However, the impacts are overwhelmingly, profoundly adverse. Innumerable parties over the past two years have raised alarms, and include multiple organizations and venues: workshops and lists within the IETF itself, vendor concerns, effects concerns, major enterprise users such as Financial Data Center Operators, major malware software vendors, the IEEE, the 3GPP mobile services community, the ITU-T Security Group and TSB Secretariat, a plethora of company R&D activities in the form of remedial product patents, trade press articles, and literally hundreds of research studies published in professional journals. The bottom-line view among the IETF activists, however, is “not our problem.”
The use of TLS by the IETF is somewhat ironic. Transport Layer Security (TLS) actually had its origins in early OSI industry efforts in the 1980s to provide for responsible security for the OSI internet. Indeed, an initial acceptable industry specification was formally published in the early 90s as a joint ITU-T/ISO (International Telecommunication Union Telecommunications Standardization Sector and International Organization for Standardization) joint standard that remains in effect today.
IETF crypto-activists a few years later took over the ITU-T/ISO internet TLS to roll out their own versions to compensate for DARPA internet cyber security deficiencies. However, it was the Snowden affection that primarily drove zealots to embark on TLS 1.3 as the crown jewel of the Pervasive Encryption initiative. A secondary but significant factor was the interest of Over-the-Top providers in free, unfettered bandwidth to customers leveraging the NetNeutrality political mandate, and added substantial fuel to the TLS 1.3 fire. Indeed, OTT providers have pursued a TLS variant known as QUIC—which allows for multiple simultaneous encrypted streams to end-user customers. QUIC creates major operational and compliance challenges similar to TLS 1.3 and is already being blocked. So as those in London hum for TLS 1.3 anarchy, what is gained and what is lost?
What is gained with TLS 1.3?
There are several “winners.” TLS1.3 makes eavesdropping significantly more difficult. There are fewer “handshakes,” so it should be faster than previous TLS versions. The platform enhances a sense of confidentiality for some individual users—especially the paranoid and those seeking increased protection for activities they want unknown. Those who profess extreme privacy zeal will likely be pleased.
For those engaged in any kind of unlawful activities, TLS 1.3 is a kind of nirvana. It includes those who seek to distribute and manage malware on remote machines—for either programmed attacks or for clandestine campaigns such as those manifested by Russian agents in the U.S. elections. Symantec has already presented statistics on how a considerable amount of malware is distributed via end-to-end encryption tunnels.
The platform also potentially enhances business opportunities and revenue for Over the Top (OTT) providers, and for vendors that leverage it for PR purposes. The latter includes some browser vendors and a few cloud data centre operators who cater to hosting customers for whom opaque end-to-end encryption for unaccountable activities is a value proposition.
TLS 1.3 also provides a perceived sense of satisfaction for those eternal “crypto anarchists” who have been labouring for so many years to best the government agency cryptologists and law enforcement authorities.
In a somewhat amusing, unintended way, the biggest winners may be the vendors of devices and software that detect and block TLS 1.3 traffic. They will benefit from the enormously increased market for their products.
What is lost with TLS 1.3?
TLS 1.3 (and QUIC) are already known to be highly disruptive to network operators’ ability to manage or audit networks. This occurs through a number of factors, but one of the most prevalent is that it breaks the functionality of the enormous number of network “middleboxes” that are essential for network operation. The problem is exacerbated in commercial mobile networks where the operator is also attempting to manage radio access network (RAN) bandwidth.
Because encrypted e2e transport paths in potentially very large numbers are being created and managed autonomously by some unknown third parties, a network provider faces devastating consequences with respect to providing sufficient bandwidth and meeting network performance expectations. It is in effect an unauthorized taking of the provider’s transport network resources.
As noted above, TLS 1.3 significantly facilitates widespread malware distribution, including agents that can be remotely managed for all kinds of tailored attacks. In the vernacular of cybersecurity, it exponentially increases the threat surface of the network infrastructure. The proliferation of Internet of Things (IoT) devices exacerbates the remotely controlled agent attack potential. Although, the counter-argument is to somehow magically improved the security at all the network end-points, the ability to really accomplish this fanciful objective is ephemeral and not real. It seems likely that most end users will view their loss of security and control of their terminal devices as much more important than any perceived loss of privacy from potential transport layer monitoring in transit networks.
A particularly pernicious result for enterprise network and data centre operators, including government agencies, is the potential for massive sensitive data exfiltration. A peripheral intruder through a TLS 1.3 encrypted tunnel into a data centre or company network could leverage their access to command substantial resources to gather and export intelligence or account information of interest. This potential result is one of the principal reasons for a continuing awareness campaign of the Enterprise Data Center Operators organization—coupled with proffering alternative options.
