 |
| Russia wants to ban the use of secure protocols |
The Russian government is updating its technology laws to prevent the use of modern internet protocols that could affect surveillance and censorship functions.
According to the version and explanation of the proposed amendment to the law, the ban targets Internet protocols and technologies such as TLS 1.3, DoH, DoT and ESNI.
Moscow officials do not want to block HTTPS and encrypted communications as a whole, as they are essential for modern financial transactions, communications, military infrastructure, and critical infrastructure.
Instead, the government wants to block the use of internet protocols that block website ID names in HTTPS traffic.
When HTTPS encrypts the contents of an Internet connection, a third party (such as a telecom company) can use various technologies to locate the user's connection.
Third parties may not be able to crack the encryption and monitor the traffic, but they can track or block users. This is how some of the parental control lists work at the ISP level.
The two main methods that telecom companies use include viewing DNS traffic and field analysis to determine the server name in HTTPS traffic.
The first method is effective because browsers and applications present DNS queries in clear text and expose the destination website to the user before making the HTTPS connection.
The second method is effective because the field defining the server name in the HTTPS connection is not encrypted so that third parties can locate the HTTPS connection.
In the past decade, new internet protocols have been developed to address these two problems.
DoH and DoT can encrypt DNS queries. When TLS 1.3 and ESNI are used together, the server name identification can be prevented from leaking.
These agreements are gradually being adopted in browsers, cloud service providers, and websites around the world.
China implemented a regulatory firewall to block HTTPS traffic based on TLS 1.3 and ESNI. This means that these newer protocols can function normally.
Russia does not use a national firewall system, but the Moscow system relies on a system called SORM that allows security agencies to directly intercept Internet traffic from sources in data centers for law enforcement purposes.
The Russian Ministry of Communications operates a de facto national firewall on local ISPs through its regulatory authority.
The ministry has banned websites it deems unsafe for ten years and requires internet service providers to filter their traffic and block access to the site.
With the introduction of TLS 1.3, DoH, DoT and ESNI, all monitoring and control tools in Russia will become superfluous. Because it relies on accessing website identifiers that cause you to lose encrypted web connections.
Just like China, Russia is also removing these new technologies, and according to the proposed change in law, after a one-day warning, any company or website that uses the technology to hide its website ID in encrypted traffic will be banned from doing so.
The proposed law is currently under public debate, with public reactions by October 5th. Given the strategic, political, and intelligence benefits of changing the law, the amendment would almost certainly be adopted.