aboutsummaryrefslogtreecommitdiff
path: root/slides/2022-ct-days/src
diff options
context:
space:
mode:
authorRasmus Dahlberg <rasmus@rgdd.se>2024-10-15 15:35:20 +0200
committerRasmus Dahlberg <rasmus@rgdd.se>2024-10-15 15:35:45 +0200
commit76bae02bcd7d6b3ec9eea428e5e95da184a8dbfb (patch)
tree410ab71c78c99d35aecd46733958a5699cdf5204 /slides/2022-ct-days/src
parent883a67439aff566962adafeb0385c6ae972073a3 (diff)
Rescue some slides from old private mono repos
Diffstat (limited to 'slides/2022-ct-days/src')
-rw-r--r--slides/2022-ct-days/src/ctor.tex222
-rw-r--r--slides/2022-ct-days/src/outline.tex4
-rw-r--r--slides/2022-ct-days/src/preamble.tex114
-rw-r--r--slides/2022-ct-days/src/sigsum.tex675
-rw-r--r--slides/2022-ct-days/src/titlepage.tex3
5 files changed, 1018 insertions, 0 deletions
diff --git a/slides/2022-ct-days/src/ctor.tex b/slides/2022-ct-days/src/ctor.tex
new file mode 100644
index 0000000..f7ed6c3
--- /dev/null
+++ b/slides/2022-ct-days/src/ctor.tex
@@ -0,0 +1,222 @@
+\begin{frame}
+ \mktitle{Tor crash course}
+ \centering\includegraphics[width=.8\textwidth]{img/tor/overview}
+ \footnotetext[1]{\tiny{Credit: figure created by Tobias Pulls}}
+ \footnotetext[2]{\tiny{Design: \burl{https://murdoch.is/papers/tor14design.pdf}}}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Tor Browser}
+ \begin{columns}
+ \begin{column}{0.6\textwidth}
+ \begin{itemize}
+ \item Firefox derivative
+ \item Route all traffic through Tor
+ \item Prevent user activity on one site from
+ being linked to activity on another
+ \item \alert<2->{Do not write any state to disk}
+ \item ...
+ \end{itemize}
+ \end{column}
+ \begin{column}{0.4\textwidth}
+ \includegraphics[width=.67\columnwidth]{img/tor/tb}
+ \end{column}
+ \end{columns}
+ \footnotetext[1]{\tiny{Credit: Tom Ritter, see \burl{https://ritter.vg/p/tor-v1.6.pdf}}}
+ \footnotetext[2]{\tiny{Design: \burl{https://2019.www.torproject.org/projects/torbrowser/design/}}}
+\end{frame}
+
+\begin{frame}
+ \centering
+ \includegraphics[width=.75\textwidth]{img/ctor/paper}
+ \vfill
+ \includegraphics[width=.75\textwidth]{img/ctor/blog}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Problem statement}
+ \begin{columns}
+ \begin{column}{0.6\textwidth}
+ \begin{itemize}
+ \item Tor Browser does not enforce CT
+ \item Guard against prominent threats
+ \begin{itemize}
+ \item DigiNotar style attacks
+ \item Interception to deanonymize
+ \end{itemize}
+ \item Go beyond ``just CT compliance''
+ \end{itemize}
+ \end{column}
+ \begin{column}{0.4\textwidth}
+ \centering
+ \includegraphics[width=.67\columnwidth]{img/tor/tb}
+ \end{column}
+ \end{columns}
+ \vfill\pause
+ \alert{Attacker in Tor's threat model + controls a CA and two CT logs}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Incremental deployment}
+ \begin{enumerate}
+ \item Catch up with CT compliant browsers
+ \floatright{\emph{pairs of logs} are trusted blindly}
+ \item Steps towards decentralized verification
+ \floatright{\emph{some log} is trusted blindly}
+ \item Fully decentralized verification
+ \floatright{\emph{no log} is trusted blindly}
+ \end{enumerate}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Full design}
+ \centering\includegraphics[height=.5\textheight]{img/ctor/full}
+ \vfill
+ \pause
+ \alert{Security? Difficult to interfere without detection in any phase}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Why not just...?}
+ \begin{columns}
+ \begin{column}{.5\textwidth}\centering
+ \includegraphics[width=.9\columnwidth]{img/ctor/tb-to-log}\\\vspace{.25cm}
+ Fetch an inclusion proof
+ \end{column}
+ \begin{column}{.5\textwidth}\centering
+ \includegraphics[width=.77\columnwidth]{img/ctor/tb-to-auditor}\\\vspace{.25cm}
+ Rely on a centralized party
+ \end{column}
+ \end{columns}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Phase 1: Submission}
+ \centering\includegraphics[width=.75\textwidth]{img/ctor/phase-1}
+ \vfill
+ \begin{columns}
+ \begin{column}{.2\textwidth}\centering
+ \end{column}
+ \begin{column}{.3\textwidth}\centering
+ \alert{1.} Probabilistic submit
+ \end{column}
+ \begin{column}{.3\textwidth}\centering
+ \alert{2.} Random CTR
+ \end{column}
+ \begin{column}{.2\textwidth}\centering
+ \end{column}
+ \end{columns}
+ \pause
+
+ \vfill
+ \alert{Best attack: quickly take control over Tor Browser}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Phase 2: Buffering}
+ \begin{columns}
+ \begin{column}{.5\textwidth}
+ \begin{enumerate}
+ \item Buffer until logging is required
+ \item Add a random delay to leak less
+ \item Cache audited SFOs to leak less
+ \end{enumerate}
+ \end{column}
+ \begin{column}{.5\textwidth}
+ \centering
+ \includegraphics[width=.45\columnwidth]{img/ctor/phase-2}
+ \end{column}
+ \end{columns}
+ \pause
+
+ \vfill\centering
+ \alert{Best attack: network-wide flush}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Phase 3: Auditing}
+ \begin{columns}
+ \begin{column}{.4\textwidth}
+ \begin{enumerate}
+ \item Fetch inclusion proof
+ \item STH from Tor's consensus
+ \item Collaborate with a watchdog
+ \begin{itemize}
+ \item CTR identification
+ \item ``Tagging''
+ \end{itemize}
+ \end{enumerate}
+ \end{column}
+ \begin{column}{.6\textwidth}
+ \centering
+ \includegraphics[width=\columnwidth]{img/ctor/phase-3}
+ \end{column}
+ \end{columns}
+ \pause
+
+ \vfill\centering
+ \alert{Best attack: quickly take control over CTR}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Phase 4: Reporting}
+ \centering\includegraphics[width=.4\textwidth]{img/ctor/phase-4}
+ \vfill
+ \alert{1.} Report SFO on timeout
+ \pause
+
+ \vfill
+ \alert{Best attack: n/a}
+\end{frame}
+
+\begin{frame}
+ \vfill
+ \mktitle{This is quite the leap from ``just CT compliance''}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Incremental design}
+ \centering\includegraphics[height=.33\textheight]{img/ctor/incremental}
+ \vfill
+ \pause
+
+ \alert{Use the log ecosystem against the attacker}\\
+\end{frame}
+
+\begin{frame}
+ \vfill
+ \begin{columns}
+ \begin{column}{.41\textwidth}
+ \mktitle{Conclusion}
+ \begin{itemize}
+ \item Tor's setting is quite different
+ \item Delegated audiding is key here
+ \item Roadmap from start to finnish
+ \end{itemize}
+ \end{column}
+ \begin{column}{.25\textwidth}
+ \mktitle{Resources}
+ \begin{itemize}
+ \item PETS paper\footnotemark[1]
+ \item PETS talk\footnotemark[2]
+ \item Tor blog post\footnotemark[3]
+ \end{itemize}
+ \end{column}
+ \begin{column}{.35\textwidth}
+ \mktitle{Next steps}
+ \begin{itemize}
+ \item Torspec proposal(s)
+ \item Browser implementation
+ \item Relay implementation
+ \end{itemize}
+ \end{column}
+ \end{columns}
+ \footnotetext[1]{\burl{https://petsymposium.org/2021/files/papers/issue2/popets-2021-0024.pdf}}
+ \footnotetext[2]{\burl{https://www.youtube.com/watch?v=f7yDJOd6g3U}}
+ \footnotetext[3]{\burl{https://blog.torproject.org/tor-certificate-transparency/}}
+\end{frame}
+
+\begin{frame}
+ \vfill
+ \mktitle{Halftime}
+\end{frame}
diff --git a/slides/2022-ct-days/src/outline.tex b/slides/2022-ct-days/src/outline.tex
new file mode 100644
