From 76bae02bcd7d6b3ec9eea428e5e95da184a8dbfb Mon Sep 17 00:00:00 2001 From: Rasmus Dahlberg Date: Tue, 15 Oct 2024 15:35:20 +0200 Subject: Rescue some slides from old private mono repos --- slides/2018-ct-intro/README | 1 + slides/2018-ct-intro/beamercolorthemergd.sty | 24 + slides/2018-ct-intro/beamerfontthemergd.sty | 9 + slides/2018-ct-intro/beamerinnerthemergd.sty | 43 + slides/2018-ct-intro/beamerouterthemergd.sty | 66 ++ slides/2018-ct-intro/beamerthemergd.sty | 23 + slides/2018-ct-intro/img/apple-logo.png | Bin 0 -> 17298 bytes slides/2018-ct-intro/img/ca-mess.pdf | Bin 0 -> 131611 bytes slides/2018-ct-intro/img/chrome-cert.png | Bin 0 -> 85593 bytes slides/2018-ct-intro/img/chrome-http.png | Bin 0 -> 31589 bytes slides/2018-ct-intro/img/chrome-https.png | Bin 0 -> 33872 bytes slides/2018-ct-intro/img/chrome-logo.png | Bin 0 -> 148455 bytes slides/2018-ct-intro/img/ct.png | Bin 0 -> 25685 bytes slides/2018-ct-intro/img/firefox-logo.png | Bin 0 -> 406046 bytes slides/2018-ct-intro/img/le.png | Bin 0 -> 581850 bytes slides/2018-ct-intro/img/logo.png | Bin 0 -> 66309 bytes slides/2018-ct-intro/img/monitor-comodo.png | Bin 0 -> 115595 bytes slides/2018-ct-intro/img/monitor-facebook.png | Bin 0 -> 127559 bytes slides/2018-ct-intro/img/monitor-facebook2.png | Bin 0 -> 147989 bytes slides/2018-ct-intro/img/monitor-sslmate.png | Bin 0 -> 419794 bytes slides/2018-ct-intro/img/padlock.pdf | Bin 0 -> 37882 bytes slides/2018-ct-intro/img/qleft.pdf | Bin 0 -> 11388 bytes slides/2018-ct-intro/img/qright.pdf | Bin 0 -> 12895 bytes slides/2018-ct-intro/img/roadmap.pdf | Bin 0 -> 19274 bytes slides/2018-ct-intro/img/take-away.pdf | 68 ++ slides/2018-ct-intro/img/ty.pdf | Bin 0 -> 12497 bytes slides/2018-ct-intro/main.tex | 22 + slides/2018-ct-intro/makefile | 25 + slides/2018-ct-intro/slides.pdf | Bin 0 -> 2286683 bytes slides/2018-ct-intro/src/background.tex | 55 ++ slides/2018-ct-intro/src/body.tex | 7 + slides/2018-ct-intro/src/ct.tex | 77 ++ slides/2018-ct-intro/src/outline.tex | 16 + slides/2018-ct-intro/src/preamble.tex | 62 ++ slides/2018-ct-intro/src/questions.tex | 17 + slides/2018-ct-intro/src/take-away.tex | 24 + slides/2018-ct-intro/src/titlepage.tex | 3 + slides/2018-ct-intro/src/your-role.tex | 54 ++ slides/2018-lwm/.gitignore | 12 + slides/2018-lwm/README | 1 + slides/2018-lwm/beamercolorthemergd.sty | 24 + slides/2018-lwm/beamerfontthemergd.sty | 9 + slides/2018-lwm/beamerinnerthemergd.sty | 49 + slides/2018-lwm/beamerouterthemergd.sty | 66 ++ slides/2018-lwm/beamerthemergd.sty | 23 + slides/2018-lwm/handout.pdf | Bin 0 -> 595449 bytes slides/2018-lwm/img/batch.pdf | Bin 0 -> 8538 bytes slides/2018-lwm/img/ct.png | Bin 0 -> 25685 bytes slides/2018-lwm/img/frequency.pdf | Bin 0 -> 9500 bytes slides/2018-lwm/img/logo.png | Bin 0 -> 66309 bytes slides/2018-lwm/img/mt.tex | 26 + slides/2018-lwm/img/mtp.tex | 28 + slides/2018-lwm/img/overview.tex | 74 ++ slides/2018-lwm/img/perf.jpg | Bin 0 -> 152607 bytes slides/2018-lwm/img/proofcom.pdf | Bin 0 -> 12595 bytes slides/2018-lwm/img/proofgen.pdf | Bin 0 -> 14456 bytes slides/2018-lwm/img/proofvf.pdf | Bin 0 -> 14022 bytes slides/2018-lwm/img/qleft.pdf | Bin 0 -> 11388 bytes slides/2018-lwm/img/qright.pdf | Bin 0 -> 12895 bytes slides/2018-lwm/img/self-monitor.tex | 34 + slides/2018-lwm/img/snapshot.pdf | Bin 0 -> 11767 bytes slides/2018-lwm/img/takeaway.pdf | 68 ++ slides/2018-lwm/img/tp-monitor.tex | 43 + slides/2018-lwm/img/ty.pdf | Bin 0 -> 12497 bytes slides/2018-lwm/img/wildcard.tex | 22 + slides/2018-lwm/img/wish.pdf | Bin 0 -> 126291 bytes slides/2018-lwm/main.tex | 27 + slides/2018-lwm/slides.pdf | Bin 0 -> 613002 bytes slides/2018-lwm/src/body.tex | 268 ++++++ slides/2018-lwm/src/preamble.tex | 99 ++ slides/2018-lwm/src/questions.tex | 17 + slides/2018-lwm/src/titlepage.tex | 3 + slides/2018-software-security/.gitignore | 12 + slides/2018-software-security/README | 1 + .../2018-software-security/beamercolorthemergd.sty | 24 + .../2018-software-security/beamerfontthemergd.sty | 9 + .../2018-software-security/beamerinnerthemergd.sty | 49 + .../2018-software-security/beamerouterthemergd.sty | 66 ++ slides/2018-software-security/beamerthemergd.sty | 23 + slides/2018-software-security/demo/cmd_complex | 17 + slides/2018-software-security/demo/cmd_simple | 28 + slides/2018-software-security/demo/complex.c | 13 + slides/2018-software-security/demo/simple.c | 22 + slides/2018-software-security/handout.pdf | Bin 0 -> 2883792 bytes slides/2018-software-security/img/afl.jpg | Bin 0 -> 72066 bytes slides/2018-software-security/img/afl.png | Bin 0 -> 125021 bytes slides/2018-software-security/img/air-plane.pdf | Bin 0 -> 85623 bytes slides/2018-software-security/img/attacker.pdf | Bin 0 -> 18217 bytes slides/2018-software-security/img/bad-encode.jpg | Bin 0 -> 38869 bytes slides/2018-software-security/img/bug.jpg | Bin 0 -> 108875 bytes slides/2018-software-security/img/canary-after.png | Bin 0 -> 26788 bytes .../2018-software-security/img/canary-before.png | Bin 0 -> 25418 bytes slides/2018-software-security/img/canary-bird.jpg | Bin 0 -> 35554 bytes slides/2018-software-security/img/checklist.pdf | Bin 0 -> 3072 bytes slides/2018-software-security/img/clang.png | Bin 0 -> 32588 bytes slides/2018-software-security/img/cwe.png | Bin 0 -> 269488 bytes slides/2018-software-security/img/demo.png | Bin 0 -> 19989 bytes .../2018-software-security/img/google-rewards.png | Bin 0 -> 130803 bytes slides/2018-software-security/img/hb1.png | Bin 0 -> 185015 bytes slides/2018-software-security/img/hb2.png | Bin 0 -> 161801 bytes slides/2018-software-security/img/hb3.png | Bin 0 -> 188264 bytes slides/2018-software-security/img/hb4.png | Bin 0 -> 175161 bytes slides/2018-software-security/img/hb5.png | Bin 0 -> 202473 bytes slides/2018-software-security/img/hb6.png | Bin 0 -> 279847 bytes slides/2018-software-security/img/heartbleed.png | Bin 0 -> 14763 bytes slides/2018-software-security/img/icloud.tex | 0 slides/2018-software-security/img/libc.jpg | Bin 0 -> 14588 bytes slides/2018-software-security/img/logo.png | Bin 0 -> 66309 bytes slides/2018-software-security/img/memlay.png | Bin 0 -> 46100 bytes .../2018-software-security/img/memory-safe/go.png | Bin 0 -> 53655 bytes .../img/memory-safe/java.png | Bin 0 -> 41208 bytes .../img/memory-safe/python.jpg | Bin 0 -> 45683 bytes .../img/memory-safe/rust.png | Bin 0 -> 4461 bytes slides/2018-software-security/img/mit1.png | Bin 0 -> 246363 bytes slides/2018-software-security/img/mit2.png | Bin 0 -> 268538 bytes slides/2018-software-security/img/mit3.png | Bin 0 -> 252809 bytes