diff options
author | Rasmus Dahlberg <rasmus@rgdd.se> | 2024-10-15 15:35:20 +0200 |
---|---|---|
committer | Rasmus Dahlberg <rasmus@rgdd.se> | 2024-10-15 15:35:45 +0200 |
commit | 76bae02bcd7d6b3ec9eea428e5e95da184a8dbfb (patch) | |
tree | 410ab71c78c99d35aecd46733958a5699cdf5204 /slides/2022-ct-days | |
parent | 883a67439aff566962adafeb0385c6ae972073a3 (diff) |
Rescue some slides from old private mono repos
Diffstat (limited to 'slides/2022-ct-days')
38 files changed, 1229 insertions, 0 deletions
diff --git a/slides/2022-ct-days/README b/slides/2022-ct-days/README new file mode 100644 index 0000000..caf1151 --- /dev/null +++ b/slides/2022-ct-days/README @@ -0,0 +1 @@ +My 2x talks in a 45m slot at CT days. diff --git a/slides/2022-ct-days/beamercolorthemergd.sty b/slides/2022-ct-days/beamercolorthemergd.sty new file mode 100644 index 0000000..1bce7c7 --- /dev/null +++ b/slides/2022-ct-days/beamercolorthemergd.sty @@ -0,0 +1,27 @@ +\mode<presentation> + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +\definecolor{rgddBackgroundColor}{RGB}{251,251,251} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} +\setbeamercolor*{background canvas}{bg=rgddBackgroundColor} + +\mode<all> diff --git a/slides/2022-ct-days/beamerfontthemergd.sty b/slides/2022-ct-days/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2022-ct-days/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode<presentation> + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode<all> diff --git a/slides/2022-ct-days/beamerinnerthemergd.sty b/slides/2022-ct-days/beamerinnerthemergd.sty new file mode 100644 index 0000000..b96a415 --- /dev/null +++ b/slides/2022-ct-days/beamerinnerthemergd.sty @@ -0,0 +1,49 @@ +\mode<presentation> + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + % Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](LogoMul){\includegraphics[width=3.5cm]{img/mullvad}} + (current page.west) -- + (current page.north west); + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north east) -- + (current page.north) -- + node[draw=none,pos=0.5](LogoKau){\includegraphics[width=3cm]{img/kau}} + (current page.east) -- + (current page.north east); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add date + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{date}\today\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + \end{tikzpicture} +} + +\mode<all> diff --git a/slides/2022-ct-days/beamerouterthemergd.sty b/slides/2022-ct-days/beamerouterthemergd.sty new file mode 100644 index 0000000..4087139 --- /dev/null +++ b/slides/2022-ct-days/beamerouterthemergd.sty @@ -0,0 +1,68 @@ +\mode<presentation> + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add metadata + \begin{beamercolorbox}[ + wd=0.20\paperwidth, + ht=2ex, + dp=0.5ex, + left, + ]{trailer} + \hfill + \href{https://www.rgdd.se}{www.rgdd.se} + \hfill + \end{beamercolorbox}% + % Add title + \begin{beamercolorbox}[ + wd=0.6\paperwidth, + ht=2ex, + dp=0.5ex, + left, + ]{header} + \hfill + \inserttitle + \hfill + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.20\paperwidth, + ht=2ex, + dp=0.5ex, + left, + ]{trailer} + \hfill + \insertframenumber/\inserttotalframenumber + \hfill + \end{beamercolorbox}% + } +} + +\mode<all> diff --git a/slides/2022-ct-days/beamerthemergd.sty b/slides/2022-ct-days/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2022-ct-days/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode<presentation> + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode<all> diff --git a/slides/2022-ct-days/handout.pdf b/slides/2022-ct-days/handout.pdf Binary files differnew file mode 100644 index 0000000..955a0a8 --- /dev/null +++ b/slides/2022-ct-days/handout.pdf diff --git a/slides/2022-ct-days/img/benlaurie/2017.png b/slides/2022-ct-days/img/benlaurie/2017.png Binary files differnew file mode 100644 index 0000000..46004d1 --- /dev/null +++ b/slides/2022-ct-days/img/benlaurie/2017.png diff --git a/slides/2022-ct-days/img/benlaurie/2018.png