Encryption without Authentication?

This topic is discussion about: “Encryption” and value of (if any) Encryption without Authentication.

What is Authentication: in simple terms, “knowing the identity of the recipient of your encrypted data”.

Is Encryption of any value without knowing “Who you are encrypting for”? Afterall if you don’t know “who” you are encrypting for you could be encrypting for the very person you are trying to hide the information from.

Use case of Encrypting for a “domain name” (Domain name is the “recipient” of the encrypted data and not an individual). SSL certificates are about Encrypting the data from your browser to the domain name server.

Two different classes of Domain names (as far as Trust is concerned): Big brands or domains I know and trust (eg: Amazon.com, citibank.com etc) vs Domains that I am interacting with for the first time (I do not know who they are, nor Do I trust). Concept of “Pre-established Trust”. eg: I have established trust with these domains previously.

The notion I put forward is: Unless there is “pre-established trust”, encryption on its own without Authentication is useless!

I hope the above sets the scene, doors are now open, lets discuss :slight_smile:

But even if you get to know that for example the person behind some blog or whatever is called “john smith”, there you again have the problem of pre-established trust and where the identities get linked because on a completely new site which i never knew, the only thing i do know in many cases is that it is this domain.

And blogs and stuff aren’t really in anyway publicly registered so you couldn’t really put the name of a blog, forum etc. somewhere, so the domain name would be the only identity link in that cases.
In case a site is directly connected to an offline entity (like a company or a person) then it would be great to have an identity link for that. But the problem is, that at least in https in browsers the average user will never know without specifically checking for it (unless it’s the ev with the green bar) whether it’s just the domain name or a person/company, which makes this a little bit useless.

Also as I said in another post, even if you just have the domain validated, this is a proper part of authentication. The point is where you set the identity link.
I mean do you know the certificates/pubkeys for your websites? That would be pre-established trust in some way, but there always at the very least the auth level over the domain name.

Also i read that long ago the ssl requirements were pretty much as high as eva are now, where the lock was more or less marketed as a sign of trust (which is one point where the lock=trust thing is partially the fault of cas)

I personally think that with lower level authentication a lot higher part of the internet can be encrypted. Certificates back then were as i read pretty expensive and when we have the same requirements as evs today then we get back to the point that everything made by individuals cannot get a cert in the first place.

Many blogs or forums wouldn’t even be secured if we would have those pretty extreme requirements, especially considering that blogs and forums and stuff usually have their name the same or very similar to the domain, where a dv is fairly well.

Great! New concept…

We “identify” the identity behind the domain name, but we don’t know if “trust” them or not.

So we have 2 choices
1)Lets not identify who we are doing business with (no trust and no recourse for a legal process because you don’t know who you can sue)
2)Lets identify who we are doing business with (Identity established…we have a path for legal protection now)

Don’t we have the person responsible for the domain name via whois?

And as I said, in case of a normal person operating the site, the average user won’t even see the person behind.
Also usually you probably won’t have the address in the cert. I never have seen a personal identity cert but for example in case of the ov cert it says the following in the cert info
“cn = *.facebook.com
O = “facebook, inc.”
L = menlo park
St = ca
C = us”

So we would have no address etc, which makes suing a bit hard. If it’s a company they could be looked up but we are taking about people here.

Also I mostly talked about forums and blogs and stuff, you aren’t really doing “business” with those…


Mu1. I edited your post to respect sentence case and fixed some minor spelling errors while at it. I didn’t change anything of what you wrote.

Reading text without structural elements like capitals at the beginning of sentences makes it harder to read.

well you didnt say anything to the other points but I dont see that much in suing a forum or a blog because what should they have done?

also aside from that at least here in germany there’s a law that pretty much mandates that a site here in germany must have data about the one responsible for it available.
and why shoudnt thw whois have the data? my 2 domains have everything about me incl address and stuff.

@eric thanks for that. rarely use shift because I often tend to hit capslock and well that would give me rule problems in many places,

I am trying to focus the topic by identifying the important issues you are raising.

the question is:

So we have 2 choices
1)Lets not identify who we are doing business with (no trust and no recourse for a legal process because you don’t know who you can sue)
2)Lets identify who we are doing business with (Identity established…we have a path for legal protection now)

which one would you choose?

Of course there are sites that you don’t need to “trust” in order to “transact” with them, eg: Forums…but an “e-commerce” site you are giving your financial details to is a different use case.

For me, Encryption without Authentication is the definition of a Domain Validated (DV) certificate.
When Comodo originally started out every certificate was Authenticated prior to issuance.

I personally consider Domain Validated (DV) certificates dangerous… Maybe Melih has a different take on DV certificates?

why do you think DV is aithout authentication. a DV properly authenticates that you are talking with the right server and are not MITM’ed.

I would say without DV at least 50% of the sites that are encrypted now wouldnt be encrypted anymore, because smaller bloggers and stuff may nit have the money for high cost certificates.

also OV certs should in my opinion get a better recognition in browsers because these certainly are higher valiation than DV and as we know EVs cannot be given to individuals. I have no idea why this outright stupid rule was made but I think it’s a bad thing.

Just to throw out a thought,

Two different classes of Domain names (as far as Trust is concerned): Big brands or domains I know and trust (eg: Amazon.com, citibank.com etc)

Trusted domain names can be phished, and have been on more than one occasion. Without authentication of some sort, how do you know these “Big Brand” domains you accessed with your browser are in fact the real site? One cannot simply trust domain names to be who they say they are, irregardless if it is Google, CitiBank, etc. Trust without authentication is irresponsible.

and a DV cert is authentication because the CA made sure that the cert owner really has the domain.

So, the fact that you can receive an email is validation or authentication enough for you?

