Ban‑ban‑ban. Russia wages war on web privacy with new ban on secure protocols
Александр Бородихин|Давид Френкель
Article
22 September 2020, 11:25

Ban‑ban‑ban. Russia wages war on web privacy with new ban on secure protocols

Photo: Anatoly Zhdanov / Kommersant

This week, Russian Ministry of Digital Development, Communications and Mass Media introduced a bill proposing to punish the use of cutting-edge technologies that hinder the blocking of websites and protect user data. This latest initiative to restrict internet freedoms has already puzzled technical experts. We explain which technologies the Russian government considers dangerous this time.

What happened

On December 4, 2019, President Vladimir Putin was in Sochi, where he held talks with Serbian President Aleksandar Vučić and a meeting with the leadership of the Ministry of Defence. The Kremlin’s official website did not report on this, but on the same day, an operational meeting of the Security Council on “countering the spread of illegal information on the Internet” also took place. The only mention of this event in open sources is in the explanatory note to the bill prepared by the Ministry of Communications to implement the Security Council's decisions. It’s a bill banning the “use on the territory of the Russian Federation of encryption protocols that allow hiding the name (identifier) of an Internet page or site on the Internet.”

The text of the bill does not clarify this wording, but the explanatory note states that “encryption protocols using cryptographic algorithms and encryption methods TLS 1.3, ESNI, DoH (DNS over HTTPS), DoT (DNS over TLS) are becoming more widespread.”

The ministry acknowledges that using these algorithms “can reduce the effectiveness of existing filtering systems” and prevent Russian authorities from blocking unwanted content. If the amendments are adopted, sites implementing new encryption technologies will also be subject to immediate blocking for violating the ban.

“The adoption of the bill aimed at banning the mass use of encryption protocols in the Russian Federation will positively impact the detection of resources on the Internet containing information whose distribution is restricted or prohibited in the Russian Federation,” the authors of the bill write.

What it means

The authors of the bill define an “encryption protocol that allows hiding the name (identifier) of an Internet page or site on the Internet” as an abstract or specific protocol that includes a set of rules regulating the use of cryptographic transformations and algorithms in information processes. The protocols and technologies the ministry intends to outlaw are briefly described below.

HTTPS is a secure data transfer protocol supported by all popular browsers today; unlike regular HTTP, traffic is encrypted here. When accessing a site via HTTPS, the user’s device and server communicate using a shared secret key generated for each session after the browser verifies the site’s digital certificate.

TLS. When establishing an HTTPS connection between a browser and a server using this protocol, a “handshake” is first performed. In the list of messages exchanged by the browser and server, the first is ClientHello—a description of the encryption methods and versions supported by the user’s program. For the past decade, the internet has been running on version 1.2 of the TLS protocol; now the world is moving to 1.3. The new version allows encrypting the user request at the ClientHello level, so the provider or attacker cannot understand which site the user is accessing and, consequently, cannot prevent data transfer or inject their own data.

ESNI is an extension to the TLS 1.3 protocol that encrypts information about which domain the request is being sent to during the initial “handshake” at the ClientHello request level. The technology was developed relatively recently in 2018 by engineers from Mozilla, Cloudflare, and Apple. In its simplest form, it allows hiding from prying eyes the name of the site the user is accessing. Since HTTPS technology allows multiple sites to be hosted at a single IP address, blocking specific resources becomes significantly more difficult: if it’s technically impossible to block access to a site by its URL (link) or IP address, a deeper analysis of the user device’s “technical” traffic is needed, but even there, the information is encrypted. According to the Technical Center of Internet, up to 200,000 sites in the Russian domain zone use properly configured ESNI.

DNS over HTTPS (DoH), DNS over TLS (DoT), and similar technologies pursue one goal—to prevent redirecting the client’s browser from the desired site to some third-party one (such attempts can be made by both attackers and providers on the instructions of government agencies). By encrypting DNS requests, the user makes traffic monitoring more difficult—for example, by deep packet inspection (DPI) systems deployed in Russia and other countries. The development of these technologies is carried out by major IT companies: DNS over HTTPS is supported by Firefox, Chrome, Edge, and Opera browsers, and support has been added to new versions of MacOS and iOS operating systems.

Overall, while the HTTPS protocol encrypts all user traffic except information about the domain the user is accessing, the other technologies mentioned above allow encrypting this technical information in various ways, making the connection even more secure from prying eyes.

IT expert Philip Kulin commented on the publication of the bill in his Telegram channel: “This is a meaningless set of words. To conclude from this that they wanted to ban all HTTPS is ridiculous. <...> From this, one can only conclude that [authors] didn’t bother to attend Russian language and literature lessons at school. If they even went to school at all.”

Vladislav Zdolnikov, a programmer who collaborated with the Anti-Corruption Foundation, linked the Ministry of Communications initiative to the success of Alexei Navalny’s Smart Voting campaign. He notes that the currently deployed DPI systems consider all ESNI traffic suspicious and block it.

The Chinese authorities use a similar approach: since the end of July, an update to the Great Firewall began blocking HTTPS connections using the TLS 1.3 protocol with the ESNI extension (its previous, unencrypted version, SNI, which allows censors to see the requested domain, still works).

What Will Happen Now

The explanatory note to the Ministry of Communications bill contains a reference to the official registry of computer programs, which “contains information about protocols using cryptographic algorithms and encryption methods possible for use in accordance with the legislation of the Russian Federation.”

The document does not mention domestic alternatives to foreign encryption protocols, but it is known that last year two crypto algorithms developed under the guidance of the FSB were registered: Magma and Kuznechik.

Foreign researchers have raised questions about their reliability: although the developers talked about the absence of hidden structures in the key element of the SBox crypto algorithm, similar “non-random” structures were discovered; the developers then explained this as coincidences and accused colleagues of the “speculative nature” of the claims.

Back in 2016, President Putin instructed officials to switch to Russian cryptography “in electronic interaction among themselves, with citizens and organizations.” During the development of the “sovereign internet law,” there were plans to include in it a requirement to protect all Russian traffic with domestic encryption, but the implementation of this idea was decided to be postponed.

Now, in the near future, there are plans to launch a state certification authority to issue domestic TLS certificates with GOST cryptography to domestic sites, but they will only be able to operate if the corresponding code is included in popular operating systems and browsers.

Editor: Dmitry Tkachev

Support Mediazona now!

Your donations directly help us continue our work

Load more