IETF Draft Wants To Formalize 'Man-In-The-Middle' Decryption Of Data As It Passes Through 'Trusted Proxies'
from the you-jest dept
One of the (many) shocking revelations from the Snowden leaks is that the NSA and GCHQ use "man-in-the-middle" (MITM) attacks to impersonate Internet services like Google, to spy on encrypted communications. So you might think that nobody would want to touch this tainted technology with a barge-pole. But as Lauren Weinstein points out in an interesting post, the authors of an IETF (Internet Engineering Task Force) Internet Draft, "Explicit Trusted Proxy in HTTP/2.0," are proposing not just to use MITMs, but also to formalize their use. Here's his explanation of the rationale:
one of the "problems" with SSL/TLS connections (e.g. https:) -- from the standpoint of the dominant carriers anyway -- is that the connections are, well, fairly secure from snooping in transit (assuming your implementation is correct ... right?)
The "solution" to that problem is what the authors of the IETF draft -- all of whom hail from AT&T or Ericsson -- call "trusted proxies." Basically, users give permission for their data to be decrypted by an intermediate site that they trust, which would then be allowed to do stuff to it before re-encrypting it and passing it along to its original destination. The eagle-eyed among you may have spotted one or two problems with this approach; as Weinstein says:
But some carriers would really like to be able to see that data in the clear -- unencrypted. This would allow them to do fancy caching (essentially, saving copies of data at intermediate points) and introduce other "efficiencies" that they can't do when your data is encrypted from your client to the desired servers (or from servers to client).Of course, the authors of this proposal are not oblivious to the fact that there might be a bit of resistance to this "Trust us" concept. So, for example, the proposal includes the assumption of mechanisms for users to opt-in or opt-out of these "trusted proxy" schemes.
And there's another major issue. If there's one thing we've learned from Snowden it's that the NSA and GCHQ have no compunction about breaking into anyone's system. If decrypted versions of data transmissions were available on these "trusted proxies," they would no doubt become prime targets for this kind of attention. Introducing another weak link into the transmission chain would leave Internet users even more exposed to surveillance than before. Before Snowden's leaks, 'man-in-the-middle' decryption of the kind being proposed would have seemed a pretty bad idea; in the wake of them, it is just plain crazy.
But it's easy to be extremely dubious about what this would mean in the real world. Can we really be assured that a carrier going through all the trouble of setting up these proxies would always be willing to serve users who refuse to agree to the proxies being used, and allow those users to completely bypass the proxies? Count me as skeptical.
And the assumption that users can even be expected to make truly informed decisions about this seems highly problematic from the git-go. We might be forgiven for suspecting that the carriers are banking on the vast majority of users simply accepting the "Trust us -- we're your friendly man-in-the-middle" default, and not even thinking about the reality that their data is being decrypted in transit by third parties.
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: encryption, ietf, man-in-the-middle, security, ssl
Reader Comments
Subscribe: RSS
View by: Time | Thread
Speaking of which...
They who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. - Benjamin Franklin
Now on the Internet! (replace freedom with privacy and safety with efficiency for added fun)
[ link to this | view in chronology ]
Re:
"data to be decrypted by an intermediate site that they trust, which would then be allowed to do stuff to it before re-encrypting it and passing it along to its original destination."
This is a bunch of nonsense. Encryption and decryption is a processor intensive task. If they are decrypting and re-encrypting everyone's data that's not introducing efficiencies, that's just making things more inefficient.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Not getting it.
What they are proposing... the days may as well not be encrypted.
[ link to this | view in chronology ]
Re: Not getting it.
[ link to this | view in chronology ]
Re: Not getting it.
I'm inclined to believe malfeasance is involved here.
[ link to this | view in chronology ]
Olympics in stupidity?
[ link to this | view in chronology ]
Re: Olympics in stupidity?
[ link to this | view in chronology ]
Re: Re: Olympics in stupidity?
