Opportunistic encryption (OE) refers to any system that, when connecting to another system, attempts to

encrypt In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decip ...

communications channels, otherwise falling back to unencrypted communications. This method requires no pre-arrangement between the two systems. Opportunistic encryption can be used to combat passive wiretapping. (an ''active'' wiretapper, on the other hand, can disrupt encryption negotiation to either force an unencrypted channel or perform a

man-in-the-middle attack In cryptography and computer security, a man-in-the-middle, monster-in-the-middle, machine-in-the-middle, monkey-in-the-middle, meddler-in-the-middle, manipulator-in-the-middle (MITM), person-in-the-middle (PITM) or adversary-in-the-middle (AiTM) ...

on the encrypted link.) It does not provide a strong level of

security" \n\n\nsecurity.txt is a proposed standard for websites' security information that is meant to allow security researchers to easily report security vulnerabilities. The standard prescribes a text file called \"security.txt\" in the well known locat ...

as authentication may be difficult to establish and secure communications are not mandatory. However, it does make the encryption of most

Internet traffic Internet traffic is the flow of data within the entire Internet, or in certain network links of its constituent networks. Common traffic measurements are total volume, in units of multiples of the byte, or as transmission rates in bytes per cert ...

easy to implement, which removes a significant impediment to the mass adoption of Internet traffic security. Opportunistic encryption on the Internet is described in "Opportunistic Encryption using the Internet Key Exchange (IKE)", "Opportunistic Security: Some Protection Most of the Time", and in "Opportunistic Security for HTTP/2".

Routers

The

FreeS/WAN FreeS/WAN, for Free Secure Wide-Area Networking, was a free software project, which implemented a reference version of the IPsec network security layer for Linux. The project goal of ubiquitous opportunistic encryption of Internet traffic ...

project was one of the early proponents of OE. The effort is continued by the former freeswan developers now working on Libreswan. Libreswan aims to support different authentication hooks for Opportunistic Encryption with

IPsec In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in ...

. Version 3.16, which was released in December 2015, had support for Opportunistic IPsec using AUTH-NULL which is based o
RFC 7619
The Libreswan Project is currently working on (forward)

Domain Name System Security Extensions The Domain Name System Security Extensions (DNSSEC) are a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS) in Internet Protocol (IP) networks. The protoc ...

(DNSSEC) and Kerberos support for Opportunistic IPsec. Openswan has also been ported to the

OpenWrt OpenWrt (from ''open wireless router'') is an open-source project for embedded operating systems based on Linux, primarily used on embedded devices to route network traffic. The main components are Linux, util-linux, musl, and BusyBox. A ...

project. Openswan used reverse

DNS The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to ...

records to facilitate the key exchange between the systems. It is possible to use

OpenVPN OpenVPN is a virtual private network (VPN) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client-server architect ...

and networking protocols to set up dynamic VPN links which act similar to OE for specific domains.

Linux and Unix-like systems

The FreeS/WAN and forks such as Openswan and strongSwan offer VPNs which can also operate in OE mode using IPsec based technology. Obfuscated TCP is another method of implementing OE.

Windows OS

Microsoft Windows platforms have an implementation of OE installed by default. This method uses IPsec to secure the traffic and is a simple procedure to turn on. It is accessed via the

MMC MMC may stand for: Business *Mail.com Media Corp., a former name of the US digital media company PMC * Marsh & McLennan Companies, an American-based global professional services firm *Master Municipal Clerk, a certification in the US for a munic ...

and "IP Security Policies on Local Computer" and then editing the properties to assign the "(Request Security)" policy. This will turn on optional IPsec in a Kerberos environment. Many systems also have problems when either side is behind a

NAT Nat or NAT may refer to: Computing * Network address translation (NAT), in computer networking Organizations * National Actors Theatre, New York City, U.S. * National AIDS trust, a British charity * National Archives of Thailand * National ...

. This problem is addressed by NAT Traversal (

NAT-T Network address translation traversal is a computer networking technique of establishing and maintaining Internet protocol connections across gateways that implement network address translation (NAT). NAT traversal techniques are required for m ...

) and is accomplished by editing a registry item. Using the filtering options provided in MMC, it is possible to tailor the networking to require, request or permit traffic to various domains and protocols to use encryption.