Most providers of network services are required to meet compliance obligations imposed by government regulation, industry Service Level Agreements, or insurance providers. The insurance impact may arise from an assessment that the potential liabilities of allowing TLS 1.3 traffic exposes providers to substantial tort litigation as an accessory to criminal or civil harm. The long list of compliance “by design” obligations are all likely to be significantly impeded or completely prevented by TLS 1.3 implementations:
Lastly, the implementation of TLS 1.3 is likely to be found unlawful in most countries and backed up by longstanding treaty provisions that recognize the sovereign right of each nation to control its telecommunications and provide for national security. Furthermore, nearly every nation in the world requires that with proper authorization, encrypted traffic must be either made available in decrypted form, or the encryption keys provided to law enforcement authorities—which TLS 1.3 prevents. Few if any rational nations or enterprises are going to allow end-to-end encrypted traffic transiting their networks or communicating with end-point hosts at data centres or users without the ability to have some visibility to assess the risk.
Myth of “the Open Internet”
The reality is that there have always been many internets running on many technologies and protocols and loosely gatewayed under diverse operational, commercial, and political control. In fact, the largest and most successful of them is the global commercial mobile network infrastructure which manages its own tightly controlled technical specifications and practices. With the rapid emergence of NFV-SDNs and 5G, internets on demand are beginning to appear.
The myth of a singular “Open Internet” has always been a chimera among Cyber Utopians and clueless politicians riding the Washington Internet lobbyhorse. The myth was begun by the Clinton Administration twenty years ago as an ill-considered global strategy to advance its perceived beneficial objectives and Washington politics. It came to backfire on the U.S. and the world in multiple dangerous ways. In reality, the humming approval of TLS 1.3 in London will likely diminish the “openness” within and among internets, but it will also properly cordon off the dangerous ones.
Thus, the perhaps unintended result of the IETF crypto zealots moving forward with TLS 1.3 will be for most operators to watch for TLS 1.3 traffic signatures at the network boundaries or end-points and either kill the traffic or force its degradation.
Innovation and a major industry standards organization to the rescue
Fortunately, there are responsible alternatives to TLS 1.3 and QUIC. For the past two years, some of the best research centres around the world have been developing the means for “fine-grained” visibility of encrypted traffic that balances both the security interests and privacy concerns. Several dozen platforms have been published as major papers, created innovative university programs, led to a major standards Technical Report, and generated even a seminal PhD thesis. A few have been patented. A number of companies have pursued proprietary solutions.
The question remained, however, what major global industry standards body would step up to the challenge of taking the best-of-breed approaches and rapidly produce new technical specifications for use. It occurred last year when the ETSI Cyber Security Technical Committee agreed to move forward with several Fine Grained Transport Layer Middlebox Security Protocols. ETSI as both a worldwide and European body has previously led major successful global standards efforts such as the GSM mobile standards now spun out as 3GPP, and the NFV Industry Standards Group, so it had the available resources and industry credentials.
Considerable outreach is being undertaken to many other interested technical organizations, and a related Hot Middlebox Workshop and Hackathon are scheduled for June. The result allows the IETF to hum as it wishes, and the rest of the world can move on with responsible alternatives that harmonize all the essential requirements of network operators, data centres, end users, and government authorities.
Sponsored byVerisign
Sponsored byRadix
Sponsored byCSC
Sponsored byDNIB.com
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byIPv4.Global
It isn’t April 1st yet…
Rutkowski only posts wide-eyed ideological rants on weekdays that end in "y". I don't read his posts any more. I look at the title, skim a little, and conclude that it's more of the same maddening ideological intransigence which turned me off once and for all late last year under the title of, "Weaponizing the Internet Using the "End-to-end Principle" Myth". If anyone wants to tell me I'm really missing out, feel free to explain why.
If anyone doesn’t like the treatment of issues, please click on the dozens of embedded links to what others have written on the same issues. Or alternatively, use Mr. Google or Bing or whatever to discover the views expressed on these topics. The admonition here is an old scientific concept that become popular in the 60s - keep questioning.
Certainly glad to be educated that every reputable cryptographer in the world and vendors like Cisco are all wrong, and we should have backdoors in our crypto because, you know, there’s no chance the keys would ever leak to bad guys.
