security aspects of OpenQwaq

82 views
Skip to first unread message

Eugen Leitl

unread,
Jun 17, 2013, 9:11:18 AM6/17/13
to open...@googlegroups.com

What's the security model of OpenQwaq?

How secure is the communication model against passive sniffing?

Active traffic manipulation (MITM)?

Ron Teitelbaum

unread,
Jun 17, 2013, 10:34:41 AM6/17/13
to open...@googlegroups.com

Hi Eugen,

 

OpenQwaq uses ARC4 for encryption.  All data end to end is encrypted over a single port connection.

 

3D ICC's Immersive Terf ™ uses SSL for encryption.  It's basically the same model but we've improved it for, security, performance and reliability. 

 

All encrypted traffic is susceptible to MITM.  SSL helps this considerably by using public certificate authorities to verify the certificates.  The trick is to ensure that your DNS is accurate and that all certificates are verified. 

 

The open source version of OpenQwaq on the other hand is encrypted without certificates. 

 

In either case MITM would leave some significant performance foot prints (this could be improved using hardware) and it would take some engineering to understand our overlay network protocols to make the data useful for an attacker.

 

Are you safe from hackers?  Yes I would say that MITM is very unlikey for both OpenQwaq and Terf™.

 

Are you safe from Governments?  No.  Unlimited access to resources and direct internet filtering could in theory attack the connection using MITM by subverting DNS, using hardware proxies, and forwarding to the server.

 

How safe is it?  We have been reviewed by the Federal Reserve Bank in New York and were allowed to have our software installed internally.  We have been used by every branch of the military (except the Marines, why I have no idea, except maybe because the Navy used it).  We have had significant pentration testing done by some of the largest financial institutions and corporations in the world and have passed.   I would say that this puts us in the upper categories of safeness but still below top secret grade*.

 

Hope that helps.

 

All the best,

 

Ron Teitelbaum

Head Of Engineering

3d Immersive Collaboration Consulting

r...@3dicc.com

Follow Me On Twitter: @RonTeitelbaum

www.3dicc.com

3d ICC on G+

 

* if your organization is interested sponsoring an improvement to our level of our security, 3D ICC is ready, willing and able to improve our security using Common Criteria and Military Information Assurance standards.  We can use data centers with certifications in SSAE16 SOC-1 Type II, Federal Information Security Management Act (FISMA), DoD Information Assurance Certification and Accreditation Process (DIACAP).  We would be very happy to work with you and your organization to meet your security needs.  For more information contact us at in...@3dicc.com.

 

 

> -----Original Message-----

> From: open...@googlegroups.com [mailto:open...@googlegroups.com]

> On Behalf Of Eugen Leitl

> Sent: Monday, June 17, 2013 9:11 AM

> To: open...@googlegroups.com

> Subject: security aspects of OpenQwaq

>

>

> What's the security model of OpenQwaq?

>

> How secure is the communication model against passive sniffing?

>

> Active traffic manipulation (MITM)?

>

> --

> You received this message because you are subscribed to the Google Groups

> "OpenQwaq Forum" group.

> To unsubscribe from this group and stop receiving emails from it, send an email

> to openqwaq+u...@googlegroups.com.

> For more options, visit https://groups.google.com/groups/opt_out.

>

>

 

Eugen Leitl

unread,
Jun 18, 2013, 10:00:22 AM6/18/13
to open...@googlegroups.com
----- Forwarded message from Tom Ritter <t...@ritter.vg> -----

Date: Tue, 18 Jun 2013 09:28:05 -0400
From: Tom Ritter <t...@ritter.vg>
To: liberationtech <liberat...@lists.stanford.edu>
Cc: zs-...@googlegroups.com, "cyphe...@al-qaeda.net" <cyphe...@al-qaeda.net>, in...@postbiota.org
Subject: Re: [liberationtech] security aspects of OpenQwaq
Reply-To: liberationtech <liberat...@lists.stanford.edu>

The claim of end to end encryption give me pause, although I'm also not
clear on the differences between the products and which claim applies to
which. Do they claim the other end is them the provider, or the other user?

It gives me pause because
1) They say they use SSL with CA certs. But if Joe the user is an end, how
do they give him a public CA cert?
2) Multiparty end to end encryption is... mpOTR (to some extent, it
probably doesn't have PFS or repudiation). That's a hard problem. Not
saying they couldn't have solved it or made good progress on it, but I am
saying I think every cryptographer in this space would be extremely
interesting looking at the protocol.