slides/2018-software-security/img/qleft.pdf | Bin 0 -> 11388 bytes slides/2018-software-security/img/qright.pdf | Bin 0 -> 12895 bytes slides/2018-software-security/img/question.png | Bin 0 -> 219274 bytes slides/2018-software-security/img/real-bug.png | Bin 0 -> 183047 bytes .../2018-software-security/img/stack-smashing.png | Bin 0 -> 84738 bytes slides/2018-software-security/img/summary.jpg | Bin 0 -> 44483 bytes slides/2018-software-security/img/take-away.pdf | 68 ++ slides/2018-software-security/img/ty.pdf | Bin 0 -> 12497 bytes .../2018-software-security/img/weird-machine.png | Bin 0 -> 99870 bytes slides/2018-software-security/img/zerodium.png | Bin 0 -> 73000 bytes slides/2018-software-security/main.tex | 27 + .../2018-software-security/sample/._bo-stack.c.swp | Bin 0 -> 12288 bytes slides/2018-software-security/sample/_bo-heap.c | 19 + slides/2018-software-security/sample/_bo-stack.c | 21 + .../2018-software-security/sample/_stack-frame.c | 26 + .../sample/assignment-buffer-overflow.c | 15 + .../sample/assignment-integer-overflow.c | 15 + slides/2018-software-security/sample/bad-add.c | 10 + slides/2018-software-security/sample/bad-call.c | 10 + slides/2018-software-security/sample/bad-index.c | 4 + slides/2018-software-security/sample/bad-index2.c | 4 + slides/2018-software-security/sample/bad-printf.c | 4 + slides/2018-software-security/sample/bo-heap.c | 13 + slides/2018-software-security/sample/bo-stack.c | 12 + slides/2018-software-security/sample/build | 10 + slides/2018-software-security/sample/ldd | 7 + slides/2018-software-security/sample/ldd2 | 8 + slides/2018-software-security/sample/main.c | 4 + slides/2018-software-security/sample/splint | 17 + slides/2018-software-security/sample/stack-frame.c | 18 + .../sample/static-analysis.c | 10 + slides/2018-software-security/slides.pdf | Bin 0 -> 2997403 bytes slides/2018-software-security/src/body.tex | 1009 ++++++++++++++++++++ slides/2018-software-security/src/preamble.tex | 98 ++ slides/2018-software-security/src/questions.tex | 17 + slides/2018-software-security/src/titlepage.tex | 3 + slides/2019-ctga/README | 2 + slides/2019-ctga/beamercolorthemergd.sty | 24 + slides/2019-ctga/beamerfontthemergd.sty | 9 + slides/2019-ctga/beamerinnerthemergd.sty | 43 + slides/2019-ctga/beamerouterthemergd.sty | 66 ++ slides/2019-ctga/beamerthemergd.sty | 23 + slides/2019-ctga/img/ct.png | Bin 0 -> 25685 bytes slides/2019-ctga/img/design.pdf | Bin 0 -> 33094 bytes slides/2019-ctga/img/logo.png | Bin 0 -> 66309 bytes slides/2019-ctga/img/perf-netfpga.pdf | Bin 0 -> 20026 bytes slides/2019-ctga/img/perf-xdp.pdf | Bin 0 -> 21458 bytes slides/2019-ctga/img/pl.pdf | Bin 0 -> 13820 bytes slides/2019-ctga/img/qleft.pdf | Bin 0 -> 11388 bytes slides/2019-ctga/img/qright.pdf | Bin 0 -> 12895 bytes slides/2019-ctga/img/roadmap.pdf | Bin 0 -> 19274 bytes slides/2019-ctga/img/take-away.pdf | 68 ++ slides/2019-ctga/img/ty.pdf | Bin 0 -> 12497 bytes slides/2019-ctga/img/wcov-goo.pdf | Bin 0 -> 16906 bytes slides/2019-ctga/img/wcov-nor.pdf | Bin 0 -> 15456 bytes slides/2019-ctga/main.tex | 28 + slides/2019-ctga/makefile | 25 + slides/2019-ctga/slides.pdf | Bin 0 -> 297549 bytes slides/2019-ctga/src/background.tex | 21 + slides/2019-ctga/src/body.tex | 6 + slides/2019-ctga/src/ctga.tex | 32 + slides/2019-ctga/src/outline.tex | 17 + slides/2019-ctga/src/preamble.tex | 62 ++ slides/2019-ctga/src/questions.tex | 17 + slides/2019-ctga/src/take-away.tex | 15 + slides/2019-ctga/src/titlepage.tex | 3 + slides/2019-it-intro-computer-structure/.gitignore | 12 + slides/2019-it-intro-computer-structure/README | 1 + .../beamercolorthemergd.sty | 24 + .../beamerfontthemergd.sty | 9 + .../beamerinnerthemergd.sty | 43 + .../beamerouterthemergd.sty | 66 ++ .../beamerthemergd.sty | 23 + .../2019-it-intro-computer-structure/handout.pdf | Bin 0 -> 10331469 bytes .../2019-it-intro-computer-structure/img/ascii.png | Bin 0 -> 138820 bytes .../img/audio-card.jpg | Bin 0 -> 26051 bytes .../img/binary-joke.jpg | Bin 0 -> 77088 bytes .../img/binary.jpg | Bin 0 -> 26840 bytes .../img/build-pc.jpg | Bin 0 -> 261527 bytes .../2019-it-intro-computer-structure/img/case1.png | Bin 0 -> 457919 bytes .../2019-it-intro-computer-structure/img/case2.png | Bin 0 -> 336609 bytes .../img/computers-everywhere.jpg | Bin 0 -> 161358 bytes .../2019-it-intro-computer-structure/img/cpu.png | Bin 0 -> 1588530 bytes .../2019-it-intro-computer-structure/img/dp.jpeg | Bin 0 -> 322660 bytes .../img/graphics-card.jpg | Bin 0 -> 132600 bytes .../2019-it-intro-computer-structure/img/group.pdf | Bin 0 -> 4317 bytes .../2019-it-intro-computer-structure/img/hdd.jpg | Bin 0 -> 19347 bytes .../2019-it-intro-computer-structure/img/hdmi.jpg | Bin 0 -> 116838 bytes .../img/iphone.png | Bin 0 -> 1009813 bytes .../img/light-bulb.pdf | Bin 0 -> 65846 bytes .../img/light-bulb.svg | 619 ++++++++++++ .../2019-it-intro-computer-structure/img/logo.png | Bin 0 -> 66309 bytes .../2019-it-intro-computer-structure/img/mbp.png | Bin 0 -> 1110134 bytes .../img/memory.tex | 50 + .../img/moderkort.pdf | Bin 0 -> 447736 bytes .../img/moores-law.png | Bin 0 -> 400132 bytes .../img/motherboard.jpg | Bin 0 -> 181265 bytes .../img/network-card.jpg | Bin 0 -> 89045 bytes .../img/new-motherboard.jpg | Bin 0 -> 143194 bytes .../img/new-motherboard2.jpg | Bin 0 -> 174253 bytes .../img/pc-cat.jpg | Bin 0 -> 438086 bytes .../2019-it-intro-computer-structure/img/qleft.pdf | Bin 0 -> 11388 bytes .../img/qright.pdf | Bin 0 -> 12895 bytes .../2019-it-intro-computer-structure/img/ram.png | Bin 0 -> 87263 bytes .../img/raspberrypi.jpg | Bin 0 -> 287353 bytes .../2019-it-intro-computer-structure/img/ssd.png | Bin 0 -> 1024992 bytes slides/2019-it-intro-computer-structure/img/ty.pdf | Bin 0 -> 12497 bytes .../2019-it-intro-computer-structure/img/usb.jpg | Bin 0 -> 45730 bytes .../2019-it-intro-computer-structure/img/usb1.jpg | Bin 0 -> 15124 bytes .../2019-it-intro-computer-structure/img/usb2.jpg | Bin 0 -> 15859 bytes .../2019-it-intro-computer-structure/img/video.png | Bin 0 -> 641188 bytes slides/2019-it-intro-computer-structure/img/z3.jpg | Bin 0 -> 1329678 bytes slides/2019-it-intro-computer-structure/main.tex | 26 + slides/2019-it-intro-computer-structure/slides.pdf | Bin 0 -> 10350149 bytes .../2019-it-intro-computer-structure/src/body.tex | 601 ++++++++++++ .../src/preamble.tex | 72 ++ .../src/questions.tex | 17 + .../src/titlepage.tex | 3 + slides/2019-it-intro-computer-systems/.gitignore | 12 + slides/2019-it-intro-computer-systems/NOTE | 2 + slides/2019-it-intro-computer-systems/README | 1 + .../beamercolorthemergd.sty | 24 + .../beamerfontthemergd.sty | 9 + .../beamerinnerthemergd.sty | 43 + .../beamerouterthemergd.sty | 66 ++ .../beamerthemergd.sty | 23 + slides/2019-it-intro-computer-systems/handout.pdf | Bin 0 -> 2487555 bytes slides/2019-it-intro-computer-systems/img/apps.jpg | Bin 0 -> 201299 bytes .../2019-it-intro-computer-systems/img/apps2.jpg | Bin 0 -> 243832 bytes slides/2019-it-intro-computer-systems/img/aws.png | Bin 0 -> 46839 bytes .../2019-it-intro-computer-systems/img/binary.jpg | Bin 0 -> 77088 bytes .../img/computer-system.tex | 42 + slides/2019-it-intro-computer-systems/img/data.pdf | Bin 0 -> 45531 bytes .../2019-it-intro-computer-systems/img/driver.png | Bin 0 -> 14282 bytes .../img/ethernet.jpg | Bin 0 -> 87254 bytes slides/2019-it-intro-computer-systems/img/gce.png | Bin 0 -> 65943 bytes .../2019-it-intro-computer-systems/img/google.png | Bin 0 -> 36591 bytes .../2019-it-intro-computer-systems/img/group.pdf | Bin 0 -> 4317 bytes slides/2019-it-intro-computer-systems/img/hdd.jpg | Bin 0 -> 19347 bytes .../img/headphones.jpg | Bin 0 -> 45183 bytes .../2019-it-intro-computer-systems/img/icloud.png | Bin 0 -> 22142 bytes slides/2019-it-intro-computer-systems/img/ict.jpg | Bin 0 -> 42765 bytes .../img/internet.png | Bin 0 -> 163845 bytes .../2019-it-intro-computer-systems/img/kbuss.png | Bin 0 -> 244563 bytes .../img/keyboard.jpeg | Bin 0 -> 154170 bytes .../img/know-it-all.tex | 57 ++ .../2019-it-intro-computer-systems/img/layered.tex | 29 + slides/2019-it-intro-computer-systems/img/logo.png | Bin 0 -> 66309 bytes .../2019-it-intro-computer-systems/img/mcloud.png | Bin 0 -> 197629 bytes .../2019-it-intro-computer-systems/img/monitor.jpg | Bin 0 -> 50540 bytes .../2019-it-intro-computer-systems/img/mouse.png | Bin 0 -> 318408 bytes .../img/mouseclick.pdf | Bin 0 -> 1094 bytes slides/2019-it-intro-computer-systems/img/nop.jpg | Bin 0 -> 55617 bytes slides/2019-it-intro-computer-systems/img/os.png | Bin 0 -> 72990 bytes .../img/performance.tex | 20 + .../2019-it-intro-computer-systems/img/qleft.pdf | Bin 0 -> 11388 bytes .../2019-it-intro-computer-systems/img/qright.pdf | Bin 0 -> 12895 bytes .../img/radio-tower.pdf | Bin 0 -> 1560 bytes .../2019-it-intro-computer-systems/img/reality.jpg | Bin 0 -> 198899 bytes .../2019-it-intro-computer-systems/img/sensor.jpg | Bin 0 -> 105256 bytes slides/2019-it-intro-computer-systems/img/ssd.png | Bin 0 -> 1024992 bytes .../2019-it-intro-computer-systems/img/systems.tex | 27 + .../img/traffic-light.png | Bin 0 -> 84364 bytes .../2019-it-intro-computer-systems/img/trends.tex | 47 + .../img/tv-controller.jpg | Bin 0 -> 32763 bytes slides/2019-it-intro-computer-systems/img/ty.pdf | Bin 0 -> 12497 bytes slides/2019-it-intro-computer-systems/img/user.pdf | Bin 0 -> 10598 bytes slides/2019-it-intro-computer-systems/img/z3.jpg | Bin 0 -> 1329678 bytes slides/2019-it-intro-computer-systems/main.tex | 26 + slides/2019-it-intro-computer-systems/slides.pdf | Bin 0 -> 2512826 bytes slides/2019-it-intro-computer-systems/src/body.tex | 430 +++++++++ .../src/preamble.tex | 73 ++ .../src/questions.tex | 17 + .../src/titlepage.tex | 3 + slides/2019-it-intro-scrum/.gitignore | 12 + slides/2019-it-intro-scrum/README | 1 + slides/2019-it-intro-scrum/beamercolorthemergd.sty | 24 + slides/2019-it-intro-scrum/beamerfontthemergd.sty | 9 + slides/2019-it-intro-scrum/beamerinnerthemergd.sty | 43 + slides/2019-it-intro-scrum/beamerouterthemergd.sty | 66 ++ slides/2019-it-intro-scrum/beamerthemergd.sty | 23 + slides/2019-it-intro-scrum/handout.pdf | Bin 0 -> 10160955 bytes slides/2019-it-intro-scrum/img/agile-manifesto.png | Bin 0 -> 240884 bytes slides/2019-it-intro-scrum/img/board.png | Bin 0 -> 337241 bytes slides/2019-it-intro-scrum/img/burnout.jpg | Bin 0 -> 22146 bytes slides/2019-it-intro-scrum/img/cmp.png | Bin 0 -> 406181 bytes slides/2019-it-intro-scrum/img/debt.jpg | Bin 0 -> 49325 bytes slides/2019-it-intro-scrum/img/demo.png | Bin 0 -> 19989 bytes slides/2019-it-intro-scrum/img/done.jpg | Bin 0 -> 79774 bytes slides/2019-it-intro-scrum/img/esi.tex | 16 + slides/2019-it-intro-scrum/img/henke.png | Bin 0 -> 34502 bytes slides/2019-it-intro-scrum/img/hurry.jpg | Bin 0 -> 41436 bytes slides/2019-it-intro-scrum/img/iterative.png | Bin 0 -> 821391 bytes slides/2019-it-intro-scrum/img/logo.png | Bin 0 -> 66309 bytes slides/2019-it-intro-scrum/img/manifesto.png | Bin 0 -> 1167459 bytes slides/2019-it-intro-scrum/img/one-it.png | Bin 0 -> 132417 bytes slides/2019-it-intro-scrum/img/poker.png | Bin 0 -> 1726746 bytes slides/2019-it-intro-scrum/img/qleft.pdf | Bin 0 -> 11388 bytes slides/2019-it-intro-scrum/img/qright.pdf | Bin 0 -> 12895 bytes slides/2019-it-intro-scrum/img/reality.jpg | Bin 0 -> 81168 bytes slides/2019-it-intro-scrum/img/retrospective.png | Bin 0 -> 1377888 bytes slides/2019-it-intro-scrum/img/scrum-10m.png | Bin 0 -> 248835 bytes slides/2019-it-intro-scrum/img/scrum-1m.png | Bin 0 -> 287762 bytes slides/2019-it-intro-scrum/img/scrum-2m.png | Bin 0 -> 284616 bytes slides/2019-it-intro-scrum/img/scrum-and-xp.png | Bin 0 -> 19744 bytes slides/2019-it-intro-scrum/img/scrum-and-xp2.png | Bin 0 -> 20592 bytes slides/2019-it-intro-scrum/img/scrum-guide.png | Bin 0 -> 26122 bytes slides/2019-it-intro-scrum/img/scrum-overview.png | Bin 0 -> 807693 bytes slides/2019-it-intro-scrum/img/scrum-whole.jpg | Bin 0 -> 87288 bytes slides/2019-it-intro-scrum/img/tia.png | Bin 0 -> 28929 bytes slides/2019-it-intro-scrum/img/timeline.png | Bin 0 -> 315901 bytes slides/2019-it-intro-scrum/img/ty.pdf | Bin 0 -> 12497 bytes slides/2019-it-intro-scrum/img/works.png | Bin 0 -> 933666 bytes slides/2019-it-intro-scrum/main.tex | 27 + slides/2019-it-intro-scrum/slides.pdf | Bin 0 -> 10164736 bytes slides/2019-it-intro-scrum/src/body.tex | 383 ++++++++ slides/2019-it-intro-scrum/src/preamble.tex | 73 ++ slides/2019-it-intro-scrum/src/questions.tex | 17 + slides/2019-it-intro-scrum/src/titlepage.tex | 3 + slides/2019-side-channels/README | 1 + slides/2019-side-channels/beamercolorthemergd.sty | 24 + slides/2019-side-channels/beamerfontthemergd.sty | 9 + slides/2019-side-channels/beamerinnerthemergd.sty | 49 + slides/2019-side-channels/beamerouterthemergd.sty | 65 ++ slides/2019-side-channels/beamerthemergd.sty | 23 + slides/2019-side-channels/img/attacker.jpg | Bin 0 -> 9649 bytes slides/2019-side-channels/img/client.png | Bin 0 -> 48225 bytes slides/2019-side-channels/img/countermeasure.py | 18 + slides/2019-side-channels/img/demo.png | Bin 0 -> 506328 bytes slides/2019-side-channels/img/grandpa.png | Bin 0 -> 155510 bytes slides/2019-side-channels/img/isn | 7 + slides/2019-side-channels/img/logo.png | Bin 0 -> 66309 bytes slides/2019-side-channels/img/meltdown-dump.png | Bin 0 -> 120959 bytes slides/2019-side-channels/img/meltdown-ff.png | Bin 0 -> 167652 bytes slides/2019-side-channels/img/meltdown-insn.png | Bin 0 -> 36580 bytes slides/2019-side-channels/img/meltdown-isn | 3 + .../img/meltdown-out-of-order.png | Bin 0 -> 79533 bytes .../2019-side-channels/img/meltdown-pageload.png | Bin 0 -> 88408 bytes slides/2019-side-channels/img/meltdown.png | Bin 0 -> 79199 bytes slides/2019-side-channels/img/memlayout.png | Bin 0 -> 49683 bytes slides/2019-side-channels/img/pandora.jpg | Bin 0 -> 2892561 bytes slides/2019-side-channels/img/printersound.png | Bin 0 -> 150660 bytes .../img/security-door-zoomin.png | Bin 0 -> 316445 bytes .../img/security-door-zoomout.png | Bin 0 -> 712986 bytes slides/2019-side-channels/img/security-door.png | Bin 0 -> 371971 bytes slides/2019-side-channels/img/server.png | Bin 0 -> 22816 bytes slides/2019-side-channels/img/smartcard.png | Bin 0 -> 122659 bytes slides/2019-side-channels/img/strcmp.py | 18 + slides/2019-side-channels/img/timeit.png | Bin 0 -> 309045 bytes slides/2019-side-channels/img/ultrasound.png | Bin 0 -> 330507 bytes slides/2019-side-channels/img/voip.png | Bin 0 -> 150740 bytes slides/2019-side-channels/main.tex | 26 + slides/2019-side-channels/slides.pdf | Bin 0 -> 6759710 bytes slides/2019-side-channels/src/body.tex | 536 +++++++++++ slides/2019-side-channels/src/preamble.tex | 114 +++ slides/2019-side-channels/src/titlepage.tex | 3 + slides/2021-aha/README | 1 + slides/2021-aha/beamercolorthemergd.sty | 24 + slides/2021-aha/beamerfontthemergd.sty | 9 + slides/2021-aha/beamerinnerthemergd.sty | 49 + slides/2021-aha/beamerouterthemergd.sty | 71 ++ slides/2021-aha/beamerthemergd.sty | 23 + slides/2021-aha/handout.pdf | Bin 0 -> 3438463 bytes slides/2021-aha/img/after.tex | 70 ++ slides/2021-aha/img/before.tex | 46 + slides/2021-aha/img/beverwijk.jpg | Bin 0 -> 969066 bytes slides/2021-aha/img/clean.jpg | Bin 0 -> 365111 bytes slides/2021-aha/img/ct.tex | 69 ++ slides/2021-aha/img/curl.jpg | Bin 0 -> 1634737 bytes slides/2021-aha/img/diginotar.jpg | Bin 0 -> 67736 bytes slides/2021-aha/img/kau.png | Bin 0 -> 66309 bytes slides/2021-aha/img/log-request.tex | 47 + slides/2021-aha/img/mt.tex | 19 + slides/2021-aha/img/mullvad.png | Bin 0 -> 38642 bytes slides/2021-aha/img/openbsd.pdf | Bin 0 -> 1778095 bytes slides/2021-aha/img/rb.png | Bin 0 -> 38913 bytes slides/2021-aha/img/rgdd.jpg | Bin 0 -> 106846 bytes slides/2021-aha/img/thanks.pdf | Bin 0 -> 12497 bytes slides/2021-aha/img/tree-leaf.trunnel | 9 + slides/2021-aha/main.tex | 21 + slides/2021-aha/slides.pdf | Bin 0 -> 3477100 bytes slides/2021-aha/src/body.tex | 465 +++++++++ slides/2021-aha/src/preamble.tex | 113 +++ slides/2021-aha/src/titlepage.tex | 3 + slides/2021-padsec/README | 1 + slides/2021-padsec/beamercolorthemergd.sty | 24 + slides/2021-padsec/beamerfontthemergd.sty | 9 + slides/2021-padsec/beamerinnerthemergd.sty | 49 + slides/2021-padsec/beamerouterthemergd.sty | 71 ++ slides/2021-padsec/beamerthemergd.sty | 23 + slides/2021-padsec/handout.pdf | Bin 0 -> 2387005 bytes slides/2021-padsec/img/after.tex | 70 ++ slides/2021-padsec/img/before.tex | 46 + slides/2021-padsec/img/clean.jpg | Bin 0 -> 365111 bytes slides/2021-padsec/img/curl.jpg | Bin 0 -> 1634737 bytes slides/2021-padsec/img/kau.png | Bin 0 -> 66309 bytes slides/2021-padsec/img/log-request.tex | 47 + slides/2021-padsec/img/mt.tex | 19 + slides/2021-padsec/img/mullvad.png | Bin 0 -> 38642 bytes slides/2021-padsec/img/openbsd.pdf | Bin 0 -> 1778095 bytes slides/2021-padsec/img/rb.png | Bin 0 -> 38913 bytes slides/2021-padsec/img/rgdd.jpg | Bin 0 -> 106846 bytes slides/2021-padsec/img/thanks.pdf | Bin 0 -> 12497 bytes slides/2021-padsec/img/tree-leaf.trunnel | 9 + slides/2021-padsec/main.tex | 21 + slides/2021-padsec/slides.pdf | Bin 0 -> 2418265 bytes slides/2021-padsec/src/body.tex | 366 +++++++ slides/2021-padsec/src/preamble.tex | 113 +++ slides/2021-padsec/src/titlepage.tex | 3 + slides/2021-pets/.gitignore | 9 + slides/2021-pets/README | 3 + slides/2021-pets/beamercolorthemergd.sty | 24 + slides/2021-pets/beamerfontthemergd.sty | 9 + slides/2021-pets/beamerinnerthemergd.sty | 43 + slides/2021-pets/beamerouterthemergd.sty | 69 ++ slides/2021-pets/beamerthemergd.sty | 23 + slides/2021-pets/handout.pdf | Bin 0 -> 2392555 bytes slides/2021-pets/img/beverwijk.jpg | Bin 0 -> 969066 bytes slides/2021-pets/img/chrome.png | Bin 0 -> 333132 bytes slides/2021-pets/img/ct.tex | 72 ++ slides/2021-pets/img/design-full.pdf | Bin 0 -> 62338 bytes slides/2021-pets/img/design-incremental.pdf | Bin 0 -> 56192 bytes slides/2021-pets/img/diginotar.jpg | Bin 0 -> 67736 bytes slides/2021-pets/img/kau.png | Bin 0 -> 66309 bytes slides/2021-pets/img/magnify.png | Bin 0 -> 77138 bytes slides/2021-pets/img/mullvad.png | Bin 0 -> 38642 bytes slides/2021-pets/img/phase-1.png | Bin 0 -> 37143 bytes slides/2021-pets/img/phase-2.png | Bin 0 -> 14395 bytes slides/2021-pets/img/phase-3-4.png | Bin 0 -> 116692 bytes slides/2021-pets/img/safari.png | Bin 0 -> 584570 bytes slides/2021-pets/img/tb.png | Bin 0 -> 184995 bytes slides/2021-pets/img/thanks.pdf | Bin 0 -> 12497 bytes slides/2021-pets/main.tex | 27 + slides/2021-pets/slides.pdf | Bin 0 -> 2411045 bytes slides/2021-pets/src/body.tex | 413 ++++++++ slides/2021-pets/src/end.tex | 34 + slides/2021-pets/src/preamble.tex | 112 +++ slides/2021-pets/src/start.tex | 189 ++++ slides/2021-pets/src/titlepage.tex | 3 + slides/2021-surprise/.gitignore | 9 + slides/2021-surprise/README | 3 + slides/2021-surprise/beamercolorthemergd.sty | 24 + slides/2021-surprise/beamerfontthemergd.sty | 9 + slides/2021-surprise/beamerinnerthemergd.sty | 43 + slides/2021-surprise/beamerouterthemergd.sty | 69 ++ slides/2021-surprise/beamerthemergd.sty | 23 + slides/2021-surprise/handout.pdf | Bin 0 -> 271946 bytes slides/2021-surprise/img/kau.png | Bin 0 -> 66309 bytes slides/2021-surprise/img/tb.png | Bin 0 -> 184995 bytes slides/2021-surprise/main.tex | 27 + slides/2021-surprise/src/body.tex | 50 + slides/2021-surprise/src/preamble.tex | 113 +++ slides/2021-surprise/src/titlepage.tex | 3 + slides/2021-swits/README | 2 + slides/2021-swits/beamercolorthemergd.sty | 24 + slides/2021-swits/beamerfontthemergd.sty | 9 + slides/2021-swits/beamerinnerthemergd.sty | 49 + slides/2021-swits/beamerouterthemergd.sty | 71 ++ slides/2021-swits/beamerthemergd.sty | 23 + slides/2021-swits/handout.pdf | Bin 0 -> 704108 bytes slides/2021-swits/img/after.tex | 70 ++ slides/2021-swits/img/before.tex | 46 + slides/2021-swits/img/clean.jpg | Bin 0 -> 365111 bytes slides/2021-swits/img/kau.png | Bin 0 -> 66309 bytes slides/2021-swits/img/log-request.tex | 47 + slides/2021-swits/img/mt.tex | 19 + slides/2021-swits/img/mullvad.png | Bin 0 -> 38642 bytes slides/2021-swits/img/rgdd.jpg | Bin 0 -> 106846 bytes slides/2021-swits/img/thanks.pdf | Bin 0 -> 12497 bytes slides/2021-swits/img/tree-leaf.trunnel | 9 + slides/2021-swits/main.tex | 21 + slides/2021-swits/slides.pdf | Bin 0 -> 702436 bytes slides/2021-swits/src/body.tex | 202 ++++ slides/2021-swits/src/preamble.tex | 113 +++ slides/2021-swits/src/titlepage.tex | 3 + slides/2022-ct-days/README | 1 + slides/2022-ct-days/beamercolorthemergd.sty | 27 + slides/2022-ct-days/beamerfontthemergd.sty | 9 + slides/2022-ct-days/beamerinnerthemergd.sty | 49 + slides/2022-ct-days/beamerouterthemergd.sty | 68 ++ slides/2022-ct-days/beamerthemergd.sty | 23 + slides/2022-ct-days/handout.pdf | Bin 0 -> 2789021 bytes slides/2022-ct-days/img/benlaurie/2017.png | Bin 0 -> 31406 bytes slides/2022-ct-days/img/benlaurie/2018.png | Bin 0 -> 32496 bytes slides/2022-ct-days/img/benlaurie/2019.png | Bin 0 -> 24022 bytes slides/2022-ct-days/img/benlaurie/2020.png | Bin 0 -> 21965 bytes slides/2022-ct-days/img/benlaurie/2021.png | Bin 0 -> 30362 bytes slides/2022-ct-days/img/ctor/blog.png | Bin 0 -> 58220 bytes slides/2022-ct-days/img/ctor/full.pdf | Bin 0 -> 167011 bytes slides/2022-ct-days/img/ctor/incremental.pdf | Bin 0 -> 56192 bytes slides/2022-ct-days/img/ctor/paper.png | Bin 0 -> 83938 bytes slides/2022-ct-days/img/ctor/phase-1.pdf | Bin 0 -> 43707 bytes slides/2022-ct-days/img/ctor/phase-2.png | Bin 0 -> 14395 bytes slides/2022-ct-days/img/ctor/phase-3.pdf | Bin 0 -> 97941 bytes slides/2022-ct-days/img/ctor/phase-4.pdf | Bin 0 -> 31089 bytes slides/2022-ct-days/img/ctor/tb-to-auditor.pdf | Bin 0 -> 28744 bytes slides/2022-ct-days/img/ctor/tb-to-log.pdf | Bin 0 -> 62046 bytes slides/2022-ct-days/img/kau.png | Bin 0 -> 66309 bytes slides/2022-ct-days/img/mullvad.png | Bin 0 -> 38642 bytes slides/2022-ct-days/img/sigsum/foundation.png | Bin 0 -> 1105211 bytes slides/2022-ct-days/img/sigsum/history.png | Bin 0 -> 119121 bytes slides/2022-ct-days/img/sigsum/sshsig | 7 + slides/2022-ct-days/img/sigsum/sshvalues | 7 + slides/2022-ct-days/img/thanks.pdf | Bin 0 -> 12497 bytes slides/2022-ct-days/img/tor/overview.pdf | Bin 0 -> 218680 bytes slides/2022-ct-days/img/tor/tb.png | Bin 0 -> 184995 bytes slides/2022-ct-days/main.tex | 20 + slides/2022-ct-days/slides.pdf | Bin 0 -> 2884301 bytes slides/2022-ct-days/src/ctor.tex | 222 +++++ slides/2022-ct-days/src/outline.tex | 4 + slides/2022-ct-days/src/preamble.tex | 114 +++ slides/2022-ct-days/src/sigsum.tex | 675 +++++++++++++ slides/2022-ct-days/src/titlepage.tex | 3 + slides/2022-kll/.gitignore | 9 + slides/2022-kll/README | 4 + slides/2022-kll/beamercolorthemergd.sty | 28 + slides/2022-kll/beamerfontthemergd.sty | 9 + slides/2022-kll/beamerinnerthemergd.sty | 43 + slides/2022-kll/beamerouterthemergd.sty | 65 ++ slides/2022-kll/beamerthemergd.sty | 23 + slides/2022-kll/img/cas.pdf | Bin 0 -> 19328 bytes slides/2022-kll/img/cas.svg | 450 +++++++++ slides/2022-kll/img/cas/digicert.svg | 17 + slides/2022-kll/img/cas/google.svg | 8 + slides/2022-kll/img/cas/le.svg | 38 + slides/2022-kll/img/cas/sectigo.svg | 25 + slides/2022-kll/img/cas/trustasia.svg | 68 ++ slides/2022-kll/img/certificate.pdf | Bin 0 -> 26286 bytes slides/2022-kll/img/certificate.svg | 291 ++++++ slides/2022-kll/img/crt.png | Bin 0 -> 92590 bytes slides/2022-kll/img/ct.pdf | Bin 0 -> 6973 bytes slides/2022-kll/img/ct.svg | 229 +++++ slides/2022-kll/img/fire.pdf | Bin 0 -> 6848 bytes slides/2022-kll/img/fire.svg | 223 +++++ slides/2022-kll/img/kau.png | Bin 0 -> 66309 bytes slides/2022-kll/img/lock.png | Bin 0 -> 62869 bytes slides/2022-kll/img/login.png | Bin 0 -> 49468 bytes slides/2022-kll/img/outline.pdf | Bin 0 -> 14917 bytes slides/2022-kll/img/outline.svg | 292 ++++++ slides/2022-kll/main.tex | 25 + slides/2022-kll/slides.pdf | Bin 0 -> 320827 bytes slides/2022-kll/src/body.tex | 109 +++ slides/2022-kll/src/preamble.tex | 113 +++ slides/2022-kll/src/titlepage.tex | 3 + 560 files changed, 15095 insertions(+) create mode 100644 slides/2018-ct-intro/README create mode 100644 slides/2018-ct-intro/beamercolorthemergd.sty create mode 100644 slides/2018-ct-intro/beamerfontthemergd.sty create mode 100644 slides/2018-ct-intro/beamerinnerthemergd.sty create mode 100644 slides/2018-ct-intro/beamerouterthemergd.sty create mode 100644 slides/2018-ct-intro/beamerthemergd.sty create mode 100644 slides/2018-ct-intro/img/apple-logo.png create mode 100644 slides/2018-ct-intro/img/ca-mess.pdf create mode 100644 slides/2018-ct-intro/img/chrome-cert.png create mode 100644 slides/2018-ct-intro/img/chrome-http.png create mode 100644 slides/2018-ct-intro/img/chrome-https.png create mode 100644 slides/2018-ct-intro/img/chrome-logo.png create mode 100644 slides/2018-ct-intro/img/ct.png create mode 100644 slides/2018-ct-intro/img/firefox-logo.png create mode 100644 slides/2018-ct-intro/img/le.png create mode 100755 slides/2018-ct-intro/img/logo.png create mode 100644 slides/2018-ct-intro/img/monitor-comodo.png create mode 100644 slides/2018-ct-intro/img/monitor-facebook.png create mode 100644 slides/2018-ct-intro/img/monitor-facebook2.png create mode 100644 slides/2018-ct-intro/img/monitor-sslmate.png create mode 100644 slides/2018-ct-intro/img/padlock.pdf create mode 100644 slides/2018-ct-intro/img/qleft.pdf create mode 100644 slides/2018-ct-intro/img/qright.pdf create mode 100644 slides/2018-ct-intro/img/roadmap.pdf create mode 100644 slides/2018-ct-intro/img/take-away.pdf create mode 100644 slides/2018-ct-intro/img/ty.pdf create mode 100644 slides/2018-ct-intro/main.tex create mode 100644 slides/2018-ct-intro/makefile create mode 100644 slides/2018-ct-intro/slides.pdf create mode 100644 slides/2018-ct-intro/src/background.tex create mode 100644 slides/2018-ct-intro/src/body.tex create mode 100644 slides/2018-ct-intro/src/ct.tex create mode 100644 slides/2018-ct-intro/src/outline.tex create mode 100644 slides/2018-ct-intro/src/preamble.tex create mode 100644 slides/2018-ct-intro/src/questions.tex create mode 100644 slides/2018-ct-intro/src/take-away.tex create mode 100644 slides/2018-ct-intro/src/titlepage.tex create mode 100644 slides/2018-ct-intro/src/your-role.tex create mode 100644 slides/2018-lwm/.gitignore create mode 100644 slides/2018-lwm/README create mode 100644 slides/2018-lwm/beamercolorthemergd.sty create mode 100644 slides/2018-lwm/beamerfontthemergd.sty create mode 100644 