Cisco’s position on TLS 1.3: https://blogs.cisco.com/security/tls-1-3-and-forward-secrecy-count-us-in-and-heres-why
There are actually multiple Cisco positions. Perhaps no surprise given the obvious controversy. See https://tools.ietf.org/html/draft-camwinget-tls-use-cases-00 It is difficult to poll "every reputable cryptographer in the world" much less parse the variables for that assessment A few simple searches suggest that there are many views on the subject. What is fairly likely is that most data centres and network operators will continue to scale blocking and degradation of TLS 1.3 and QUIC without a viable alternative. Many proprietary solutions are already available. The MSP specifications are intended to provide an open publicly standardized alternative..
>There are actually multiple Cisco positions. Your position is a desire to take choice away, versus Cisco's allowing the buyer to choose via multiple product offerings. >Few if any rational nations or enterprises are going to allow end-to-end >encrypted traffic transiting their networks or communicating with end-point >hosts at data centres or users without the ability to have some visibility to >assess the risk. Why not allow them speak for themselves? As well as allow them to feel to full force of their citizen's wishes, and those who choose to work for them or not. We individuals actually do get a say.
>https://blogs.cisco.com/security/tls-1-3-and-forward-secrecy-count-us-in-and-heres-why
Those dang anarchists are at it again:
“That’s thanks to important improvements in the coming Internet Engineering Task Force (IETF) Transport Layer Security (TLS) standard for Internet security.”
>If anyone doesn’t like the treatment of issues, please click on the dozens
>of embedded links to what others have written on the same issues.
I did.
Link (1): Crypto-Rebels - No mention or suggestion of IETF is made even though you are trying to make such an association.
Link (2): Anarchists - Great article! I agree completely! Problem is their definition of “anarchist” is the same as mine, and opposite yours. This article again paints IETF in the positive light it deserves.
A Beautiful Anarchy:
https://www.youtube.com/watch?v=PoVKsOXmafA
Link (3) “NRA defense” - I personally am very much for gun control. I have no background in law enforcement nor the military. My idea of gun control is making sure people who carry guns know how to use them properly. I have been a defensive (not marksmanship) handgun instructor for 10 years. I have received training from police trainers, military trainers, special forces operators and their commanders. I have also been involved with training police officers. I have contributed to the training of hundreds of people through the years, all for free as most of the training I have received was free. Its been my way to give back to those who trained me, and its exactly what those trainers had hope for, that I would continue to share this training as broadly as I am able.
Here is a free class we gave to a local LGBT group just after the Orlando shooting. Our reward by the media was their failure to mention this was a free class offered by “local conservatives”, and that the societal barriers they love to talk about in fact do not exist ..... Note well, the Reuters journalist that was there spoke to us at length and made clear he knew exactly who we were and what we were doing:
https://www.reuters.com/article/us-usa-guns-lgbt/u-s-gay-gun-groups-membership-surges-after-orlando-killings-idUSKCN0ZS25B
http://www.ibtimes.co.uk/pink-pistols-thousands-join-lgbt-gun-club-after-orlando-shootings-1570587
Yes, that is my Glock loaner with my name on it. We had no idea the event was going to get international coverage, nor did we even know a journalist was coming.
I pray neither you nor the gentleman who wrote that article ever has a need to defend your life against a threat. Here are my links on this issue, direct from the mouths of police officers:
“When seconds count the police are only minutes away”:
https://www.policeone.com/active-shooter/articles/6072041-Newtown-shooting-In-Loco-Parentis-and-the-protection-of-our-children/
“Why one cop carries 145 rounds of ammo on the job”:
https://www.policeone.com/police-heroes/articles/6199620-Why-one-cop-carries-145-rounds-of-ammo-on-the-job/
those who “protect you”!While the last links may offend some, consider the source,
Note what are they saying, despite their best training and attempts to offer their services:
You protect you, nobody else does!
Be it the virtual world of the internet, or the bricks and mortar real world, this fact will never change. Only a fool buys into the illusion of government protecting us from true evil. A Thank you IEFT is deserved here.
I did not bother with the rest of the links, there is no point.
“The most effective way to destroy people is to deny and obliterate their own understanding of their history.”
- George Orwell
If you say there are X organizations (or allocated AS numbers), you might mean that (eventually?) more than X/2 of them will block TLS 1.3. That may not be the most interesting metric. If some collection of (Facebook, Netflix, YouTube, Google, Amazon, Microsoft, Akamai, Cloudflare, etc) with over 50% of the US based internet traffic end up supporting TLS 1.3, it may not matter that a large number of relatively insignificant players block it.
If we look at the authors of https://datatracker.ietf.org/doc/draft-ietf-tls-tls13/ we have 2 from Apple, 1 from Facebook, 5 from Google, 5 from Microsoft, 1 from Amazon, 2 from Akamai and 3 from Cloudflare. I suspect that those organizations will all support TLS 1.3 when it is ready.