(I also don't care for the smaller trend of "Free but insecure or pay us
for secure!")

-tom


On Jun 17, 2013 10:46 AM, "Eugen Leitl" <eu...@leitl.org> wrote:

>
> OpenQwaq is potentially a useful tool for collaboration,
> especially multimedia (webcam streaming to avatar face,
> audio (best with USB headset) with ability to
> instantiate rooms) -- I've seen it scale to
> groups or 50+ partipants. Collaborative editing is
> available.
>
> Disclosure: no commercial relation to 3D ICC, just a
> happy user of their hosted services.
>
> ----- Forwarded message from Ron Teitelbaum <r...@3dicc.com> -----
>
> Date: Mon, 17 Jun 2013 10:34:41 -0400
> From: Ron Teitelbaum <r...@3dicc.com>
> To: open...@googlegroups.com
> Subject: RE: security aspects of OpenQwaq
> X-Mailer: Microsoft Outlook 14.0
> Reply-To: open...@googlegroups.com
>
> Hi Eugen,
>
>
>
> OpenQwaq uses ARC4 for encryption. All data end to end is encrypted over a
> single port connection.
>
>
>
> 3D ICC's Immersive Terf T uses SSL for encryption. It's basically the same
> model but we've improved it for, security, performance and reliability.
>
>
>
> All encrypted traffic is susceptible to MITM. SSL helps this considerably
> by using public certificate authorities to verify the certificates. The
> trick is to ensure that your DNS is accurate and that all certificates are
> verified.
>
>
>
> The open source version of OpenQwaq on the other hand is encrypted without
> certificates.
>
>
>
> In either case MITM would leave some significant performance foot prints
> (this could be improved using hardware) and it would take some engineering
> to understand our overlay network protocols to make the data useful for an
> attacker.
>
>
>
> Are you safe from hackers? Yes I would say that MITM is very unlikey for
> both OpenQwaq and TerfT.
>
>
>
> Are you safe from Governments? No. Unlimited access to resources and
> direct internet filtering could in theory attack the connection using MITM
> by subverting DNS, using hardware proxies, and forwarding to the server.
>
>
>
> How safe is it? We have been reviewed by the Federal Reserve Bank in New
> York and were allowed to have our software installed internally. We have
> been used by every branch of the military (except the Marines, why I have
> no
> idea, except maybe because the Navy used it). We have had significant
> pentration testing done by some of the largest financial institutions and
> corporations in the world and have passed. I would say that this puts us
> in the upper categories of safeness but still below top secret grade*.
>
>
>
> Hope that helps.
>
>
>
> All the best,
>
>
>
> Ron Teitelbaum
>
> Head Of Engineering
>
> 3d Immersive Collaboration Consulting
>
> <mailto:r...@3dicc.com> r...@3dicc.com
>
> Follow Me On Twitter: <https://twitter.com/RonTeitelbaum> @RonTeitelbaum
>
> <http://www.3dicc.com/> www.3dicc.com
>
>
> <
> https://plus.google.com/u/0/b/108936249366287171125/108936249366287171125/p
> osts> 3d ICC on G+
>
>
>
> * if your organization is interested sponsoring an improvement to our level
> of our security, 3D ICC is ready, willing and able to improve our security
> using Common Criteria and Military Information Assurance standards. We can
> use data centers with certifications in SSAE16 SOC-1 Type II, Federal
> Information Security Management Act (FISMA), DoD Information Assurance
> Certification and Accreditation Process (DIACAP). We would be very happy
> to
> work with you and your organization to meet your security needs. For more
> information contact us at in...@3dicc.com.
>
>
>
>
>
> > -----Original Message-----
>
> > From: open...@googlegroups.com [mailto:open...@googlegroups.com]
>
> > On Behalf Of Eugen Leitl
>
> > Sent: Monday, June 17, 2013 9:11 AM
>
> > To: open...@googlegroups.com
>
> > Subject: security aspects of OpenQwaq
>
> >
>
> >
>
> > What's the security model of OpenQwaq?
>
> >
>
> > How secure is the communication model against passive sniffing?
>
> >
>
> > Active traffic manipulation (MITM)?
>
> >
>
> > --
>
> > You received this message because you are subscribed to the Google Groups
>
> > "OpenQwaq Forum" group.
>
> > To unsubscribe from this group and stop receiving emails from it, send an
> email
>
> > to <mailto:openqwaq+u...@googlegroups.com>
> https://groups.google.com/groups/opt_out.
>
> >
>
> >
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "OpenQwaq Forum" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to openqwaq+u...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>
> ----- End forwarded message -----
> --
> Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
> ______________________________________________________________
> ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
> AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at comp...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>

