diff options
Diffstat (limited to 'slides/2021-aha/src/body.tex')
| -rw-r--r-- | slides/2021-aha/src/body.tex | 465 |
1 files changed, 465 insertions, 0 deletions
diff --git a/slides/2021-aha/src/body.tex b/slides/2021-aha/src/body.tex new file mode 100644 index 0000000..0778fe7 --- /dev/null +++ b/slides/2021-aha/src/body.tex @@ -0,0 +1,465 @@ +% +% Title page +% - Hi everyone +% - Welcome to my talk <tile> +% - I'm Rasmus +% -- I work in the TCR group together with Fredrik and others +% -- I've been here since September, and it started out as an internship. Then +% we decided to prolong that into something more permanent. +% -- I am also aff. with Kau, where I do my PhD studies. +% -- Surprise surprise, my thesis is about transparent logs. +% + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{0.5\textwidth} + \mktitle{Outline} + \begin{enumerate} + \item Transparent Logging + \begin{itemize} + \item Why? % Let's talk DigiNotar + \item How? % Let's talk CT + \item What? % What should you make transparent + \end{itemize} + \item ``System Transparency Logging'' + \end{enumerate} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/rgdd} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{0.45\textwidth} + \mktitle{Let's travel in space and time} + \begin{itemize} + \item June, 2011 + \item Netherlands, Beverwijk + \item DigiNotar + \end{itemize} + \end{column} + \begin{column}{0.55\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/beverwijk} + \burl{https://creativecommons.org/licenses/by-sa/3.0/} + % https://commons.wikimedia.org/wiki/File:Nzkanaal2.jpg + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + % + % To give you the backdrop. + % + % DigiNotar was a so-called certificate authority that issues web certs + % - If this means nothing to you, it is sort of like passports but for + % websites. In real life we have a trusted government body that is + % responsible of issuing our passports. We trust that a passport will not + % be issued for us unless we can prove that we are who we say we are. + % - In the digital world certificate authorities play this role but for + % websites. This way, you can be sure that you are really visiting + % mullvad.net, and not someone that is impersonating our domain. + % + % So, the expectation here is that you would only issue a certificate to the + % rightful domain owner. At minimum, this requires some identity checking. + % + % Let's get back to what happened then. + % + % It turns out that DigiNotar was hacked. They issued fraudulent + % certificates for Google, Facebook, Twitter, Mozilla, Tor, and many others. + % + % This was detected by DigiNotar a week after the incident. + % - They decided to be silent. + % + % The only reason why we detected this is because of a large scale attack + % in Iran, which targeted 300k gmail users. If the attacker had been more + % stealthy, we probably would not have detected the attack. + % + % Fortunately we did detect the attack. Soon thereafter, none of the major + % browser trusted DigiNotar anymore. In September, a bankruptcy was filed. + % + \vfill + \begin{columns} + \begin{column}{0.45\textwidth} + \mktitle{What happened?} + \begin{itemize} + \item DigiNotar issued web certificates + \item Did not live up to expectations + \item Then lied about it for weeks + \end{itemize} + \end{column} + \begin{column}{0.55\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/diginotar} + \burl{https://www.bbc.com/news/technology-14989334} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + % + % What to make of this then? + % + % First of all, DigiNotar was neither the first nor the last. Many + % certificate authorities messed up before them. Many certificate + % authorities messed up after them. + % + % It would be incredibly helpful if we could detect if a certificate + % authority makes mistakes. In the case of certificate management, + % detection really comes down to the ability of discovering which + % certificates have been issued for whom. + % + % From this intuition the idea of Certificate Transparency is simple. + % - Talk about figure. + % - Emphasize that the log is not a trusted party due to crypto magic. + % + \vfill + \begin{columns} + \begin{column}{0.5\textwidth} + \mktitle{What to make of this} + \begin{itemize} + \item DigiNotar was neither first nor last\footnotemark + \item Detection of certificate mis-issuance? + \item Discoverability with transparent logs\footnotemark + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \input{img/ct} + \end{column} + \end{columns} + \vfill + \pause + \centering\alert{Chrome and Safari enforce Certificate Transparency} + + \footnotetext[1]{\burl{https://sslmate.com/certspotter/failures}} + \footnotetext[2]{\burl{https://certificate.transparency.dev/}} +\end{frame} + +\begin{frame} + % + % Okay, great that we have transparency for certificates. Does that mean + % are done? + % + % The short answer is no. We are definitely not done. There is still a lot + % of remaining work with Certificate Transparency. There is even more work + % left to do when we think about other use-cases of transparency logging. + % + % (Use do you get the same binaries as everyone else for example, leave the + % rest for them to think about if they want to) + % + \mktitle{Transparency logging is good for more than just certificates} + Source code \\ + Binaries \\ + Config files \\ + TPM quotes \\ + Media content \\ + Tax declarations \\ + Documents of ownership \\ + BGP announcements \\ + Tor's consensus \\ + ... \\ + \vfill + \pause + \alert{The log we are working on is helpful for all these use-cases!