1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
:textile
h1(first). Encrypted Internet Proxy (EIP)
Around the world VPN and Tor technologies are essentially for protecting network traffic, bypass network monitoring, and circumventing censorship. Unfortunately, both VPN and Tor can be very difficult to set up and to configure correctly in a manner that actually provides high security.
The LEAP platform includes an Encrypted Internet Proxy (EIP) service that is hassle-free, automatically self-configuring, and provides an enhanced level of security. Initial, this EIP service will be built using OpenVPN, but we may include the option of using Tor as an alternate transport in the future.
h1. Features
LEAP's EIP client will:
* Automatically self-configure.
* Prevent unencrypted network traffic while the EIP is down (by default).
* Automatically starts on startup (by default).
* Prevent security leaks caused by problems with DNS, IPv6, and other common misconfigurations.
h1. Benefits
Traditional VPN or Tor provide a user with considerable benefit. These technologies allow a user to bypass network-based censorship and surveillance by the local ISP. They also aid in safe browsing by preventing web sites from capturing a user’s IP address, and thus geographic location. In the case of VPN, using a VPN can also give you a secure connection to a DNS server.
LEAP's Encrypted Internet Proxy provides additional benefits when paired with other communication services.
Current vulnerabilities in TLS and the x.509 certificate authority system make it nearly impossible to establish a secure internet connection with a website or a service provider. New initiatives, like Convergence and Sovereign Keys, hold long-term potential for solving this problem, but are either not available today or work only in limited circumstances.
By connecting to the internet through an EIP that is part of the LEAP platform, a user will be able to effectively establish out-of-band validation of their network encryption with the service provider.
h1. Future plans
h2. Tor
In the long run, we hope to offer both OpenVPN and Tor as possible transports for the EIP service.
Tor is an incredibly important project, but it makes different trade-offs than traditional VPN service does. For example, Tor affords the user greater anonymity, but at the cost of slower speed. The user should be able to make this choice. Currently, Tor does not include support UDP traffic, but when it does, we hope to allow the user to substitute Tor for OpenVPN via the LEAP client.
In the short run, our goal is to make all the LEAP services also work under well under Tor (as Tor hidden services), should a user decide to use Tor instead of LEAP's EIP.
h2. Darknet
We plan to eventually create a system to allow service providers who are deploying the LEAP platform to easily establish IPSec encryption of all network traffic with other service providers.
This will provide nearly complete end-to-end encryption of all the network traffic sent from one user to any other user. Each service provider, however, will still have cleartext access to the traffic of their users. The LEAP "darknet" protects against outside threats, not a compromised service provider.
h2. Anonymous Client Certificates
The LEAP platform is designed to de-couple a user's identity from the client certificate they use to connect to the EIP. The service provider will not know what user corresponds to which EIP network connection.
However, a compromised or nefarious provider could modify the LEAP platform to record a correspondence between username and EIP certificate. In the future, we would like to make this impossible.
Unfortunately, this is not an easy problem. The problem essentially boils down to this:
* Time 1: User authenticates with the provider to prove they are a valid user and receives a token.
* Time 2: User redeems this token to get services in a way that does not reveal their identity.
This is theoretically possible using various #{link_to 'zero-knowledge proofs', 'https://en.wikipedia.org/wiki/Zero_knowledge_proof'}. In the long run, we hope to support this capability.
h2. Friend in the middle
We plan to explore the feasibility of adding a "friend in the middle" to the EIP service. The idea is that the service provider can filter traffic in a way that benefits the privacy and security of the user. For example, the EIP gateway could filter advertising or third party behavioral tracking companies. More ambitiously, the friend in the middle could terminate TLS connections with compromised certificates using a server-side implementation of something like #{link_to 'convergence', 'http://convergence.io/'}.
|
