Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

RFC 7435 - Opportunistic security - Some protection most of the time

2,616 views

Published on

An introduction to the very important RFC 7435 by Viktor Dukhovni. After you've seen these slides, go read this document.

  • Be the first to comment

RFC 7435 - Opportunistic security - Some protection most of the time

  1. 1. Opportunistic Security according to the IETF Quotes from RFC 7435 by Viktor Dukhovni RFC Copyright: Copyright (c) 2014 IETF Trust and
 the persons identified as the document authors. All rights reserved.document authors. All rights reserved. 2015-03-01 v1.3/oej
  2. 2. Editor note These are just my selected quotes from the RFC, to inspire you to read the full text. @oej | oej@edvina.net
  3. 3. Definition “Protocol designs based on Opportunistic Security 
 use encryption even
 when authentication is not available, 
 and use authentication when possible, thereby removing barriers to the widespread use of encryption on the Internet.” ENCRYPTION AUTHENTICATION Encryption provides
 confidentiality. Authentication provides
 identity.
  4. 4. ALL or NOTHING “Historically, Internet security protocols have emphasized comprehensive "all or nothing" cryptographic protection against both passive and active attacks.” “As a result, operators often disable these security protocols when users have difficulty connecting, thereby degrading all communications to cleartext transmission.” “With each peer, such a protocol achieves either full protection or else total failure to communicate (hard fail).” FULL PROTECTION TOTAL FAILURE CLEARTEXT!!
  5. 5. ALL or 
 NOTHING Can we have more options than full protection or NOTHING?
  6. 6. The problem with the PKI “The Public Key Infrastructure (PKI) model employed by browsers to authenticate web servers (often called the "Web PKI") imposes cost and management burdens that have limited its use.” “With so many Certification Authorities (CAs), not all of which everyone is willing to trust, the communicating parties
 don't always agree on a mutually trusted CA.” “Without a mutually trusted CA, authentication fails, leading to communications failure
 in protocols that mandate authentication.”
  7. 7. Teaching users to ignore security warnings “In Web PKI interactive applications, security warnings are all too frequent, and end users learn to actively ignore security problems, or site administrators decide that the maintenance cost is not worth the benefit so they provide a cleartext- only service to their users.” “For encryption to be used more broadly, authentication needs to be optional. The use of encryption defends against pervasive monitoring and other passive attacks.” “Even unauthenticated, encrypted communication (defined below) is preferable to cleartext.”
  8. 8. A new perspective FULL SECURITY CLEARTEXT “For encryption to be used more broadly, authentication needs to be optional. The use of encryption defends against pervasive monitoring and other passive attacks.” “Even unauthenticated, encrypted communication (defined below) is preferable to cleartext.”
  9. 9. Definition OPPORTUNISTIC
 SECURITY "Opportunistic Security" (OS) is defined as the use of cleartext as the baseline communication security policy, with encryption and authentication negotiated and applied to the communication when available.
  10. 10. Incrementally more secure 
 To achieve widespread adoption, OS must support incremental deployment. Incremental deployment implies that security capabilities will vary from peer to peer, perhaps for a very long time. OS protocols will attempt to establish encrypted communication whenever both parties are capable of such, and authenticated communication if that is also possible. AUTHENTICATION AND ENCRYPTION CLEARTEXT ENCRYPTION
 NO AUTHENTICATION
  11. 11. Incrementally more secure Thus, use of an opportunistic security protocol" may yield communication that is
 
 Authenticated and encrypted,
 ! unauthenticated but encrypted, 
 
 or cleartext. AUTHENTICATION AND ENCRYPTION CLEARTEXT ENCRYPTION
 NO AUTHENTICATION
  12. 12. Voices against OS Will this make less sessions fully secure - authenticated properly? Setting up encryption without knowing who your talking with (authentication) does not lead to any confidentiality!
  13. 13. Got it? Go read
 RFC 7435!

×