BitmasK: BitmasK: encryption for encryption for mere mortals - - PowerPoint PPT Presentation

▶

Mar 27, 2024 158 likes •686 views

# # BitmasK: BitmasK: encryption for encryption for mere mortals mere mortals FOSDEM 2018 FOSDEM 2018 kali - meskio - kwadronaut kali - meskio - kwadronaut https://leap.se Problem: encrypted email is Problem: encrypted email is

SLIDE 1

# #

BitmasK: BitmasK: encryption for encryption for mere mortals mere mortals

FOSDEM 2018 FOSDEM 2018 kali - meskio - kwadronaut kali - meskio - kwadronaut

https://leap.se

SLIDE 2

Problem: encrypted email is Problem: encrypted email is ...complicated ...complicated

SLIDE 3

SLIDE 4

SLIDE 5

SLIDE 6

Problem: Problem: providers providers

SLIDE 7

SLIDE 8

Peer to peer? Peer to peer?

SLIDE 9

Better Better federation! federation!

Protect providers from their users Protect providers from their users Protect users from the provider Protect users from the provider

SLIDE 10

What does What does LEAP do? LEAP do?

LEAP Platform: toolkit to make it easier to run a service provider New protocols: so no need to trust your connection provider Bitmask client: smooth working client with compatible providers

SLIDE 11

leap mail service leap mail service

End-to-end encryption Backwards compatible with email and current OpenPGP usage Service provider has no access to user data Automatic key discovery and validation Cloud synchronized for high availability on multiple devices

SLIDE 12

SLIDE 13

email service email service

SLIDE 14

soledad soledad

SLIDE 15

mx mx

SLIDE 16

SLIDE 17

generic rules for automatic key management, transition from TOFU to more advanced ruleset.

transitional key validation transitional key validation

bind key <-> email address key directory endorser (provider) binding info: evidence for "educated guess" veried key transition (automatic) [leap.se/en/docs/design/transitional-key-validation]

SLIDE 18

With a bunch of exceptions

TOFU TOFU

SLIDE 19

1. First Contact
1. First Contact

When one or more keys are rst discovered for a particular email address, the key with the highest validation level is registered.

SLIDE 20

2. Regular Refresh
2. Regular Refresh

All keys are regularly refreshed to check for modied expirations, or new subkeys, or new keys signed by old keys.

This refresh SHOULD happen via some anonymizing mechanism.

SLIDE 21

3. Key Replacement
3. Key Replacement

A registered key MUST be replaced by a new key in one of the following situations, and ONLY these situations: Veried key transitions. If the user manually veries the ngerprint of the new key. If the registered key is expired or revoked and the new key is of equal or higher validation level. If the registered key has never been successfully used and the new key has a higher validation level. If the registered key has no expiration date.

SLIDE 22

VPN VPN

Prevent eavesdropping. Circunvent internet censorship. Prevent leaks (DNS, IPv6, ...).

SLIDE 23

LEAP platform LEAP platform

sudo gem install leap_cli leap new example --domain example.org cd example leap add-user --self leap cert ca leap cert dh leap cert csr leap node add blueberry services:openvpn \ ip_address:1.1.1.1 openvpn.gateway_address:1.1.1.2 leap node add raspberry services:couchdb,webapp \ ip_address:1.1.1.3 leap init node leap deploy

SLIDE 24

sysadmins are human sysadmins are human

and deserve usability too and deserve usability too

SLIDE 25

"leap deploy" "leap deploy"

SLIDE 26

SLIDE 27

SLIDE 28

show me the code! show me the code!

https://0xacab.org/leap/ ~10 important repos GPL code

SLIDE 29

current state current state

SLIDE 30

Email Beta (0.10…) Email Beta (0.10…)

works on Linux works on Linux

Bitmask VPN Bitmask VPN

works on Linux && Android works on Linux && Android

SLIDE 31

next steps next steps

OSX and windows

SLIDE 32

let a thousand providers let a thousand providers bloom bloom

SLIDE 33

🐨 thanks! questions? 🐨 thanks! questions?

https://bitmask.net https://bitmask.net https://leap.se https://leap.se 😽 katzenpost.mixnetworks.org katzenpost.mixnetworks.org

SLIDE 34

SLIDE 35

SLIDE 36

SLIDE 37

SLIDE 38

SLIDE 39

2. ability to use multiple
2. ability to use multiple

devices devices

SLIDE 40

🔒 🔒 🔅

Synchronization Of Synchronization Of Locally Encrypted Data Among Devices Locally Encrypted Data Among Devices

SLIDE 41

data = 🖃 data = 🖃 + 🔒 + 🔒

SLIDE 42

bitmask keymanager bitmask keymanager requires no user interaction requires no user interaction

SLIDE 43

interoperability is a must interoperability is a must

many projects converging many projects converging

(Watch AUTOCRYPT: Enigmail, K9, Mailpile, Bitmask) (Watch AUTOCRYPT: Enigmail, K9, Mailpile, Bitmask)

SLIDE 44

SOLEDAD SOLEDAD

Synchronization of Locally Encrypted Data Among Devices auth: srp kdf: scrypt AES-256-GCM built on top of canonical's u1db vector clocks clientside: sqlcipher backend serverside: couchdb cluster

SLIDE 45

Problem: Attachments Problem: Attachments

Syncing blobs in a convoluted store Pluggable BlobsIO backend for server (in dev) FS as MVP, others welcome!

SLIDE 46

Validation levels Validation levels

low == less trust on the source

SLIDE 47

1. Weak Chain
1. Weak Chain

sks key servers, email attached key, OpenPGP header, ...

SLIDE 48

2. Provider Trust
2. Provider Trust

webnger, provider mailvelope

SLIDE 49

3. Provider Endorsement
3. Provider Endorsement

NickNym

SLIDE 50

4. Historical Auditing
4. Historical Auditing

CONIKS, google's transparent keyserver

SLIDE 51

5. Known Key
5. Known Key

client pinned keys

SLIDE 52

6. Fingerprint
6. Fingerprint

manual verication