E-mail

Opportunistic Encryption can also be used for specific traffic like

e-mail Electronic mail (email or e-mail) is a method of exchanging messages ("mail") between people using electronic devices. Email was thus conceived as the electronic ( digital) version of, or counterpart to, mail, at a time when "mail" mean ...

using the

SMTP The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typic ...

STARTTLS Opportunistic TLS (Transport Layer Security) refers to extensions in plain text communication protocols, which offer a way to upgrade a plain text connection to an encrypted (TLS or SSL) connection instead of using a separate port for encrypted c ...

extension for relaying messages across the Internet, or the

Internet Message Access Protocol In computing, the Internet Message Access Protocol (IMAP) is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. IMAP is defined by . IMAP was designed with the goal ...

(IMAP) STARTTLS extension for reading e-mail. With this implementation, it is not necessary to obtain a certificate from a

certificate authority In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. Th ...

, as a

self-signed certificate In cryptography and computer security, self-signed certificates are public key certificates that are not issued by a certificate authority (CA). These self-signed certificates are easy to make and do not cost money. However, they do not provide an ...

can be used. * Using TLS with IMAP, POP3 and ACAP * SMTP Service Extension for Secure SMTP over TLS
STARTTLS and postfixSTARTTLS and Exchange
Many systems employ a variant with third-party add-ons to traditional email packages by first attempting to obtain an encryption key and if unsuccessful, then sending the email in the clear. PGP, p≡p, Hushmail, and Ciphire, among others can all be set up to work in this mode. In practice, STARTTLS in SMTP is often deployed with self-signed certificates, which represents a minimal one-time task for a system administrator, and results in most email traffic being opportunistically encrypted.

VoIP

Some

Voice over IP Voice over Internet Protocol (VoIP), also called IP telephony, is a method and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. The terms Interne ...

(VoIP) solutions provide for painless encryption of voice traffic when possible. Some versions of the

Sipura Technology Sipura Technology, Inc. was a Voice over IP (VoIP) startup company based in San Jose, California founded in 2003 with its siblings VideoCore and Komodo Technology, Inc. Sipura made VoIP telephone adapters including the Sipura Phone Adapter SPA21 ...

and

Linksys Linksys is an American brand of data networking hardware products mainly sold to home users and small businesses. It was founded in 1988 by the couple Victor and Janie Tsao, both Taiwanese immigrants to the United States. Linksys products in ...

lines of analog telephony adapters (ATA) include a hardware implementation of SRTP with the installation of a certificate from Voxilla, a VoIP information site. When the call is placed an attempt is made to use SRTP, if successful a series of tones are played into the handset, if not the call proceeds without using encryption.

Skype Skype () is a proprietary telecommunications application operated by Skype Technologies, a division of Microsoft, best known for VoIP-based videotelephony, videoconferencing and voice calls. It also has instant messaging, file transfer, ...

and

Amicima Amicima, Inc. was a software company headquartered in Santa Cruz, California, United States, developing new network protocols for client–server and peer-to-peer communication over the Internet and applications using the protocols. Amicima's as ...

use only secure connections and

Gizmo5 Gizmo5 (formerly known as Gizmo Project and SIPphone) was a voice over IP communications network and a proprietary freeware soft phone for that network. On November 12, 2009, Google announced that it had acquired Gizmo5. On March 4, 2011, Google ...

attempts a secure connection between its clients.

Phil Zimmermann Philip R. Zimmermann (born 1954) is an American computer scientist and cryptographer. He is the creator of Pretty Good Privacy (PGP), the most widely used email encryption software in the world. He is also known for his work in VoIP encryptio ...

, Alan Johnston, and

Jon Callas Jon Callas is an American computer security expert, software engineer, user experience designer, and technologist who is the co-founder and former CTO of the global encrypted communications service Silent Circle.http://www.linkedin.com/in/joncall ...

have proposed a new VoIP encryption protocol called

ZRTP ZRTP (composed of Z and Real-time Transport Protocol) is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a Voice over IP (VoIP) phone telephony call based on the Real-time Transport Protocol. ...

. They have an implementation of it called

Zfone is software for secure voice communication over the Internet (VoIP), using the ZRTP protocol. It is created by Phil Zimmermann, the creator of the PGP encryption software. Zfone works on top of existing SIP- and RTP-programs, but should work w ...

whose source and compiled binaries are available.