b/slides/2022-ct-days/img/benlaurie/2018.png Binary files differnew file mode 100644 index 0000000..d39670d --- /dev/null +++ b/slides/2022-ct-days/img/benlaurie/2018.png diff --git a/slides/2022-ct-days/img/benlaurie/2019.png b/slides/2022-ct-days/img/benlaurie/2019.png Binary files differnew file mode 100644 index 0000000..da1883e --- /dev/null +++ b/slides/2022-ct-days/img/benlaurie/2019.png diff --git a/slides/2022-ct-days/img/benlaurie/2020.png b/slides/2022-ct-days/img/benlaurie/2020.png Binary files differnew file mode 100644 index 0000000..5e17209 --- /dev/null +++ b/slides/2022-ct-days/img/benlaurie/2020.png diff --git a/slides/2022-ct-days/img/benlaurie/2021.png b/slides/2022-ct-days/img/benlaurie/2021.png Binary files differnew file mode 100644 index 0000000..14c56af --- /dev/null +++ b/slides/2022-ct-days/img/benlaurie/2021.png diff --git a/slides/2022-ct-days/img/ctor/blog.png b/slides/2022-ct-days/img/ctor/blog.png Binary files differnew file mode 100644 index 0000000..1064170 --- /dev/null +++ b/slides/2022-ct-days/img/ctor/blog.png diff --git a/slides/2022-ct-days/img/ctor/full.pdf b/slides/2022-ct-days/img/ctor/full.pdf Binary files differnew file mode 100644 index 0000000..5c6c801 --- /dev/null +++ b/slides/2022-ct-days/img/ctor/full.pdf diff --git a/slides/2022-ct-days/img/ctor/incremental.pdf b/slides/2022-ct-days/img/ctor/incremental.pdf Binary files differnew file mode 100644 index 0000000..7c7160d --- /dev/null +++ b/slides/2022-ct-days/img/ctor/incremental.pdf diff --git a/slides/2022-ct-days/img/ctor/paper.png b/slides/2022-ct-days/img/ctor/paper.png Binary files differnew file mode 100644 index 0000000..6ecd8c8 --- /dev/null +++ b/slides/2022-ct-days/img/ctor/paper.png diff --git a/slides/2022-ct-days/img/ctor/phase-1.pdf b/slides/2022-ct-days/img/ctor/phase-1.pdf Binary files differnew file mode 100644 index 0000000..f37895e --- /dev/null +++ b/slides/2022-ct-days/img/ctor/phase-1.pdf diff --git a/slides/2022-ct-days/img/ctor/phase-2.png b/slides/2022-ct-days/img/ctor/phase-2.png Binary files differnew file mode 100644 index 0000000..0638293 --- /dev/null +++ b/slides/2022-ct-days/img/ctor/phase-2.png diff --git a/slides/2022-ct-days/img/ctor/phase-3.pdf b/slides/2022-ct-days/img/ctor/phase-3.pdf Binary files differnew file mode 100644 index 0000000..9260ce1 --- /dev/null +++ b/slides/2022-ct-days/img/ctor/phase-3.pdf diff --git a/slides/2022-ct-days/img/ctor/phase-4.pdf b/slides/2022-ct-days/img/ctor/phase-4.pdf Binary files differnew file mode 100644 index 0000000..10f1f2d --- /dev/null +++ b/slides/2022-ct-days/img/ctor/phase-4.pdf diff --git a/slides/2022-ct-days/img/ctor/tb-to-auditor.pdf b/slides/2022-ct-days/img/ctor/tb-to-auditor.pdf Binary files differnew file mode 100644 index 0000000..c68ca73 --- /dev/null +++ b/slides/2022-ct-days/img/ctor/tb-to-auditor.pdf diff --git a/slides/2022-ct-days/img/ctor/tb-to-log.pdf b/slides/2022-ct-days/img/ctor/tb-to-log.pdf Binary files differnew file mode 100644 index 0000000..d4b2047 --- /dev/null +++ b/slides/2022-ct-days/img/ctor/tb-to-log.pdf diff --git a/slides/2022-ct-days/img/kau.png b/slides/2022-ct-days/img/kau.png Binary files differnew file mode 100755 index 0000000..0c7c885 --- /dev/null +++ b/slides/2022-ct-days/img/kau.png diff --git a/slides/2022-ct-days/img/mullvad.png b/slides/2022-ct-days/img/mullvad.png Binary files differnew file mode 100644 index 0000000..4574eb1 --- /dev/null +++ b/slides/2022-ct-days/img/mullvad.png diff --git a/slides/2022-ct-days/img/sigsum/foundation.png b/slides/2022-ct-days/img/sigsum/foundation.png Binary files differnew file mode 100644 index 0000000..695bac0 --- /dev/null +++ b/slides/2022-ct-days/img/sigsum/foundation.png diff --git a/slides/2022-ct-days/img/sigsum/history.png b/slides/2022-ct-days/img/sigsum/history.png Binary files differnew file mode 100644 index 0000000..748451e --- /dev/null +++ b/slides/2022-ct-days/img/sigsum/history.png diff --git