Slashdot Mirror
Opportunistic Encryption of IP traffic: FreeS/WAN 2.0
Russ Nelson writes "Since 1996, John Gilmore has
dreamed of an Internet where all traffic between cooperating sites is
encrypted. He has supported the FreeS/WAN project which uses IPSEC to encrypt IP traffic on
an opportunistic encrypting basis. The team has released Linux
FreeS/WAN 2.00, their first release optimized for Opportunistic
Encryption (OE). After installation, ZERO host configuration is
required for OE! A Linux box running 2.00 will encrypt all IP packets
to other OE capable boxes whenever possible, provided you publish a
key and IPsec gateway information in DNS." Nice.
True. But no one is claiming that OE is something you should depend on. It's main purpose is to make the job of snoops with no resources a lot harder.
The real weakness in this scheme is that very few admins will go to the trouble of registering keys with DNS due to laziness or lack of perceived value.
If this sort of technology were to be rolled into the main distributions as well as Microsoft/Apple packages, the internet would then have a decent level of privacy.
this uses public-key encryption, which may be an "easy" algorithm but is certainly not secure because given enough clock cycles, the public key can be used to derive the private key. I suspect the NSA has enough computing power to start packet sniffing a particular target within hours if not minutes of this going up.
You can't judge a book by the way it wears its hair.
Very few ISPs even let a user control their dns. So it's useless to 90%+ of the broadband users out there.
Note: I haven't read the article yet, but I'm pretty sure they're talking about reverse dns. I don't see any other way to do it off the top of my head.
Sure, if you're 15 hops away from someone and every router between you and the other persons upstream router uses OE, then you've decreased it from 14 possible infilitration points to only 2, but it doesn't eliminate it completely.
Unless you got everyone to use these routers at home, or added it to cable/dsl modems/etc, you're still not that safe (and even then, not 100%).
What you have pointed out is true. However, it does not sound like OE is ever meant to protect against main in the middle attacks. By its very definition, it simply encrypts traffic whenever possible. This has two good outcomes:
1. More encrypted traffic in general, so when you begin encrypting your traffic it does not look suspicious to anybody who is monitoring traffic
2. Opportunistic sniffers will not be able to read the stream of data since it is automatically encrypted without your having to configure anything
OE is not a replacement for a VPN, nor is it meant to ensure the identity of the parties involved. If you really wanted to be sure, you would find some other medium to exchange keys initially or ensure that keys you received are signed by a CA or another verifying authority. That way, even if a third party does intercept your data, the data cannot be decrypted without the corresponding private key since you are using the authentic public key and not a spoof.
Of course, the CA or signing third party may be compromised. In that case, there are only two solutions:
1. Use telepathic brainwaves
2. Use carrier pigeons, because nobody will be expecting them
Adi Gadwale.
Pointless for the individual, but great for the masses.
"The only widely used encryption algo that the NSA can crack is 56bit DES, and it has already been phased out. "
Um...no. Straight single block 56DES has, but streaming and triple block hasn't.
Has anybody thought about the fact that this removes the option of network level filtering? Think about the scenario in which a virus is created that spreads quickly via web servers (e.g. IIS). Currently, it is possible to filter out viral traffic because the routers can inspect the messages. This prevents the spread of the virus even though the hosts/severs remain vulnerable.
Once all traffic is encrypted using OE, the routers/firewalls cannot recognise the type of traffic anymore, and virii will be able to spread to all vulnerable hosts.
If this becomes popular, I can see the intelligence agencies having a fit.
Probably.
They might lose one of their best information feeds; the internet.
Maybe. The thing is that the intelligence agencies are plagued by too much data, and sniffing the internet doesn't help much. Maybe Carnivore is useful, but I think they probably are having trouble looking through all that.
f this sort of technology were to be rolled into the main distributions as well as Microsoft/Apple packages, the internet would then have a decent level of privacy.
