diff options
| author | Rasmus Dahlberg <rasmus@rgdd.se> | 2024-10-15 15:35:20 +0200 |
|---|---|---|
| committer | Rasmus Dahlberg <rasmus@rgdd.se> | 2024-10-15 15:35:45 +0200 |
| commit | 76bae02bcd7d6b3ec9eea428e5e95da184a8dbfb (patch) | |
| tree | 410ab71c78c99d35aecd46733958a5699cdf5204 /slides/2021-surprise/src/body.tex | |
| parent | 883a67439aff566962adafeb0385c6ae972073a3 (diff) | |
Rescue some slides from old private mono repos
Diffstat (limited to 'slides/2021-surprise/src/body.tex')
| -rw-r--r-- | slides/2021-surprise/src/body.tex | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/slides/2021-surprise/src/body.tex b/slides/2021-surprise/src/body.tex new file mode 100644 index 0000000..9b336e5 --- /dev/null +++ b/slides/2021-surprise/src/body.tex @@ -0,0 +1,50 @@ +\begin{frame} + % + % To explain the paper's contribution we can simply break down the title: + % privacy-preserving and incrementally deployable support for Certificate + % Transparency in Tor. + % + % To make a long story short, Tor Browser does not support Certificate + % Transparency. The reason why you want to do that is because it makes it + % possible to detect if visited websites are being impersonated or not. + % + % For example, an attacker may want to impersonate a website to steal a + % user's credit card number. It is also helpful to de-anonymize a Tor user. + % + % So, our work focus on adding support for Certificate Transparency in Tor + % Browser. We do that while focusing on two key properties. + % + % The proposed solution should be _privacy-preserving_. We achieve this + % because of and how we use Tor. + % + % The proposed solution should also be incrementally-deployable, and in the + % end have a stronger threat model than current Certificate Transparency + % deployments in Chrome and Safari that trust so-called CT logs blindly. + % + % In more detail, our incrementally-deployable design goes from: + % pairs of CT logs that are trusted blindly, to + % at least one CT log is trusted blindly, to + % no CT log that is trusted blindly. + % + % It is fair to say that we have a strong threat model where the attacker + % even has a zero-day exploit against Tor Browser. In spite of this very + % strong threat model, the involved performance overhead is modest. + % + % For more detail, please refer to our paper and/or watch the presentation. + % + \mktitle{Breaking down the title} + \begin{columns} + \begin{column}{0.55\textwidth} + \begin{itemize} + \item Support Certificate Transparency in Tor + \item Privacy-Preserving + \item Incrementally-deployable + \end{itemize} + \end{column} + \begin{column}{0.45\textwidth} + \centering\includegraphics[width=.5\columnwidth]{img/tb} + \end{column} + \end{columns} + \footnotetext[1]{\tiny{Paper: \url{https://petsymposium.org/2021/files/papers/issue2/popets-2021-0024.pdf}}} + \footnotetext[2]{\tiny{Presentation: \url{https://www.youtube.com/watch?v=f7yDJOd6g3U}}} +\end{frame} |