Why are we (still) sending so much web traffic unencrypted over the Internet?

In Internet We Trust

All of this is further complicated by the fact that, today, encryption on the Internet still relies upon trusting centralized authorities, certificate authorities (CAs) to be exact, in order to validate the authenticity of encryption keys used during an initial handshake that occurs between clients/browsers and servers. To make matters worse, which algorithms are going to be used to establish privacy are entirely variable, determined during the initial handshake, and the web is littered with clients and servers with a mismatched combination of (simultaneously) less/more secure algorithms and versions (which is why the TLS article is possibly the longest and ugliest article on all of Wikipedia).

TLS is anything but standard, and shouldn’t be trusted.

First, during the initial handshake, a client “Alice” (e.g. a web browser) that wishes to securely communicate with another entity “Bob” (e.g. a web server) must reach agreement with Bob as to what the definition of a “secure communications channel” even is. Next, in order for Alice to establish said secure channel with Bob (let’s call it Channel 1), Alice first needs to use another secure channel with Bob (Channel 2) for exchanging keys to encrypt Channel 1; but, to know that Channel 2 is secure, Alice first validates (over Channel 3) with the certificate authority “Val” to make sure an eavesdropper “Eve” isn’t disguised as Bob.

So, for Alice to trust that communications with Bob are secure from Eve, Alice needs to trust that Bob isn’t stupid and/or lazy and trust that Val isn’t the NSA in addition to trusting the protocols used to create Channels 1, 2, and 3.

This is known as a chain of trust. But,

who watches the watchers? Is the solution to Trust No One?

Trustless is the only way forward.

We need a so-called “trustless” Internet, with privacy and security that works fundamentally differently than it does today. But, contrary to how the “trustless” security paradigm sounds, it isn’t really about eliminating trust completely; instead, it’s about minimizing the scope of risk resulting from trust — to trust less. That’s because our problem with security and privacy on the Internet isn’t that we trust things/people, the problem is that we don’t know who not to trust or when, and we do not always know with what information we are entrusting them. (After all, we trust lots of things and people every day of our lives, including that the food we eat won’t poison us and that the airplanes we fly in won’t crash.)

There are paradigms other than the chain of trust used on the Internet today. For example, the web/network of trust paradigms create a decentralized/distributed model of trust that eliminates single points of failure. (The problem with a chain of trust is that each and every link is a single point of failure, so each link increases a multiplier for the probability of failure instead of increasing a divisor.) Still, solutions using these paradigms are not yet ready for prime time.

read original article here