[liberationtech] Defeating massive wiretapping with opportunistic, unauthenticated encryption in HTTP ?

Sat Oct 26 02:02:10 PDT 2013

Greetings,

thinking on how to practically challenge the massive wiretapper
(interceping on telecommunication lines/fibers/internet exchanges),
there is a general acceptance that "opportunistic encryption" systems
could be a good approach.

To protect against massive wiretapping of SMTP email that's the approach
already discussed here:
https://mailman.stanford.edu/pipermail/liberationtech/2013-August/011130.html

To protect against massive wiretapping of HTTP traffic, the general
understanding is to use HTTPS.

However HTTPS have several serious drawbacks:
- The owner of a website have to pay "more" for the security of it's
web-clients (buy a digital certificate)
- The owner of a website have to pay "more" for the hosting of an HTTPS
site vs. HTTP site
- If the owner of a web don't pay more the end-user browser receive a
BIG SECURITY WARNING (self-signed certificate)

For the reason previously identified the "HTTPS" approach is still very
valuable but it does not scale up to protect against massive wiretapper
intercepting HTTP.

The idea to fix this problem by creating a technology that enable
opportunistic encryption of all data exchanged (via AJAX) by modern
javascript applications by leveraging unathenticated TLS with DHE
ciphers (providing Perfect Forward Secrecy).

This could be realized by providing a "thin" layer of integration into
any existing Javascript application to wrap the XHR/Ajax requests,
proxying them trough a Javascript TLS Client, with some server-side code
acting as a gateway/minimal TLS implementation working within an HTTP in
HTTP tunnelling model.

If a techology like that would exists, it would be possible to integrate
it as part of Wordpress or Django or other commonly used web
framework/technology.

This would provide by default unauthenticated TLS encryption for most of
it's web traffic, with perfect forward secrecy, without HTTPS.

I tried to summarize the idea on the Forge (Javascript TLS stack) github
issue at https://github.com/digitalbazaar/forge/issues/84 .

I know that this kind of argument attract crypto-trolling ("Javascript
encryption" and "Unauthenticated encryption" and "Opportunistic
encryption") but i think that it's worth discussing because it could be
a revolutionary approach to challenge massive wiretapping.

What does various people think about this approach?

-- 
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org

-- 
Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys@stanford.edu.