slides/2018-lwm/beamerinnerthemergd.sty create mode 100644 slides/2018-lwm/beamerouterthemergd.sty create mode 100644 slides/2018-lwm/beamerthemergd.sty create mode 100644 slides/2018-lwm/handout.pdf create mode 100644 slides/2018-lwm/img/batch.pdf create mode 100644 slides/2018-lwm/img/ct.png create mode 100644 slides/2018-lwm/img/frequency.pdf create mode 100755 slides/2018-lwm/img/logo.png create mode 100644 slides/2018-lwm/img/mt.tex create mode 100644 slides/2018-lwm/img/mtp.tex create mode 100644 slides/2018-lwm/img/overview.tex create mode 100644 slides/2018-lwm/img/perf.jpg create mode 100644 slides/2018-lwm/img/proofcom.pdf create mode 100644 slides/2018-lwm/img/proofgen.pdf create mode 100644 slides/2018-lwm/img/proofvf.pdf create mode 100644 slides/2018-lwm/img/qleft.pdf create mode 100644 slides/2018-lwm/img/qright.pdf create mode 100644 slides/2018-lwm/img/self-monitor.tex create mode 100644 slides/2018-lwm/img/snapshot.pdf create mode 100644 slides/2018-lwm/img/takeaway.pdf create mode 100644 slides/2018-lwm/img/tp-monitor.tex create mode 100644 slides/2018-lwm/img/ty.pdf create mode 100644 slides/2018-lwm/img/wildcard.tex create mode 100644 slides/2018-lwm/img/wish.pdf create mode 100644 slides/2018-lwm/main.tex create mode 100644 slides/2018-lwm/slides.pdf create mode 100644 slides/2018-lwm/src/body.tex create mode 100644 slides/2018-lwm/src/preamble.tex create mode 100644 slides/2018-lwm/src/questions.tex create mode 100644 slides/2018-lwm/src/titlepage.tex create mode 100644 slides/2018-software-security/.gitignore create mode 100644 slides/2018-software-security/README create mode 100644 slides/2018-software-security/beamercolorthemergd.sty create mode 100644 slides/2018-software-security/beamerfontthemergd.sty create mode 100644 slides/2018-software-security/beamerinnerthemergd.sty create mode 100644 slides/2018-software-security/beamerouterthemergd.sty create mode 100644 slides/2018-software-security/beamerthemergd.sty create mode 100644 slides/2018-software-security/demo/cmd_complex create mode 100644 slides/2018-software-security/demo/cmd_simple create mode 100644 slides/2018-software-security/demo/complex.c create mode 100644 slides/2018-software-security/demo/simple.c create mode 100644 slides/2018-software-security/handout.pdf create mode 100644 slides/2018-software-security/img/afl.jpg create mode 100644 slides/2018-software-security/img/afl.png create mode 100644 slides/2018-software-security/img/air-plane.pdf create mode 100644 slides/2018-software-security/img/attacker.pdf create mode 100644 slides/2018-software-security/img/bad-encode.jpg create mode 100644 slides/2018-software-security/img/bug.jpg create mode 100644 slides/2018-software-security/img/canary-after.png create mode 100644 slides/2018-software-security/img/canary-before.png create mode 100644 slides/2018-software-security/img/canary-bird.jpg create mode 100644 slides/2018-software-security/img/checklist.pdf create mode 100644 slides/2018-software-security/img/clang.png create mode 100644 slides/2018-software-security/img/cwe.png create mode 100644 slides/2018-software-security/img/demo.png create mode 100644 slides/2018-software-security/img/google-rewards.png create mode 100644 slides/2018-software-security/img/hb1.png create mode 100644 slides/2018-software-security/img/hb2.png create mode 100644 slides/2018-software-security/img/hb3.png create mode 100644 slides/2018-software-security/img/hb4.png create mode 100644 slides/2018-software-security/img/hb5.png create mode 100644 slides/2018-software-security/img/hb6.png create mode 100644 slides/2018-software-security/img/heartbleed.png create mode 100644 slides/2018-software-security/img/icloud.tex create mode 100644 slides/2018-software-security/img/libc.jpg create mode 100755 slides/2018-software-security/img/logo.png create mode 100644 slides/2018-software-security/img/memlay.png create mode 100644 slides/2018-software-security/img/memory-safe/go.png create mode 100644 slides/2018-software-security/img/memory-safe/java.png create mode 100644 slides/2018-software-security/img/memory-safe/python.jpg create mode 100644 slides/2018-software-security/img/memory-safe/rust.png create mode 100644 slides/2018-software-security/img/mit1.png create mode 100644 slides/2018-software-security/img/mit2.png create mode 100644 slides/2018-software-security/img/mit3.png create mode 100644 slides/2018-software-security/img/qleft.pdf create mode 100644 slides/2018-software-security/img/qright.pdf create mode 100644 slides/2018-software-security/img/question.png create mode 100644 slides/2018-software-security/img/real-bug.png create mode 100644 slides/2018-software-security/img/stack-smashing.png create mode 100644 slides/2018-software-security/img/summary.jpg create mode 100644 slides/2018-software-security/img/take-away.pdf create mode 100644 slides/2018-software-security/img/ty.pdf create mode 100644 slides/2018-software-security/img/weird-machine.png create mode 100644 slides/2018-software-security/img/zerodium.png create mode 100644 slides/2018-software-security/main.tex create mode 100644 slides/2018-software-security/sample/._bo-stack.c.swp create mode 100644 slides/2018-software-security/sample/_bo-heap.c create mode 100644 slides/2018-software-security/sample/_bo-stack.c create mode 100644 slides/2018-software-security/sample/_stack-frame.c create mode 100644 slides/2018-software-security/sample/assignment-buffer-overflow.c create mode 100644 slides/2018-software-security/sample/assignment-integer-overflow.c create mode 100644 slides/2018-software-security/sample/bad-add.c create mode 100644 slides/2018-software-security/sample/bad-call.c create mode 100644 slides/2018-software-security/sample/bad-index.c create mode 100644 slides/2018-software-security/sample/bad-index2.c create mode 100644 slides/2018-software-security/sample/bad-printf.c create mode 100644 slides/2018-software-security/sample/bo-heap.c create mode 100644 slides/2018-software-security/sample/bo-stack.c create mode 100755 slides/2018-software-security/sample/build create mode 100644 slides/2018-software-security/sample/ldd create mode 100644 slides/2018-software-security/sample/ldd2 create mode 100644 slides/2018-software-security/sample/main.c create mode 100644 slides/2018-software-security/sample/splint create mode 100644 slides/2018-software-security/sample/stack-frame.c create mode 100644 slides/2018-software-security/sample/static-analysis.c create mode 100644 slides/2018-software-security/slides.pdf create mode 100644 slides/2018-software-security/src/body.tex create mode 