Internet Engineering Task Force Considers Making Surveillance Mitigation A Standard Part Of Its Specifications

from the o-brave-new-world dept

Snowden's revelations that key elements of the Internet have been subverted by the NSA and its allies has led people to realize that in the future we need a more thoroughgoing framework for security that assumes surveillance, and takes steps in advance to counter it. One interesting manifestation of this approach is a new "Request For Comments" document from the Internet Engineering Task Force (IETF), RFC 7528, entitled "Pervasive Monitoring Is an Attack." Here's the basic idea:

Pervasive Monitoring (PM) is widespread (and often covert) surveillance through intrusive gathering of protocol artefacts, including application content, or protocol metadata such as headers. Active or passive wiretaps and traffic analysis, (e.g., correlation, timing or measuring packet sizes), or subverting the cryptographic keys used to secure protocols can also be used as part of pervasive monitoring. PM is distinguished by being indiscriminate and very large scale, rather than by introducing new types of technical compromise.

The IETF community's technical assessment is that PM is an attack on the privacy of Internet users and organisations. The IETF community has expressed strong agreement that PM is an attack that needs to be mitigated where possible, via the design of protocols that make PM significantly more expensive or infeasible. Pervasive monitoring was discussed at the technical plenary of the November 2013 IETF meeting [IETF88Plenary] and then through extensive exchanges on IETF mailing lists. This document records the IETF community's consensus and establishes the technical nature of PM.
What's key is the idea that pervasive monitoring is an attack that needs to be mitigated as a matter of course; here's what that means:
Those developing IETF specifications need to be able to describe how they have considered PM, and, if the attack is relevant to the work to be published, be able to justify related design decisions. This does not mean a new "pervasive monitoring considerations" section is needed in IETF documentation. It means that, if asked, there needs to be a good answer to the question "Is pervasive monitoring relevant to this work and if so, how has it been considered?"

In particular, architectural decisions, including which existing technology is reused, may significantly impact the vulnerability of a protocol to PM. Those developing IETF specifications therefore need to consider mitigating PM when making architectural decisions.
As that shows, this is a high-level technical specification; it's not about how to mitigate pervasive monitoring, but about the fact that Internet engineers should always think about how to mitigate such surveillance when they are drawing up IETF specifications. It's great that the IETF is starting to work along these lines, even if it is a rather melancholy acknowledgement that we now live in a world where the default assumption has to be that someone, somewhere, is trying to monitor on a massive scale what people are doing.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+


Reader Comments (rss)

(Flattened / Threaded)

  •  
    icon
    AricTheRed (profile), May 16th, 2014 @ 2:12pm

    You have been identified, and scheduled for termination.

    Claiming and/or attempting to do anything about Pervasive Monitoring by the NSA, GHCQ, DHS, et al. has caused you to be determined to be a terrorist and an enemy combatant hostile to The United States of America. You have now been identified as an "Affiliated Force" of Al-Queda and as soon as the proper assets are in place, you, as an "Immenent Threat" to The US and US persons, will be "Extra Judicially" neutralized by whatever means the Commander in Cheif or his duly designated representative deems most appropriate.

    Thank you for your, soon to be unnecessary, participation in this "National Debate".

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    scotts13 (profile), May 16th, 2014 @ 2:22pm

    PSA

    Protecting yourself from government surveillance should be part of the basic safety rules kids are taught in school: Atomic bomb, hide under your desk. Fire, "stop drop and roll." Strangers, scream and run. Sending email, you...?

    Maybe the networks will donate airtime for the Public Service Announcements. There will be an address in Washington, to write for an informative brochure. It's your civic duty!

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    That One Guy (profile), May 16th, 2014 @ 2:25pm

    And in other news...

    The NSA and GCHQ have started investigating whether or not the IETF is as easily bought out as the previous 'security' company 'purchase' the NSA made not too long ago.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, May 16th, 2014 @ 2:59pm

      Re: And in other news...

      No need for that, NSA employees are already co-chairs inside of IETF:

      http://www.ietf.org/mail-archive/web/cfrg/current/msg03554.html

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        That One Guy (profile), May 17th, 2014 @ 12:28pm

        Re: Re: And in other news...

        Seriously? In that case, never mind my comment above, they've already let the fox in the hen-house, and they're even letting him make suggestions on how to make the coop more 'secure'.

        Jeesh, at least the other company got 10 million in exchange for destroying their credibility, these guys did it for free...

         

        reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, May 16th, 2014 @ 3:07pm

      Re: And in other news...

      The spy agencies would have to make their offers on open mailing lists, or at open meetings, so it could be interesting. This is one of the advantages of an organization with no formal membership requirements, and participants from all over the globe.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, May 16th, 2014 @ 2:31pm

    Considering?

    Why is this not simply a core goal? If the can do it so can Joe Sixpack. Privacy shouldn't be an addendum to widely used communication technologies.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, May 16th, 2014 @ 2:55pm

    Have they gotten rid of the NSA agents working at IETF and undermining this very work? Or do they just prefer working with saboteurs?

    http://arstechnica.com/security/2014/01/nsa-employee-will-continue-to-co-chair-influential-crypto-st andards-group/

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, May 17th, 2014 @ 3:45am

    Comments

    To the writer of this blog: With all respect, maybe you haven't connected the dots. We are way past melancholy when national states assume full take is their right, as in take EVERYTHING on this internet, and all personal information can be used to suborn anyone. At this point in time, it only takes good intentions of the nation state to not actively suborn our key decision makers - if you are melancholy, then you still deep down trust "good intentions."

    Wake up!

    And why are we not running HTTPS for this site???

    Double wake up!

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, May 17th, 2014 @ 10:54am

    This makes perfect sense even if you accept warrantless government surveillance as legitimate, because governments are not the only entities capable of engaging in surveillance. There will still be plenty of illegitimate surveillance to contend with. A business, for example, does not want its competitors to be able to surveil its communications.

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
Advertisement
Essential Reading
Techdirt Deals
Techdirt Insider Chat
Techdirt Reading List
Advertisement
Recent Stories
Advertisement
Support Techdirt - Get Great Stuff!

Close

Email This

This feature is only available to registered users. Register or sign in to use it.