1 / 41

PRISM-PROOF Email

PRISM-PROOF Email. Phillip Hallam -Baker Comodo Group Inc. <A Code Name>. Not just one program. Not just one government. Not just governments. Not just email. Goal. Make Internet security ubiquitous for 2 billion users. Personal Privacy Environment. Like making lightning strike.

melia
Download Presentation

PRISM-PROOF Email

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PRISM-PROOF Email Phillip Hallam-Baker Comodo Group Inc.

  2. <A Code Name>

  3. Not just one program

  4. Not just one government

  5. Not just governments

  6. Not just email

  7. Goal Make Internet security ubiquitous for 2 billion users

  8. Personal Privacy Environment

  9. Like making lightning strike

  10. The guy who has made it happen…

  11. Why the Web succeeded: • Open Standards • HTML / HTTP / URI • Build on legacy (e.g. SGML) • Open architecture • Don’t tie users to one publication model • Public domain Reference code • Please take our code and sell it • Some good technical innovations • URIs • Punt on the hard stuff (indexing, consistency)

  12. PPE • Open Standards (or proposals) • All specifications are submitted as Internet Drafts • Build on legacy (e.g. S/MIME) • Open Architecture • Don’t tie users to one trust model • Open Source Code • Generated from the specifications • Some technical choices • Strong Email Addresses • Punt on the hard stuff

  13. Dividing the Problem Share this Research here Trust Model Transport • Mail system integration • Distribution infrastructure

  14. Please ‘steal’ this spec

  15. Why I am here • Recruit • Users • Testers • Coders (not just for crypto!) • Web Site (Bootstrap) • Architects • Reviewers • Evangelists

  16. Xanadu, the Web in 1960

  17. You already have email encryption

  18. So why isn’t email secure today? Patents Limited machine capabilities The cryptowars Standards wars

  19. Public Key Infrastructure Use Digital Signatures to authenticate keys Use Public key encryption to exchange symmetric keys Use symmetric key encryption to protect data

  20. PEM (1993) Kings Lords Knights Serfs Peasants DSHs • Privacy Enhanced Mail • Hierarchy of Certificate Authorities

  21. Antithesis • PGP Web of Trust • Everyone is a peer • S/MIME • Rework of PEM with multiple roots of authority

  22. PGP Marketing Department

  23. 15 Year Standards Stalemate S/MIME • Deployed in 5 billion clients PGP • Monopoly of mindshare

  24. Why has neither won? S/MIME PGP Incomprehensible to many Too much hassle to use • Too hard to get certificates • Too much hassle to use

  25. Solution

  26. Frictionless Security

  27. Frictionless Security • Secure system must require no additional effort • No additional configuration • No additional steps in use • No maintenance or renewals • Except if the user wants to verify that their security is correct.

  28. PPE 0.1 (Windows Live Mail Experience)

  29. Configuring to receive encrypted mail • Run Key Manager, Generates • Strong email address with • Phinger • Recovery codes • Publish Phinger on Web Server • Now anyone can send you encrypted mail • And you can read it on 95% of EXISTING clients

  30. Help Wanted! • UI experts to perform integration for • Outlook • Thunderbird • Apple Mail • iOS Mail • <Android client>

  31. Personal PKI Master Online Monthly Encryption Per Device Authentication

  32. Strong Email Address AD6TK2-NDKN2W-JRME7DA-RXYYHZ-T4A?alice.prism.proof@orac.hallambaker.com <phingerprint>?<account>@<domain> <phingerprint> The fingerprint of the root of Alice’s personal PKI hierarchy <account> The account to send the email to <domain> Website where the phinger is published

  33. Phinger • Contains • Personal Public key hierarchy • Offline Master / Online / Use Keys • Policy Statements (per protocol) • Email • SMTP to example.com with STARTTLS phingerprint = X • S/MIME preferred under cert/key X. • By invitation only use cert/key Y.

  34. [ KeyManager 1.0 ] • Publication to the Web site is automatic • Enroll certificate in key server infrastructure • Make use of Google Certificate Transparency • Register encrypted secret keys • To enable recovery if they are lost • To enable easy registration of a second device • Can tell people ‘encrypted mail is preferred’

  35. Sending a secure email Mail Client PEEP Machine • Introducing PEEP • Privacy Enhancing Proxy

  36. PEEP 0.1 • Looks for messages sent to a Strong Email Address • These MUST be sent encrypted • Retrieves the phinger • Encrypts the message as directed • (Currently only S/MIME could be PGP as well)

  37. [ PEEP 1.0] • Checks every outbound address • Queries a service to see if the user prefers encrypted mail • Introduces trusted parties • Certificate Authorities • Peers

  38. PPE 1.0 Interesting research here Key Broker Key Broker OmniPublish OmniQuery Key Manager Mail Sender

  39. Endorsement • Current research issue • How to make it easy to endorse another person? • QR codes make strong email address transfer easy. • Please don’t laser engrave your iPhones yet

  40. SPAM • End to End Encryption defeats (some) Spam filters • So you might not want to use end to end encryption all the time. • Instead publish the encryption key of your spam filter • Only release your end to end key to selected parties • Require messages to be signed by approved sender

  41. Conclusion • Privacy Protected Everything provides • Secure email encryption • Security rests on well tested/reviewed standards • Frictionless security • No additional user effort at all • I need your help to make it happen. • http://prismproof.org/

More Related