Several Horror Stories about the Encrypted Web

Tuesday, January 26, 2016 - 4:30pm–5:00pm

Peter Eckersley and Yan Zhu, Electronic Frontier Foundation


You would think that encrypting Internet protocols would be a simple matter of applying a trapdoor one-way function to all of your messages. In reality, encrypting the Web is a more sordid and byzantine undertaking. In this talk we will report upon a number of the more ghastly things we've encountered while working on the Let's Encrypt and HTTPS Everywhere projects, and on new methods you can use to stay safe and sane in this Lovecraftian world.

Peter Eckersley, Electronic Frontier Foundation

Peter Eckersley is Chief Computer Scientist for the Electronic Frontier Foundation. He leads a team of technologists who watch for technologies that, by accident or design, pose a risk to computer users' freedoms—and then look for ways to fix them. They write code to make the Internet more secure, more open, and safer against surveillance and censorship. They explain gadgets to lawyers and policymakers, and law and policy to gadgets.

Peter's work at EFF has included privacy and security projects such as the Let's Encrypt CA, Panopticlick, HTTPS Everywhere, and the SSL Observatory; helping to launch a movement for open wireless networks; fighting to keep modern computing platforms open; helping to startthe campaign against the SOPA/PIPA Internet blacklist legislation; and running the first controlled tests to confirm that Comcast was using forged reset packets to interfere with P2P protocols.

Yan Zhu, Electronic Frontier Foundation

Yan is a Technology Fellow at EFF working on Let's Encrypt, HTTPS Everywhere, and other projects for encrypting the web. She is also a Software Engineer at Brave Software, a developer of SecureDrop, and a former member of the W3C Technical Architecture Group.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@conference {206268,
author = {Peter Eckersley and Yan Zhu},
title = {Several Horror Stories about the Encrypted Web},
year = {2016},
address = {San Francisco, CA},
publisher = {USENIX Association},
month = jan

Presentation Video