According to the experts of an exploit writing course, Russian authorities have presented a bill aiming to ban cryptographic algorithms and encryption methods such as TLS 1.3, ESNI, DoH and DoT. The Ministry of Digital Science proposes to ban their use throughout Russian Federation, with the exception of cases established by law. This way, encryption protocols allowing hiding the name of a website or else, will be prohibited.
Experts estimate that the number of masking protocol usage aiming to hide the actual network device addresses from external systems are increasing in Russia, so authorities have made a compromise to stop the spreading of such practice.
In the bill, Ministry of Digital Science argues: “The use of these algorithms and encryption methods can reduce the efficiency of our existing filtering systems, which will cause the complex identification of resources on the Internet containing sensitive information, as well as any data source banned by the Russian Federation”.
Exploit writing course experts say that, in case of any breach against this law, the Ministry would suspend the working of the Internet resource used to break the law. Besides, the Ministry points out that the Unified Register of Russian Programs for Electronic Computers and Databases contains information about encryption protocols that can be used for criminal investigation purposes.
It is worth remembering that Russian Internet operates with serious restrictions, so the use of protocols like DoH or DoT can bypass such blocking policy hiding a request by encryption, so Russian Internet service providers won’t be able to block a specific resource because the users can hide their URL.
Reportedly, Russian government is set to start its capabilities for blocking traffic encrypted with DNS over HTTPS technology; these tests were supposed to start back in May 2020, but these were rescheduled due to technical issues, as reported by exploit writing course experts. The bill also states that it was prepared following a demand of the Russian Security Council dated December 4, 2019 as a plan to counter de spread of illegal information, of course, according to the Russian Federation criteria.
TLS 1.3 is the latest version of the Transport Layer Security protocol, released back in August 2018. This version includes independent process such as key negotiation, authentication, and cipher suites. On the other hand, DNS over TLS (DoT) is a proposed standard protocol for performing remote DNS resolution using TLS. The goal of this technique is to improve user privacy and security by preventing interception and manipulation of DNS data through Man-in-the-Middle (MiTM) attacks.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.