Annex Mass Surveillance Part 2: Technology Foresight
Science and TechnologyOptions Assessment (STOA)Mass SurveillancePart 2 – Technology foresight,options for longer term securityand privacy improvementsANNEXEPRS European Parliamentary Research ServiceScientific Foresight (STOA) UnitPE 527.410EN
Mass SurveillanceWhat are the risks for the citizens and the opportunities for the EuropeanInformation Society? What are the possible mitigation strategies?Part 2 – Technology foresight, options for longer term security andprivacy improvementsAnnexIP/G/STOA/FWC-2013-1 - LOT 4 – ICT and the Information societyDecember 2014PE 527.410
STOA- Science and Technology Options AssessmentThe STOA project “Mass surveillance – Risks, Opportunities and Mitigation Strategies – Part 2Technology foresight, options for longer term security and privacy improvements ” was carried out byCapgemini Consulting, part of Capgemini Netherlands BV.AUTHORSM. van den BergP. de GraafP.O. KwantT. SleweThe authors acknowledge and would like to thank the following experts for their contributions to thisreport: Mr. Axel Arnbak, University of Amsterdam (NL), Mr. Brent Bilger, Vice-President Solutions Architectureat Vidder (USA), Mr. Caspar Bowden, independent privacy researcher (UK), Dr. Christian Doerr, University ofDelft (NL), Mr. Rickey Gevers, forensic investigator at Digital Investigations (NL), Ms. Monika Maglione,Mr. Michael Palmer and Ms. Cecilia-Joanna Verkleij (EC-DG Home), Mr. Gopal Padinjaruveetil, Chief Securityand Compliance Architect Capgemini US (USA) Mr. Rejo Zenger and mr. Hans de Zwart, Bits of Freedom (NL).Also we relied on the insights of the Capgemini Cyber Security Community of Practice, in particular: Mr.Jule Hintzbergen, Mr. Cees de Kuijer, Mr. Guido Voorendt, Mr. Jan Willem de Vries and Mr. Jack van ’t Wout.STOA RESEARCH ADMINISTRATORPeter Ide-KosticScientific Foresight UnitDirectorate for Impact Assessment and European Added ValueDirectorate-General for Parliamentary Research ServicesEuropean Parliament, Rue Wiertz 60, B-1047 BrusselsE-mail: peter.ide-kostic@europarl.europa.euLINGUISTIC VERSIONOriginal: ENABOUT THE PUBLISHERTo contact STOA or to subscribe to its newsletter please write to: STOA@ep.europa.euThis document is available on the Internet at: http://www.ep.europa.eu/stoa/Manuscript completed in November 2014Brussels, European Union, 2014DISCLAIMERThe content of this document is the sole responsibility of the author and any opinions expressed thereindo not necessarily represent the official position of the European Parliament. It is addressed to theMembers and staff of the EP for their parliamentary work. Reproduction and translation for noncommercial purposes are authorised, provided the source is acknowledged and the European Parliamentis given prior notice and sent a copy.PE 527.410ISBN 978-92-823-5538-1DOI 10.2861/984037CAT QA-06-14-229-EN-N
ANNEX Mass surveillance - Part 2: Technology foresightAbstractThis document contains the ANNEX to the Study on Mass Surveillance, commissioned by theSTOA Office of the European Parliament. This ANNEX contains detailed information on thefour subthemes defined in the invitation to tenderThe motivation for providing this ANNEX separate to the Study is to provide the reader with ameans to delve deeper into relevant information concerning the questions posed in the tender ofthe Study.