Maybe. There's SSL for most sites where you would really care though. And traffic analysis would still be possible unless they encrypt the IP headers (ie, go to IPSec). And a lot of the privacy loss is when the database of Merchant X gets hacked / sold out to spammers, and all the encryption in the world will do very little against that. No, I take it back, anonymous digital cash and IPSec should do something.
I hereby place the above post in the public domain.
I understand that you send all your paper mail through the post office as post cards. Right?
Same idea.
-Rusty
You never know...
The perfect is the enemy of the good.
This is MUCH better then what we have now, and if you need stronger security, you can use something else instead of/also.
It is foolish to completely trust any internet connections. It is foolish to completely trust anything. There may be a video camera watching your typing and screen, a keyboard logger or rootkit installed on your computer, etc.
Limited security and authentication is so far better then none at all, and you can still do more authentication manually if you want.
The perfect is the enemy of the good.
Blessed are the pessimists, for they have made backups.
So, what exactly has changed? The US psyche has been changed because this is the first time there was a large number of innocents on your home soil. Previously, even during full-scale wars, the US mainland has been safe.
However, the many parts of the world have had death on their doorsteps for years. Why change your views on privacy and civil liberties on one event? The "Everything changed" thing just isn't true.
Why do other countries, who are far less involved in the rest of the world, see so much more?
Most terrorism is related to territorial disputes, e.g Northern Ireland/IRA, Basque Region/ETA and Saudi Arabia/Al Qaeda. Many countries don't have terrorist attacks in them at all, so I wouldn't go so far as to say the US is more or less targeted than anywhere else that has a terrorist problem.
Also, the US is no more "open" than most places in the free world, where a lot of the terrorism seems to be.
It is really extraordinary, though, that the US can be as hated around the world as it is, that we can be as open as we are, even going so far as to have lots of the people who hate us living here, and that things are nonetheless quite safe.
No one hates you. They hate some of the things your government has done. Only extremists see that as validation for killing civilians.
Unfortunately, full opportunism (both incoming and outgoing connections being encrypted) requires you to have a static IP and control over your reverse DNS entries. I will have that someday, but I can't really afford it yet. Also, I doubt many people will jump for that in the future, but I guess one never knows..
A lot of credit also has to go to Netscape, who put encryption technology on everybody's desktop by including it in their browsers, which of course forced Microsoft to include it in IE as well. It's a different technical approach to attaching the crypto to the network, but you can use web browsers to downloaded encrypted files, read your webmail, etc., which is a large part of the problem space. Some of the core Netscape crypto developers were three brothers who also hung around Cypherpunks... The fact than a one-line ascii patch could "fix" the 40-bit crypto in Netscape and make it 128-bit was only partly technical convenience. And the "Develop and ship the code so people can use it" approach to protecting civil liberties is a lot more direct than ask-permission-first lawsuits, though some people went to extreme risk trying to keep their asses out of jail after doing so, like Phil Zimmermann. The FreeS/WAN people have also been taking this approach for a long time - it's developed entirely outside the US to avoid being subject to US crypto export requirements (John's a funder, and a user, not a developer for this stuff.)
Technology like this _has_ been rolled into popular software - the Internet stimulated awareness of the business need for crypto at around the same time that computers got fast enough to make it relatively practical. Virtual Private Networks are a different part of the IPSEC space than Opportunistic Encryption, since they're designed for letting approved people have a private conversation rather than letting just anybody access your machine, but they've been a standard business capability for a few years now - otherwise telecommuters would have to dial into dedicated modem pools, and if you remember running those, they were expensive and annoying to maintain. The IPSEC crew were an important part of the industry standards work, going to the various bake-offs to make sure things really interoperated, and having a free implementation that was vendor-neutral was a big help in getting everybody working together during the early still-flaky days. Middle-aged Microsoft operating systems had PPTP VPNs on them. They were terribly broken, and I think the WinXP stuff has real IPSEC built in, though that may only be XP Pro. And gradually there'll be better-working stuff there.
There are a lot of packages using SSL and SSH to do crypto
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks