Prism proof email
This presentation is the property of its rightful owner.
Sponsored Links
1 / 41

PRISM-PROOF Email PowerPoint PPT Presentation


  • 54 Views
  • Uploaded on
  • Presentation posted in: General

PRISM-PROOF Email. Phillip Hallam -Baker Comodo Group Inc. <A Code Name>. Not just one program. Not just one government. Not just governments. Not just email. Goal. Make Internet security ubiquitous for 2 billion users. Personal Privacy Environment. Like making lightning strike.

Download Presentation

PRISM-PROOF Email

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Prism proof email

PRISM-PROOF Email

Phillip Hallam-Baker

Comodo Group Inc.


A code name

<A Code Name>


Not just one program

Not just one program


Not just one government

Not just one government


Not just governments

Not just governments


Not just email

Not just email


Prism proof email

Goal

Make Internet security ubiquitous for

2 billion users


Personal privacy environment

Personal Privacy Environment


Like making lightning strike

Like making lightning strike


The guy who has made it happen

The guy who has made it happen…


Why the web succeeded

Why the Web succeeded:

  • Open Standards

    • HTML / HTTP / URI

    • Build on legacy (e.g. SGML)

  • Open architecture

    • Don’t tie users to one publication model

  • Public domain Reference code

    • Please take our code and sell it

  • Some good technical innovations

    • URIs

    • Punt on the hard stuff (indexing, consistency)


Prism proof email

PPE

  • Open Standards (or proposals)

    • All specifications are submitted as Internet Drafts

    • Build on legacy (e.g. S/MIME)

  • Open Architecture

    • Don’t tie users to one trust model

  • Open Source Code

    • Generated from the specifications

  • Some technical choices

    • Strong Email Addresses

    • Punt on the hard stuff


Dividing the problem

Dividing the Problem

Share this

Research here

Trust Model

Transport

  • Mail system integration

  • Distribution infrastructure


Please steal this spec

Please ‘steal’ this spec


Why i am here

Why I am here

  • Recruit

    • Users

    • Testers

    • Coders (not just for crypto!)

    • Web Site (Bootstrap)

    • Architects

    • Reviewers

    • Evangelists


Xanadu the web in 1960

Xanadu, the Web in 1960


You already have email encryption

You already have email encryption


So why isn t email secure today

So why isn’t email secure today?

Patents

Limited machine capabilities

The cryptowars

Standards wars


Public key infrastructure

Public Key Infrastructure

Use Digital Signatures to authenticate keys

Use Public key encryption to exchange symmetric keys

Use symmetric key encryption to protect data


Pem 1993

PEM (1993)

Kings

Lords

Knights

Serfs

Peasants

DSHs

  • Privacy Enhanced Mail

    • Hierarchy of Certificate Authorities


Antithesis

Antithesis

  • PGP Web of Trust

    • Everyone is a peer

  • S/MIME

    • Rework of PEM with multiple roots of authority


Pgp marketing department

PGP Marketing Department


15 year standards stalemate

15 Year Standards Stalemate

S/MIME

  • Deployed in 5 billion clients

PGP

  • Monopoly of mindshare


Why has neither won

Why has neither won?

S/MIME

PGP

Incomprehensible to many

Too much hassle to use

  • Too hard to get certificates

  • Too much hassle to use


Solution

Solution


Frictionless security

Frictionless Security


Frictionless security1

Frictionless Security

  • Secure system must require no additional effort

    • No additional configuration

    • No additional steps in use

    • No maintenance or renewals

    • Except if the user wants to verify that their security is correct.


Ppe 0 1

PPE 0.1

(Windows Live Mail Experience)


Configuring to receive encrypted mail

Configuring to receive encrypted mail

  • Run Key Manager, Generates

    • Strong email address with

    • Phinger

    • Recovery codes

  • Publish Phinger on Web Server

  • Now anyone can send you encrypted mail

    • And you can read it on 95% of EXISTING clients


Help wanted

Help Wanted!

  • UI experts to perform integration for

    • Outlook

    • Thunderbird

    • Apple Mail

    • iOS Mail

    • <Android client>


Personal pki

Personal PKI

Master

Online

Monthly Encryption

Per Device Authentication


Strong email address

Strong Email Address

[email protected]er.com

<phingerprint>?<account>@<domain>

<phingerprint>The fingerprint of the root of Alice’s personal PKI hierarchy

<account>The account to send the email to

<domain>Website where the phinger is published


Phinger

Phinger

  • Contains

    • Personal Public key hierarchy

      • Offline Master / Online / Use Keys

    • Policy Statements (per protocol)

      • Email

        • SMTP to example.com with STARTTLS phingerprint = X

        • S/MIME preferred under cert/key X.

        • By invitation only use cert/key Y.


Keymanager 1 0

[ KeyManager 1.0 ]

  • Publication to the Web site is automatic

    • Enroll certificate in key server infrastructure

    • Make use of Google Certificate Transparency

  • Register encrypted secret keys

    • To enable recovery if they are lost

    • To enable easy registration of a second device

  • Can tell people ‘encrypted mail is preferred’


Sending a secure email

Sending a secure email

Mail Client

PEEP

Machine

  • Introducing PEEP

    • Privacy Enhancing Proxy


Peep 0 1

PEEP 0.1

  • Looks for messages sent to a Strong Email Address

    • These MUST be sent encrypted

    • Retrieves the phinger

    • Encrypts the message as directed

      • (Currently only S/MIME could be PGP as well)


Peep 1 0

[ PEEP 1.0]

  • Checks every outbound address

    • Queries a service to see if the user prefers encrypted mail

    • Introduces trusted parties

      • Certificate Authorities

      • Peers


Ppe 1 0

PPE 1.0

Interesting research here

Key Broker

Key Broker

OmniPublish

OmniQuery

Key Manager

Mail Sender


Endorsement

Endorsement

  • Current research issue

    • How to make it easy to endorse another person?

    • QR codes make strong email address transfer easy.

      • Please don’t laser engrave your iPhones yet


Prism proof email

SPAM

  • End to End Encryption defeats (some) Spam filters

    • So you might not want to use end to end encryption all the time.

      • Instead publish the encryption key of your spam filter

    • Only release your end to end key to selected parties

      • Require messages to be signed by approved sender


Conclusion

Conclusion

  • Privacy Protected Everything provides

    • Secure email encryption

      • Security rests on well tested/reviewed standards

    • Frictionless security

      • No additional user effort at all

  • I need your help to make it happen.

    • http://prismproof.org/


  • Login