*as if* unka sugar is *really* targeting rich folk, etc who take advantage of all these grey/black areas of transactions, etc...
*just like* the banks that ADMITTED to money laundering got prosecuted ? ? ?
oh, wait, didn't happen...
you know all the zillions of dollars of illegal drug money floating around ? you do know where it gets laundered at rates of 30-75% ? the banksters, right ?
(yes, that is correct: you take the bank $1 000 000 in drug money, and you will receive 250 000 back of 'clean' money, nice work if you can get it...)
now, since we KNOW that IS where all the drug money gets laundered, you'd figure it would be really easy to surveil and catch those crafty banksters, wouldn't you ? ? ?
gee, i can only wonder what the explanation is for why 99.99% of them NEVER GET INVESTIGATED, much less prosectued, much less jailed...
can you guess why that is so ? ? ?
(hint: you will not find that info in the lamestream media, this is deep political stuff that is NOT talked about on the sunday shows...)
[ link to this | view in chronology ]
Re: Re: Olympics in stupidity?
You're not thinking anywhere near big enough or creatively in scope.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
And if there's three things we've learned from Snowden, the third thing is that the NSA's lists of exploitable vulnerabilities aren't hard to acquire.
[ link to this | view in chronology ]
soooo
HA stupid peons get a life....the key wilbe to set you and your friends up with such and as the EU and south america build there own backbone to by pass the usa you will begin to see less and less requirement of americans period
better get those embedded cia agents setup now and those nsa spy hills in those nations going now, we got to worry bout dem twerrorists
[ link to this | view in chronology ]
Re: soooo
[ link to this | view in chronology ]
I don't trust anyone
So since I don't trust any of them, will they leave my traffic alone? I think not!
[ link to this | view in chronology ]
Defenses?
If an ISP does this, the security-conscious users flock away to ISP's they can trust, if any. If all available ISP's are compromised, then... you'd have to get your VPN encryption key through non-electronic means to ensure no one is pretending to be your privacy-provider. Is postal secrecy still a thing?
Any better solutions?
[ link to this | view in chronology ]
Re: Defenses?
Vote in the pirate parties and let them roll back the governments of the world, and rein in the big corporations. Of course this may be a problem.
[ link to this | view in chronology ]
Re: Defenses?
"you'd have to get your VPN encryption key through non-electronic means to ensure no one is pretending to be your privacy-provider."
No, you really don't. The mechanism for dealing with key exchange over untrusted connections is built into all the major PKE systems. You just have to use them (which most people don't).
What this really emphasizes is that encryption can't safely be made automatic and invisible to the end user. It never could, but everybody was willing to play pretend and accept reduced security in exchange for convenience. This just calls out that practice as a terrible one.
[ link to this | view in chronology ]
Re: Re: Defenses?
Do you mean that it can't be done at all, or that it can't be done with the current CA-infrastructure and browser mess.
I posit that it security and privacy can be had without any brain activity from the end user.
plug: eccentric-authentication.org
[ link to this | view in chronology ]
Re: Re: Re: Defenses?
If you have a way to do it, then good for you! You'll be a billionaire. Your site doesn't actually explain how this is accomplished, though, so it's impossible to tell if you found the holy grail of security. From the sparse details you've given there, I can think of a number of security problems, though -- but it's hard to say for sure since I couldn't find an actual description of the implementation.
Security and privacy cannot be had without inconveniencing the user so far, and I see nothing on the horizon that indicates this will change anytime soon.
[ link to this | view in chronology ]
It is ok when I do it, but you will suffer consequences - because.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Systems at Telco scale tend to be too complex and expensive in terms of maintenance and integration to be convenient for the telco.
The Telco's will only implement this in exchange for the enhanced ability to monetize your traffic. Traffic stats will be sold at various tiers and levels of granularity to anyone with money to buy - marketers, government agencies, divorce lawyers, politicians, law enforcement, etc. And most folks in the public will pay extra each month for this benefit.