100644 slides/2018-software-security/src/preamble.tex create mode 100644 slides/2018-software-security/src/questions.tex create mode 100644 slides/2018-software-security/src/titlepage.tex create mode 100644 slides/2019-ctga/README create mode 100644 slides/2019-ctga/beamercolorthemergd.sty create mode 100644 slides/2019-ctga/beamerfontthemergd.sty create mode 100644 slides/2019-ctga/beamerinnerthemergd.sty create mode 100644 slides/2019-ctga/beamerouterthemergd.sty create mode 100644 slides/2019-ctga/beamerthemergd.sty create mode 100644 slides/2019-ctga/img/ct.png create mode 100644 slides/2019-ctga/img/design.pdf create mode 100755 slides/2019-ctga/img/logo.png create mode 100644 slides/2019-ctga/img/perf-netfpga.pdf create mode 100644 slides/2019-ctga/img/perf-xdp.pdf create mode 100644 slides/2019-ctga/img/pl.pdf create mode 100644 slides/2019-ctga/img/qleft.pdf create mode 100644 slides/2019-ctga/img/qright.pdf create mode 100644 slides/2019-ctga/img/roadmap.pdf create mode 100644 slides/2019-ctga/img/take-away.pdf create mode 100644 slides/2019-ctga/img/ty.pdf create mode 100644 slides/2019-ctga/img/wcov-goo.pdf create mode 100644 slides/2019-ctga/img/wcov-nor.pdf create mode 100644 slides/2019-ctga/main.tex create mode 100644 slides/2019-ctga/makefile create mode 100644 slides/2019-ctga/slides.pdf create mode 100644 slides/2019-ctga/src/background.tex create mode 100644 slides/2019-ctga/src/body.tex create mode 100644 slides/2019-ctga/src/ctga.tex create mode 100644 slides/2019-ctga/src/outline.tex create mode 100644 slides/2019-ctga/src/preamble.tex create mode 100644 slides/2019-ctga/src/questions.tex create mode 100644 slides/2019-ctga/src/take-away.tex create mode 100644 slides/2019-ctga/src/titlepage.tex create mode 100644 slides/2019-it-intro-computer-structure/.gitignore create mode 100644 slides/2019-it-intro-computer-structure/README create mode 100644 slides/2019-it-intro-computer-structure/beamercolorthemergd.sty create mode 100644 slides/2019-it-intro-computer-structure/beamerfontthemergd.sty create mode 100644 slides/2019-it-intro-computer-structure/beamerinnerthemergd.sty create mode 100644 slides/2019-it-intro-computer-structure/beamerouterthemergd.sty create mode 100644 slides/2019-it-intro-computer-structure/beamerthemergd.sty create mode 100644 slides/2019-it-intro-computer-structure/handout.pdf create mode 100644 slides/2019-it-intro-computer-structure/img/ascii.png create mode 100644 slides/2019-it-intro-computer-structure/img/audio-card.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/binary-joke.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/binary.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/build-pc.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/case1.png create mode 100644 slides/2019-it-intro-computer-structure/img/case2.png create mode 100644 slides/2019-it-intro-computer-structure/img/computers-everywhere.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/cpu.png create mode 100644 slides/2019-it-intro-computer-structure/img/dp.jpeg create mode 100644 slides/2019-it-intro-computer-structure/img/graphics-card.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/group.pdf create mode 100644 slides/2019-it-intro-computer-structure/img/hdd.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/hdmi.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/iphone.png create mode 100644 slides/2019-it-intro-computer-structure/img/light-bulb.pdf create mode 100644 slides/2019-it-intro-computer-structure/img/light-bulb.svg create mode 100755 slides/2019-it-intro-computer-structure/img/logo.png create mode 100644 slides/2019-it-intro-computer-structure/img/mbp.png create mode 100644 slides/2019-it-intro-computer-structure/img/memory.tex create mode 100644 slides/2019-it-intro-computer-structure/img/moderkort.pdf create mode 100644 slides/2019-it-intro-computer-structure/img/moores-law.png create mode 100644 slides/2019-it-intro-computer-structure/img/motherboard.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/network-card.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/new-motherboard.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/new-motherboard2.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/pc-cat.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/qleft.pdf create mode 100644 slides/2019-it-intro-computer-structure/img/qright.pdf create mode 100644 slides/2019-it-intro-computer-structure/img/ram.png create mode 100644 slides/2019-it-intro-computer-structure/img/raspberrypi.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/ssd.png create mode 100644 slides/2019-it-intro-computer-structure/img/ty.pdf create mode 100644 slides/2019-it-intro-computer-structure/img/usb.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/usb1.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/usb2.jpg create mode 100644 slides/2019-it-intro-computer-structure/img/video.png create mode 100644 slides/2019-it-intro-computer-structure/img/z3.jpg create mode 100644 slides/2019-it-intro-computer-structure/main.tex create mode 100644 slides/2019-it-intro-computer-structure/slides.pdf create mode 100644 slides/2019-it-intro-computer-structure/src/body.tex create mode 100644 slides/2019-it-intro-computer-structure/src/preamble.tex create mode 100644 slides/2019-it-intro-computer-structure/src/questions.tex create mode 100644 slides/2019-it-intro-computer-structure/src/titlepage.tex create mode 100644 slides/2019-it-intro-computer-systems/.gitignore create mode 100644 slides/2019-it-intro-computer-systems/NOTE create mode 100644 slides/2019-it-intro-computer-systems/README create mode 100644 slides/2019-it-intro-computer-systems/beamercolorthemergd.sty create mode 100644 slides/2019-it-intro-computer-systems/beamerfontthemergd.sty create mode 100644 slides/2019-it-intro-computer-systems/beamerinnerthemergd.sty create mode 100644 slides/2019-it-intro-computer-systems/beamerouterthemergd.sty create mode 100644 slides/2019-it-intro-computer-systems/beamerthemergd.sty create mode 100644 slides/2019-it-intro-computer-systems/handout.pdf create mode 100644 slides/2019-it-intro-computer-systems/img/apps.jpg create mode 100644 slides/2019-it-intro-computer-systems/img/apps2.jpg create mode 100644 slides/2019-it-intro-computer-systems/img/aws.png create mode 100644 slides/2019-it-intro-computer-systems/img/binary.jpg create mode 100644 slides/2019-it-intro-computer-systems/img/computer-system.tex create mode 100644 slides/2019-it-intro-computer-systems/img/data.pdf create mode 100644 slides/2019-it-intro-computer-systems/img/driver.png