index 0000000..f04f431
--- /dev/null
+++ b/slides/2022-ct-days/src/outline.tex
@@ -0,0 +1,4 @@
+\begin{frame}
+ \vfill
+ \mktitle{CT in Tor \alert{$\cdots$} Halftime \alert{$\cdots$} Sigsum Logging}
+\end{frame}
diff --git a/slides/2022-ct-days/src/preamble.tex b/slides/2022-ct-days/src/preamble.tex
new file mode 100644
index 0000000..86ae650
--- /dev/null
+++ b/slides/2022-ct-days/src/preamble.tex
@@ -0,0 +1,114 @@
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+% Packages %
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\usepackage[utf8]{inputenc}
+
+\usepackage[
+ lambda, advantage, operators, sets, adversary, landau, probability, notions,
+ logic, ff, mm, primitives, events, complexity, asymptotics, keys
+]{cryptocode}
+
+\usepackage{rotate}
+\usepackage{graphicx}
+\usepackage{mathtools}
+\usepackage{amsmath}
+\usepackage{amssymb}
+\usepackage{flowchart}
+\usepackage{smartdiagram}
+\usepackage{pifont}
+\usepackage{wasysym}
+\usepackage{graphicx}
+\usepackage{color}
+\usepackage{drawstack}
+\usepackage{tikz}
+\usepackage{tikz-qtree}
+\usetikzlibrary{
+ arrows,%
+ decorations.markings,%
+ backgrounds,%
+ calc,%
+ fit,%
+ positioning,%
+ shapes.misc,%
+ shadows,%
+ shapes.arrows,%
+ shapes,%
+ snakes,%
+}
+\usepackage{booktabs}
+\usepackage{smartdiagram}
+%\usepackage{floatrow}% this one causes error on arch for some reason
+\usepackage[position=bottom]{subfig} % environment for nested figures
+
+\usepackage{xcolor}
+\definecolor{darkGreen}{HTML}{008000}
+\definecolor{darkBlue}{HTML}{2809B2}
+\definecolor{darkRed}{HTML}{CC0000}
+\definecolor{darkGray}{HTML}{808080}
+\definecolor{darkOrange}{HTML}{D77D00}
+\definecolor{darkPurple}{HTML}{800080}
+\colorlet{lightGray}{gray!33}
+\colorlet{lightYellow}{yellow!50}
+\definecolor{darkGreen}{HTML}{008000}
+\definecolor{darkBlue}{HTML}{2809B2}
+\definecolor{darkRed}{HTML}{CC0000}
+
+\usepackage{hyperref}
+\hypersetup{
+ colorlinks = true, % Color links instead of boxes
+ urlcolor = darkBlue, % Color external hyper links
+ linkcolor = darkBlue, % Color internal links
+ citecolor = darkBlue, % Color citations
+}
+
+% Figures, tables and code
+\usepackage{booktabs}
+\usepackage{colortbl}
+\usepackage{flowchart}
+\usepackage{adjustbox}
+\usepackage{listings}
+
+\lstdefinestyle{CStyle}{
+ backgroundcolor=\color{lightGray!25},
+ commentstyle=\color{darkGreen},
+ keywordstyle=\color{darkBlue},
+ numberstyle=\tiny\color{darkRed},
+ stringstyle=\color{darkPurple},
+ %basicstyle=\footnotesize,
+ basicstyle=\scriptsize,
+ breakatwhitespace=false,
+ breaklines=false,
+ captionpos=b,
+ keepspaces=true,
+ numbers=left,
+ numbersep=5pt,
+ showspaces=false,
+ showstringspaces=false,
+ showtabs=false,
+ tabsize=2,
+ language=C,
+ morekeywords={size_t,def,in,zip,True,False,ord,u8,u64},
+}
+
+\setbeamertemplate{itemize item}[circle]
+\setbeamertemplate{itemize subitem}[default]
+\setbeamertemplate{caption}[numbered]
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+% Defines %
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\makeatletter
+\let\@@magyar@captionfix\relax %needed for \titlefloatright
+\makeatother
+
+\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}}
+\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}}
+\newcommand{\burl}[1]{\tiny{\url{#1}}}
+\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1}
+\newcommand{\floatright}[1]{\hspace{0pt plus 1 filll}#1$\;$}
+
+\def\rding{\rotatebox[origin=c]{-91}{\ding{224}}}
+\def\lding{\rotatebox[origin=c]{91}{\ding{224}}}
+
+% TODO: fix this properly...