[ link to this | view in chronology ]
Re: Re:
Exactly, it makes it more convenient for the ISP.
[ link to this | view in chronology ]
Lots of people who don't read the article here
This is all about HTTP/2.0, the proposed next generation of the venerable HTTP protocol.
To those who are not following the development, HTTP/2.0 is somewhat similar to Google's SPDY, which in turn runs over TLS (also known as SSL, the cryptographic protocol behind https connections).
Many places currently use transparent proxies for HTTP connections (transparent proxies intercept connections to the TCP port 80 used by http connections and redirect them to a HTTP proxy), on a misguided belief that this increases speed and reduces bandwidth use (it does both somewhat, at the cost of causing hard-to-diagnose problems).
Transparent proxying is not possible with TLS/SSL without the cooperation of at least one of the endpoints, since the initiating endpoint cryptographically validates the identity of the responding endpoint. Since HTTP/2.0 is going to act similarly, transparent proxying will not be easily possible (which is a good thing).
This draft is about making the browser send an extra header noting that the request is for a "http" resource, and specifying the negotiation between it and the MITM proxy. This is still stronger than common plain-text "http", but as others have noted it's still a step backwards.
[ link to this | view in chronology ]
Re: Lots of people who don't read the article here
IE. If company X wants to ban facebook.com and log all attempts to reach it, they can easily place a squid proxy to intercept those attempts and redirect them to walled garden page.
Last time I used a MITM was during the PS3 debacle with Linux. A quick proxy server between my PS3 and Sony's server to decrypt SSL traffic between my console and them and post results to developers working on alternative firmware.
So point being, it's a tool and like every tool can be used for both good and evil depending on how you look at it.
[ link to this | view in chronology ]
More clarification, and concerns
With HTTP 1.1 (current standard), ISPs can proxy, and there is no shielding of data from *other* intermediaries either. With HTTP 2 and this proposal, ISPs could proxy, but data *would* be protected from *other* intermediaries (those which lack suitable certs, anyway). Thus it is in a strict sense better than HTTP 1.1 (tho it is worse than HTTP 2 without proxying, if you value data security over speed).
My concern is that the "consent" to this will not be a real choice for users, but instead will be required as a condition of internet access.
[ link to this | view in chronology ]
Re: More clarification, and concerns
[ link to this | view in chronology ]
In order to implement this the proxy manager would have to have admin access to the OS to configure the trusted prox. Unless ISPs make this mandatory to use their systems (unlikely) it shouldn't affect public users that much. And if ISPs do make it mandatory then almost everyone would freak out since it would compromise SSL universally including SSTP/SSL VPNs and banking sites. If you think Bank of America is going to allow lesser companies to increase the risk on their books you haven't been paying attention.
[ link to this | view in chronology ]
Re:
It is both -- it's a way of enabling transparent proxies through the use of a MITM attack.
The inclusion of this mechanism, in my opinion, completely destroys the point of HTTPS unless it is opt-in only and the end user (not the web server) is the only one who can make the opt-in decision. Even if those things are true, it dramatically reduces the point of HTTPS.
The only rational thing to do if this is included is to treat HTTPS as if it were plain old HTTP.
[ link to this | view in chronology ]
I would propose to call it the "fuck you protocol"
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
could this be just formalizing what they already do for the NSA?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Good luck with that. :) I understand why companies do this (regulatory issues), but it's a waste of time and money. I've yet to see such a system that isn't easy to bypass, and the prevalence of smartphones means that users don't even have to use your network (or MITM system) at all.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
If they really are intercepting cell traffic, they're in violation of a number of laws.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
Effectively, all company assets are closely monitored at the network and endpoint level. We have several pieces of agent software to provide DLP and insider threat protection regardless of where in the world/internet a person is.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
There are, of course, ways around any technical controls. As another poster said, they will eventually be caught if they do something outside of policy, but its pretty rare. Our major security concern is that our data doesn't leave the organization, not what people say in private emails sent during work hours.
