IETF 96 finds us back in Berlin still talking about how to strengthen the Internet by improving the deployment and use of encryption. For this installment of the IETF Rough Guide, I’m going to focus on the CrypTech workshop just prior to IETF 96 along with the ongoing work of the cfrg research group, and the curdle, tls, and uta Working Groups.
As I wrote about in a separate blog post, CrypTech (https://cryptech.is) is a project to create an open source hardware security module, and this week in Berlin was the unveiling of the alpha prototype device! A select group of alpha testers joined the core development team for two days of testing and analysis. The workshop was very successful with the general consensus being that CrypTech has arrived! There were a few bugs fixed and potential improvements identified, but as one of the participants stated, there was no grey smoke! All of the details of the workshop are available on the CrypTech wiki, including the presentations and a few pictures. Additional alpha testers are invited to participate. Alpha devices are available through Crowd Supply. Rumor has it that there will be opportunities to see the CrypTech hardware during the saag and cfrg sessions this week.
Next, the Internet Research Task Force (IRTF) Crypto Forum Research Group (cfrg,) continues to focus on use of cryptography for IETF protocols. Topics for this week’s meeting include Argon 2 and SESPAKE. Anyone interested in the future direction of cryptographic curves and algorithms would be well served to follow these discussions. I’d also like to mention that there was an interim meeting of the CFRG on 12 May 2016, Eurocrypt 2016. Minutes of this meeting are available at: https://www.ietf.org/proceedings/interim-2016-cfrg-01/minutes/minutes-interim-2016-cfrg-1.
Moving on to IETF working groups, the first one I’d like to mention is one that is not actually meeting in Berlin. The CURves, Deprecating and a Little more Encryption (CURDLE) working group is focusing on updating cryptographic mechanisms for existing IETF protocols. In particular, they are looking at the incorporation of the curves recommended by the cfrg earlier this year. While the group isn’t meeting physically at the IETF, there are a number of drafts under development including drafts for SSH, PKIX, X.509, DNSSEC, and CMS. There is also a draft from the JOSE working group that defines how to use cfrg curves for the JOSE specifications. The work to incorporate modern cryptographic algorithms in IETF protocols is making progress.
The Transport Layer Security (TLS) working group continues to work on an update to the TLS protocol. This is a very active working group with a plan to publish an update to TLS in 2016. This meeting will be devoted to resolving the open issues with the current specification as documented in the issue tracker. There will also be discussions on AES-OCM, TLS Client Puzzles, and TLS Blocking alerts if there is time remaining in the session. Along with the work to develop a new version of TLS are efforts to get TLS support incorporated into existing applications in the Using TLS in Applications (UTA) working group. This week the focus will continue to be on support for TLS in SMTP.
Finally, I’d like to give a quick plug for the Security Area Advisory Group (saag) session. This is an excellent way to get a quick view of some of the security related conversations ongoing in the IETF.
All in all, the work continues here at IETF 96 to make encryption more widespread and easier to deploy for a stronger Internet.
Related Meetings, Working Groups, and BOFs at IETF 95:
uta (Using TLS in Applications) WG
Tuesday, July 19, 2016, 16:20-18:20 CEST, Potsdam II
tls (Transport Layer Security) WG
Tuesday, 19 July, 2016, 10:00-12:30 CEST, Charlottenburg II/III
cfrg (Crypto Forum Research Group)
Wednesday, 20 July, 2016, 14:00 – 15:30 CEST, Potsdam III
saag (Security Area Advisory Group)
Thursday, 21 July 2016, 1400-1600 CEST, Potsdam III
There’s a lot going on in Berlin, and whether you plan to be there or join remotely, there’s much to monitor. To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see http://dev.internetsociety.org/rough-guide-ietf96.