+\newcommand{\mktitle}[1]{\centering\textbf{\large#1}\vfill\normalsize}
diff --git a/slides/2022-ct-days/src/sigsum.tex b/slides/2022-ct-days/src/sigsum.tex
new file mode 100644
index 0000000..02b5bd2
--- /dev/null
+++ b/slides/2022-ct-days/src/sigsum.tex
@@ -0,0 +1,675 @@
+\begin{frame}
+ \mktitle{Tweets you can probably relate to}
+ \pause
+ \begin{columns}
+ \begin{column}{0.5\textwidth}
+ \includegraphics[width=\columnwidth]{img/benlaurie/2017}\\\pause
+ \includegraphics[width=\columnwidth]{img/benlaurie/2018}\\\pause
+ \includegraphics[width=\columnwidth]{img/benlaurie/2019}\\\pause
+ \includegraphics[width=\columnwidth]{img/benlaurie/2020}\\\pause
+ \end{column}
+ \begin{column}{0.5\textwidth}
+ \centering
+ \alert{2022?}\\
+ More initatives than can\\
+ be counted on two hands\\
+ \pause
+
+ \vspace{.25cm}
+ \burl{https://binary.transparency.dev}\\
+ ...
+ \end{column}
+ \end{columns}
+\end{frame}
+
+\begin{frame}
+ \vfill
+ \mktitle{Common denominator?}
+ Certificates\\
+ Executable binaries\\
+ Source code\\
+ TPM quotes\\
+ Onion address rulesets\\
+ Official documents\\
+ ...\\
+\end{frame}
+
+\begin{frame}
+ \vfill
+ \mktitle{Where is the low-hanging fruit?}
+\end{frame}
+
+\begin{frame}
+ \begin{columns}
+ \begin{column}{.4\textwidth}
+ \mktitle{Meet the Sigsum project}
+ \begin{itemize}
+ \item FOSS
+ \item Signed checksums
+ \item Enforcement of logging
+ \item Minimal building block
+ \item ``Transparent key-usage''
+ \end{itemize}
+ \end{column}
+ \begin{column}{.5\textwidth}
+ \centering
+ \includegraphics[width=\columnwidth]{img/sigsum/history}
+ \burl{https://git.sigsum.org/sigsum/tree/doc/history.md}
+ \end{column}
+ \end{columns}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Use-case - Signature Transparency}
+ ``Oh, a new signature was created. That's weird. I'm at the gym.''
+\end{frame}
+
+\begin{frame}
+ \mktitle{Use-case - Binary Transparency}
+
+ ``Oh, that's the key binaries are signed with''\\
+ ``By policy binaries are located at releases.example.com/\$CHECKSUM''
+
+\end{frame}
+
+\begin{frame}
+ \vfill
+ \mktitle{s/binary/something else/}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Many answers and trade-offs}
+ \vfill
+ \begin{columns}
+ \begin{column}{.3\textwidth}
+ \begin{itemize}
+ \item Purpose of logging
+ \item What is (not) logged
+ \item Auditing, SCTs
+ \end{itemize}
+ \end{column}
+ \begin{column}{.25\textwidth}
+ \begin{itemize}
+ \item Gossip
+ \item Anti-poison
+ \item Anti-spam
+ \end{itemize}
+ \end{column}
+ \begin{column}{.25\textwidth}
+ \begin{itemize}
+ \item Sharding
+ \item Privacy
+ \item Simple API
+ \end{itemize}
+ \end{column}
+ \end{columns}
+ \vfill
+ \alert{Accept latency, no rich metadata, no complicated protocols and parsers}
+\end{frame}
+
+\begin{frame}
+ \mktitle{System overview}
+ \begin{tikzpicture}[
+ -latex,
+ entity/.style = {
+ draw = gray!30,
+ thick,
+ rounded rectangle,
+ fill = white,
+ minimum width = 2cm,
+ font = \fontsize{8}{8}\selectfont,
+ text = white,
+ },
+ system/.style = {
+ draw = gray,
+ thick,
+ rectangle,
+ fill = white,
+ minimum width = 1cm,
+ font = \fontsize{8}{8}\selectfont,
+ text = black,
+ },
+ relation/.style = {
+ draw = none,
+ font = \fontsize{6}{6}\selectfont,
+ },
+ path/.style = {
+ draw,
+ thick,
+ -latex,
+ rounded corners,
+ },
+ ]
+ %%%
+ % Signing
+ %%%
+ \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer };
+ \path[path, dashed] ($ (Signer) + (0,1) $) --
+ node[relation, right] {
+ \begin{tabular}{c}
+ priv\\
+ data\\
+ \end{tabular}
+ }
+ (Signer);
+ \pause
+
+ %%%
+ % Distribution
+ %%%
+ \node[entity, fill=darkPurple] (End-user) at (2.5,-3) {End-user};
+ \path[path, dashed] ($ (End-user) + (0,-1) $) --
+ node[relation, right] {
+ \begin{tabular}{c}
+ policy\\
+ pub
+ \end{tabular}
+ }
+ (End-user);
+ \path[path] (Signer) -| node[relation,above]{data, signature} (End-user);
+ \node[system, above=1cm of End-user] (Distribution) {Distribution};
+ \pause
+
+ %%%
+ % Introduce the log
+ %%%
+ \node[entity, fill=darkGreen, left=3.25cm of Distribution] (Log) {Log};
+ \pause
+
+ %%%
+ % Setup DNS
+ %%%
+ \node[system, below=1cm of Signer] (DNS) {DNS};
+ \path[path, dashed] (Signer) -- node[relation,right]{\hash(pub)} (DNS);
+ \pause
+
+
+ %%%
+ % Add leaf
+ %%%
+ \path[path] (Signer) -| node[relation,above]{add leaf} (Log);
+ \path[path] (DNS) -- node[relation,above]{\hash(pub)} (Log);
+ \pause
+
+ %%%
+ % Witnessing
+ %%%
+ \node[entity, fill=darkRed, below=1cm of Log] (Witness) {Witness};
+ \path[path] (Witness) -- node[relation,left]{cosign} (Log);
+ \pause
+
+ %%%
+ % Collect proof
+ %%%
+ \path[path] (Log) -- node[relation,above,sloped]{proof} (Signer);
+ \node[relation,above=0.25cm of Distribution.40]{proof};
+ \pause
+
+ %%%
+ % Setup monitor
+ %%%
+ \node[entity, fill=darkOrange, below=.75cm of DNS] (Monitor) {Monitor};
+ \path[path, dashed] ($ (Monitor) + (0,-1) $) --
+ node[relation, right] {
+ \begin{tabular}{c}
+ policy\\
+ pub
+ \end{tabular}
+ }
+ (Monitor);
+ \pause
+
+ %%%
+ % Inspect the log
+ %%%
+ \path[path] (Log) -- node[relation,below,sloped,pos=.40]{leaves, proof} (Monitor);
+ \pause
+
+ %%%
+ % Also get the data
+ %%%
+ \path[path] (Distribution) -- node[relation,above,sloped]{data} (Monitor);
+ \end{tikzpicture}
+\end{frame}
+
+\begin{frame}
+ \vfill
+ \mktitle{A step-by-step breakdown}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Signing}
+ \centering
+
+ \begin{tikzpicture}[
+ -latex,
+ entity/.style = {
+ draw = gray!30,
+ thick,
+ rounded rectangle,
+ fill = white,
+ minimum width = 2cm,
+ font = \fontsize{8}{8}\selectfont,
+ text = white,
+ },
+ system/.style = {
+ draw = gray,
+ thick,
+ rectangle,
+ fill = white,
+ minimum width = 1cm,
+ font = \fontsize{8}{8}\selectfont,
+ text = black,
+ },
+ relation/.style = {
+ draw = none,
+ font = \fontsize{6}{6}\selectfont,
+ },
+ path/.style = {
+ draw,
+ thick,
+ -latex,
+ rounded corners,
+ },
+ ]
+ %%%
+ % Signing
+ %%%
+ \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer };
+ \path[path, dashed] ($ (Signer) + (0,1) $) --
+ node[relation, right] {
+ \begin{tabular}{c}
+ priv\\
+ data\\
+ \end{tabular}
+ }
+ (Signer);
+ \end{tikzpicture}
+ \vfill
+ \pause
+
+ \begin{columns}
+ \begin{column}{.5\textwidth}\centering
+ \lstinputlisting[style=CStyle]{img/sigsum/sshsig}
+ \burl{https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.sshsig\#L81}
+ \end{column}
+ \pause
+ \begin{column}{.5\textwidth}\centering
+ \lstinputlisting[style=CStyle]{img/sigsum/sshvalues}
+ \burl{https://git.sigsum.org/sigsum/tree/doc/proposals/2021-11-ssh-signature-format.md}
+ \end{column}
+ \end{columns}
+ \vfill
+
+ \pause
+ \begin{columns}
+ \begin{column}{.33\textwidth}\centering
+ \texttt{ssh-keygen -Y}
+ \end{column}
+ \begin{column}{.33\textwidth}\centering
+ \texttt{signify}
+ \end{column}
+ \begin{column}{.33\textwidth}\centering
+ \texttt{minisign}
+ \end{column}
+ \end{columns}
+\end{frame}
+
+\begin{frame}
+ \vfill
+ \mktitle{Why not support more signing formats and tools?}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Submission}
+ \begin{columns}
+ \begin{column}{0.4\textwidth}
+ \alert{HTTP POST ASCII}
+ \begin{itemize}
+ \item Shard hint
+ \begin{itemize}
+ \item $\in [\mathsf{shard\_start}, \mathsf{now}()]$
+ \end{itemize}
+ \item Message
+ \item Signature
+ \item Public key
+ \item Domain hint
+ \begin{itemize}
+ \item \texttt{\_sigsum\_v0.*} $\rightarrow\hash(\mathsf{pub})$
+ \end{itemize}
+ \end{itemize}
+ \end{column}
+ \uncover<2>{%
+ \begin{column}{.27\textwidth}
+ \alert{Stored leaf (136 bytes)}
+ \begin{itemize}
+ \item Shard hint
+ \item Checksum
+ \item Signature
+ \item Key hash
+ \end{itemize}
+ \vspace{1.4cm}
+ \end{column}
+ }
+ \begin{column}{.33\textwidth}\centering
+ \vspace{-3cm}
+ \hspace{-1cm}
+ \begin{tikzpicture}[
+ -latex,
+ entity/.style = {
+ draw = gray!30,
+ thick,
+ rounded rectangle,
+ fill = white,
+ minimum width = 2cm,
+ font = \fontsize{8}{8}\selectfont,
+ text = white,
+ },
+ system/.style = {
+ draw = gray,
+ thick,
+ rectangle,
+ fill = white,
+ minimum width = 1cm,
+ font = \fontsize{8}{8}\selectfont,
+ text = black,
+ },
+ relation/.style = {
+ draw = none,
+ font = \fontsize{6}{6}\selectfont,
+ },
+ path/.style = {
+ draw,
+ thick,
+ -latex,
+ rounded corners,
+ },
+ ]
+ %%%
+ % Signing
+ %%%
+ \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer };
+ \path[path, dashed] ($ (Signer) + (0,1) $) --
+ node[relation, right] {
+ \begin{tabular}{c}
+ priv\\
+ data\\
+ \end{tabular}
+ }
+ (Signer);
+
+ %%%
+ % Setup DNS
+ %%%
+ \node[system, below=1cm of Signer] (DNS) {DNS};
+ \path[path, dashed] (Signer) -- node[relation,right]{\hash(pub)} (DNS);
+
+ %%%
+ % Introduce the log
+ %%%
+ \node[entity, fill=darkGreen, left=1cm of DNS] (Log) {Log};
+
+ %%%
+ % Add leaf
+ %%%
+ \path[path] (Signer) -| node[relation,above]{add leaf} (Log);
+ \path[path] (DNS) -- node[relation,above]{\hash(pub)} (Log);
+ \end{tikzpicture}
+ \end{column}
+ \end{columns}
+\end{frame}
+
+\begin{frame}
+ \mktitle{Bundling \uncover<2->{and Distribution}}