--
Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at comp...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech


----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5

Ron Teitelbaum

unread,
Jun 18, 2013, 11:45:07 AM6/18/13
to open...@googlegroups.com, t...@ritter.vg

Hi Tom,

 

See responses inline below.

 

> ----- Forwarded message from Tom Ritter <t...@ritter.vg> -----

>

> Date: Tue, 18 Jun 2013 09:28:05 -0400

> From: Tom Ritter <t...@ritter.vg>

> To: liberationtech <liberat...@lists.stanford.edu>

> Cc: zs-...@googlegroups.com, "cyphe...@al-qaeda.net"

> <cyphe...@al-qaeda.net>, in...@postbiota.org

> Subject: Re: [liberationtech] security aspects of OpenQwaq

> Reply-To: liberationtech <liberat...@lists.stanford.edu>

>

> The claim of end to end encryption give me pause, although I'm also not clear

> on the differences between the products and which claim applies to which.  Do

> they claim the other end is them the provider, or the other user?

>

> It gives me pause because

> 1) They say they use SSL with CA certs.  But if Joe the user is an end, how do they

> give him a public CA cert?

 

Terf™ uses SSL much like a web site.  Each person connects to a server that is protected using a 3D ICC certificate.  The clients are only clients to that connection they are not considered SSL servers.  This is the model that most people trust for financial transactions.  The issue here is that the client needs to ensure that the DNS is correct.  This is not as easy as one might think.  There are a number of virus’ out there whose sole purpose is to change your DNS settings to forward all of your traffic to a compromised server so that they can track or hack your connections.  The other issue is that the certificate needs to be verified.  Since we control the software installed on the client we ensure that the certificate is verified.  I had not considered doing a DSN verification but it’s a good idea, I suppose that I could do a verification much like SSH and give a warning that something changed to prevent DSN subversion, but there are cases where we change servers so we would have to balance ease of use with security.  I’ll spend some time thinking about it and add DNS subversion to our attack tree so that we don’t forget about the problem.

 

> 2) Multiparty end to end encryption is... mpOTR (to some extent, it probably

> doesn't have PFS or repudiation).  That's a hard problem.  Not saying they

> couldn't have solved it or made good progress on it, but I am saying I think every

> cryptographer in this space would be extremely interesting looking at the

> protocol.

 

This problem is solved by the server component.  We handle multiple connections using replicated instructions, but each person is authenticating using a separate connection to a secure server.  Users do not connect to other users. 

 

>

> (I also don't care for the smaller trend of "Free but insecure or pay us for

> secure!")

 

Sorry but we don’t do free. J

 

I didn’t say OpenQwaq was insecure.  It is not.  I consider the threat of MITM rare and the impact for must users negligible.  What I said was that we improved the security at 3D ICC.  I also said that security can be improved but that was targeted at people interested in running Terf™ on SIPRNet or NIPRNet.  This is for military users not corporate or casual users. 

 

>

> -tom

>

>

> On Jun 17, 2013 10:46 AM, "Eugen Leitl" <eu...@leitl.org> wrote:

>

> >

> > OpenQwaq is potentially a useful tool for collaboration, especially

> > multimedia (webcam streaming to avatar face, audio (best with USB

> > headset) with ability to instantiate rooms) -- I've seen it scale to

> > groups or 50+ partipants. Collaborative editing is available.

 

We just had a 60 person meeting for the US Army.  It was a General briefing.  The users were located around the world.  We used webcams and video and the meeting went extremely well.

 

 

 

All the best,

 

Ron Teitelbaum

Head Of Engineering

3d Immersive Collaboration Consulting

r...@3dicc.com

Follow Me On Twitter: @RonTeitelbaum

> > Disclosure: no commercial relation to 3D ICC, just a happy user of

image002.jpg
Reply all
Reply to author
Forward
0 new messages