Rescue some slides from old private mono repos

1 files changed, 189 insertions, 0 deletions

diff --git a/slides/2021-pets/src/start.tex b/slides/2021-pets/src/start.tex
new file mode 100644
index 0000000..00226e2
--- /dev/null
+++ b/slides/2021-pets/src/start.tex
@@ -0,0 +1,189 @@
+%
+% Title page
+%
+% Hi everyone.  Welcome to our talk "privacy-preserving and incrementally 
+% deployable support for Certificate Transparency in Tor".  I'm Rasmus, a PhD
+% student at Karlstad University.  This is joint work together with
+% 	Tobias Pulls from Karlstad University,
+% 	Tom Ritter from Mozilla, and
+%	Paul Syverson from the US Naval Research Laboratory.
+%
+
+\begin{frame}
+	%
+	% To get started I would like to remind us of the past.
+	%
+	% The year is 2011.  Summer just arrived, and we are located in the northern
+	% parts of Netherlands.  The offices of DigiNotar appear to be operating as
+	% usual.  Had we been there at the time, we probably wouldn't have thought
+	% they'd be out of business in September.
+	%
+	\vfill
+	\begin{columns}
+		\begin{column}{0.45\textwidth}
+			\mktitle{A flash-back into the past}
+			\begin{itemize}
+				\item June, 2011
+				\item Netherlands, Beverwijk
+				\item DigiNotar
+			\end{itemize}
+		\end{column}
+		\begin{column}{0.55\textwidth}
+			\centering
+			\includegraphics[width=\columnwidth]{img/beverwijk}
+			\burl{https://creativecommons.org/licenses/by-sa/3.0/}
+			% https://commons.wikimedia.org/wiki/File:Nzkanaal2.jpg
+		\end{column}
+	\end{columns}
+\end{frame}
+
+\begin{frame}
+	%
+	% What happened?
+	% 
+	% Let me give you the backdrop.
+	%
+	% DigiNotar was a so-called certificate authority that issued certificates
+	% for the web.  Your browser uses these certificates to verify that you are
+	% really visiting the website that you intended to and not some attacker.
+	%
+	% Sounds great!  What's the catch?
+	% Well.
+	% You have to trust that no Certificate Authority is going to mess up the
+	% certificate issuance process.  Any failure in this process may result in a
+	% mis-issued certificate, which in turn may result in insecure connections.
+	%
+	% Okay.  So,
+	% I think most of you know what happened.  DigiNotar was hacked.  They
+	% mis-issued certificates for Google, Mozilla, Tor, and many others.
+	%	
+	% This was actually detected by DigiNotar.
+	% In response, they decided to be silent and cover it up.
+	%
+	% The main reason why we, the public, detected that DigiNotar was no longer
+	% operating in good faith is because of a large scale attack in Iran.  Some
+	% of the mis-issued certificates were used to intercept network traffic of
+	% 300k gmail users.  Perhaps we were actually lucky to detect the attack at
+	% all.  If the attacker had been more stealthy, DigiNotar might still have
+	% been in operation today.  That is a scary though.  Can we do better?
+	%
+	% Fortunately, the answer is yes.  We can do better.  The overall ecosystem
+	% improved significantly since 2011.  This talk covers one such improvement:
+	% - Certificate Transparency
+	%
+	\vfill
+	\begin{columns}
+		\begin{column}{0.45\textwidth}
+			\mktitle{What happened?}
+			\begin{itemize}
+				\item DigiNotar issued web certificates
+				\item Did not live up to expectations
+				\item Then tried to cover it up\footnotemark
+			\end{itemize}
+		\end{column}
+		\begin{column}{0.55\textwidth}
+			\centering
+			\includegraphics[width=\columnwidth]{img/diginotar}
+			\burl{https://www.bbc.com/news/technology-14989334}
+		\end{column}
+	\end{columns}
+	\vfill
+	\pause
+	\centering\alert{A stealthy attacker might have gotten away with it!}
+	\footnotetext[1]{%
+		\tiny{
+			FoxIT.
