When the Internet was designed, it was thought to be meadows full of daisies. As we now know, it's a dark place, where communication is monitored and subverted. This session presents both developments in known solutions, as well as novel suggestions, to liberally apply crypto to improve the foundations of Internet communications.
Trusting servers you can't touch by Ryan Lackey: Servers for Internet applications are usually deployed at a distance from both the end users of the service and the administrators of the system, often controlled by third parties. Even when they're hardware vs. virtualized/cloud, it's rare for admins to have direct physical control of the servers. Yet, most applications require a high degree of trust in the integrity of servers. We describe a variety of technologies and solutions to this problem, and a framework to best protect your applications and your users. dename: decentralized, secure, usable PKI by Andreas Erbsen: A major challenge for private online communication is public key distribution. Trusted authorities have failed to be secure, and the web of trust has failed to build the network effect it gravely requires to be usable. This talk proposes a new PKI system built on a cryptographic consensus protocol. A set of directory servers updates and signs a mapping from public keys to names. Anyone can run their own server, strengthening the security guarantee for all clients that know it. We have an open-source implementation that can be easily integrated with systems that currently rely on manual key verification, including secure messaging, host authentication, and software distribution. New development in OTR by Jurre van Bergen Jurre van Bergen will speak about new developments in the world of `off-the-record` messaging. What is going on? Where are we going? In addition we will address frequently answered questions by developers and users. Secure email communication - LEAP Encryption Access Project & Pixelated Your Right to by Varac This presentation will introduce two new secure communication tools under development that help guarantee the right to digitally whisper – LEAP and Pixelated. Dark Mail by Ladar Levision Since Ladar Levison shuttered Lavabit during the summer of 2013, he has been working to solve the email privacy problems that made it technologically possible for an American court to demand unfettered access to the email messages for all of Lavabit’s worldwide customers. After a year of hard work, the Dark Internet Mail Environment (DIME) is a standards based, collaborative effort to create an elegant technical solution capable of protecting the privacy of everyone’s email. It is focused on making end-to-end email encryption automatic, while providing message confidentiality, author verification, and minimizing the leakage of metadata. DIME capable systems reduce the amount of trust users must place in their service provider. Automating the key exchange process while keeping the system resistant to manipulation by sophisticated threats is an ongoing challenge. This talk offers a compressed discussion of the DIME standards, highlighting key portions and will be followed by a project update, where we hope to showcase a DIME capable client and server implementation. TLS ♥ DNS ♥ Tor by equinox Replacing 100 CA hierarchies with the single DNS hierarchy, and how the bite reflex against the latter is coming at the cost of less secure identities.
Speakers: Varac Ryan Lackey Andres Erbsen Jurre van Bergen Ladar Levison equinox Daniel Ziegler gedsic