More encryption is the goal

More encryption is the goal
Photo by Alexander Grey / Unsplash

IETF 119 wraps up in Brisbane

Check out the best of IETF 119 (on 1.5x speed, obviously):

That's quite enough binge watching for one weekend.

New this week

Originally published on the CDT blog today, I gave some context to a recent RFC on an Internet Architecture Board workshop:

More Encryption is the Goal: The Internet Architecture Board Holds a Workshop on Managing Encrypted Networks

The privacy and security benefits of network traffic encryption have become much more common through the adoption of TLS, the technology responsible for the security lock when a user visits HTTPS secured sites. However, as more protocols use encryption, points of friction for network operators are heating up and preventing their ubiquitous adoption.

With an eye toward solving these problems, the Internet Architecture Board held a three-day virtual workshop on October 17-21, 2022 on “Management Techniques in the Encrypted Networks,” and the workshop report published as RFC9490 earlier this year. The workshop aimed to speed the adoption of encryption on the Internet by focusing on barriers to adoption. The workshop generated ideas to enhance network management methods, emphasizing the need to evolve these methods to better their efficiency and reliability in the face of ubiquitous traffic encryption. The idea was to promote and motivate security and user privacy by platforming collaborative ideas at the intersection of network management and traffic encryption. The workshop addressed the actionable requirements in network management, identified the actors who are willing to work on collaborative solutions, and suggested starting points for such solutions. 

I joined the workshop as part of the Program Committee representing CDT in the IAB and  presented my ideas on the state of users and privacy, including guidelines for performing safe measurement on the Internet. This work is a result of my collaboration with Iain Learmonth and Gurshabad Grover as part of the privacy research group at the Internet Research Task Force, and it outlines guidelines for academic and internet researchers who use the internet as part of their scientific experimentation and research, to mitigate risks to the safety of other users. 

This work first locates these guidelines in relation to threat models, measurement studies, and user impact. It puts forward three main categories of considerations: 

  • Consent, such as informed consent, proxy consent, and implied consent; 
  • Safety considerations, including highlighting the need for dedicated testbeds, respect for other actors’ infrastructures, and a commitment to data minimization; and 
  • Risk analysis. 

Other work presented in this area included traffic-classification techniques that use machine learning at a high level to identify patterns. While these techniques look a lot like invasive “deep packet inspection,” this type of classification attempts to understand high-level network patterns rather than individual packets. Avoiding privacy and tracking issues is certainly a concern. This approach can be done without coordination from the applications users and services run at the end points.

Another aspect of the solution space does involve introducing trusted second- or third-party intermediaries that would coordinate with network operations. For example, billing zero-rated services, parental controls, redirection and fraud prevention could be features that users opt into when they use services or applications. Through relay-like intermediary services, those second- or third-parties could give the network limited information about the user and what the user is doing with their connection.

In conclusion, proponents of strong and ubiquitous encryption are often put on the back foot when network operators get together to talk about the challenges associated with opaque network traffic. Similar workshops held in other contexts might implicitly and explicitly consider the trend to encrypt network traffic an outright assault on network security. However what was different about this IAB workshop, beyond the fact that encryption advocates like me were part of the programming, is that it not only assumed  that transport encryption is desirable, but that it addressed these tensions with networks so as to ensure transport encryption becomes the new norm.

Subscribe to Internet Exchange

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.