+ \begin{columns}
+ \begin{column}{0.5\textwidth}
+ \begin{itemize}
+ \item Signer must \textbf{wait} for witnessing\footnotemark[1]
+ \begin{itemize}
+ \item Append-only
+ \item Freshness
+ \item Some simplifications
+ \end{itemize}
+ \item Proof of logging
+ \begin{itemize}
+ \item Cosigned tree head
+ \item Inclusion proof
+ \end{itemize}
+ \end{itemize}
+ \end{column}
+ \begin{column}{.5\textwidth}\centering
+ \begin{tikzpicture}[
+ -latex,
+ entity/.style = {
+ draw = gray!30,
+ thick,
+ rounded rectangle,
+ fill = white,
+ minimum width = 2cm,
+ font = \fontsize{8}{8}\selectfont,
+ text = white,
+ },
+ system/.style = {
+ draw = gray,
+ thick,
+ rectangle,
+ fill = white,
+ minimum width = 1cm,
+ font = \fontsize{8}{8}\selectfont,
+ text = black,
+ },
+ relation/.style = {
+ draw = none,
+ font = \fontsize{6}{6}\selectfont,
+ },
+ path/.style = {
+ draw,
+ thick,
+ -latex,
+ rounded corners,
+ },
+ ]
+ %%%
+ % Setup entities
+ %%%
+ \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer };
+ \node[draw=none, below=1cm of Signer] (DNS) {};
+ \node[entity, fill=darkGreen, left=1cm of DNS] (Log) {Log};
+
+ %%%
+ % Witnessing
+ %%%
+ \node[entity, fill=darkRed, below=1cm of Log] (Witness) {Witness};
+ \path[path] (Witness) -- node[relation,left]{cosign} (Log);
+
+ %%%
+ % Get proof
+ %%%
+ \path[path] (Log) -- node[relation,above,sloped]{proof} (Signer);
+
+ \uncover<2->{
+ %%%
+ % Distribution
+ %%%
+ \node[entity, fill=darkPurple] (End-user) at (2.5,-3) {End-user};
+ \path[path] (Signer) -| node[relation,above]{data, signature} (End-user);
+ \node[system, above=1cm of End-user] (Distribution) {Distribution};
+ \node[relation,above=0.25cm of Distribution.40]{proof};
+ }
+ \end{tikzpicture}
+ \end{column}
+ \end{columns}
+ \footnotetext[1]{\tiny{Originally proposed by Syta et al.: \burl{https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7546521}}}
+
+ \vfill
+\end{frame}
+
+\begin{frame}
+ \vfill
+ \centering
+ \begin{columns}
+ \begin{column}{.33\textwidth}
+ Example policy
+ \begin{itemize}
+ \item Known logs
+ \item Known witnesses
+ \item M-of-N (co)signatures
+ \end{itemize}
+ \end{column}
+ \begin{column}{.67\textwidth}
+ \mktitle{Verification}
+ \vspace{.5cm}
+ \begin{tikzpicture}[
+ -latex,
+ entity/.style = {
+ draw = gray!30,
+ thick,
+ rounded rectangle,
+ fill = white,
+ minimum width = 2cm,
+ font = \fontsize{8}{8}\selectfont,
+ text = white,
+ },
+ system/.style = {
+ draw = gray,
+ thick,
+ rectangle,
+ fill = white,
+ minimum width = 1cm,
+ font = \fontsize{8}{8}\selectfont,
+ text = black,
+ },
+ relation/.style = {
+ draw = none,
+ font = \fontsize{6}{6}\selectfont,
+ },
+ path/.style = {
+ draw,
+ thick,
+ -latex,
+ rounded corners,
+ },
+ ]
+ %%%
+ % Distribution
+ %%%
+ \node[entity, fill=darkPurple] (End-user) at (2.5,-3) {End-user};
+ \path[path, dashed] ($ (End-user) + (0,-1) $) --
+ node[relation, right] {
+ \begin{tabular}{c}
+ policy\\
+ pub
+ \end{tabular}
+ }
+ (End-user);
+ \path[path] (Distribution) -- node[relation,right]{
