aboutsummaryrefslogtreecommitdiff
path: root/slides/2021-padsec
diff options
context:
space:
mode:
authorRasmus Dahlberg <rasmus@rgdd.se>2024-10-15 15:35:20 +0200
committerRasmus Dahlberg <rasmus@rgdd.se>2024-10-15 15:35:45 +0200
commit76bae02bcd7d6b3ec9eea428e5e95da184a8dbfb (patch)
tree410ab71c78c99d35aecd46733958a5699cdf5204 /slides/2021-padsec
parent883a67439aff566962adafeb0385c6ae972073a3 (diff)
Rescue some slides from old private mono repos
Diffstat (limited to 'slides/2021-padsec')
-rw-r--r--slides/2021-padsec/README1
-rw-r--r--slides/2021-padsec/beamercolorthemergd.sty24
-rw-r--r--slides/2021-padsec/beamerfontthemergd.sty9
-rw-r--r--slides/2021-padsec/beamerinnerthemergd.sty49
-rw-r--r--slides/2021-padsec/beamerouterthemergd.sty71
-rw-r--r--slides/2021-padsec/beamerthemergd.sty23
-rw-r--r--slides/2021-padsec/handout.pdfbin0 -> 2387005 bytes
-rw-r--r--slides/2021-padsec/img/after.tex70
-rw-r--r--slides/2021-padsec/img/before.tex46
-rw-r--r--slides/2021-padsec/img/clean.jpgbin0 -> 365111 bytes
-rw-r--r--slides/2021-padsec/img/curl.jpgbin0 -> 1634737 bytes
-rwxr-xr-xslides/2021-padsec/img/kau.pngbin0 -> 66309 bytes
-rw-r--r--slides/2021-padsec/img/log-request.tex47
-rw-r--r--slides/2021-padsec/img/mt.tex19
-rw-r--r--slides/2021-padsec/img/mullvad.pngbin0 -> 38642 bytes
-rw-r--r--slides/2021-padsec/img/openbsd.pdfbin0 -> 1778095 bytes
-rw-r--r--slides/2021-padsec/img/rb.pngbin0 -> 38913 bytes
-rw-r--r--slides/2021-padsec/img/rgdd.jpgbin0 -> 106846 bytes
-rw-r--r--slides/2021-padsec/img/thanks.pdfbin0 -> 12497 bytes
-rw-r--r--slides/2021-padsec/img/tree-leaf.trunnel9
-rw-r--r--slides/2021-padsec/main.tex21
-rw-r--r--slides/2021-padsec/slides.pdfbin0 -> 2418265 bytes
-rw-r--r--slides/2021-padsec/src/body.tex366
-rw-r--r--slides/2021-padsec/src/preamble.tex113
-rw-r--r--slides/2021-padsec/src/titlepage.tex3
25 files changed, 871 insertions, 0 deletions
diff --git a/slides/2021-padsec/README b/slides/2021-padsec/README
new file mode 100644
index 0000000..9bb6769
--- /dev/null
+++ b/slides/2021-padsec/README
@@ -0,0 +1 @@
+My talk at the 1st padsec conference.
diff --git a/slides/2021-padsec/beamercolorthemergd.sty b/slides/2021-padsec/beamercolorthemergd.sty
new file mode 100644
index 0000000..74ced1c
--- /dev/null
+++ b/slides/2021-padsec/beamercolorthemergd.sty
@@ -0,0 +1,24 @@
+\mode<presentation>
+
+%%%
+% Color definitions
+%%%
+\RequirePackage{xcolor}
+\definecolor{rgdGreen}{RGB}{33,114,106}
+\definecolor{rgdYellow}{RGB}{255,210,4}
+\definecolor{rgdOrange}{RGB}{232,114,12}
+\colorlet{rgdGray}{gray!33}
+\colorlet{rgdBlack}{black}
+
+%%%
+% Beamer colors
+%%%
+\setbeamercolor*{titlepage}{fg=rgdBlack}
+\setbeamercolor*{author}{fg=rgdGreen}
+\setbeamercolor*{date}{fg=black}
+\setbeamercolor*{header}{bg=rgdYellow,fg=black}
+\setbeamercolor*{trailer}{bg=rgdGray,fg=black}
+\setbeamercolor*{item}{fg=rgdGreen}
+\setbeamercolor*{alerted text}{fg=rgdGreen}
+
+\mode<all>
diff --git a/slides/2021-padsec/beamerfontthemergd.sty b/slides/2021-padsec/beamerfontthemergd.sty
new file mode 100644
index 0000000..a6d212c
--- /dev/null
+++ b/slides/2021-padsec/beamerfontthemergd.sty
@@ -0,0 +1,9 @@
+\mode<presentation>
+
+\setbeamerfont{title}{size=\large,shape=\bfseries}
+\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries}
+\setbeamerfont{frametitle}{size=\large,shape=\bfseries}
+\setbeamerfont{institute}{size=\small}
