Internet engineers now avidly reviewing standards and cryptography

Edward Snowden can be proud. He has triggered the technical community to consider why intelligence services have been given a fabulous ride on the networks for years. Step by step, engineers are starting projects to close security gaps by reviewing standards and cryptography and, finally, also taking the control back over the hardware tool chain. Several project teams, all firm believers in the idea “if you can't hack it, you don't control it”, presented their work during the RIPE 68 meeting between 12 and 16 May 2014 in Warsaw.

Everybody who wants to lock the door to his communication on the net needs some chip to create keys. Hardware Security Modules (HSM) are built in or can be externally attached to devices to create key material for transport, mail traffic, domains or routes for packets delivered over the internet. Security protocols of all sorts rely on that function and to be secure users are dependent on keeping their private keys really private.

Given that these critical components are developed by a few companies, that mainly work as government contractors, users, even expert users, cannot be sure whether back doors have been put in place to leak duplicate keys.

Cryptech.is: open hardware

“All of the stuff for key storage is relying on hardware security modules that are designed and made by people who work indirectly or directly for the United States governments, the Israelis or Chinese,” Randy Bush, US engineer working for the Internet Initiative Japan said at the RIPE meeting in Warsaw. “Do you want to trust those? I don't.”

Bush presented the Cryptech, a project kick-started in meetings between the Internet Engineering Task Force, the Internet Society and the TOR group. It is now looking for review of the first running code, versions of Sha1, Sha256, Sha512. These are algorithms to generate keys widely in use and, if not manipulated, they are thought to represent a good starting point for better security. Following warnings about number generators falsely believed to be random, Cryptech also works on a “true random number generator”.

Openness of the design work, the funding (currently coming from the academic research networks SUNET, Nordunet, Surfnet and the Internet Society) and diversity in the Cryptech group is key to building trust, Bush explained. One member of the Cryptech core group is a Russian crypto expert, who contributes a version of the Russian Ghost encryption standard as an alternative to the Sha-family standards.

The final goal, Bush explained was, “an OpenSource reference design. We are not going to

produce hardware, we are producing design”. Bush said the group currently worked on an off-the-shelf field programmable gate array, but was also looking forward to use the Novena "Bunnie" laptop as a platform. Novena founder Andrew “Bunnie” Huang who did start the open laptop project in pre-Snowden times put the rationale very simply: “if you don't hack it, you don't own it”.

Tampering via side channels like the amount of power used or the time used by the crypto chip to calculate encryption are also on the radar of the group. Swedish Professor Elena Dubrovna, who committed to help, was an expert on trojans on the micro controllers, Bush reported. Beside the daunting tasks upfront, one of the most tricky problems is to ensure that those who use the design and cryptec-chip label are not tampered with when produced and shipped around.

Beware of Cryptocalypse!

Aaron Kaplan from Nic.at introduced the “BetterCrypto” initiative which he described as an open review process for crypto settings addressing operators in the first place. In the BetterCrypto draft white paper the initiative, which has been prepared mainly by Austrian experts so far, puts together recommendations on what ciphers and what key-length could be considered as reasonably secure for various web servers (Apache, ngix and others), mail servers (Postfix, Exim, Dovecut), data bases (like Mysql, Oracle, etc), virtual private networks (Open VPN, IPSec, etc). The basic idea was, Kaplan described, to provide “easy to copy and paste”-setting for administrators.

The white paper explains the choices made and provides two options, option A using stronger ciphers, option B optimised towards making it compatible with all sorts of services and software. The balance between cipher strength and compatibility was best explained by Vincent Rijmen, the author of the block cipher Advanced Encryption Standard (AES), Kaplan reported. “On the choice between AES256 and AES128: I would never consider using AES256, just like I don't wear a helmet when I sit in my car. It's too much bother for the epsilon improvement in security.”

What was critical was review by as many people as possible, and, as Kaplan noted, also some level of agility to react to new developments and revelations. Standardisation of crypto agility is currently being proposed at the Internet Engineering Task Force.

Own your hardware – Turris router

Open source hardware while getting into the post-Snowden headlines has been a topic for other reasons already before the revelations about pervasive surveillance. The Novena Bunnie laptop is one example. Another one is Turris, an open source hardware router (attached to a central Turris server) designed and built by the Czech registry CZ.NIC.

Resulting from considerations on how to share responsibility for security between operators and users, the researchers at the cz.nic labs decided they needed to analyse traffic to the home routers, detect anomalies or attacks and distribute information to the home routers about it.

As the home routers offered by network operators lacked capacity – bandwidth-wise and also with regard to support for IPv6 and DNSSEC – the researchers decided to design their own router, produced it in Austria and the Czech Republic and used openWRT as software basis. The Turris Router not only allows collection of traffic to be analysed by the central Turris server, it also allows users to use it as a full-scale router to attach other devices in their home.

For the symbolic prize of one Czech crown and for the allowance for the researchers to collect sets of meta-data from the router, users can get the fancy blue device and participate in the Turris project. Privacy considerations were discussed and solved together with the Czech data protection authorities – and won a positive big brother award.

To allow the researchers to picture the “weather” on the Czech network, they have chosen a representative slate of Czech internet users. Ondřej Filip, CEO of CZ.NIC said that the real cost of the heavily subsidised router (by the CZ.NIC foundation) would be around 300 Euro. An operator interested in the Turris project is Comcast, a large US network provider. Filip said, he would love to see the open source router spread in the market.