+			Black Tulip: Report of the investigation into the DigiNotar Certificate
+				Authority breach.
+			Page 3.
+		}
+	}
+\end{frame}
+
+\begin{frame}
+	%
+	% Just to make sure that we are on the same page.
+	%
+	% A large scale attack should not be necessary to detect if a trusted party
+	% like DigiNotar misbehaves.  And it is not like we are only talking about a
+	% single isolated incident.  The real problem is that we have hundreds of
+	% Certificate Authorities that claim to issue certificates only to the
+	% rightful domain owners.  Every now and then, someone gets it wrong.  What
+	% we are left with is an incident that endangers our digital safety,
+	% sometimes even our physical safety depending on the real-world context.
+	%
+	% What Certificate Transparency brings to the table is the ability to detect
+	% mis-issued certificates.  The basic idea is that every issued certificate
+	% must be disclosed in a public log that anyone can inspect.
+	%
+	% Usually, Certificate authorities are the ones doing the logging.  Websites
+	% then serve the issued certificate together with some proofs of logging.
+	% The browser verifies these proofs before accepting the certificate as
+	% valid.
+	%
+	% This is actually great, because now a website can look for certificates
+	% that match their domain name in the log.  If something shows up that they
+	% did not ask for - well - now they are aware of that.  They probably
+	% wouldn't have been without the log.  In response, you might question the
+	% certificate authority, initiate a revocation process, and so forth.
+	%
+	\vfill
+	\begin{columns}
+		\begin{column}{0.5\textwidth}
+			\mktitle{Larger problem and solution?}
+			\begin{itemize}
+				\item Digitar was not a one-time incident\footnotemark
+				\item Many other parties can get it wrong
+				\item Add visibility into issued certificates\footnotemark
+			\end{itemize}
+		\end{column}
+		\begin{column}{0.5\textwidth}
+			\input{img/ct}
+		\end{column}
+	\end{columns}
+	\footnotetext[2]{\burl{https://sslmate.com/certspotter/failures}}
+	\footnotetext[3]{\burl{https://certificate.transparency.dev/}}
+\end{frame}
+
+\begin{frame}
+	%
+	% Certificate Transparency, or CT for short, has been - and is still being -
+	% gradually rolled-out by Google and others.  For example, every certificate
+	% must be CT compliant to validate in Google Chrome and Apple's Safari.
+	%
+	% CT compliance basically means that at least two logs must have "promised"
+	% to make that certificate available to the public.  Such a promise is
+	% usually called an SCT and it is hard-coded into the issued certificate.
+	% 
+	% Browsers currently use SCTs as proofs of logging.  It is possible to
+	% verify that these promises are in fact true.  That is an important part to
+	% ensure that blind trust is not shifted from Certificate Authorities to CT
+	% logs.  However, such verification is challenging because of the added
+	% complexity and possible privacy concerns.
+	%
+	% For example, to verify that a certificate is in fact included in a log,
+	% you need to interact with the log ecosystem.  Such interactions leak
+	% a user's browsing patterns to the logs and that is kind of problematic.
+	%
+	\mktitle{Certificate Transparency (CT) compliance\footnotemark}
+	\begin{columns}
+		\begin{column}{0.25\textwidth}
+		\end{column}
+		\begin{column}{0.25\textwidth}
+			\centering\includegraphics[width=.67\columnwidth]{img/chrome}
+		\end{column}
+		\begin{column}{0.25\textwidth}
+			\centering\includegraphics[width=.7\columnwidth]{img/safari}
+		\end{column}
+		\begin{column}{0.25\textwidth}
+		\end{column}
+	\end{columns}
+	\vfill
+	``Two logs promised that they will make the certificate public''
+
+	\footnotetext[4]{%
+		\burl{https://github.com/chromium/ct-policy/blob/master/ct_policy.md}
+		\&
+		\burl{https://support.apple.com/en-us/HT205280}%
+	}
+\end{frame}