+\setbeamerfont{date}{size=\small}
+
+\mode<all>
diff --git a/slides/2021-padsec/beamerinnerthemergd.sty b/slides/2021-padsec/beamerinnerthemergd.sty
new file mode 100644
index 0000000..b96a415
--- /dev/null
+++ b/slides/2021-padsec/beamerinnerthemergd.sty
@@ -0,0 +1,49 @@
+\mode<presentation>
+
+%%%
+% Title page
+%%%
+\defbeamertemplate*{title page}{rgd}[1][]{
+ \begin{tikzpicture}[remember picture, overlay]
+ \usebeamercolor{titlepage}
+ % Add top-left triangle with university logo
+ \filldraw[draw=rgdGray,fill=rgdGray]
+ (current page.north west) --
+ (current page.north) --
+ node[draw=none,pos=0.5](LogoMul){\includegraphics[width=3.5cm]{img/mullvad}}
+ (current page.west) --
+ (current page.north west);
+ \filldraw[draw=rgdGray,fill=rgdGray]
+ (current page.north east) --
+ (current page.north) --
+ node[draw=none,pos=0.5](LogoKau){\includegraphics[width=3cm]{img/kau}}
+ (current page.east) --
+ (current page.north east);
+ % Add title
+ \node[
+ text=fg,
+ text width=0.75\paperwidth,
+ ] (Title) at ([shift={(0,-0.5cm)}]current page){%
+ \centering\usebeamerfont{title}\inserttitle\\%
+ };
+ % Add date
+ \node[
+ text=fg,
+ text width=0.75\paperwidth,
+ below=0pt of Title,
+ ] (Subtitle) {%
+ \centering\usebeamerfont{date}\today\\%
+ };
+ % Add authors
+ \usebeamercolor{author}
+ \node[
+ text=fg,
+ text width=0.75\paperwidth,
+ below=0pt of Subtitle,
+ ] (Author) {%
+ \centering\usebeamerfont{author}\insertauthor\\%
+ };
+ \end{tikzpicture}
+}
+
+\mode<all>
diff --git a/slides/2021-padsec/beamerouterthemergd.sty b/slides/2021-padsec/beamerouterthemergd.sty
new file mode 100644
index 0000000..45ba820
--- /dev/null
+++ b/slides/2021-padsec/beamerouterthemergd.sty
@@ -0,0 +1,71 @@
+\mode<presentation>
+
+%%%
+% Frame header
+%%%
+\defbeamertemplate*{frametitle}{corporate}[1][]{%
+ \nointerlineskip
+ % Add frame title
+ \begin{beamercolorbox}[
+ wd=\paperwidth,
+ ht=3ex,
+ dp=1.5ex,
+ left,
+ leftskip=2ex
+ ]{header}
+ \insertframetitle
+ \end{beamercolorbox}
+ % Add line after header
+ \nointerlineskip
+ \begin{beamercolorbox}[
+ wd=\paperwidth,
+ ht=0.25ex
+ ]{trailer}
+ \end{beamercolorbox}%
+}
+
+%%%
+% Frame trailer
+%%%
+\defbeamertemplate*{footline}{corporate}{%
+ \hbox{%
+ % Add metadata
+ \begin{beamercolorbox}[
+ wd=0.50\paperwidth,
+ ht=2ex,
+ dp=0.5ex,
+ left,
+ leftskip=2ex
+ ]{trailer}
+ \href{https://rgdd.github.io}{rgdd.github.io}
+ $\cdots$
+ \href{https://twitter.com/\_\_rgdd}{@\_\_rgdd}
+ $\cdots$
+ \href{mailto:rasmus@mullvad.net}{rasmus@mullvad.net}
+ $\cdots$
+ \href{mailto:rasmus.dahlberg@kau.se}{rasmus.dahlberg@kau.se}
+ \end{beamercolorbox}%
+ % Add title
+ \begin{beamercolorbox}[
+ wd=0.45\paperwidth,
+ ht=2ex,
+ dp=0.5ex,
+ left,
+ leftskip=2ex
+ ]{header}
+ \inserttitle
+ \end{beamercolorbox}%
+ % Add page counter
+ \begin{beamercolorbox}[
+ wd=0.05\paperwidth,
+ ht=2ex,
+ dp=0.5ex,
+ right,
+ rightskip=1ex
+ ]{header}
+ \insertframenumber/\inserttotalframenumber
+ \end{beamercolorbox}%
+ }
+}
+
+\mode<all>
diff --git a/slides/2021-padsec/beamerthemergd.sty b/slides/2021-padsec/beamerthemergd.sty
new file mode 100644
index 0000000..022ef2c
--- /dev/null
+++ b/slides/2021-padsec/beamerthemergd.sty
@@ -0,0 +1,23 @@
+\mode<presentation>
+
+%%%
+% Load beamer settings
+%%%
+\usecolortheme{rgd}
+\usefonttheme{rgd}
+\useinnertheme{rgd}
+\useoutertheme{rgd}
+
+%%%
+% Disable navigation tools on slides
+%%%
+\setbeamertemplate{navigation symbols}{}
+
+%%%
+% Object styles
+%%%
+\setbeamertemplate{itemize item}[square]
+\setbeamertemplate{itemize subitem}[default]
+\setbeamertemplate{sections/subsections in toc}[square]
+
+\mode<all>
diff --git a/slides/2021-padsec/handout.pdf b/slides/2021-padsec/handout.pdf
new file mode 100644
index 0000000..a262e86
--- /dev/null
+++ b/slides/2021-padsec/handout.pdf
Binary files differ
diff --git a/slides/2021-padsec/img/after.tex b/slides/2021-padsec/img/after.tex
new file mode 100644
index 0000000..c2af725
--- /dev/null
+++ b/slides/2021-padsec/img/after.tex
@@ -0,0 +1,70 @@
+\begin{tikzpicture}[
+ -latex,
+ entity/.style = {
+ draw = gray!30,
+ thick,
+ rounded rectangle,
+ fill = white,
+ minimum width = 2cm,
+ font = \fontsize{8}{8}\selectfont,
+ text = white,
+ },
+ relation/.style = {
+ draw = none,
+ font = \fontsize{6}{6}\selectfont,
+ },
+ path/.style = {
+ draw,
+ thick,
+ -latex,
+ },
+]
+ \node[entity, fill=darkBlue] (Publisher) at (0,0) { Publisher };
+ \node[entity, fill=darkGreen, below=1.5cm of Publisher] (EndUser) {End-user};
+ \node[entity, fill=darkOrange, left=1.5cm of Publisher] (Log) {Log};
+ \node[entity, fill=darkRed, below=1.5cm of Log] (Witness) {Witness};
+
+ % Key setup
+ \path[path, dashed] ($ (EndUser) + (2,0) $) --
+ node[relation, above] { Public keys }
+ (EndUser);
+ % Get data and signature
+ \path[path] (Publisher) --
+ node[relation, right] {
+ \begin{tabular}{c}
+ Opaque data\\
+ Signature\\
+ Proofs of logging\\
+ \end{tabular}
+ }
+ (EndUser);
+ % Verification
+ \path[path, rounded corners]
+ (EndUser.180) -|
+ ($ (EndUser) + (-1.25,-.75) $)
+ node[relation, below]{
+ Verify
+ } -|
+ (EndUser.210);
+
+
+ % Cosigning
+ \path[path] (Witness) edge[bend right]
+ node[relation,right]{Cosignature}
+ (Log);
+ \path[path] (Log) edge[bend right]
+ node[relation,left]{Tree head}
+ (Witness);
+ \path[path, rounded corners]
+ (Witness.180) -|
+ ($ (Witness) + (-1.25,-.75) $)
+ node[relation, below]{
+ Verify
+ } -|
+ (Witness.210);
+
+ % Get proofs
+ \path[path] (Log) --
+ node[relation,above]{Proofs of logging}
+ (Publisher);
+\end{tikzpicture}
diff --git a/slides/2021-padsec/img/before.tex b/slides/2021-padsec/img/before.tex
new file mode 100644
index 0000000..f634ef4
--- /dev/null
+++ b/slides/2021-padsec/img/before.tex
@@ -0,0 +1,46 @@
+\begin{tikzpicture}[
+ -latex,
+ entity/.style = {
+ draw = gray!30,
+ thick,
+ rounded rectangle,
+ fill = white,
+ minimum width = 2cm,
+ font = \fontsize{8}{8}\selectfont,
+ text = white,
+ },
+ relation/.style = {
+ draw = none,
+ font = \fontsize{6}{6}\selectfont,
+ },
+ path/.style = {
+ draw,
+ thick,
+ -latex,
+ },
+]
+ \node[entity, fill=darkBlue] (Publisher) at (0,0) { Publisher };
+ \node[entity, fill=darkGreen, below=1.5cm of Publisher] (EndUser) {End-user};
+
+ % Key setup
+ \path[path, dashed] ($ (EndUser) + (2,0) $) --
+ node[relation, above] { Public key }
+ (EndUser);
+ % Get data and signature
+ \path[path] (Publisher) --
+ node[relation, right] {
+ \begin{tabular}{c}
+ Opaque data\\
+ Signature\\
+ \end{tabular}
+ }
+ (EndUser);
+ % Verification
+ \path[path, rounded corners]
+ (EndUser.180) -|
+ ($ (EndUser) + (-1.25,-.75) $)
+ node[relation, below]{
+ Verify
+ } -|
+ (EndUser.210);
+\end{tikzpicture}
diff --git a/slides/2021-padsec/img/clean.jpg b/slides/2021-padsec/img/clean.jpg
new file mode 100644
index 0000000..2465e5e
--- /dev/null
+++ b/slides/2021-padsec/img/clean.jpg
Binary files differ
diff --git a/slides/2021-padsec/img/curl.jpg b/slides/2021-padsec/img/curl.jpg
new file mode 100644
index 0000000..51765e7
--- /dev/null
+++ b/slides/2021-padsec/img/curl.jpg
Binary files differ
diff --git a/slides/2021-padsec/img/kau.png b/slides/2021-padsec/img/kau.png
new file mode 100755
index 0000000..0c7c885
--- /dev/null
+++ b/slides/2021-padsec/img/kau.png
Binary files differ
diff --git a/slides/2021-padsec/img/log-request.tex b/slides/2021-padsec/img/log-request.tex
new file mode 100644
index 0000000..08edf87
--- /dev/null
+++ b/slides/2021-padsec/img/log-request.tex
@@ -0,0 +1,47 @@
+\begin{tikzpicture}[
+ -latex,
+ entity/.style = {
+ draw = gray!30,
+ thick,
+ rounded rectangle,
+ fill = white,
+ minimum width = 2cm,
+ font = \fontsize{8}{8}\selectfont,
+ text = white,
+ },
+ relation/.style = {
+ draw = none,
+ font = \fontsize{6}{6}\selectfont,
+ },
+ path/.style = {
+ draw,
+ thick,
+ -latex,
+ },
+]
+ \node[entity, fill=darkBlue] (Publisher) at (0,0) { Publisher };
+ \node[entity, fill=darkGreen, below=1.5cm of Publisher] (DNS) {DNS};
+ \node[entity, fill=darkOrange, left=1.5cm of Publisher] (Log) {Log};
+
+ % Setup DNS
+ \path[path, dashed] (Publisher) --
+ node[relation, right] {TXT RR}
+ (DNS);
+
+ \path[path] (Publisher) edge[bend right]
+ node[relation, above] {
+ Key-value pairs
+ }
+ (Log);
+ \path[path] (Log) edge[bend right]
+ node[relation,below] {
+ accept/reject
+ }
+ (Publisher);
+
+ \path[path, rounded corners] (Log) |-
+ node[relation,below,pos=.75]{
+ verify TXT RR
+ }
+ (DNS);
+\end{tikzpicture}
diff --git a/slides/2021-padsec/img/mt.tex b/slides/2021-padsec/img/mt.tex
new file mode 100644
index 0000000..3deaf62
--- /dev/null
+++ b/slides/2021-padsec/img/mt.tex
@@ -0,0 +1,19 @@
+\begin{tikzpicture}[
+ -latex,
+]
+ \Tree [
+ .$\hash(h_{01}\concat h_{23})$ [
+ .$h_{01}\coloneqq\hash(h_0\concat h_1)$ [
+ .$h_0\coloneqq\hash(\mathsf{foo})$
+ ] [
+ .$h_1\coloneqq\hash(\mathsf{bar})$
+ ]
+ ] [
+ .$h_{23}\coloneqq\hash(h_2\concat h_3)$ [
+ .$h_2\coloneqq\hash(\mathsf{baz})$
+ ] [
+ .$h_3\coloneqq\hash(\mathsf{qux})$
+ ]
+ ]
+ ]
+\end{tikzpicture}
diff --git a/slides/2021-padsec/img/mullvad.png b/slides/2021-padsec/img/mullvad.png
new file mode 100644
index 0000000..4574eb1
--- /dev/null
+++ b/slides/2021-padsec/img/mullvad.png
Binary files differ
diff --git a/slides/2021-padsec/img/openbsd.pdf b/slides/2021-padsec/img/openbsd.pdf
new file mode 100644
index 0000000..53c6c98
--- /dev/null
+++ b/slides/2021-padsec/img/openbsd.pdf
Binary files differ
diff --git a/slides/2021-padsec/img/rb.png b/slides/2021-padsec/img/rb.png
new file mode 100644
index 0000000..a0b30cb
--- /dev/null
+++ b/slides/2021-padsec/img/rb.png
Binary files differ
diff --git a/slides/2021-padsec/img/rgdd.jpg b/slides/2021-padsec/img/rgdd.jpg
new file mode 100644
index 0000000..597b406
--- /dev/null
+++ b/slides/2021-padsec/img/rgdd.jpg
Binary files differ
diff --git a/slides/2021-padsec/img/thanks.pdf b/slides/2021-padsec/img/thanks.pdf
new file mode 100644
index 0000000..9ad4dc8
--- /dev/null
+++ b/slides/2021-padsec/img/thanks.pdf
Binary files differ
diff --git a/slides/2021-padsec/img/tree-leaf.trunnel b/slides/2021-padsec/img/tree-leaf.trunnel
new file mode 100644
index 0000000..c3806f3
--- /dev/null
+++ b/slides/2021-padsec/img/tree-leaf.trunnel
@@ -0,0 +1,9 @@
+/*
+ * The logged Merkle tree leaf data
+ */
+struct tree_leaf {
+ u64 shard_hint;
+ u8 checksum[32];
+ u8 signature[64];
+ u8 key_hash[32];
+}
diff --git a/slides/2021-padsec/main.tex b/slides/2021-padsec/main.tex
new file mode 100644
index 0000000..2c617fa
--- /dev/null
+++ b/slides/2021-padsec/main.tex
@@ -0,0 +1,21 @@
+\pdfminorversion=4
+%\documentclass[handout,aspectratio=169]{beamer}
+\documentclass[aspectratio=169]{beamer}
+\usetheme{rgd}
+
+\input{src/preamble}
+
+\title{%
+ An Introduction to System Transparency Logging
+}
+\author{%
+ Rasmus Dahlberg
+}
+\date{%
+ \today
+}
+
+\begin{document}
+ \input{src/titlepage}
+ \input{src/body}
+\end{document}
diff --git a/slides/2021-padsec/slides.pdf b/slides/2021-padsec/slides.pdf
new file mode 100644
index 0000000..9e9872d
--- /dev/null
+++ b/slides/2021-padsec/slides.pdf
Binary files differ
diff --git a/slides/2021-padsec/src/body.tex b/slides/2021-padsec/src/body.tex
new file mode 100644
index 0000000..f748c79
--- /dev/null
+++ b/slides/2021-padsec/src/body.tex
@@ -0,0 +1,366 @@
+\begin{frame}
+ \begin{columns}
+ \begin{column}{0.5\textwidth}
+ \mktitle{Outline}
+ \begin{enumerate}
+ \item Explore the problem area
+ \item A bird's view of the design
+ \item Revisit the problem area
+ \item How to get involved
+ \end{enumerate}
+ \end{column}
+ \begin{column}{0.5\textwidth}
+ \centering
+ \includegraphics[width=\columnwidth]{img/rgdd}
+ \burl{https://creativecommons.org/licenses/by-sa/4.0/}
+ \end{column}
+ \end{columns}
+\end{frame}
+
+%
+% https://curl.se/download.html
+%
+\begin{frame}
+ %
+ % 1. Introduce the setup. Daniel represents many software projects.
+ % 2. How would you know if your private key got compromised?
+ %
+ \begin{columns}
+ \begin{column}{0.5\textwidth}
+ \mktitle{Meet Daniel, the author of \texttt{curl}}
+ \begin{itemize}
+ \item Digital signing using \texttt{gpg}
+ \item Long-term RSA public key
+ \end{itemize}
+ \end{column}
+ \begin{column}{0.5\textwidth}
+ \centering
+ \includegraphics[height=.75\textheight]{img/curl}
+ \burl{https://creativecommons.org/licenses/by-sa/4.0/}
+ \end{column}
+ \end{columns}
+\end{frame}
+
+%%
+%% signify: https://www.openbsd.org/papers/bsdcan-signify.html
+%%
+%% Locate next public key from the current OpenBSD, version 69.
+%% 1. Download from mirror: https://cdn.openbsd.org/pub/OpenBSD/6.9/
+%% 2. Unpack src.tar.gz
+%% 3. See etc/signify/openbsd-70-base.pub
+%%
+%\begin{frame}
+% %
+% % 1. Introduce the setup. A newer type of tooling than gpg. Sort of built-
+% % in revocation by "ignoring the problem until it goes away".
+% % 2. However, you would still like to know if you have a problem or not.
+% %
+% \vfill
+% \begin{columns}
+% \begin{column}{0.5\textwidth}
+% \mktitle{Meet Puffy, the OpenBSD cartoon}
+% \begin{itemize}
+% \item Digital signing using \texttt{signify}
+% \item Basically an interface to use Ed25519
+% \item Public keys are rotated every release
+% \end{itemize}
+% \end{column}
+% \begin{column}{0.5\textwidth}
+% \centering
+% \includegraphics[width=\columnwidth]{img/openbsd}
+% \burl{https://www.openbsd.org/art4.html}
+% \end{column}
+% \end{columns}
+%\end{frame}
+
+%
+% https://arxiv.org/pdf/2104.06020.pdf, page 6 for the challenge.
+%
+\begin{frame}
+ %
+ % 1. What is R-B.
+ % 2. Challenge
+ % 3. How I think that challenge could be approached
+ %
+ \vfill
+ \begin{columns}
+ \begin{column}{0.5\textwidth}
+ \mktitle{Meet the R-B project}
+ \begin{itemize}
+ \item Same input gives the same output
+ \item Consensus of ``valid'' checksum?
+ \end{itemize}
+ \end{column}
+ \begin{column}{0.5\textwidth}
+ \centering
+ \includegraphics[width=\columnwidth]{img/rb}
+ \burl{https://creativecommons.org/licenses/by-sa/4.0/}
+ \end{column}
+ \end{columns}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Problem summary}
+ \vfill
+ \begin{columns}
+ \begin{column}{0.125\textwidth}
+ \end{column}
+ \begin{column}{0.75\textwidth}
+ \begin{enumerate}
+ \item What signatures were produced by a given private key?
+ \item Consensus of checksums that should be considered valid?
+ \end{enumerate}
+ \end{column}
+ \begin{column}{0.125\textwidth}
+ \end{column}
+ \end{columns}
+ \vfill
+\end{frame}
+
+\begin{frame}
+ %
+ % 1. Introduce the system. Think first two paragraphs in design.md
+ %
+ \mktitle{Our starting point}
+ \begin{columns}
+ \begin{column}{0.5\textwidth}
+ \begin{itemize}
+ \item Data publisher
+ \item End-user
+ \item Assumptions
+ \begin{itemize}
+ \item Public key can be located
+ \item Signed data can be located
+ \item End-user can install extra tooling
+ \end{itemize}
+ \end{itemize}
+ \end{column}
+ \begin{column}{0.5\textwidth}
+ \centering
+ \input{img/before}
+ \end{column}
+ \end{columns}
+ \vfill
+ \pause
+ \alert{The attacker can compromise the data publisher}\\
+ \pause
+ \alert{The goal is to detect unwanted key-usage}
+\end{frame}
+
+\begin{frame}
+ %
+ % 1. Our design is about transparency logs. So, I need to explain briefly
+ % what a transparency log is.
+ % 2. Append-only Merkle tree. You can think of the data as being stored in
+ % the leaves. Each leaf is hashed. Parents concatenate their children
+ % hashes to produces their own hash values. Repeat until single root hash.
+ % 3. The root hash is usually called a tree head.
+ % 4. Tree head interesting because it fixes the structure and the content of
+ % the tree. Add/remove/modify -> new tree head.
+ % 5. If the log signs the tree head, you can hold it accountable for its
+ % structure and content.
+ % 6. This is important because the attacker can control the log.
+ % 7. So we cannot trust that the log is append-only. We will need to verify
+ % that. To this end we have consistency proofs. The intuition is that you
+ % can force the log to reveal a number of cryptographic hashes. These
+ % hashes will prove that the tree head you see today is consistent with the
+ % tree head you saw yesterday.
+ % 8. You can also prove that something is in the log efficiently. This is
+ % called an inclusion proof. The intuition is that you reveal a number of
+ % hashes. If you can use them to reconstruct the root of a globally
+ % consistent tree head you can be sure that some data is in the log.
+ % 8. Global consistency (as opposed to just consistency) is what prevents
+ % the log from creating forks. I will return to this later on because it is
+ % an important part of our design.
+ % (9. Not having global consistency would be like having a blockchain
+ % without a consensus mechanism.)
+ %
+ \mktitle{A quick step back---Transparency log crash course}
+ \input{img/mt}
+ \vfill
+ \begin{columns}
+ \begin{column}{0.33\textwidth}
+ \begin{itemize}
+ \item Tree head
+ \end{itemize}
+ \end{column}
+ \begin{column}{0.33\textwidth}
+ \begin{itemize}
+ \item Consistency proof
+ \end{itemize}
+ \end{column}
+ \begin{column}{0.33\textwidth}
+ \begin{itemize}
+ \item Inclusion proof
+ \end{itemize}
+ \end{column}
+ \end{columns}
+ \vfill
+ \pause
+ \alert{The attacker can control the log}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Preparing a logging request}
+ \begin{columns}
+ \begin{column}{0.5\textwidth}
+ \begin{itemize}
+ \item Select a shard hint and checksum
+ \item Sign using your private key
+ \end{itemize}
+ \end{column}
+ \begin{column}{0.5\textwidth}
+ \lstinputlisting[style=CStyle]{img/tree-leaf.trunnel}
+ \end{column}
+ \end{columns}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Submitting a logging request}
+ \begin{columns}
+ \begin{column}{0.2\textwidth}
+ \underline{Key-value pairs:}
+ \begin{itemize}
+ \item Shard hint
+ \item Checksum
+ \item Signature
+ \item Public key
+ \item Domain hint
+ \end{itemize}
+ \end{column}
+ \begin{column}{0.8\textwidth}
+ \centering
+ \input{img/log-request}
+ \end{column}
+ \end{columns}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Distributing proofs of public logging}
+ \begin{columns}
+ \begin{column}{0.5\textwidth}
+ \begin{itemize}
+ \item End-user will not talk to the log
+ \item Proofs of logging
+ \begin{itemize}
+ \item Inclusion proof
+ \item Tree head
+ \end{itemize}
+ \item Witness cosigning
+ \end{itemize}
+ \end{column}
+ \begin{column}{0.5\textwidth}
+ \centering
+ \input{img/after}
+ \end{column}
+ \end{columns}
+ \pause
+ \alert{The attacker can control a threshold of witnesses}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Summary and additional details}
+ \begin{columns}
+ \begin{column}{0.5\textwidth}
+ \begin{itemize}
+ \item Signed checksums
+ \item Sharding
+ \item Preserved data flows
+ \item Anti-spam
+ \item Global consistency
+ \item Few simple parsers
+ \item No cryptographic agility
+ \end{itemize}
+ \end{column}
+ \begin{column}{0.5\textwidth}
+ \includegraphics[width=\columnwidth]{img/clean}
+ \end{column}
+ \end{columns}
+\end{frame}
+
+\begin{frame}
+ \begin{columns}
+ \begin{column}{0.5\textwidth}
+ \mktitle{Remember Daniel?}
+ \begin{itemize}
+ \item (Cross-)sign with Ed25519
+ \item Backwards compatible verification?
+ \begin{enumerate}
+ \item Verify RSA \texttt{gpg} signature
+ \item Verify the rest with tlog tooling
+ \end{enumerate}
+ \item Monitor the log for your own leaves
+ \end{itemize}
+ \end{column}
+ \begin{column}{0.5\textwidth}
+ \centering
+ \includegraphics[height=.75\textheight]{img/curl}
+ \burl{https://creativecommons.org/licenses/by-sa/4.0/}
+ \end{column}
+ \end{columns}
+\end{frame}
+
+%\begin{frame}
+% \vfill
+% \begin{columns}
+% \begin{column}{0.5\textwidth}
+% \mktitle{Remember Puffy?}
+% \begin{itemize}
+% \item No extra key-pair
+% \item Cross-sign for backwards compatibility
+% \item Possible end-user verification
+% \begin{enumerate}
+% \item Verify \texttt{signify} signature
+% \item Verify the rest with tlog tooling
+% \end{enumerate}
+% \end{itemize}
+% \end{column}
+% \begin{column}{0.5\textwidth}
+% \centering
+% \includegraphics[width=\columnwidth]{img/openbsd}
+% \burl{https://www.openbsd.org/art4.html}
+% \end{column}
+% \end{columns}
+%\end{frame}
+
+\begin{frame}
+ \vfill
+ \begin{columns}
+ \begin{column}{0.5\textwidth}
+ \mktitle{Remember the R-B project?}
+ \begin{itemize}
+ \item Sign and log the expected checksums
+ \item Valid checksum is a logged checksum
+ \item Rebuilders monitor the log
+ \end{itemize}
+ \end{column}
+ \begin{column}{0.5\textwidth}
+ \centering
+ \includegraphics[width=\columnwidth]{img/rb}
+ \burl{https://creativecommons.org/licenses/by-sa/4.0/}
+ \end{column}
+ \end{columns}
+\end{frame}
+
+\begin{frame}
+ \vfill
+ \begin{columns}
+ \begin{column}{0.7\textwidth}
+ \mktitle{Get involved}
+ \begin{itemize}
+ \item Feedback on our v0 design\footnotemark and API\footnotemark?
+ \item Is this a service that you would use? Why (not)?
+ \item Want to run an experimental log or witness?