} +\end{frame} + +% +% https://curl.se/download.html +% +\begin{frame} + % + % 1. Introduce the setup. Daniel represents many software projects. + % 2. How would you know if your private key got compromised? + % + \mktitle{Example use-case\#1} + \begin{columns} + \begin{column}{0.5\textwidth} + \mktitle{Meet Daniel} + \begin{itemize} + \item The author of \texttt{curl} + \item Digitally signs new releases + \item Long-term signing key-pair + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \includegraphics[height=.6\textheight]{img/curl} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +% +% https://arxiv.org/pdf/2104.06020.pdf, page 6 for the challenge. +% +\begin{frame} + % + % 1. What is R-B. + % 2. Challenge + % 3. How I think that challenge could be approached + % + \mktitle{Example use-case\#2} + \begin{columns} + \begin{column}{0.6\textwidth} + \mktitle{Meet the R-B project} + \begin{itemize} + \item Same input gives the same output + \item Consensus of ``valid'' checksum? + \end{itemize} + \end{column} + \begin{column}{0.4\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/rb} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Problem summary} + \vfill + \begin{columns} + \begin{column}{0.125\textwidth} + \end{column} + \begin{column}{0.75\textwidth} + \begin{enumerate} + \item Which signatures were produced by what private keys? + \item Consensus of checksums that should be considered valid? + \end{enumerate} + \end{column} + \begin{column}{0.125\textwidth} + \end{column} + \end{columns} + \vfill +\end{frame} + +\begin{frame} + % + % 1. Introduce the system. Think first two paragraphs in design.md + % + \mktitle{Our starting point} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Data publisher + \item End-user + \item Assumptions + \begin{itemize} + \item Public key can be located + \item Signed data can be located + \item End-user can install extra tooling + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \input{img/before} + \end{column} + \end{columns} + \vfill + \pause + \alert{The attacker can compromise the data publisher}\\ + \pause + \alert{The goal is to detect unwanted key-usage} +\end{frame} + +\begin{frame} + % + % 1. Our design is about transparency logs. So, I need to explain briefly + % what a transparency log is. + % 2. Append-only Merkle tree. You can think of the data as being stored in + % the leaves. Each leaf is hashed. Parents concatenate their children + % hashes to produces their own hash values. Repeat until single root hash. + % 3. The root hash is usually called a tree head. + % 4. Tree head interesting because it fixes the structure and the content of + % the tree. Add/remove/modify -> new tree head. + % 5. If the log signs the tree head, you can hold it accountable for its + % structure and content. + % 6. This is important because the attacker can control the log. + % 7. So we cannot trust that the log is append-only. We will need to verify + % that. To this end we have consistency proofs. The intuition is that you + % can force the log to reveal a number of cryptographic hashes. These + % hashes will prove that the tree head you see today is consistent with the + % tree head you saw yesterday. + % 8. You can also prove that something is in the log efficiently. This is + % called an inclusion proof. The intuition is that you reveal a number of + % hashes. If you can use them to reconstruct the root of a globally + % consistent tree head you can be sure that some data is in the log. + % 8. Global consistency (as opposed to just consistency) is what prevents + % the log from creating forks. I will return to this later on because it is + % an important part of our design. + % (9. Not having global consistency would be like having a blockchain + % without a consensus mechanism.) + % + \mktitle{An intuition of transparency log properties} + \input{img/mt} + \vfill + \begin{columns} + \begin{column}{0.33\textwidth} + \begin{itemize} + \item Tree head + \end{itemize} + \end{column} + \begin{column}{0.33\textwidth} + \begin{itemize} + \item Consistency proof + \end{itemize} + \end{column} + \begin{column}{0.33\textwidth} + \begin{itemize} + \item Inclusion proof + \end{itemize} + \end{column} + \end{columns} + \vfill + \pause + \alert{The attacker can control the log} +\end{frame} + +\begin{frame} + \mktitle{Preparing a logging request} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Select a shard hint and checksum + \item Sign using your private key + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \lstinputlisting[style=CStyle]{img/tree-leaf.trunnel} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Submitting a logging request} + \begin{columns} + \begin{column}{0.2\textwidth} + \underline{Key-value pairs:} + \begin{itemize} + \item Shard hint + \item Checksum + \item Signature + \item Public key + \item Domain hint + \end{itemize} + \end{column} + \begin{column}{0.8\textwidth} + \centering + \input{img/log-request} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Distributing proofs of public logging} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item End-user will not talk to the log + \item Proofs of logging + \begin{itemize} + \item Inclusion proof + \item Tree head + \end{itemize} + \item Witness cosigning + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \input{img/after} + \end{column} + \end{columns} + \pause + \alert{The attacker can control a threshold of witnesses} +\end{frame} + +\begin{frame} + \mktitle{Example use-case\#1} + \begin{columns} + \begin{column}{0.5\textwidth} + \mktitle{Remember Daniel?} + \begin{itemize} + \item Sign a checksum of each \texttt{curl} release + \item Start logging every signed checksum + \item Monitor the log for your own leaves + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \includegraphics[height=.6\textheight]{img/curl} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Example use-case\#2} + \begin{columns} + \begin{column}{0.6\textwidth} + \mktitle{Remember the R-B project?} + \begin{itemize} + \item Sign the expected checksum of each build + \item A valid checksum is a logged checksum + \item Rebuilders validate logged checksums + \end{itemize} + \end{column} + \begin{column}{0.4\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/rb} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Summary and feature overview} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Signed checksums + \item Sharding + \item Preserved data flows + \item Anti-spam + \item Global consistency + \item Few simple parsers + \item No cryptographic agility + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \includegraphics[width=\columnwidth]{img/clean} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{0.7\textwidth} + \mktitle{Current status} + \begin{itemize} + \item Version v0 README and documentation\footnotemark + \item A public instance of the log is up and running + \item At least one party is witnessing the log + \item Come say hello and contribute if you want! + \begin{itemize} + \item \texttt{irc/oftc \#siglog} + \item Matrix bridge\footnotemark + \item Open meetings every Tuesday, 1300 + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.3\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/thanks} + \end{column} + \end{columns} + \footnotetext[1]{\burl{https://github.com/system-transparency/stfe/}} + \footnotetext[2]{\burl{https://app.element.io/\#/room/\#siglog:matrix.org}} +\end{frame} |