PRISM-Proof Security Considerations, a draft proposal to make it harder for governments to implement and carry out surveillance activities like PRISM, has been floated by the Internet Engineering Task Force (IETF) yesterday.

The draft highlights security concerns as a result of government sponsored PRISM-like projects and the security controls that may be put into place to mitigate the risks of interception capabilities. Authored by Phillip Hallam-Baker of the Comodo Group the draft is however very light regarding details on how the Internet can be PRISM-proofed.

Baker starts off by listing out the attack degree including he likes of information / content disclosure, meta-data analysis, traffic analysis, denial of service attacks and protocol exploits. The author than describes the different capabilities of an attacker and the ways in which an attack can be carried out – passive observation, active modification, cryptanalysis, cover channel analysis, lawful interception, Subversion or Coercion of Intermediaries among others.

Baker then highlights the controls that may be used to defend against the attacks including use of Perfect Forward Secrecy which tends to dramatically increase the cost involved with an attack; use of strong cryptography as a control against passive attacks; use of dual-layered public key exchange “using the credentials of the parties to negotiate a temporary key which is in turn used to derive the symmetric session key used for communications” among others.

The draft lists the final control as policy, audit and transparency; however, it notes that this area is “the most underdeveloped area of internet security to date.”

The thing that stands out in the draft is that it has been authored by just one person as against IETF’s tradition of involving a group of people. You can find a copy of the draft here.

  • Tim Marsh

    Thanks Ravi, for stepping up when your skill set requires it. A solid step in the right direction.

  • dbrower

    It’s very, very common for drafts to be the work of a single author. There’s a world of difference between a draft and a standards-track proposal. (I edited RFC 1697).

  • Wesley George

    Wanted to clear something up around IETF process. This document (an internet-draft) is not “The IETF” floating anything. Most IETF drafts start as individual documents from one or more authors, as a point at which discussion can be started. Usually these internet-drafts are adopted by a Working Group to refine and improve them. The document will undergo reviews and revisions until it achieves consensus, first within the working group, and then the IETF as a whole before being published as an “IETF document” or RFC.
    If a document does not reach consensus, there are also ways for documents to be published as individual contributions, but they are clearly marked as not being products of IETF consensus.
    In this case, there has been a lot of discussion on the main IETF discussion list about this topic lately, and this draft is an effort to focus the discussion into some productive action, but this is still at a very early stage.