+ \item Implementation and tooling is still early-days
+ \item Reach out via slack\footnotemark, GitHub, or DM
+ \end{itemize}
+ \end{column}
+ \begin{column}{0.3\textwidth}
+ \centering
+ \includegraphics[width=\columnwidth]{img/thanks}
+ \end{column}
+ \end{columns}
+ \footnotetext[1]{\burl{https://github.com/system-transparency/stfe/blob/design/doc/design.md}}
+ \footnotetext[2]{\burl{https://github.com/system-transparency/stfe/blob/design/doc/api.md}}
+ \footnotetext[3]{\burl{https://communityinviter.com/apps/system-transparency/join}}
+\end{frame}
diff --git a/slides/2021-padsec/src/preamble.tex b/slides/2021-padsec/src/preamble.tex
new file mode 100644
index 0000000..4021351
--- /dev/null
+++ b/slides/2021-padsec/src/preamble.tex
@@ -0,0 +1,113 @@
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+% Packages %
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\usepackage[utf8]{inputenc}
+
+\usepackage[
+ lambda, advantage, operators, sets, adversary, landau, probability, notions,
+ logic, ff, mm, primitives, events, complexity, asymptotics, keys
+]{cryptocode}
+
+\usepackage{rotate}
+\usepackage{graphicx}
+\usepackage{mathtools}
+\usepackage{amsmath}
+\usepackage{amssymb}
+\usepackage{flowchart}
+\usepackage{smartdiagram}
+\usepackage{pifont}
+\usepackage{wasysym}
+\usepackage{graphicx}
+\usepackage{color}
+\usepackage{drawstack}
+\usepackage{tikz}
+\usepackage{tikz-qtree}
+\usetikzlibrary{
+ arrows,%
+ decorations.markings,%
+ backgrounds,%
+ calc,%
+ fit,%
+ positioning,%
+ shapes.misc,%
+ shadows,%
+ shapes.arrows,%
+ shapes,%
+ snakes,%
+}
+\usepackage{booktabs}
+\usepackage{smartdiagram}
+%\usepackage{floatrow}% this one causes error on arch for some reason
+\usepackage[position=bottom]{subfig} % environment for nested figures
+
+\usepackage{xcolor}
+\definecolor{darkGreen}{HTML}{008000}
+\definecolor{darkBlue}{HTML}{2809B2}
+\definecolor{darkRed}{HTML}{CC0000}
+\definecolor{darkGray}{HTML}{808080}
+\definecolor{darkOrange}{HTML}{D77D00}
+\definecolor{darkPurple}{HTML}{800080}
+\colorlet{lightGray}{gray!33}
+\colorlet{lightYellow}{yellow!50}
+\definecolor{darkGreen}{HTML}{008000}
+\definecolor{darkBlue}{HTML}{2809B2}
+\definecolor{darkRed}{HTML}{CC0000}
+
+\usepackage{hyperref}
+\hypersetup{
+ colorlinks = true, % Color links instead of boxes
+ urlcolor = darkBlue, % Color external hyper links
+ linkcolor = darkBlue, % Color internal links
+ citecolor = darkBlue, % Color citations
+}
+
+% Figures, tables and code
+\usepackage{booktabs}
+\usepackage{colortbl}
+\usepackage{flowchart}
+\usepackage{adjustbox}
+\usepackage{listings}
+
+\lstdefinestyle{CStyle}{
+ backgroundcolor=\color{lightGray!25},
+ commentstyle=\color{darkGreen},
+ keywordstyle=\color{darkBlue},
+ numberstyle=\tiny\color{darkRed},
+ stringstyle=\color{darkPurple},
+ basicstyle=\footnotesize,
+ breakatwhitespace=false,
+ breaklines=false,
+ captionpos=b,
+ keepspaces=true,
+ numbers=left,
+ numbersep=5pt,
+ showspaces=false,
+ showstringspaces=false,
+ showtabs=false,
+ tabsize=2,
+ language=C,
+ morekeywords={size_t,def,in,zip,True,False,ord,u8,u64},
+}
+
+\setbeamertemplate{itemize item}[circle]
+\setbeamertemplate{itemize subitem}[default]
+\setbeamertemplate{caption}[numbered]
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+% Defines %
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\makeatletter
+\let\@@magyar@captionfix\relax %needed for \titlefloatright
+\makeatother
+
+\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}}
+\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}}
+\newcommand{\burl}[1]{\tiny{\url{#1}}}
+\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1}
+\newcommand{\floatright}[1]{\hspace{0pt plus 1 filll}#1$\;$}
+
+\def\rding{\rotatebox[origin=c]{-91}{\ding{224}}}
+\def\lding{\rotatebox[origin=c]{91}{\ding{224}}}
+
+% TODO: fix this properly...
+\newcommand{\mktitle}[1]{\centering\textbf{\large#1}\vfill\normalsize}
diff --git a/slides/2021-padsec/src/titlepage.tex b/slides/2021-padsec/src/titlepage.tex
new file mode 100644
index 0000000..9b18039
--- /dev/null
+++ b/slides/2021-padsec/src/titlepage.tex
@@ -0,0 +1,3 @@
+\begin{frame}
+ \titlepage
+\end{frame}