The era of encrypted communications may have finally arrived. The Internet Architecture Board (IAB), which oversees the Internet's architecture, protocols, and standards efforts, officially called last month for encryption to be deployed throughout the protocol stack as a way to lock down the privacy and security of information exchange.
It was a bold and important statement from the IAB, and it likely will be the general blueprint for new protocol efforts by the Internet Engineering Task Force (IETF), which creates the protocol specifications that run the Internet and devices and systems connected to it. "The IAB now believes it is important for protocol designers, developers, and operators to make encryption the norm for Internet traffic," IAB chairman Russ Housley wrote in its Statement on Internet Confidentiality.
The IAB also urged developers to deploy encryption by default, and it urged network and service providers to add encryption across the board.
In his first interview since issuing the IAB statement Nov. 14, Housley spoke with me about the new normal of widespread, encrypted Internet communications.
Dark Reading: What does it really mean for the IAB to issue this encryption statement?
Housley: The IAB is making a recommendation, and we have no enforcement powers on that. But if we look back historically on IAB statements, the IETF has tended to follow them. What basically happens when people start to go off in a different direction is they say, "Hey, the IAB said this," so what do you think going against that recommendation is going to do? If they have a good answer [for it], they continue.
We think encryption should be the norm. We recognize there are exceptions where encryption is actually not possible. We want to give people that thought that says, "Is there a way we could do this with encryption?"… We felt things were improving, but maybe the pace needs to be picked up to combat pervasive monitoring.
Dark Reading: Will we see an updated TCP/IP stack emerge from all of this?
Housley: Incremental improvement is the only way we are going to see changes. You can't have a flag day [like we did] from NCP [Network Control Program of Arpanet] to TCP/IP. That's just not possible in today's Internet, because of the scope and scale.
The transition from IPv4 to IPv6 is a demonstration of how difficult that transition is… Incremental change is the only [way].
We're seeing significant uptick in IPv6 in cable companies, wireless mobile, leading the way there because they have more devices deployed than they can get IPv4 addresses. The more and more that happens, the more there will be an increase in IPv6 and the ultimate decline of IPv4.
Dark Reading: There are security tradeoffs with encrypted communications, given that many of today's security tools can't perform their tasks if the network flows are encrypted. How do you reconcile that?
Housley: We recognize that, and that's why we added that closing to the statement. Instead of just saying, "Hey, it's clear sailing," let's be honest and say there are some rough spots here and work. We will [likely] form some workshops around these topics to make sure people start talking.
Another example is that network management makes the assumption that it can dive in multiple layers of traffic to see what's going on… We need to give network managers what they need without exposing so much plain text.
Dark Reading: How will vendors and service providers move forward with encryption by default?
Housley: We've already seen some of that. Some of the email providers have done things like move IMAP to IMAP over TLS, so all the traffic between a mail client and the mail server are protected. We're seeing more and more [encryption adoption, including from] content distribution networks.
Personally, I'd like to see greater integration of DNSSEC, as well.
Dark Reading: As we've seen, SSL/TLS is not exactly bulletproof. Heartbleed demonstrated how an SSL/TLS implementation issue can cause big problems. What are the IAB and IETF doing to improve encryption protocols?
Housley: TLS 1.3 is under development in the IETF. TLS 1.3 eliminates lots of stuff that kind of got added on. One of the key questions being asked in development is, "What's in there that no one really needs, and where are possible places for bugs [to be] introduced by developers?"… Remove that and keep it simple as possible, so it's easier for people to look at the code and easier to find and fix bugs. That's one of the design criteria this time around.
That includes not having every crypto algorithm everyone has ever come up with, but figuring out which ones are really needed and putting the focus and review behind those, as opposed to anyone who wants to add one adds one.
Elliptic curve is being embraced very strongly this go-round. Smaller key sizes and stronger security will have a positive effect.
Dark Reading: What other security functions or protocols are in the works?
Housley: In the same way with TLS, protocol updates need to be simple and streamlined and only with functionality that's needed. There's some work being explored about security services on your behalf… For example, you can attach to different WiFi hotspots and see what firewall is in that [network] and how it's configured and know what your security posture is. Something that would let mobile devices from laptops to smartphones adapt to different points where they enter the Net.
Dark Reading: What are the challenges for making encrypted communications the norm?
Housley: The challenges will be political and will have to do with firewall policies, IDS, deep packet inspection, [for instance]. Looking for spam and viruses in email messages… all of those things become more difficult. We have to find the right balance and the right places in the stack for encryption to provide security and privacy to the customer, and yet to protect the customer.
I hope we end up in a place where crypto is the norm and not a presumption of, if you encrypt, you have something to hide.
Dark Reading: Do you expect any pushback from government agencies or law enforcement?
Housley: It depends. The IETF is not going to standardize on weakened crypto… We're not going to develop our protocols to include backdoors for law enforcement, because that inevitably will be used by others, as well. We will work with how law enforcement gets access to things they need without the protocols themselves. These are similar kinds of discussions [we had in the 1990s with Clipper Chip and US export policy debate].
[The IAB urges encryption across the protocol stack to usher in an era where encrypted traffic is the norm. But there are possible security tradeoffs. Read Internet Architecture Board Calls For Net Encryption By Default.]
Dark Reading: What will the new encrypted Internet look like versus the Net of today?
Housley: One of the workshops the IAB is looking at is the evolution of messaging. The idea is that spam has gotten so bad, so maybe we can do something in the messaging architecture itself. Right now, anyone can send anyone a message.
Like in instant messaging, where you can [specify] this person is allowed to know I'm online or when I'm not, maybe there's an analogy there for other kinds of messaging, for example.
I'm hoping a bunch of different Internet organizations -- not just the IETF -- will rally around this idea [encryption as the norm] and help bring it to fruition in a way that users are comfortable with it and almost not impacted at all.
The challenge will be to embrace crypto so regular users see very little impact, and it just works.