a/slides/2022-ct-days/img/sigsum/sshsig b/slides/2022-ct-days/img/sigsum/sshsig new file mode 100644 index 0000000..f8abbb2 --- /dev/null +++ b/slides/2022-ct-days/img/sigsum/sshsig @@ -0,0 +1,7 @@ +#define MAGIC_PREAMBLE "SSHSIG" + +byte[6] MAGIC_PREAMBLE +string namespace +string reserved +string hash_algorithm +string H(message) diff --git a/slides/2022-ct-days/img/sigsum/sshvalues b/slides/2022-ct-days/img/sigsum/sshvalues new file mode 100644 index 0000000..6abfe96 --- /dev/null +++ b/slides/2022-ct-days/img/sigsum/sshvalues @@ -0,0 +1,7 @@ +Values used by Sigsum (only Ed25519) + + +"tree_leaf:v0:<shard_hint>@sigsum.org" +"" +"sha256" +message = H(data) diff --git a/slides/2022-ct-days/img/thanks.pdf b/slides/2022-ct-days/img/thanks.pdf Binary files differnew file mode 100644 index 0000000..9ad4dc8 --- /dev/null +++ b/slides/2022-ct-days/img/thanks.pdf diff --git a/slides/2022-ct-days/img/tor/overview.pdf b/slides/2022-ct-days/img/tor/overview.pdf Binary files differnew file mode 100644 index 0000000..5b80ca5 --- /dev/null +++ b/slides/2022-ct-days/img/tor/overview.pdf diff --git a/slides/2022-ct-days/img/tor/tb.png b/slides/2022-ct-days/img/tor/tb.png Binary files differnew file mode 100644 index 0000000..3fd6852 --- /dev/null +++ b/slides/2022-ct-days/img/tor/tb.png diff --git a/slides/2022-ct-days/main.tex b/slides/2022-ct-days/main.tex new file mode 100644 index 0000000..33b7497 --- /dev/null +++ b/slides/2022-ct-days/main.tex @@ -0,0 +1,20 @@ +\pdfminorversion=4 +%\documentclass[handout,aspectratio=169]{beamer} +\documentclass[aspectratio=169]{beamer} +\usetheme{rgd} + +\input{src/preamble} + +\title{% + Certificate Transparency in Tor and Sigsum Logging +} +\author{% + Rasmus Dahlberg +} + +\begin{document} + \input{src/titlepage} + \input{src/outline} + \input{src/ctor} + \input{src/sigsum} +\end{document} diff --git a/slides/2022-ct-days/slides.pdf b/slides/2022-ct-days/slides.pdf Binary files differnew file mode 100644 index 0000000..dbdd266 --- /dev/null +++ b/slides/2022-ct-days/slides.pdf diff --git a/slides/2022-ct-days/src/ctor.tex b/slides/2022-ct-days/src/ctor.tex new file mode 100644 index 0000000..f7ed6c3 --- /dev/null +++ b/slides/2022-ct-days/src/ctor.tex @@ -0,0 +1,222 @@ +\begin{frame} + \mktitle{Tor crash course} + \centering\includegraphics[width=.8\textwidth]{img/tor/overview} + \footnotetext[1]{\tiny{Credit: figure created by Tobias Pulls}} + \footnotetext[2]{\tiny{Design: \burl{https://murdoch.is/papers/tor14design.pdf}}} +\end{frame} + +\begin{frame} + \mktitle{Tor Browser} + \begin{columns} + \begin{column}{0.6\textwidth} + \begin{itemize} + \item Firefox derivative + \item Route all traffic through Tor + \item Prevent user activity on one site from + being linked to activity on another + \item \alert<2->{Do not write any state to disk} + \item ... + \end{itemize} + \end{column} + \begin{column}{0.4\textwidth} + \includegraphics[width=.67\columnwidth]{img/tor/tb} + \end{column} + \end{columns} + \footnotetext[1]{\tiny{Credit: Tom Ritter, see \burl{https://ritter.vg/p/tor-v1.6.pdf}}} + \footnotetext[2]{\tiny{Design: \burl{https://2019.www.torproject.org/projects/torbrowser/design/}}} +\end{frame} + +\begin{frame} + \centering + \includegraphics[width=.75\textwidth]{img/ctor/paper} + \vfill + \includegraphics[width=.75\textwidth]{img/ctor/blog} +\end{frame} + +\begin{frame} + \mktitle{Problem statement} + \begin{columns} + \begin{column}{0.6\textwidth} + \begin{itemize} + \item Tor Browser does not enforce CT + \item Guard against prominent threats + \begin{itemize} + \item DigiNotar style attacks + \item Interception to deanonymize + \end{itemize} + \item Go beyond ``just CT compliance'' + \end{itemize} + \end{column} + \begin{column}{0.4\textwidth} + \centering + \includegraphics[width=.67\columnwidth]{img/tor/tb} + \end{column} + \end{columns} + \vfill\pause + \alert{Attacker in Tor's threat model + controls a CA and two CT logs} +\end{frame} + +\begin{frame} + \mktitle{Incremental