Websites

For encrypting

WWW The World Wide Web (WWW), commonly known as the Web, is an information system enabling documents and other web resources to be accessed over the Internet. Documents and downloadable media are made available to the network through web se ...

HTTP The Hypertext Transfer Protocol (HTTP) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web, ...

connections,

HTTPS Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is e ...

is typically used, which requires strict encryption and has significant administrative costs, both in terms of initial setup and continued maintenance costs for the

website A website (also written as a web site) is a collection of web pages and related content that is identified by a common domain name and published on at least one web server. Examples of notable websites are Google, Facebook, Amazon, and Wikip ...

operator. Most browsers verify the

webserver A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, in ...

's identity to make sure that an SSL certificate is signed by a trusted

and has not expired, usually requiring the website operator to manually change the certificate every one or two years. The easiest way to enable some sort of opportunistic website encryption is by using self-signed certificates, but this causes browsers to display a warning each time the website is visited unless the user manually marks the website's certificate as trusted. Because unencrypted websites do not currently display any such warnings, the use of self-signed certificates is not well received. In 2015,

Mozilla Mozilla (stylized as moz://a) is a free software community founded in 1998 by members of Netscape. The Mozilla community uses, develops, spreads and supports Mozilla products, thereby promoting exclusively free software and open standards, w ...

started to roll out opportunistic encryption in

Firefox Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements current and ...

version 37. This was quickly rolled back (in update 37.0.1) due to a serious

vulnerability Vulnerability refers to "the quality or state of being exposed to the possibility of being attacked or harmed, either physically or emotionally." A window of vulnerability (WOV) is a time frame within which defensive measures are diminished, com ...

that could bypass SSL certificate verification. Browser extensions like

HTTPS Everywhere HTTPS Everywhere is a Free and open-source software, free and open-source browser extension for Google Chrome, Microsoft Edge, Firefox, Mozilla Firefox, Opera (web browser), Opera, Brave (web browser), Brave, Vivaldi (web browser), Vivaldi and F ...

and HTTPSfinder find and automatically switch the connection to HTTPS when possible. Several proposals were available for true, seamless opportunistic encryption of

HTTP/2 HTTP/2 (originally named HTTP/2.0) is a major revision of the HTTP network protocol used by the World Wide Web. It was derived from the earlier experimental SPDY protocol, originally developed by Google. HTTP/2 was developed by the HTTP Working ...

protocol. These proposals were later rejected.

Poul-Henning Kamp Poul-Henning Kamp (; born 1966) is a Danish computer software developer known for work on various projects including FreeBSD and Varnish. He currently resides in Slagelse, Denmark. Involvement in the FreeBSD project Poul-Henning Kamp has been ...

, lead developer of

Varnish Varnish is a clear transparent hard protective coating or film. It is not a stain. It usually has a yellowish shade from the manufacturing process and materials used, but it may also be pigmented as desired, and is sold commercially in vario ...

and a senior

FreeBSD FreeBSD is a free and open-source Unix-like operating system descended from the Berkeley Software Distribution (BSD), which was based on Research Unix. The first version of FreeBSD was released in 1993. In 2005, FreeBSD was the most popular ...

kernel developer, has criticized the

IETF The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements and ...

for following a particular

political agenda In politics, a political agenda is a list of subjects or problems (issues) to which government officials as well as individuals outside the government are paying serious attention to at any given time. The political agenda is most often shaped ...

with HTTP/2 for not implementing opportunistic encryption in the standard.

Weaknesses

implementations often used with

are vulnerable to STRIPTLS attacks when subject to active wiretapping.

References

External links

Enabling Email Confidentiality through the use of Opportunistic Encryption
by

Simson Garfinkel Simson L. Garfinkel (born 1965) is Senior Data Scientist at the Department of Homeland Security (DHS). He was formerly the US Census Bureau's Senior Computer Scientist for Confidentiality and Data Access. Previously, he was a computer scientist at ...

of the

MIT Laboratory for Computer Science The Massachusetts Institute of Technology (MIT) is a private land-grant research university in Cambridge, Massachusetts. Established in 1861, MIT has played a key role in the development of modern technology and science, and is one of the m ...

, May 2003
Windows KB article on NAT-T and DH2048
* – Opportunistic Encryption using the Internet Key Exchange (IKE) * – Pervasive Monitoring Is an Attack {{SSL/TLS Cryptographic software Internet Protocol based network software Internet privacy