Net tech bods at IETF mull anti-NSA crypto-key swaps in future SSL

  • 10 May 2014
  • 3 replies
  • 1607 views

Userlevel 7

'Perfect example of how Snowden has improved our privacy' says professor

By John Leyden, 8 May 2014  Standards stewards on the Internet Engineering Task Force (IETF) are planning to drop RSA key exchanges from TLS 1.3, the next revision of SSL.
 
The technical body is instead eying up algorithms that use short-lived encryption keys, aka ephemeral keys, that can sidestep surveillance dragnets by the likes of the NSA.
 Specifically, the IETF has backed Diffie-Hellman key exchange (DHE) and ?Elliptic Curve Diffie-Hellman? key exchange (ECDHE) over RSA because the former two support Perfect Forward Secrecy (PFS).
 
When a server and a client use SSL/TLS, they must agree upon a unique encryption key valid for just that connection session – and use it to protect their communications from eavesdroppers and tamperers.
 
How that session key is transported between the client and server is crucial here: in RSA key exchange, the client generates the temporary key, encrypts it using the server's public RSA key, and sends it over the network. The server uses its corresponding RSA private key to decrypt the session key – now both sides have what they need.
 
 
Full Article
 
Looks like they are working on it...but I think that one has to ask the serious question....so where is the flaw or flaws in this one?

3 replies

Userlevel 7
Badge +56
Good point - cryptography is so complex it is tough to get right.  
Userlevel 7

Standards boffins promise bloody fight for those who seek to sniff private data

By Richard Chirgwin, 14 May 2014  The IETF has taken the next small step down the long, long road of protecting user traffic from spooks, snoops and attackers, setting down the basic architectural principle that new protocols should resist monitoring.
 
It's not going to be a trivial undertaking: practically every layer of the Internet protocol stack has its origins in a more innocent era.
 The new document, RFC 7258 (here), formalises the decision reached at the Vancouver IETF plenary in November [video] that pervasive monitoring is an attack on Internet users (and, in fact, “Pervasive Monitoring is an Attack” is the title of the RFC).
Unlike the blithe statements from law enforcement around the world that metadata collection is innocuous, the RFC explicitly includes metadata collection in its list of threats to Internet users, along with the collection of protocol artefacts, application content, active and passive wiretaps, traffic analysis and cryptographic subversion.
 
The aim of the new RFC, it says, is to record “the IETF community's consensus” and establish “the technical nature of PM.”
 
 
Full Article
 
A little more on this topic that I think is interesting.
Userlevel 7
Badge +56
Glad to see the RFC folks stepping up on this one.  Fully encrypted protocols will go a long way to making everyone more safe and secure.  And unlike the early days of the Internet, we've now got the bandwidth and resources to spare so it won't make too much of a performance hit.

Reply