The document discusses the reaction from the Internet Engineering Community to the Snowden leaks. It describes how the IETF began working on drafts and new working groups to prevent pervasive monitoring after 2013. This includes the TLS, UTA, TCPINC, and DPRIVE working groups which are standardizing improvements to TLS, application usage of TLS, TCP encryption, and DNS privacy. The CFRG is also working to standardize a set of cryptographic curves for use in IETF protocols by the end of 2014, including Curve25519, NUMS, and ed448goldilocks.

1. Bettercrypto - Applied Crypto Hardening for
Sysadmins
Reaction from the Internet Engineering Community
Aaron Zauner
azet@azet.org
BetterCrypto.org
Hack.lu - 21/10/2014

3. post-Snowden
I After the Snowden Leaks appeared in press the IETF began
discussion on how ‘’pervaisive monitoring” can be prevented
I In September 2013 the ‘’PERPASS” (pervaisive, passive
monitoring) mailing list was started
I People started working on drafts to circumvent ‘’pervaisive
monitoring”: http://down.dsg.cs.tcd.ie/misc/perpass.txt
Hack.lu - 21/10/2014 Bettercrypto - Applied Crypto Hardening for Sysadmins
Aaron Zauner 1/6

4. I IETF 89 was accompanied by a meeting on the topic (STRINT)
with invited speakers on privacy, security and cryptography:
https://www.w3.org/2014/strint/
I ‘’strenghtening the internet against pervaisive monitoring”
I a lot of good feedback and ideas
I main takeaways: threat modeling, CFRG was tasked with
TLS-WG guidance on choices of ciphers and which
curves/parameters (ECC) to use
http://tools.ietf.org/html/draft-iab-strint-report-00
Hack.lu - 21/10/2014 Bettercrypto - Applied Crypto Hardening for Sysadmins
Aaron Zauner 2/6

5. New WGs and documents being worked on
I UTA-WG (utilizing TLS in applications): working BCPs on
how to properly use/implement TLS
I TLS-WG (transport layer security): TLS 1.3,
chacha20-poly1305, DJB curves (ECC), FALLBACK_SCSV
extension,..
I TCPINC (TCP increased security): working on standardization
of opportunistic encryption on the TCP layer (similar to
tcpcrypt)
I DPRIVE (DNS private exchange): working on DNS privacy
features
I IAB (internet architecture board): threat model, see:
https://tools.ietf.org/html/draft-iab-privsec-confidentiality-threat
I TRANS (Public Notary Transparency): fight malicious
certificate authorities with certificate transparency, see:
www.certificate-transparency.org
.H..ack.lu - 21/10/2014 Bettercrypto - Applied Crypto Hardening for Sysadmins
Aaron Zauner 3/6

6. Curves Curves Curves
I CFRG (cryptography forum research group within IRTF) is
working on a standardized set of curves and curve parameters
for IETF WGs: expected by the end of 2014
I + Curve25519 (dan bernstein, et al.)
I + NUMS (microsoft)
I + ed448goldilocks (michael hamburg)
In comparison to NIST curves: most new proposals are plugable
into existing standards and can be reused within protocols and
IETF documents.
Good summary (by the Brainpool authors, so a bit biased):
http://eprint.iacr.org/2014/832.pdf
Hack.lu - 21/10/2014 Bettercrypto - Applied Crypto Hardening for Sysadmins
Aaron Zauner 4/6

7. I Certificate Transparency is now being worked on as an IETF
standard: https://datatracker.ietf.org/wg/trans/charter/
I discussion on mandatory encryption in HTTP2 (HTTPBIS-WG)
Hack.lu - 21/10/2014 Bettercrypto - Applied Crypto Hardening for Sysadmins
Aaron Zauner 5/6

8. ..A lot more going on within IETF, but I can barely keep up with
TLS-WG due to work currently..
Questions?
Hack.lu - 21/10/2014 Bettercrypto - Applied Crypto Hardening for Sysadmins
Aaron Zauner 6/6