Along with the routing manifesto the ISOC Advisory Council meeting I recently attended at IETF90 Toronto heard a brief report on the CrypTech.is project. This was summarised by Lucy Lynch who has presented at ISOC AC meetings on privacy and security in the past. Lucy and Andrei Robachevsky also participated in the IETF 90 security and privacy session which I wasn’t able to attend but is well worth watching.
CrypTech is attacking the fundamental roots of the “trust” problem. When the NSA/Snowden revelations hit, something that exited the net at large was trust in the basic cryptography underpinning a lot of online security. The mechanisms behind an HTTPS:// link, or that protect your personal mail, or your files in a cloud backed service like Dropbox depend on trust in the cryptography that protects them, and the suggestion that the fundamentals behind algorithm choices in elliptic curve cryptography (ECC) have been ‘altered’ by government advisory bodies, (to ensure they could see inside them) has obviously weakened a lot of public trust in these services. We no longer feel entirely sure the national standards bodies are capable of preserving the wider public interest in these designs. We don’t trust them.
One aspect of this is that we need to believe the tools used to build security systems themselves haven’t been corrupted. So one of the things CrypTech is doing is to invest in basic security audits of the tools used to build cryptographic software and hardware.
Based on the restored trust in the tool sets, CrypTech is in the process of developing independently designed hardware for cryptography, which will be capable of providing Hardware Security Module (HSM) services, where the secure keys for cryptography never leave the hardware, as well as other basic building blocks such as pseudo random number generation (prng) code, and implementations of the agreed secure hash algorithms SHA-1, SHA-256 and SHA-512 as well as the AES encryption algorithms. Although much trust ‘left the room’ as a result of the recent revelations, the fundamentals behind these algorithms as documented “on paper” remains trust-able and was subject to widespread review by an international community of cryptographers, and we all hope the implementation of community sourced, publicly verifiable hardware and software will restore wider trust in the system as a whole.
When cryptech has finished we will be able to compare the outputs of other security products to a well known trusted standard, and chose to source our security protections like HSM and sources of randomness from hardware with some restored basis of trust.
CrypTech is being funded by a range of community participants including ISOC. This is good use of the ISOC funds for the wider public interest.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.