fredag 5 november 2010

MonkeySphere and TCPCrypt

I'm beginning with describing MonkeySphere.

It is a nice and useful tool for making secure and authenticated connections to servers. From it's description: "The Monkeysphere project's goal is to extend OpenPGP's web of trust to new areas of the Internet to help us securely identify servers we connect to, as well as each other while we work online".
The idea is that each person can generate a cryptographic OpenPGP keypair, create subkeys for their computer and servers, and then exchanging the public keys in their key pairs.
When you want to connect to another computer, you use MonkeySphere and the dedicated cryptographic subkey in order to identify yourself and establish a secure connection (using SSH right now).

It is an encryption extension to TCP, designed to be transparent to userland software, making encrypt-by-default for all network and internet connections easy. From it's description:
"Tcpcrypt is a protocol that attempts to encrypt (almost) all of your network traffic. Unlike other security mechanisms, Tcpcrypt works out of the box: it requires no configuration, no changes to applications, and your network connections will continue to work even if the remote end does not support Tcpcrypt, in which case connections will gracefully fall back to standard clear-text TCP."
Unlike SSL, SSH and IPsec, it does not do authentication by default - it only encrypts it, which is enough to make the connection harder to spy on. It forces an attacker to do active attacks (modifying traffic) instead of just passive (just listening to traffic) if he want to spy on somebody.

Combining the two of them could make the whole internet a lot more secure instantly; having something as simple as Web of Trust (well, as easy as it could be) to REALLY know who you are connecting to and combing it with a traffic encryption method that NOT require modification of any software would instantly eliminate all reasons for not encrypting everything.
If you don't know what encryption is good for: Search for "Firesheep" on the search engine of your choice.

No, more of SSL won't help. There's a reason for everybody not already using it. No, SSH tunneling is not the answer. And no, IPSec is too complex.
But TCPCrypt is, as I said, easy. On Linux, all you need is to run a single line of shell code, and you're done. Now all traffic to other computers that also run TCPCrypt will be encrypted, preventing passive tools like Firesheep. By adding MonkeySphere's WoT management to authenticate the connections too (you also want to that who you're talking to is who they say they are), not even active tools will work, because then you will be alerted and the connection will be closed.

Technically, WoT can also be used the way SSL is used: Just let all the current CA:s (Certificate Authorities) generate OpenPGP keys and use them to sign peoples' OpenPGP keys instead of the keys they currently use to sign SSL certificates. Instead of browsers being shipped with SSL CA certificates preconfigured, they would have the CA's public OpenPGP keys.
It would be a minor change to most people that are not involved with SSL, and to most who are it would only be a change in what things are called and replacement of some tools.
So for those who only use the internet for broswing around on web sites, there will be no change worth caring about.

And the real great news: When it's working, all you need for secure connections to your friends is to exchange public keys to be able to establish a highly secure connection.
You and your friend just have to write down your public key fingerprints on pieces of paper (it's the most secure way) and give them to each other, and then type them in on your computers into the authentication software (MonkeySphere). Just that one more thing to remember besides IP address (and sometimes port number).
Then you can connect to each other to securely do whatever you wish, like chatting over IM, play network games or share files and documents.

As long as the key fingerprints match (otherwise the connection will fail) you can be sure that the other computer has the right private OpenPGP key from the key pair.
And as long as your friend has a secure computer (decent antivirus+firewall, Linux or OpenBSD, etc) it is really him and nobody else that you are connecting to. Which means that nobody else can read that document from work that you are sending him. Or read your IM conversation. Or mess with your LAN game. Or anything really as long as your computers are directly connected (which only is going to get more common with the constantly improving P2P and F2F software out there combined with faster internet connections).

Posted via email from Nat's blog

blog comments powered by Disqus