http://prismproof.org/
PRISM-PROOF Email
Phillip Hallam-BakerComodo Group Inc.
http://prismproof.org/
<A Code Name>
http://prismproof.org/
Not just one program
http://prismproof.org/
Not just one government
http://prismproof.org/
Not just governments
http://prismproof.org/
Not just email
http://prismproof.org/
Goal
Make Internet security ubiquitous for2 billion users
http://prismproof.org/
Personal Privacy Environment
http://prismproof.org/
Like making lightning strike
http://prismproof.org/
The guy who has made it
happen…
http://prismproof.org/
Why the Web succeeded:• Open Standards– HTML / HTTP / URI– Build on legacy (e.g. SGML)
• Open architecture– Don’t tie users to one publication model
• Public domain Reference code– Please take our code and sell it
• Some good technical innovations– URIs– Punt on the hard stuff (indexing, consistency)
http://prismproof.org/
PPE
• Open Standards (or proposals)– All specifications are submitted as Internet Drafts– Build on legacy (e.g. S/MIME)
• Open Architecture– Don’t tie users to one trust model
• Open Source Code– Generated from the specifications
• Some technical choices– Strong Email Addresses– Punt on the hard stuff
http://prismproof.org/
Dividing the Problem
Share this1. Mail system integration2. Distribution infrastructure
Research here3. Trust Model4. Transport
http://prismproof.org/
Please ‘steal’ this spec
http://prismproof.org/
Why I am here
• Recruit– Users– Testers– Coders (not just for crypto!)– Web Site (Bootstrap)– Architects– Reviewers– Evangelists
http://prismproof.org/
Xanadu, the Web in 1960
http://prismproof.org/You already have email encryption
http://prismproof.org/
So why isn’t email secure today?
• Patents• Limited machine capabilities• The cryptowars• Standards wars
http://prismproof.org/
Public Key Infrastructure
• Use Digital Signatures to authenticate keys
• Use Public key encryption to exchange symmetric keys
• Use symmetric key encryption to protect data
http://prismproof.org/
PEM (1993)
• Privacy Enhanced Mail– Hierarchy of Certificate Authorities
Kings
Lords
Knights
Serfs Peasants DSHs
http://prismproof.org/
Antithesis
• PGP Web of Trust– Everyone is a peer
• S/MIME– Rework of PEM with multiple roots of authority
http://prismproof.org/
PGP Marketing Department
http://prismproof.org/
15 Year Standards Stalemate
S/MIME– Deployed in 5 billion
clients
PGP– Monopoly of mindshare
http://prismproof.org/
Why has neither won?
S/MIME• Too hard to get certificates• Too much hassle to use
PGP• Incomprehensible to many• Too much hassle to use
http://prismproof.org/
Solution
http://prismproof.org/
Frictionless Security
http://prismproof.org/
Frictionless Security
• Secure system must require no additional effort– No additional configuration– No additional steps in use– No maintenance or renewals
– Except if the user wants to verify that their security is correct.
http://prismproof.org/
PPE 0.1
(Windows Live Mail Experience)
http://prismproof.org/
Configuring to receive encrypted mail
• Run Key Manager, Generates– Strong email address with – Phinger– Recovery codes
• Publish Phinger on Web Server
• Now anyone can send you encrypted mail– And you can read it on 95% of EXISTING clients
http://prismproof.org/
Help Wanted!
• UI experts to perform integration for– Outlook – Thunderbird– Apple Mail– iOS Mail– <Android client>
http://prismproof.org/
Personal PKI
Master
Online
Monthly Encryption Per Device Authentication
http://prismproof.org/
Strong Email Address
AD6TK2-NDKN2W-JRME7DA-RXYYHZ-T4A?alice.prism.proof@orac.hallambaker.com
<phingerprint>?<account>@<domain>
<phingerprint> The fingerprint of the root of Alice’s personal PKI hierarchy
<account> The account to send the email to<domain> Website where the phinger is published
http://prismproof.org/
Phinger
• Contains– Personal Public key hierarchy• Offline Master / Online / Use Keys
– Policy Statements (per protocol)• Email
– SMTP to example.com with STARTTLS phingerprint = X– S/MIME preferred under cert/key X.– By invitation only use cert/key Y.
http://prismproof.org/
[ KeyManager 1.0 ]
• Publication to the Web site is automatic– Enroll certificate in key server infrastructure– Make use of Google Certificate Transparency
• Register encrypted secret keys– To enable recovery if they are lost– To enable easy registration of a second device
• Can tell people ‘encrypted mail is preferred’
http://prismproof.org/
Sending a secure email
• Introducing PEEP– Privacy Enhancing Proxy
Mail Client
PEEP
Machine
http://prismproof.org/
PEEP 0.1
• Looks for messages sent to a Strong Email Address– These MUST be sent encrypted– Retrieves the phinger– Encrypts the message as directed• (Currently only S/MIME could be PGP as well)
http://prismproof.org/
[ PEEP 1.0]
• Checks every outbound address– Queries a service to see if the user prefers
encrypted mail– Introduces trusted parties• Certificate Authorities• Peers
http://prismproof.org/
Interesting research here
PPE 1.0
Key Manager Mail Sender
Key Broker Key Broker
OmniPublishOmniQuery
http://prismproof.org/
Endorsement
• Current research issue– How to make it easy to endorse another person?– QR codes make strong email address transfer easy.• Please don’t laser engrave your iPhones yet
http://prismproof.org/
SPAM
• End to End Encryption defeats (some) Spam filters– So you might not want to use end to end
encryption all the time.• Instead publish the encryption key of your spam filter
– Only release your end to end key to selected parties• Require messages to be signed by approved sender
http://prismproof.org/
Conclusion
• Privacy Protected Everything provides– Secure email encryption• Security rests on well tested/reviewed standards
– Frictionless security• No additional user effort at all
• I need your help to make it happen.– http://prismproof.org/