deployment} + \begin{enumerate} + \item Catch up with CT compliant browsers + \floatright{\emph{pairs of logs} are trusted blindly} + \item Steps towards decentralized verification + \floatright{\emph{some log} is trusted blindly} + \item Fully decentralized verification + \floatright{\emph{no log} is trusted blindly} + \end{enumerate} +\end{frame} + +\begin{frame} + \mktitle{Full design} + \centering\includegraphics[height=.5\textheight]{img/ctor/full} + \vfill + \pause + \alert{Security? Difficult to interfere without detection in any phase} +\end{frame} + +\begin{frame} + \mktitle{Why not just...?} + \begin{columns} + \begin{column}{.5\textwidth}\centering + \includegraphics[width=.9\columnwidth]{img/ctor/tb-to-log}\\\vspace{.25cm} + Fetch an inclusion proof + \end{column} + \begin{column}{.5\textwidth}\centering + \includegraphics[width=.77\columnwidth]{img/ctor/tb-to-auditor}\\\vspace{.25cm} + Rely on a centralized party + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Phase 1: Submission} + \centering\includegraphics[width=.75\textwidth]{img/ctor/phase-1} + \vfill + \begin{columns} + \begin{column}{.2\textwidth}\centering + \end{column} + \begin{column}{.3\textwidth}\centering + \alert{1.} Probabilistic submit + \end{column} + \begin{column}{.3\textwidth}\centering + \alert{2.} Random CTR + \end{column} + \begin{column}{.2\textwidth}\centering + \end{column} + \end{columns} + \pause + + \vfill + \alert{Best attack: quickly take control over Tor Browser} +\end{frame} + +\begin{frame} + \mktitle{Phase 2: Buffering} + \begin{columns} + \begin{column}{.5\textwidth} + \begin{enumerate} + \item Buffer until logging is required + \item Add a random delay to leak less + \item Cache audited SFOs to leak less + \end{enumerate} + \end{column} + \begin{column}{.5\textwidth} + \centering + \includegraphics[width=.45\columnwidth]{img/ctor/phase-2} + \end{column} + \end{columns} + \pause + + \vfill\centering + \alert{Best attack: network-wide flush} +\end{frame} + +\begin{frame} + \mktitle{Phase 3: Auditing} + \begin{columns} + \begin{column}{.4\textwidth} + \begin{enumerate} + \item Fetch inclusion proof + \item STH from Tor's consensus + \item Collaborate with a watchdog + \begin{itemize} + \item CTR identification + \item ``Tagging'' + \end{itemize} + \end{enumerate} + \end{column} + \begin{column}{.6\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/ctor/phase-3} + \end{column} + \end{columns} + \pause + + \vfill\centering + \alert{Best attack: quickly take control over CTR} +\end{frame} + +\begin{frame} + \mktitle{Phase 4: Reporting} + \centering\includegraphics[width=.4\textwidth]{img/ctor/phase-4} + \vfill + \alert{1.} Report SFO on timeout + \pause + + \vfill + \alert{Best attack: n/a} +\end{frame} + +\begin{frame} + \vfill + \mktitle{This is quite the leap from ``just CT compliance''} +\end{frame} + +\begin{frame} + \mktitle{Incremental design} + \centering\includegraphics[height=.33\textheight]{img/ctor/incremental} + \vfill + \pause + + \alert{Use the log ecosystem against the attacker}\\ +\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{.41\textwidth} + \mktitle{Conclusion} + \begin{itemize} + \item Tor's setting is quite different + \item Delegated audiding is key here + \item Roadmap from start to finnish + \end{itemize} + \end{column} + \begin{column}{.25\textwidth} + \mktitle{Resources} + \begin{itemize} + \item PETS paper\footnotemark[1] + \item PETS talk\footnotemark[2] + \item Tor blog post\footnotemark[3] + \end{itemize} + \end{column} + \begin{column}{.35\textwidth} + \mktitle{Next steps} + \begin{itemize} + \item Torspec proposal(s) + \item Browser implementation + \item Relay implementation + \end{itemize} + \end{column} + \end{columns} + \footnotetext[1]{\burl{https://petsymposium.org/2021/files/papers/issue2/popets-2021-0024.pdf}} + \footnotetext[2]{\burl{https://www.youtube.com/watch?v=f7yDJOd6g3U}} + \footnotetext[3]{\burl{https://blog.torproject.org/tor-certificate-transparency/}} +\end{frame} + +\begin{frame} + \vfill + \mktitle{Halftime} +\end{frame} diff --git a/slides/2022-ct-days/src/outline.tex b/slides/2022-ct-days/src/outline.tex new file mode 100644 index 0000000..f04f431 --- /dev/null +++ b/slides/2022-ct-days/src/outline.tex @@ -0,0 +1,4 @@ +\begin{frame} + \vfill + \mktitle{CT in Tor \alert{$\cdots$} Halftime \alert{$\cdots$} Sigsum Logging} +\end{frame} diff --git a/slides/2022-ct-days/src/preamble.tex b/slides/2022-ct-days/src/preamble.tex new file mode 100644 index 0000000..86ae650 --- /dev/null +++ b/slides/2022-ct-days/src/preamble.tex @@ -0,0 +1,114 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[utf8]{inputenc} + +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{rotate} +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{pifont} +\usepackage{wasysym} +\usepackage{graphicx} +\usepackage{color} +\usepackage{drawstack} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + shapes,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +%\usepackage{floatrow}% this one causes error on arch for some reason +\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +\usepackage{hyperref} +\hypersetup{ + colorlinks = true, % Color links instead of boxes + urlcolor = darkBlue, % Color external hyper links + linkcolor = darkBlue, % Color internal links + citecolor = darkBlue, % Color citations +} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +\lstdefinestyle{CStyle}{ + backgroundcolor=\color{lightGray!25}, + commentstyle=\color{darkGreen}, + keywordstyle=\color{darkBlue}, + numberstyle=\tiny\color{darkRed}, + stringstyle=\color{darkPurple}, + %basicstyle=\footnotesize, + basicstyle=\scriptsize, + breakatwhitespace=false, + breaklines=false, + captionpos=b, + keepspaces=true, + numbers=left, + numbersep=5pt, + showspaces=false, + showstringspaces=false, + showtabs=false, + tabsize=2, + language=C, + morekeywords={size_t,def,in,zip,True,False,ord,u8,u64}, +} + +\setbeamertemplate{itemize item}[circle] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\floatright}[1]{\hspace{0pt plus 1 filll}#1$\;$} + +\def\rding{\rotatebox[origin=c]{-91}{\ding{224}}} +\def\lding{\rotatebox[origin=c]{91}{\ding{224}}} + +% TODO: fix this properly... +\newcommand{\mktitle}[1]{\centering\textbf{\large#1}\vfill\normalsize} diff --git a/slides/2022-ct-days/src/sigsum.tex b/slides/2022-ct-days/src/sigsum.tex new file mode 100644 index 0000000..02b5bd2 --- /dev/null +++ b/slides/2022-ct-days/src/sigsum.tex @@ -0,0 +1,675 @@ +\begin{frame} + \mktitle{Tweets you can probably relate to} + \pause + \begin{columns} + \begin{column}{0.5\textwidth} + \includegraphics[width=\columnwidth]{img/benlaurie/2017}\\\pause + \includegraphics[width=\columnwidth]{img/benlaurie/2018}\\\pause + \includegraphics[width=\columnwidth]{img/benlaurie/2019}\\\pause + \includegraphics[width=\columnwidth]{img/benlaurie/2020}\\\pause + \end{column} + \begin{column}{0.5\textwidth} + \centering + \alert{2022?}\\ + More initatives than can\\ + be counted on two hands\\ + \pause + + \vspace{.25cm} + \burl{https://binary.transparency.dev}\\ + ... + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \vfill + \mktitle{Common denominator?} + Certificates\\ + Executable binaries\\ + Source code\\ + TPM quotes\\ + Onion address rulesets\\ + Official documents\\ + ...\\ +\end{frame} + +\begin{frame} + \vfill + \mktitle{Where is the low-hanging fruit?