[147255] in cryptography@c2.net mail archive
[Cryptography] Specification: Prism Proof Email
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Sat Sep 21 18:21:23 2013
X-Original-To: cryptography@metzdowd.com
Date: Fri, 20 Sep 2013 14:59:46 -0400
From: Phillip Hallam-Baker <hallam@gmail.com>
To: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============2249972247518575108==
Content-Type: multipart/alternative; boundary=001a11c3f40028b11204e6d54671
--001a11c3f40028b11204e6d54671
Content-Type: text/plain; charset=ISO-8859-1
We need an email security infrastructure and recent events demonstrate that
the infrastructure we develop needs to be proof against PRISM-class attacks.
By PRISM-class I mean an attack that attempts pervasive surveillance with
budgets in excess of $100 million rather than the PRISM program in
particular.
Neither OpenPGP nor S/MIME is capable of providing protection against this
class of attack because they are not widely enough used. We can only hope
for these to be useful if at least 5% of Internet users start sending mail
securely.
But while the legacy protocols are not sufficient, 95% of the existing work
is fine and does not need to be repeated although there may be some details
of execution that can be improved.
The part that is going to need new research is in the area of trust models.
As someone who has seen the documents said to me this week, given a choice
between A and B, the NSA does both. We have to do the same. Rather than
have a pointless argument about whether Web 'o Trust or PKIX is the way to
go, let everyone do both. Let people get a certificate from a CA and then
get it endorsed by their peers: belt and braces.
The idea in this draft is to split up the problem space so that people who
know email clients can write code to support any of the research ideas that
might be proposed and any of the research ideas can be used with any of the
mail clients that have been enabled.
The draft is to be found at:
http://www.ietf.org/id/draft-hallambaker-prismproof-dep-00.txt
--
Website: http://hallambaker.com/
--001a11c3f40028b11204e6d54671
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div style=3D"font-family:arial,sans-serif;font-size:12.80=
0000190734863px">We need an email security infrastructure and recent events=
demonstrate that the infrastructure we develop needs to be proof against P=
RISM-class attacks.</div>
<div style=3D"font-family:arial,sans-serif;font-size:12.800000190734863px">=
<br></div><div style=3D"font-family:arial,sans-serif;font-size:12.800000190=
734863px">By PRISM-class I mean an attack that attempts pervasive surveilla=
nce with budgets in excess of $100 million rather than the PRISM program in=
particular.</div>
<div style=3D"font-family:arial,sans-serif;font-size:12.800000190734863px">=
<br></div><div style=3D"font-family:arial,sans-serif;font-size:12.800000190=
734863px">Neither OpenPGP nor S/MIME is capable of providing protection aga=
inst this class of attack because they are not widely enough used. We can o=
nly hope for these to be useful if at least 5% of Internet users start send=
ing mail securely.</div>
<div style=3D"font-family:arial,sans-serif;font-size:12.800000190734863px">=
<br></div><div style=3D"font-family:arial,sans-serif;font-size:12.800000190=
734863px">But while the legacy protocols are not sufficient, 95% of the exi=
sting work is fine and does not need to be repeated although there may be s=
ome details of execution that can be improved.</div>
<div style=3D"font-family:arial,sans-serif;font-size:12.800000190734863px">=
<br></div><div style=3D"font-family:arial,sans-serif;font-size:12.800000190=
734863px">The part that is going to need new research is in the area of tru=
st models. As someone who has seen the documents said to me this week, give=
n a choice between A and B, the NSA does both. We have to do the same. Rath=
er than have a pointless argument about whether Web 'o Trust or PKIX is=
the way to go, let everyone do both. Let people get a certificate from a C=
A and then get it endorsed by their peers: belt and braces.</div>
<div style=3D"font-family:arial,sans-serif;font-size:12.800000190734863px">=
<br></div><div style=3D"font-family:arial,sans-serif;font-size:12.800000190=
734863px">The idea in this draft is to split up the problem space so that p=
eople who know email clients can write code to support any of the research =
ideas that might be proposed and any of the research ideas can be used with=
any of the mail clients that have been enabled.</div>
<div style=3D"font-family:arial,sans-serif;font-size:12.800000190734863px">=
<br></div><div style=3D"font-family:arial,sans-serif;font-size:12.800000190=
734863px"><br></div><div style=3D"font-family:arial,sans-serif;font-size:12=
.800000190734863px">
The draft is to be found at:</div><div style=3D"font-family:arial,sans-seri=
f;font-size:12.800000190734863px"><br></div><a href=3D"http://www.ietf.org/=
id/draft-hallambaker-prismproof-dep-00.txt" target=3D"_blank" style=3D"font=
-family:arial,sans-serif;font-size:12.800000190734863px">http://www.ietf.or=
g/id/draft-hallambaker-prismproof-dep-00.txt</a><br clear=3D"all">
<div><br></div>-- <br>Website: <a href=3D"http://hallambaker.com/">http://h=
allambaker.com/</a><br>
</div>
--001a11c3f40028b11204e6d54671--
--===============2249972247518575108==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============2249972247518575108==--
