Can the Internet be encrypted by default?
With the current debates about lawful intercept and increasing numbers of man-in-the-middle attacks, maybe the Internet should finally be made secure by default.
Encryption is currently used sparingly, mostly when connecting to e-commerce and financial services over the web. Here the https protocol is used and traffic between the user’s web browser and the server is protected from eavesdropping using SSL. The problems with this scheme are legendary, mostly associated with requiring users to notice when encryption is on and off, and knowing how to interpret certificate information and error messages.
But could encryption be turned on all the time, automatically?
Google has recently made https the default for Gmail, demonstrated that encryption can be scaled to millions of users. What about scaling it to the entire Internet?
Tcpcrypt is an extension to the TCP protocol designed to make encryption the default. It is backwardly compatible with traditional TCP, and it would protect old applications that don’t have encryption. And it works faster than the SSL we rely on today.