STOA- Science and Technology Options Assessment
ANNEX Mass surveillance - Part 2: Technology foresightTABLE OF CONTENTS1.Redesign HTTP . 22.DARPA initiatives. 63.Similar initiatives to CRASH and HTTP 2.0 . 94.Large-scale deployment of security solutions already in use by private companies. 145.Anonymization services . 196.Latest technology prospects related to encryption. 237.Advantages and Disadvantages of a Secure European Internet Subnet. 288.Feasibility of a secure “European Internet Subnet” . 339.Technological feasibility of cryptographic solutions. 3410.Technological and organizational feasibility of European security baseline . 3911.The “European Internet Subnet” as large international private IP network . 4412.Advantages and disadvantages of using open source software . 4613.European next generation of secure open source Cloud Computing and Social Networkwebsites. 5014.Strengths and weaknesses of open source implementations compared to that ofproprietary solutions . 5515.Risk of backdoors in the case of open source hardware . 5716.End-to-end encryption in cloud computing and social networks. 6117.Advantages and disadvantages of “end-to-end” encryption . 6318.E2EE in critical European network infrastructures . 6919.E2EE protocols for Email and instant messaging . 7320.Privacy in GSM networks. 7821.IPSec versus SSL-based VPN “end-to-end” encryption protocols . 81
STOA- Science and Technology Options Assessment
Theme 1: Technological initiatives to redesign the InternetThis theme contains several subjects concerning improving the Internet as it is in order to decrease therisks for privacy and security attached to illegitimate mass surveillance. Topics covered are redesign ofHTTP, programs like CRASH and PROCEED, the Internet as corporate network, anonymizationtechniques and technology prospects in encryption.1
STOA- Science and Technology Options Assessment1.Redesign HTTPThis annex pursues to answer the following questions:“What is the legitimacy and credibility of initiatives taken by the Internet Engineering Task Force (IETF) toredesign HTTP and other Internet protocols to enforce encryption by default for all communications and henceattempt to solve hampering technical interoperability issues of today? What are the risks of backdoors in the newdesigns? What are the technical drawbacks of using systematic encryption for all communication, in terms ofprocessing power but also caching & buffering issues over data transport networks?”1.1.IntroductionOne of the main ways to secure internet communications is to encrypt all traffic, preferably by default, toimprove usability and prevent insecure communications by manipulating settings. To facilitate this onthe Internet, some protocols must be redesigned. In the past IPv6 and DNSSEC have been designed toincrease security.The Internet Engineering Task Force (IETF) is the forum in which network operators, hardware andsoftware implementers and researchers discuss future protocols and standards to improve the technicalworking of the Internet. It is the forum where basic standards like HTTP, email and IP are set andmaintained. One of the most important redesign projects currently done is HTTP2 (Hypertext TransferProtocol).11.2.Goals of HTTP2The goals of HTTP2 are to make HTTP more robust in the face of pervasive passive monitoring (masssurveillance) and to limit the potential for active attacks. The mechanism provided should have aminimal impact upon performance and not require extensive effort to configure.Some argue though that HTTP ought to be replaced by HTTPS always, as a solution for protecting digitaldata in transit on the Internet.2HTTP2 does not replace HTTPS however, which is a combination of HTTP and security standardsTLS/SSL. HTTPS has its drawbacks that HTTP2 tries to solve partially. HTTPS is for instance less easy toconfigure than HTTP and requires certificates, for which costs have to be made. Besides, advertisementnetworks and content delivery networks for video and other high bandwidth data providers need to getto client computers efficiently. Encryption slows down their networks (see also Annex 2).1.3.How will HTTP2 work?The design document on HTTP2 is work in progress, so everything said here is limited to the versionstudied. That said, the current document proposes to use opportunistic encryption to secure HTTP.Opportunistic encryption means that computers (clients, servers) attempt to encrypt the communicationchannel, but if that is not possible, have an integrated fallback to unencrypted communications. There isIETF (2014) ‘Opportunistic Encryption for HTTP URIs’, draft-ietf-httpbis-http2-encryption-00, expires December 14,2014. encryption-03 Accessed July 21st 20142 Tom’s Guide (2014), HTTP Must Die, Security Experts Tell Hackers, 8.html, Accessed July 21st 201412
ANNEX Mass surveillance - Part 2: Technology foresightno need for a pre-arranged set-up between the systems communicating (unlike HTTPS for instance,which requires an authenticated certificate on the server side).Other deployments of opportunistic encryption include STARTTLS for SMTP 3 (email – upgrade plain textSMTP connections to encrypted connections) and the FreeS/WAN, Libreswan and Openswan projects. 4Libreswan, for instance, is a free software implementation of the VPN protocol based on IPsec and theInternet Key Exchange (IKE). https://www.libreswan.org/1.4.Advantages and disadvantagesOpportunistic encryption can prevent passive surveillance, forcing an active approach if the monitoringagent wants to keep collecting data. More potent agencies ought to be capable to do so and set up a manin-the-middle attack, but might not want to risk the chances of detection. A man-in-the-middle attackenables the attacker to pose as the assumed end-server, meanwhile monitoring all traffic going through.Under some unauthentic encryption methods, like the Diffie-Hellman key exchange, the attack would bedetected. This is not the case for all unauthenticated encryption methods though. The additional costsand loss of performance for mass surveillance on opportunistic encrypted communications are limited,according to several experts.51.5.BackdoorsA "backdoor" in computing is a method of bypassing the normal method of authentication. Backdoors areusually inserted into a program or algorithm before it is distributed widely. They are often hidden in partof the design of the program or algorithm. In cryptography, a backdoor would allow an intruder to accessthe encrypted information without having the correct credentials. The backdoor would either a) allow theintruder to guess the access key based on the context of the message or b) allow the intruder to present askeleton key that will always grant him access.6 Government agencies have been known to insertbackdoors into commonly used software to enable mass surveillance. Backdoors can be built intosoftware, hardware, or even built into the design of an algorithm.7Not everyone in the HTTP Working Group is satisfied with the state of the HTTP/2 draft, and some ofthe criticisms run deep. Some people believe that the draft is not ready for a Last Call. The protocolallows data to be included in HTTP headers which can be exploited by malicious parties to unfairlymonopolize a connection. It is argued that pushing out HTTP/2 would waste the time of numerousimplementers, as well as introduce code churn that may carry unforeseen security risks.8 With so manyIETF, (2002) RFC 3207, “SMTP Service Extension for Secure SMTP over Transport 7 , Accessed July 21st 20144 https://www.libreswan.org/ , Accessed July 21st 20145 Mattsson, John (2014), ‘Is Opportunistic Encryption the Answer? Practical Benefits And Disadvantages’ STRINTWorkshop Paper, https://www.w3.org/2014/strint/abstracts.html, accessed on July 31st 2014 and Caudill, Adam(2014) On Opportunistic Encryption, c-encryption/ , accessedon July 21st 2014.6 Stanford (undated), ‘Encryption Backdoors’, cts/ethics-ofsurveillance/tech encryptionbackdoors.html , accessed on July 31st 20147 Ars Technica (2014) ‘How the NSA (may have) put a backdoor in RSA’s cryptography: A technical raphy-a-technicalprimer/, accessed on July 31st 20148 Willis, Nathan (2014), ‘Should the IETF ship or skip HTTP 2.0?’, http://lwn.net/Articles/600525/ , accessed on July31st 201433
STOA- Science and Technology Options Assessmentconcerns these days about whether telecom companies can be trusted not to turn our data over to thirdparties that haven’t been authorized, one would assume that a plan to formalize a mechanism for ISP andother "man-in-the-middle" snooping would not be proposed. But apparently the authors of IETF InternetDraft "Explicit Trusted Proxy in HTTP/2.0" (14 Feb 2014) haven't gotten the message. What they proposefor the new HTTP/2.0 protocol is nothing short of officially sanctioned snooping. The proposal expectsInternet users to provide "informed consent" that they "trust" intermediate sites (e.g. Verizon, AT&T, etc.)to decode their encrypted data, process it in some manner for "presumably" innocent purposes, reencrypt it, then pass the re-encrypted data along to its original destination.91.6.Technical DrawbacksThere are practical obstacles to this approach (extensive use of encryption with strong authentication),including a lack of reasonable tools and understanding of how to use the technology, plus obstacles toscaling infrastructure and services with existing technologies.101.7.AlternativesHSTS: in 2012 HTTP2 was preceded by an earlier mechanism to improve protection of internet trafficagainst eavesdropping. This mechanism, HTTP Strict Transport Security (HSTS), enables web sites to‘declare’ themselves only accessible via secure (HTTPS) connections and/or convert any insecure linksinto secure links.11 For instance http://example.com will be modified to https://example.com. Thishappens before accessing the server. Or, if the security of the connection cannot be ensured due to lack ofauthentication, an error message is shown and access to the web site or web application is disallowed.The HSTS request is implemented in the HTTP header (just like HTTP2), but only through HTTPS. HSTSheaders over HTTP are ignored.HSTS improves privacy by enforcing secure, encrypted communications over HTTPS, but only if (strong)authentication is possible. HTTP2 takes this one step further.HTTPS plug-ins: several browsers (eg FireFox) and web platforms (e.g. Wordpress) provide HTTPSplug-ins that support users in automatically selecting HTTPS. Such plug-ins might have an impact onperformance. Just like HSTS this solution only works if authentication of the addressed server is possible.And likewise it is not really an alternative for HTTP2. It does provide a higher level of protection though,compared to manually selecting HTTPS over HTTP.1.8.ConclusionOpportunistic encryption like HTTP2 in the end does not stand up against active attackers but provides ahigher level of protection for Internet users against (lesser capable) passive threats. It eliminates a class ofattacks against low costs.Weinstein, Lauren (2014), ‘No, I Do not Trust You! -- One of the Most Alarming Internet Proposals I've Ever ml, accessed on July 31st 201410 Roberts, Phil (2014) ‘Pervasive Internet Surveillance – The Technical Community’s Response (So hnical-communityresponse-so-far , accessed on July 4, 201411 IETF (2012) RFC 6797, ‘HTTP Strict Transport Security (HSTS)’, final, http://tools.ietf.org/html/rfc6797 , accessedon July 31st 201494
ANNEX Mass surveillance - Part 2: Technology foresightHowever experts fear that opportunistic encryption may lead to a false sense of security and mightabstain from ‘real’ security, like HTTPS or other forms of strongly authenticated encryption oncommunication channels.Recommendation is that this form of encryption is only used when there is at least some form of weakauthentication available. Concepts of context sensitive security could also be used: less options availablefor users without proper encryptions. Also naming and implementation should not suggest to users abetter security than it offers.12Mattsson, John (2014), ‘Is Opportunistic Encryption the Answer? Practical Benefits And Disadvantages’ STRINTWorkshop Paper, https://www.w3.org/2014/strint/abstracts.html, accessed on July 31st 2014125
STOA- Science and Technology Options Assessment2. DARPA initiativesThis annex pursues to provide answers to the following questions:“What is the legitimacy and credibility of the “Clean-slate design of Resilient, Adaptive, Secure Hosts (CRASH)”project initiated by the DARPA agency in the US?Is the initiative related to Programming Computation on Encrypted Data (PROCEED) a solution that is crediblefor the future of a totally encrypted Internet without backdoors?”2.1.IntroductionFrom the very start of the internet, US government-related agencies have been tied to its development. Infact, the Defense Advanced Research Projects Agency (DARPA) – in an earlier incarnation as ARPA, wasthe creator of the internet, by the development of the ARPANET, and more lastingly, the development ofTransmission Control Protocol/Internet Protocol (TCP/IP).13These agencies are still working on the forefront of developing new technologies. DARPA develops anarray of research programs, oriented at developing new technologies and systems, including developingrobots, satellite technology, rockets and traditional weaponry, besides information technology.2.2.CRASH