A principal point of the blog article was that the result would be a further Balkanization among the internets. Your assumption that some set of users in the U.S. apart from enterprise networks and mobile networks may be able to use TLS 1.3 and QUIC is probably a start. However, that assumes the associated broadband ISPs don't meet their CALEA requirements, and that end users will view those capabilities as more important than those provided by the ETSI MSP (Middlebox Security Protocol) alternatives. The Fine Grained Transport Layer MSP protocol will allow end users to discover middleboxes and gauge trust levels and performance, and set permissions on levels of visibility by the access provider. Those are likely to be rather compelling feature sets for most users.
The NRA comparison is backwards. TLS does not attack other networks, end-hosts or streams; it makes your own traffic safer. So it’s more properly compared to armor, not to a gun… I wonder how many people have been killed by unarmed people with armor since ever ?
Yup, that’s what the NRA says as well. Indeed, the average user of that defensive technology in the U.S. is really paranoid and has lots of strong “armor.” Some striking parallels.
>Indeed, the average user of that defensive >technology in the U.S. is really paranoid Please do provide your definition of “paranoid” as my read of CircleID makes me feel your posts are the most paranoid on this site of late. "Crypto-Rebels and Anarchists — the IETF — is meeting in London” - First line of your post (* below) "the activists will likely seek to rain mayhem upon the world of network and societal security” - Microsoft and Apple are going to rain mayhem down on the very industry they rely on to survive? Sounds pretty suicidal to me! (* below) "QUIC creates major operational and compliance challenges” - Why do you not refer to this protocol’s author, Google, as Anarchists and or crypto-rebels? "So as those in London hum for TLS 1.3 anarchy" "For those engaged in any kind of unlawful activities, TLS 1.3 is a kind of nirvana. “ - Do you truly believe only evil people value privacy? "clandestine campaigns such as those manifested by Russian agents in the U.S. elections” - Of course lets not speak of successful CIA involvement in foreign elections "eternal "crypto anarchists" who have been labouring for so many years to best the government agency cryptologists and law enforcement authorities.” - Good and evil will grapple for all of eternity, so what is new that you are trying to point out to us? "network provider faces devastating consequences with respect to providing sufficient bandwidth and meeting network performance expectations.” - I allowed a friend to connect his laptop to my LAN not knowing it was infected, my ISP shut down my internet access until the virus was removed from my LAN. "implementation of TLS 1.3 is likely to be found unlawful in most countries” - Its their choice to destroy their country’s economies by disconnecting from the worlds market places, they will not do so. "Open Internet" has always been a chimera among Cyber Utopians” - Average people have no right effective privacy tools, got it "the IETF crypto zealots moving forward with TLS 1.3” - And they have no support you deem rational and lacking in paranoia, got it. (*) Doing some research it appears you are referring to IETF 101 which is sponsored by Google and ICANN, again making me wonder why you are paranoid of the IETF and yet not their sponsors GOOGLE and ICANN which you failed to mention as sponsors. The attendance list can be found here: https://www.ietf.org/registration/ietf101/attendance.py And includes: Afilias Microsoft Corporation Toshiba Corporation ICANN Google, Inc. LinkedIn Juniper Networks Netflix Cisco Systems Internet Society NIST Comcast Nokia Akamai AFNIC Facebook Federal Communications Commission GAMBIA POLICE FORCE Apple China Telecom CNNIC ACLU Intuit Cloudflare US Bank Verisign Mozilla PayPal … and many others The first line of your post is: "In mid-March, the group dubbed by Wired Magazine 20 years ago as Crypto-Rebels and Anarchists — the IETF — is meeting in London.” Therefor are we to assume the above list of organizations are "Crypto-Rebels and Anarchists” as well? If not please hit me with clue stick and straighten me out as you also said "the activists will likely seek to rain mayhem upon the world of network and societal security”. Because if the above list is not part of these “evil doers” I can only assume you feel the above organizations are powerless against these god like invincible evil doers you keep speaking of. Now lets return to the physical world for a moment. Its been proven that when people feel weak, they live in fear and seek others to protect them. When they are provided tools and knowledge to protect themselves their fear goes away, they feel strong, and they stop asking for help of others (and of government), and they make many foundational changes in their lives realizing THEY were the source of their own fear. They now feel strong, and in fact always were but did not realize this. But if you are a government official, who’s salary and retirement benefits rely on the fear of taxpayers, you tend to prefer to provide services to people in fear and your greatest fear is their LOSS OF FEAR ….. Because then they tend to decide they don’t need you anymore, which is a bureaucrats worse nightmare.