Our users sign several pages of employment agreements where this is spelled out. We're not doing any monitoring without user knowledge and consent, as might be done by government agencies or less-than-ethical people. We have a pretty stout set of requirements that must be met before the gathered data is unlocked. Pretty much like I would have assumed the government would have had (but now I know better).
We're quite serious about protecting privacy _and_ the business. My major concern during implementation was privacy. I'm opposed to being monitored and monitoring others, however I'm also opposed to not having a job next week because Health and Human Services hits us with a gigantic fine that shuts our doors or gets us sold to a competitor.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
I can plug in the harddrive, boot to my OS and tether to my phone.
Can your systems detect this?
Legitimately curious, not trying to sound pretentious.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
But here's the thing: There are multiple tiers of controls. When the security officer catches you doing this with a corporate owned workstation in violation of company policy, your next stop is going to be HR.
Willful violations of corporate policy is generally considered to be an instafail by HR types, and you will end up on the losing end of that discussion. And you're not going to be successful in arguing that you "accidently" violated corporate policy by downloading a live image, burning it to disc, and reconfiguring your computer to boot from it so that you could browse porn from your desk.
Now, you might not get caught - right away. But if you're working in an organization along the lines of what I believe AC is describing, you will eventually get caught.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
If they’re using a USB mouse or keyboard, you could possibly take the keyboard apart and attach a USB port, but even that could be easily foiled with software to restrict USB device classes or serial numbers – or by using PS/2.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
My point is this: almost every here does their web browsing/emailing from their smartphones, bypassing the company systems entirely (only managers actually do the BYOD thing -- nobody else trusts it), so the controls the company has in place -- very similar to yours, I'll bet -- are largely irrelevant. It was really just a snarky side-note, not a criticism.
[ link to this | view in chronology ]
Re: Re: Re: Re:
Fair enough. I missed the snark - all too often I come across folks of the "but it was trivial to bypass, why am I in trouble" mindset who legitimately don't seem to get what happened.
[ link to this | view in chronology ]
Typo/Missing word
[ link to this | view in chronology ]
Mobile phone carriers have already tried carried out man-in-the-middle attacks in the past. Nokia releasing their own web browser named "Xpress Browse", which allowed them to eaves drop on all end-to-end encrypted communications.
"Nokia Running A Man In The Middle Attack To Decrypt All Your Encrypted Traffic, But Promises Not To Peek"
https://www.techdirt.com/blog/wireless/articles/20130111/03432221640/nokia-running-man-middle-a ttack-to-decrypt-all-your-encrypted-traffic-promises-not-to-peek.shtml
If I'm going through all the trouble of encrypting my end-to-end communications. I'm expecting those communications to remain secure, private, and confidential all the way to it's final destination.
We already know the NSA has tried, and succeeded, in influencing NIST encryption standards. What's to stop us from believing this isn't another attempt to influence and weaken IETF standards, so the NSA/GCHQ can continue to easily eaves drop on mobile phones.
These 'trusted proxies', sound like a trojan horse, and ripe for abuse. What's to keep the mobile phone carries from 'spoofing' the 'trusted proxy header' in http 2.0? Effectively enabling 'trusted proxy' without the customer's permission.
This whole proposal is 'insecure'.
[ link to this | view in chronology ]
Yet another layer,
[ link to this | view in chronology ]
http://hillbrad.typepad.com/blog/2014/02/trusted-proxies-and-privacy-wolves.html
It's still silly, coz it's effectively crypto-snake-oil, but not as sinister.
[ link to this | view in chronology ]
When?
[ link to this | view in chronology ]
Of course, the authors of this proposal are not oblivious to the fact that there might be a bit of resistance to this "Spy on us" concept. So, for example, the proposal includes the assumption of mechanisms for users to friendly opt-in of these "trusted spy" schemes.
[ link to this | view in chronology ]