} +\end{frame} + +\begin{frame} + \begin{columns} + \begin{column}{.4\textwidth} + \mktitle{Meet the Sigsum project} + \begin{itemize} + \item FOSS + \item Signed checksums + \item Enforcement of logging + \item Minimal building block + \item ``Transparent key-usage'' + \end{itemize} + \end{column} + \begin{column}{.5\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/sigsum/history} + \burl{https://git.sigsum.org/sigsum/tree/doc/history.md} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Use-case - Signature Transparency} + ``Oh, a new signature was created. That's weird. I'm at the gym.'' +\end{frame} + +\begin{frame} + \mktitle{Use-case - Binary Transparency} + + ``Oh, that's the key binaries are signed with''\\ + ``By policy binaries are located at releases.example.com/\$CHECKSUM'' + +\end{frame} + +\begin{frame} + \vfill + \mktitle{s/binary/something else/} +\end{frame} + +\begin{frame} + \mktitle{Many answers and trade-offs} + \vfill + \begin{columns} + \begin{column}{.3\textwidth} + \begin{itemize} + \item Purpose of logging + \item What is (not) logged + \item Auditing, SCTs + \end{itemize} + \end{column} + \begin{column}{.25\textwidth} + \begin{itemize} + \item Gossip + \item Anti-poison + \item Anti-spam + \end{itemize} + \end{column} + \begin{column}{.25\textwidth} + \begin{itemize} + \item Sharding + \item Privacy + \item Simple API + \end{itemize} + \end{column} + \end{columns} + \vfill + \alert{Accept latency, no rich metadata, no complicated protocols and parsers} +\end{frame} + +\begin{frame} + \mktitle{System overview} + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + system/.style = { + draw = gray, + thick, + rectangle, + fill = white, + minimum width = 1cm, + font = \fontsize{8}{8}\selectfont, + text = black, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + rounded corners, + }, + ] + %%% + % Signing + %%% + \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; + \path[path, dashed] ($ (Signer) + (0,1) $) -- + node[relation, right] { + \begin{tabular}{c} + priv\\ + data\\ + \end{tabular} + } + (Signer); + \pause + + %%% + % Distribution + %%% + \node[entity, fill=darkPurple] (End-user) at (2.5,-3) {End-user}; + \path[path, dashed] ($ (End-user) + (0,-1) $) -- + node[relation, right] { + \begin{tabular}{c} + policy\\ + pub + \end{tabular} + } + (End-user); + \path[path] (Signer) -| node[relation,above]{data, signature} (End-user); + \node[system, above=1cm of End-user] (Distribution) {Distribution}; + \pause + + %%% + % Introduce the log + %%% + \node[entity, fill=darkGreen, left=3.25cm of Distribution] (Log) {Log}; + \pause + + %%% + % Setup DNS + %%% + \node[system, below=1cm of Signer] (DNS) {DNS}; + \path[path, dashed] (Signer) -- node[relation,right]{\hash(pub)} (DNS); + \pause + + + %%% + % Add leaf + %%% + \path[path] (Signer) -| node[relation,above]{add leaf} (Log); + \path[path] (DNS) -- node[relation,above]{\hash(pub)} (Log); + \pause + + %%% + % Witnessing + %%% + \node[entity, fill=darkRed, below=1cm of Log] (Witness) {Witness}; + \path[path] (Witness) -- node[relation,left]{cosign} (Log); + \pause + + %%% + % Collect proof + %%% + \path[path] (Log) -- node[relation,above,sloped]{proof} (Signer); + \node[relation,above=0.25cm of Distribution.40]{proof}; + \pause + + %%% + % Setup monitor + %%% + \node[entity, fill=darkOrange, below=.75cm of DNS] (Monitor) {Monitor}; + \path[path, dashed] ($ (Monitor) + (0,-1) $) -- + node[relation, right] { + \begin{tabular}{c} + policy\\ + pub + \end{tabular} + } + (Monitor); + \pause + + %%% + % Inspect the log + %%% + \path[path] (Log) -- node[relation,below,sloped,pos=.40]{leaves, proof} (Monitor); + \pause + + %%% + % Also get the data + %%% + \path[path] (Distribution) -- node[relation,above,sloped]{data} (Monitor); + \end{tikzpicture} +\end{frame} + +\begin{frame} + \vfill + \mktitle{A step-by-step breakdown} +\end{frame} + +\begin{frame} + \mktitle{Signing} + \centering + + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + system/.style = { + draw = gray, + thick, + rectangle, + fill = white, + minimum width = 1cm, + font = \fontsize{8}{8}\selectfont, + text = black, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + rounded corners, + }, + ] + %%% + % Signing + %%% + \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; + \path[path, dashed] ($ (Signer) + (0,1) $) -- + node[relation, right] { + \begin{tabular}{c} + priv\\ + data\\ + \end{tabular} + } + (Signer); + \end{tikzpicture} + \vfill + \pause + + \begin{columns} + \begin{column}{.5\textwidth}\centering + \lstinputlisting[style=CStyle]{img/sigsum/sshsig} + \burl{https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.sshsig\#L81} + \end{column} + \pause + \begin{column}{.5\textwidth}\centering + \lstinputlisting[style=CStyle]{img/sigsum/sshvalues} + \burl{https://git.sigsum.org/sigsum/tree/doc/proposals/2021-11-ssh-signature-format.md} + \end{column} + \end{columns} + \vfill + + \pause + \begin{columns} + \begin{column}{.33\textwidth}\centering + \texttt{ssh-keygen -Y} + \end{column} + \begin{column}{.33\textwidth}\centering + \texttt{signify} + \end{column} + \begin{column}{.33\textwidth}\centering + \texttt{minisign} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \vfill + \mktitle{Why not support more signing formats and tools?} +\end{frame} + +\begin{frame} + \mktitle{Submission} + \begin{columns} + \begin{column}{0.4\textwidth} + \alert{HTTP POST ASCII} + \begin{itemize} + \item Shard hint + \begin{itemize} + \item $\in [\mathsf{shard\_start}, \mathsf{now}()]$ + \end{itemize} + \item Message + \item Signature + \item Public key + \item Domain hint + \begin{itemize} + \item \texttt{\_sigsum\_v0.*} $\rightarrow\hash(\mathsf{pub})$ + \end{itemize} + \end{itemize} + \end{column} + \uncover<2>{% + \begin{column}{.27\textwidth} + \alert{Stored leaf (136 bytes)} + \begin{itemize} + \item Shard hint + \item Checksum + \item Signature + \item Key hash + \end{itemize} + \vspace{1.4cm} + \end{column} + } + \begin{column}{.33\textwidth}\centering + \vspace{-3cm} + \hspace{-1cm} + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + system/.style = { + draw = gray, + thick, + rectangle, + fill = white, + minimum width = 1cm, + font = \fontsize{8}{8}\selectfont, + text = black, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + rounded corners, + }, + ] + %%% + % Signing + %%% + \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; + \path[path, dashed] ($ (Signer) + (0,1) $) -- + node[relation, right] { + \begin{tabular}{c} + priv\\ + data\\ + \end{tabular} + } + (Signer); + + %%% + % Setup DNS + %%% + \node[system, below=1cm of Signer] (DNS) {DNS}; + \path[path, dashed] (Signer) -- node[relation,right]{\hash(pub)} (DNS); + + %%% + % Introduce the log + %%% + \node[entity, fill=darkGreen, left=1cm of DNS] (Log) {Log}; + + %%% + % Add leaf + %%% + \path[path] (Signer) -| node[relation,above]{add leaf} (Log); + \path[path] (DNS) -- node[relation,above]{\hash(pub)} (Log); + \end{tikzpicture} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Bundling \uncover<2->{and Distribution}} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Signer must \textbf{wait} for witnessing\footnotemark[1] + \begin{itemize} + \item Append-only + \item Freshness + \item Some simplifications + \end{itemize} + \item Proof of logging + \begin{itemize} + \item Cosigned tree head + \item Inclusion proof + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{.5\textwidth}\centering + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + system/.style = { + draw = gray, + thick, + rectangle, + fill = white, + minimum width = 1cm, + font = \fontsize{8}{8}\selectfont, + text = black, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + rounded corners, + }, + ] + %%% + % Setup entities + %%% + \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; + \node[draw=none, below=1cm of Signer] (DNS) {}; + \node[entity, fill=darkGreen, left=1cm of DNS] (Log) {Log}; + + %%% + % Witnessing + %%% + \node[entity, fill=darkRed, below=1cm of Log] (Witness) {Witness}; + \path[path] (Witness) -- node[relation,left]{cosign} (Log); + + %%% + % Get proof + %%% + \path[path] (Log) -- node[relation,above,sloped]{proof} (Signer); + + \uncover<2->{ + %%% + % Distribution + %%% + \node[entity, fill=darkPurple] (End-user) at (2.5,-3) {End-user}; + \path[path] (Signer) -| node[relation,above]{data, signature} (End-user); + \node[system, above=1cm of End-user] (Distribution) {Distribution}; + \node[relation,above=0.25cm of