ProjectThe announcement for the CRASH (Clean-slate design of Resilient, Adaptive, Secure Hosts) researchproject was made on June 1, 2010. It was initiated by DARPA, according to the idea that all vulnerabilitiesare the result of a failure to enforce basic semantics, the rules that govern software language, in particularthe inability to distinguish instructions from data, to recognize different types of data, and to restrictoperations to those that make sense for specific data.14 The aim of the project is to design new computersystems, in terms of both hardware architecture, software(operating system and other system software),programming languages and development environments, that are resistant to cyber-attacks, can adaptand repair after an attack as well as continue to provide services and learn from previous attacks to tacklefuture attacks.15 It takes inspiration from the biological immune system, which has two parts: an innatesystem that responds quickly but only to a known set of pathogens and an adaptive system that is slowbut can learn to recognize new adversaries. Similarly, the new systems will be able to remove existingvulnerabilities as well as adapt to and eventually get rid of future faults. If the program succeeds, it canprovide avenues for new technologies to better protect gover
ANNEX Mass surveillance - Part 2: Technology foresight Abstract This document contains the ANNEX to the Study on Mass Surveillance, commissioned by the STOA Office of the European Parliament. This ANNEX contains detailed information on the four subthemes defined in the invitation to tender
Annex 5: Response ECCO Annex 6: Response Gabor Annex 7: Response M&S Annex 8: Response PUMA Annex 9: Response Van Lier Annex 10: Response Primark Annex 11: Response MVO Nederland (CSR Netherlands) Annex 12: Response Leather Working Group . Child labour in the production of brand name leather shoes. in India." .
ICAO Annex 1 – Amdt.172 Annex 6 – Amdt.38 PANS-TRG – Amdt. 3 Doc 10011 02/2014 ICAO amendments to Annex 1, Annex 6 and PANS-TRG (Doc 9868) to a) Meet the UPRT requirements for an MPL, contained in Annex 1 b) Provide UPRT recommendations for a CPL(A), contained in Annex 1 c) Meet the requirements for type-rating, contained
Bills of Exchange Annex Equities Annex Gilts Annex Italian Annex Japanese Annex ** RITS Annex Abu Dhabi X X X X X X Australia X X X X X X X X Bahamas X X X X X X Bahrain X X X X X X Bermuda X X X X X X British Virgin Islands X X X X X X Cayman Islands X X X X X X . Section 730 of the UK Taxes Act
Annex 6 Operation of Aircraft Annex 7 Aircraft Nationality and Registration Marks Annex 8 Airworthiness of Aircraft Annex 9 Facilitation Annex 10 Aeronautical Telecommunications Annex 11 Air Traffic Services . Therefore, ICAO has implemented the
EU GMP Guide-Annex 15 Qualification & Validation draft released In February 2014, a draft of the revised Annex 15 was released by the European Commission (EC) for public comment. The draft version is based on an EMA Concept Paper, published in November 2012 which outlined various reasons for the revision of Annex 15.File Size: 553KBPage Count: 17Explore furtherEU GMP Annex 15: Qualification and Validation - ECA Acad www.gmp-compliance.orgEU GMP Annex 15 Revisions: Improving Qualification and .www.cleanroomtechnology.c GUIDELINES ON VALIDATION APPENDIX 6 VALIDATION O www.who.intGuideline on Process Validationwww.ema.europa.euEudraLex - Volume 4 - Good Manufacturing Practice (GMP .ec.europa.euRecommended to you b
According to NB-MED/2.2/Rec4. Conformity Assessment Procedures Annex III EC type-examination Annex IV EC verification Annex V production quality assurance Annex VI product quality assurance Annex VII EC declaration of conformity Annex II full quality assurance system xxxx Hardly
1.2. Indicator-Based Surveillance (IBS) and Event-Based Surveillance (EBS) Approaches Used to Detect Diseases, Conditions and Events 52 1.3. Standard Case Definitions 52 1.4 Establish Event-Based Surveillance (EBS) at all levels 57 1.5 Update LGA Procedures for Surveillance and Response 58 1.6 Role of the laboratory in surveillance and response 61
adventure tourism (ISO 21101 and TR 21102)2 addresses adventure travel specifically, and none of these standards or quality assurance systems cover all the aspects necessary for excellent adventure travel guiding. In the absence of a global qualification and performance standard, a variety of approaches to managing adventure travel guiding can be