These types of certificate have IMHO the lowest authentication level possible where there is no actual checking of the entirety (business or person) requesting the certificate.
Being able to receive an email, for me, doesn’t count as a valid authentication method.

The chance’s are that most people who are doing malicious activities with websites will use this type of certificate.

I thought we agreed what “Authentication” was.
Authentication is NOT that you are talking to an IP address on the cert. (So you are changing the use of this definition…pls look at the first post where I put the definition that we both agreed)
Oh btw…the person you are talking to might not be the legitimate owner of that domain, because DV is not really a domain validation but a CV “control validation”. It only validates at the time of the check you had the control of the email address/domain…doesn’t say anything about if this person is controlling that domain legitimately or not.

Since this post is clearly a push for EV certs, I’ve had to spend some time actually finding an example site that bothers to use these. They clearly are not very prevalent (none of the websites I frequent use them), and therefore users are clearly not looking for them.

Let’s say I want to install Lastpass to manage my passwords. So I go and visit lastpass.com. The big green bar tells me that I am now dealing with “LogMeIn (Inc)”.

What, in a practical sense, does that tell me? Should I suddenly trust them with my passwords because I have an associated company name? More than a few companies have shown over the years to be completely untrustworthy and I have no reason to see them as any different based on the fact a CA chooses to tell a browser to color them in green. In fact, if not for the fact that I was already aware Lastpass was recently acquired by LogMeIn, I would likely consider the fact it doesn’t say “Lastpass (Inc)” a red flag.

Alternatively, I could try to use KeePassX. And I note their domain has a DV certificate only.

One of these products is fully open source and uses publically audited encryption. The other involves storing sensitive data on a magical cloud and trusting the implementation.

This post seems to make an argument that Lastpass is somehow objectively more trustworthy because someone went to the effort of getting an EV cert. Last time I tried to buy an EV cert, I was shown a string of overseas and blog-spam type websites by Comodo and told I needed to be listed there in order to qualify for EV. The suggestion that jumping through those sorts of hoops:

  • Somehow authenticates a company better
  • Should be necessary to establish a website can be trusted

Is absolutely absurd.

Now to the main point:

Unless there is “pre-established trust”, encryption on its own without Authentication is useless!

Practical threats and reasons to use TLS include:

  • Intercepted credentials on public networks
  • Manipulation of traffic by an ISP, such as inserting advertisements
  • Mass surveillance

I can resolve any of these with a domain validated certificate. How could you claim these are useless?

We “identify” the identity behind the domain name, but we don’t know if “trust” them or not.

And nothing about authenticating a company name changes this. I can just as easily walk into a physical shop, clearly knowing exactly who they are and where they are, and get ripped off. The one time I had a credit card stolen, it’s because I used it in a restaurant where the staff were skimming. You seem to feel this couldn’t happen, and that instead we need to “trust” a business, if they’ve put their name on a certificate. The majority of the Internet will disagree.

doesn’t say anything about if this person is controlling that domain legitimately or not.

There’s an irony in referring to hacked domains here. If someone happens to hack forums.comodo.com and start serving malware from here, what do you do? Do you:

  • Somehow deny this could happen and trust the site, because it has an EV cert?
  • Revoke the cert, as you’ve referred to elsewhere - and break the site even after it’s cleaned up?
  • Accept that the cert doesn’t have a lot to do with this scenario?

70 % of the certificates were DV in January 2015: http://www.netcraft.com/internet-data-mining/ssl-survey/

+1 If the name (O) is in the certificate, as it is for OV and EV, it should be directly visible to the user. OV could look like EV, but without the green background colour.

Intercepted credentials: When encrypting the traffic without authentication how do you know you are not encrypting the traffic from that person who was intending to intercept in the first place?
Mass surveillance: All major governments have their rootkeys in the browser.
Inserting Advertisement: Copyright infringement. if you claim they will go against the law, then they control DNS because they are your ISP.

I did not mention any products or certificate types. I wanted this post to be purely about encryption and authentication to understand use cases.
Knowing the entity you deal with is what “authentication” brings. It does not say if they are good or bad. This is better than not knowing who you gave your financial detail to on the internet.
The first stage is to provide “legal accountability” by making sure both parties in a transaction are “identified/authenticated” (not analysed if they are good people or not).

well for simple stuff like blogs and forums this is enough.
I know that I am at the right address.

also the case with lastpass is a cery intresting one that was brought up.
lastpass was bought up by logmein a while ago. before that they also had an EV cert which had “LastPass (Marvasol, Inc)” as the organization name.

if the name suddenly changes at least I would be quite alerted when I go on such a page.

the question is also how you do the domain validation. if it occurs via DNS and we have DNSSec it would be fairly secure

also as I said to the average user (who doesnt even know how to check cert info properly) an OV wouldnt really make a difference to the end user and as I have said more than often enogh, an individual CANNOT GET AN EV.

also @ceo I dont believe I changed the definition you gave, you said it is “knowing the identity of the recipient of your encrypted data”. and for me the identity of, let’s say for example the german android newssite AndroidPit is in my eyes identified with its domain “androidpit.de”.

I’m not sure why you keep bringing up OV and more specifically EV.
These are certificates only issued after authentication has been done, they are irrelevant to the topic thread of ‘Encryption without Authentication’, except to provide a comparison showing authenticated certificates are the better option.

the problem is that in practical sense of HTTPS that an individual cannot even get an authentication that matters to the person because the average person does probably not know how to check the cert info.

this then makes it look like no “authentication” (at least following the thoughts of the ceo) only.

the problem is that without the very expensive and hard to get EV cert, the authentication is never shown to the average user, and the machine doesnt care about the names since it can only validate the domain.