RE: Last Call: <draft-farrell-perpass-attack-02.txt> (Pervasive Monitoring is an Attack) to Best Current Practice

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



It's not just encryption that is indistinguishable from noise - perfect compression can be, too.

We can drive up monitoring costs in the clear by just encouraging deployment of IPComp
and stream and payload compression. With a really expensive-to-decode and effective
compression algorithm.

At that point, distinguishing cleartext from the encrypted traffic becomes
much harder, as does determining targets to attack. And since compression is entirely
in the clear, it's not subject to munitions embargoes, being prohibited, etc. It's
just more work to handle for an attacker, which is rather the point.

Of course, once you have widespread compression deployed, adding encryption
in is not that hard, no? All you need to do is encrypt the compression dictionary,
not the entire content.

Kolmogorov complexity, here we come.

(As an aside, I've long suspected that it should be possible to make a more efficient
yet completely compatible file gzip with multi-pass building of the most suitable
dictionary before outputting the file. One-pass streaming, even with -9 block size, is
ultimately limiting...)

Lloyd Wood
http://sat-net.com/L.Wood/


________________________________________
From: ietf [ietf-bounces@xxxxxxxx] On Behalf Of John C Klensin [john-ietf@xxxxxxx]
Sent: 11 December 2013 20:53
To: Brian E Carpenter; ietf@xxxxxxxx
Subject: Re: Last Call: <draft-farrell-perpass-attack-02.txt> (Pervasive Monitoring is an Attack) to Best Current Practice

Responding to the most tempting target even though it is several
days old...

--On Saturday, December 07, 2013 10:01 +1300 Brian E Carpenter
<brian.e.carpenter@xxxxxxxxx> wrote:

>...
> ...this is a social, economic and  political issue outside the
> IETF's scope. Our ethical obligation as engineers is clear to
> me: make the Internet as secure as possible, from all security
> points of view including privacy. Actually the recent
> revelations don't change a thing except that they have brought
> a well understood attack model into public view and underlined
> that we need to defend against it.

While I favor the principle, I'm not so sure about the ethical
obligation, especially from the perspective of my background in
political communications and their effects.

Consider the following scenario:

        (1) We conclude that access to the free flow of
        information, including across national boundaries, and
        access to the Internet as a medium for such flows, are
        desirable.   Note that this is implicit in
        frequently-repeated statements such as "The Internet is
        for Everyone".

        (2) Some government concludes that, as a matter of
        national security (its definition), it should declare
        the use of encryption illegal [1] and block all Internet
        traffic and connections that involve pervasive
        encryption.

Now, keeping in mind the conclusion in the first statement, the
very long history of transmission and sharing of coded
information in apparently clear-text messages, and that
application of the second statement would essentially disconnect
the population of that country from the Internet if encryption
were pervasive, are you sure that:

        (i) Trying to insist on pervasive encryption is an
        ethical obligation?

        (ii) That population, including but not limited to
        whatever subset of it wants to openly discuss or change
        the behavior of the relevant government, is better
        served by pervasive encryption (and hence being cut off
        from the Internet) than being left connected and with
        alternatives that have historically included encoding
        information into seemingly-innocuous message flows?

I want to stress that I'm not arguing for or against pervasive
encryption here.   I'm also a long term advocate of encouraging
countries who want to disconnect to do so, especially when their
doing that would have obvious and severe negative economic or
political consequences.  I just think we should be careful about
starting to base our reasoning and conclusions on perceived
ethical imperatives, especially without sorting through the
possible scenarios consequent of such conclusions.

I also want to suggest a thought experiment as an exercise
before I go back to lurking.  One of the more frequent arguments
for pervasive encryption of traffic passing over the Internet is
to drive up the costs of those who would engage in pervasive
surveillance by forcing them to decrypt everything.  Suppose
instead that everyone adopted the practice of including either
encrypted message components or seemingly-random blocks of text
or strings or seemingly-random words in every message, web
pages, or other protocol transaction while leaving other
portions of those messages, etc., in the clear, taking advantage
of the observation that a really well-encrypted message is, with
the exception of header or envelope information, superficially
indistinguishable from noise.   That would make it harder to
block traffic simply because it was encrypted but would still
require the surveillance agency to attempt to decrypt those
blocks of text (many of which could not be decrypted even with
unlimited resources because they contained no information) to
determine whether they carried messages of interest.

Of course the use of that approach would not prevent the use of
strong encryption, just as today, if someone thought it
necessary.

With the understanding that these questions are part of that
thought experiment but otherwise purely rhetorical,

-- Would we be more or less secure as a result of that
        sort of practice?
-- Would the Internet be accessible to more or fewer
        people with that approach than with pervasive encryption?
-- Especially noting that some code-breaking techniques
        become easier with larger bodies of crypto-text and that
        content-free noise that is superficially
        indistinguishable from encrypted text may be worst
        nightmare for some other techniques, how would that
        approach compare to pervasive encryption from the
        standpoint of costs to the would-be surveillance agency?

      --john

X416q9zYedFlZIMPw/6jL+tfT+omtap3A9xg1s8aXxI6IfaQ6zcwLGDW/iuKMDXa
PKQ2eekXgg7m5pJ6tCpCD8lvH26rnS3R0NYdPyCivwB6l/dIHd9jUfPkOEnzx5rB
/V95CLCVopT/z2CRLR9g3+wI3BBSaG5jwR6xTvAJ5mpGMyVNFFuRx5xtL5QgYFYF
cXDQggDq7OR2NGN8U9kUrUqzkpCpWLVezMYk9oiiUEH+EXw4YBMZj1vX7JotkV43
lK1oBQMf4cFyEPqix0bAx6HoHFOpMHXSNzShzssLNDGlF8v8GsaExngqvQcuGzO1
OUJddtJK9A3p+up6S7EFiqNb6a3/wVZdzF7xlszJXF3fXc09JzUNuvuzJr/klRGJ
oVa0c90ga553i2yxzqAKOilAeV192j7O6GXQMzI3IFTGUyB92nh3wR7xB+A9esLG
efDXBvci3pQLSkIRKTiP4C/zL1pgcCU631hyaNcfAZYK0ch59EbeZbPtj+IUCgCT
pN20WVuoVjXQ8K9j7KEgFgJpFeKH7AC7cm4WSwGnlxywEkoNhNs80aSkcTN2jjJ/
ROuozyFKPfhMuExii84WLM+BfSBTTWESK+w2xBfpX5KVsD6ybenNgjaCxVJE90n6
Y7QTAeqihkogo53dPBl6D+L7JIlh+nVkIGh4bkImTKwjUAdtOYM7hDiaj+eUfJIw
5eYjDlWup53uGdcSGg5WsaT5uUQhHbg/l8GgKNniMFaYdG2TLUSK2ZbJ6FfBTZIB
1wsrNBw7NAliBzjxyvZZ1KMA0ZZyPzM32FdtNlb/DpZxr5WoZWNmeij2F0tZ5evL
4YMsKtw8PWp6lGfuzIVFqL2zZJKASzEMUpjBGhCD658NuHFNNX94Mc6e5wes+DHy
biXkzAxj+2zzGxMfNa1DRrRW8ENzjTuaPQCeOdD9je3sAXRl4gqaCBkMczx3CYWt

:-)









[1] There is lots of precedent for conclusions of that type,
including among governments usually considered friendly to
individual freedom.

>
> We don't solve (e.g.) consumer protection issues by allowing
> the Internet to trivially breach privacy.
>
>     Brian









[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]