+ \begin{tabular}{c}
+ data\\
+ signature\\
+ proof\\
+ \end{tabular}}
+ (End-user);
+ \node[system, above=1cm of End-user] (Distribution) {Distribution};
+
+ %%%
+ % Introduce the log
+ %%%
+ \node[entity, fill=darkGreen, left=3.25cm of Distribution] (Log) {Log};
+
+ %%%
+ % Setup DNS
+ %%%
+ \node[draw=none] (DNS) at ($ (Log) !.5! (Distribution) $) {};
+
+ %%%
+ % Witnessing
+ %%%
+ \node[entity, fill=darkRed, below=1cm of Log] (Witness) {Witness};
+ \path[path] (Witness) -- node[relation,left]{cosign} (Log);
+
+ %%%
+ % Setup monitor
+ %%%
+ \node[entity, fill=darkOrange, below=.75cm of DNS] (Monitor) {Monitor};
+ \path[path, dashed] ($ (Monitor) + (0,-1) $) --
+ node[relation, right] {
+ \begin{tabular}{c}
+ policy\\
+ pub
+ \end{tabular}
+ }
+ (Monitor);
+
+ %%%
+ % Inspect the log
+ %%%
+ \path[path] (Log) -- node[relation,above,sloped,pos=.60]{leaves, proof} (Monitor);
+
+ %%%
+ % Also get the data
+ %%%
+ \path[path] (Distribution) -- node[relation,above,sloped]{data} (Monitor);
+ \end{tikzpicture}
+ \end{column}
+ \end{columns}
+
+ \vfill
+ \alert{No reactive gossip/audit, offline verification by end-users (!)}
+\end{frame}
+
+\begin{frame}
+ \vfill
+ \begin{columns}
+ \begin{column}{.5\textwidth}
+ \mktitle{Current status}
+ \begin{itemize}
+ \item Solid foundation, hopefully(!)
+ \item V0 design\footnotemark[1] and API\footnotemark[2] is pretty stable
+ \item Public prototypes, log and witness
+ \item Tooling? Kind of ``pipe into \texttt{curl}''
+ \item \url{https://git.sigsum.org}
+ \end{itemize}
+ \end{column}
+ \begin{column}{.5\textwidth}
+ \centering
+ \includegraphics[width=\columnwidth]{img/sigsum/foundation}
+ \burl{https://bygg.se/valj-ratt-husgrund-till-din-villa/}
+ \end{column}
+ \end{columns}
+ \footnotetext[1]{\burl{https://git.sigsum.org/sigsum/tree/doc/design.md}}
+ \footnotetext[2]{\burl{https://git.sigsum.org/sigsum/tree/doc/api.md}}
+
+ \pause
+ \vfill
+ \centering
+ \alert{Next steps: more feedback, tooling, mature code, SLA for a v0 log, eventually v1 spec}
+\end{frame}
+
+\begin{frame}
+ \vfill
+ \begin{columns}
+ \begin{column}{.1\textwidth}
+ \end{column}
+ \begin{column}{.4\textwidth}
+ \mktitle{Take away}
+ \begin{itemize}
+ \item Minimal building block
+ \item Log a signed checksum
+ \item Offline end-user verification
+ \item Many potential use-cases
+ \item Reach out to get involved\footnotemark[1]
+ \end{itemize}
+ \end{column}
+ \begin{column}{.4\textwidth}
+ \includegraphics[width=\columnwidth]{img/thanks}
+ \end{column}
+ \begin{column}{.1\textwidth}
+ \end{column}
+ \end{columns}
+ \footnotetext[1]{\tiny{irc, matrix, email list, etc., are linked from \burl{https://www.sigsum.org}}}
+\end{frame}
+
+\begin{frame}
+ \vfill
+ \mktitle{Q/A}
+\end{frame}
diff --git a/slides/2022-ct-days/src/titlepage.tex b/slides/2022-ct-days/src/titlepage.tex
new file mode 100644
index 0000000..9b18039
--- /dev/null
+++ b/slides/2022-ct-days/src/titlepage.tex
@@ -0,0 +1,3 @@
+\begin{frame}
+ \titlepage
+\end{frame}