Distribution.40]{proof}; + } + \end{tikzpicture} + \end{column} + \end{columns} + \footnotetext[1]{\tiny{Originally proposed by Syta et al.: \burl{https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7546521}}} + + \vfill +\end{frame} + +\begin{frame} + \vfill + \centering + \begin{columns} + \begin{column}{.33\textwidth} + Example policy + \begin{itemize} + \item Known logs + \item Known witnesses + \item M-of-N (co)signatures + \end{itemize} + \end{column} + \begin{column}{.67\textwidth} + \mktitle{Verification} + \vspace{.5cm} + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + system/.style = { + draw = gray, + thick, + rectangle, + fill = white, + minimum width = 1cm, + font = \fontsize{8}{8}\selectfont, + text = black, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + rounded corners, + }, + ] + %%% + % Distribution + %%% + \node[entity, fill=darkPurple] (End-user) at (2.5,-3) {End-user}; + \path[path, dashed] ($ (End-user) + (0,-1) $) -- + node[relation, right] { + \begin{tabular}{c} + policy\\ + pub + \end{tabular} + } + (End-user); + \path[path] (Distribution) -- node[relation,right]{ + \begin{tabular}{c} + data\\ + signature\\ + proof\\ + \end{tabular}} + (End-user); + \node[system, above=1cm of End-user] (Distribution) {Distribution}; + + %%% + % Introduce the log + %%% + \node[entity, fill=darkGreen, left=3.25cm of Distribution] (Log) {Log}; + + %%% + % Setup DNS + %%% + \node[draw=none] (DNS) at ($ (Log) !.5! (Distribution) $) {}; + + %%% + % Witnessing + %%% + \node[entity, fill=darkRed, below=1cm of Log] (Witness) {Witness}; + \path[path] (Witness) -- node[relation,left]{cosign} (Log); + + %%% + % Setup monitor + %%% + \node[entity, fill=darkOrange, below=.75cm of DNS] (Monitor) {Monitor}; + \path[path, dashed] ($ (Monitor) + (0,-1) $) -- + node[relation, right] { + \begin{tabular}{c} + policy\\ + pub + \end{tabular} + } + (Monitor); + + %%% + % Inspect the log + %%% + \path[path] (Log) -- node[relation,above,sloped,pos=.60]{leaves, proof} (Monitor); + + %%% + % Also get the data + %%% + \path[path] (Distribution) -- node[relation,above,sloped]{data} (Monitor); + \end{tikzpicture} + \end{column} + \end{columns} + + \vfill + \alert{No reactive gossip/audit, offline verification by end-users (!)} +\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{.5\textwidth} + \mktitle{Current status} + \begin{itemize} + \item Solid foundation, hopefully(!) + \item V0 design\footnotemark[1] and API\footnotemark[2] is pretty stable + \item Public prototypes, log and witness + \item Tooling? Kind of ``pipe into \texttt{curl}'' + \item \url{https://git.sigsum.org} + \end{itemize} + \end{column} + \begin{column}{.5\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/sigsum/foundation} + \burl{https://bygg.se/valj-ratt-husgrund-till-din-villa/} + \end{column} + \end{columns} + \footnotetext[1]{\burl{https://git.sigsum.org/sigsum/tree/doc/design.md}} + \footnotetext[2]{\burl{https://git.sigsum.org/sigsum/tree/doc/api.md}} + + \pause + \vfill + \centering + \alert{Next steps: more feedback, tooling, mature code, SLA for a v0 log, eventually v1 spec} +\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{.1\textwidth} + \end{column} + \begin{column}{.4\textwidth} + \mktitle{Take away} + \begin{itemize} + \item Minimal building block + \item Log a signed checksum + \item Offline end-user verification + \item Many potential use-cases + \item Reach out to get involved\footnotemark[1] + \end{itemize} + \end{column} + \begin{column}{.4\textwidth} + \includegraphics[width=\columnwidth]{img/thanks} + \end{column} + \begin{column}{.1\textwidth} + \end{column} + \end{columns} + \footnotetext[1]{\tiny{irc, matrix, email list, etc., are linked from \burl{https://www.sigsum.org}}} +\end{frame} + +\begin{frame} + \vfill + \mktitle{Q/A} +\end{frame} diff --git a/slides/2022-ct-days/src/titlepage.tex b/slides/2022-ct-days/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2022-ct-days/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} |