create mode 100644 slides/2019-it-intro-computer-systems/img/ethernet.jpg create mode 100644 slides/2019-it-intro-computer-systems/img/gce.png create mode 100644 slides/2019-it-intro-computer-systems/img/google.png create mode 100644 slides/2019-it-intro-computer-systems/img/group.pdf create mode 100644 slides/2019-it-intro-computer-systems/img/hdd.jpg create mode 100644 slides/2019-it-intro-computer-systems/img/headphones.jpg create mode 100644 slides/2019-it-intro-computer-systems/img/icloud.png create mode 100644 slides/2019-it-intro-computer-systems/img/ict.jpg create mode 100644 slides/2019-it-intro-computer-systems/img/internet.png create mode 100644 slides/2019-it-intro-computer-systems/img/kbuss.png create mode 100644 slides/2019-it-intro-computer-systems/img/keyboard.jpeg create mode 100644 slides/2019-it-intro-computer-systems/img/know-it-all.tex create mode 100644 slides/2019-it-intro-computer-systems/img/layered.tex create mode 100755 slides/2019-it-intro-computer-systems/img/logo.png create mode 100644 slides/2019-it-intro-computer-systems/img/mcloud.png create mode 100644 slides/2019-it-intro-computer-systems/img/monitor.jpg create mode 100644 slides/2019-it-intro-computer-systems/img/mouse.png create mode 100644 slides/2019-it-intro-computer-systems/img/mouseclick.pdf create mode 100644 slides/2019-it-intro-computer-systems/img/nop.jpg create mode 100644 slides/2019-it-intro-computer-systems/img/os.png create mode 100644 slides/2019-it-intro-computer-systems/img/performance.tex create mode 100644 slides/2019-it-intro-computer-systems/img/qleft.pdf create mode 100644 slides/2019-it-intro-computer-systems/img/qright.pdf create mode 100644 slides/2019-it-intro-computer-systems/img/radio-tower.pdf create mode 100644 slides/2019-it-intro-computer-systems/img/reality.jpg create mode 100644 slides/2019-it-intro-computer-systems/img/sensor.jpg create mode 100644 slides/2019-it-intro-computer-systems/img/ssd.png create mode 100644 slides/2019-it-intro-computer-systems/img/systems.tex create mode 100644 slides/2019-it-intro-computer-systems/img/traffic-light.png create mode 100644 slides/2019-it-intro-computer-systems/img/trends.tex create mode 100644 slides/2019-it-intro-computer-systems/img/tv-controller.jpg create mode 100644 slides/2019-it-intro-computer-systems/img/ty.pdf create mode 100644 slides/2019-it-intro-computer-systems/img/user.pdf create mode 100644 slides/2019-it-intro-computer-systems/img/z3.jpg create mode 100644 slides/2019-it-intro-computer-systems/main.tex create mode 100644 slides/2019-it-intro-computer-systems/slides.pdf create mode 100644 slides/2019-it-intro-computer-systems/src/body.tex create mode 100644 slides/2019-it-intro-computer-systems/src/preamble.tex create mode 100644 slides/2019-it-intro-computer-systems/src/questions.tex create mode 100644 slides/2019-it-intro-computer-systems/src/titlepage.tex create mode 100644 slides/2019-it-intro-scrum/.gitignore create mode 100644 slides/2019-it-intro-scrum/README create mode 100644 slides/2019-it-intro-scrum/beamercolorthemergd.sty create mode 100644 slides/2019-it-intro-scrum/beamerfontthemergd.sty create mode 100644 slides/2019-it-intro-scrum/beamerinnerthemergd.sty create mode 100644 slides/2019-it-intro-scrum/beamerouterthemergd.sty create mode 100644 slides/2019-it-intro-scrum/beamerthemergd.sty create mode 100644 slides/2019-it-intro-scrum/handout.pdf create mode 100644 slides/2019-it-intro-scrum/img/agile-manifesto.png create mode 100644 slides/2019-it-intro-scrum/img/board.png create mode 100644 slides/2019-it-intro-scrum/img/burnout.jpg create mode 100644 slides/2019-it-intro-scrum/img/cmp.png create mode 100644 slides/2019-it-intro-scrum/img/debt.jpg create mode 100644 slides/2019-it-intro-scrum/img/demo.png create mode 100644 slides/2019-it-intro-scrum/img/done.jpg create mode 100644 slides/2019-it-intro-scrum/img/esi.tex create mode 100644 slides/2019-it-intro-scrum/img/henke.png create mode 100644 slides/2019-it-intro-scrum/img/hurry.jpg create mode 100644 slides/2019-it-intro-scrum/img/iterative.png create mode 100755 slides/2019-it-intro-scrum/img/logo.png create mode 100644 slides/2019-it-intro-scrum/img/manifesto.png create mode 100644 slides/2019-it-intro-scrum/img/one-it.png create mode 100644 slides/2019-it-intro-scrum/img/poker.png create mode 100644 slides/2019-it-intro-scrum/img/qleft.pdf create mode 100644 slides/2019-it-intro-scrum/img/qright.pdf create mode 100644 slides/2019-it-intro-scrum/img/reality.jpg create mode 100644 slides/2019-it-intro-scrum/img/retrospective.png create mode 100644 slides/2019-it-intro-scrum/img/scrum-10m.png create mode 100644 slides/2019-it-intro-scrum/img/scrum-1m.png create mode 100644 slides/2019-it-intro-scrum/img/scrum-2m.png create mode 100644 slides/2019-it-intro-scrum/img/scrum-and-xp.png create mode 100644 slides/2019-it-intro-scrum/img/scrum-and-xp2.png create mode 100644 slides/2019-it-intro-scrum/img/scrum-guide.png create mode 100644 slides/2019-it-intro-scrum/img/scrum-overview.png create mode 100644 slides/2019-it-intro-scrum/img/scrum-whole.jpg create mode 100644 slides/2019-it-intro-scrum/img/tia.png create mode 100644 slides/2019-it-intro-scrum/img/timeline.png create mode 100644 slides/2019-it-intro-scrum/img/ty.pdf create mode 100644 slides/2019-it-intro-scrum/img/works.png create mode 100644 slides/2019-it-intro-scrum/main.tex create mode 100644 slides/2019-it-intro-scrum/slides.pdf create mode 100644 slides/2019-it-intro-scrum/src/body.tex create mode 100644 slides/2019-it-intro-scrum/src/preamble.tex create mode 100644 slides/2019-it-intro-scrum/src/questions.tex create mode 100644 slides/2019-it-intro-scrum/src/titlepage.tex create mode 100644 slides/2019-side-channels/README create mode 100644 slides/2019-side-channels/beamercolorthemergd.sty create mode 100644 slides/2019-side-channels/beamerfontthemergd.sty create mode 100644 slides/2019-side-channels/beamerinnerthemergd.sty create mode 100644 slides/2019-side-channels/beamerouterthemergd.sty create mode 100644 slides/2019-side-channels/beamerthemergd.sty create mode 100644 slides/2019-side-channels/img/attacker.jpg create mode 100644 slides/2019-side-channels/img/client.png create mode 100755 slides/2019-side-channels/img/countermeasure.py create mode 100644 slides/2019-side-channels/img/demo.png create mode 100644 slides/2019-side-channels/img/grandpa.png create mode 100644 slides/2019-side-channels/img/isn create mode 100755 slides/2019-side-channels/img/logo.png create mode 100644 slides/2019-side-channels/img/meltdown-dump.png create mode 100644 slides/2019-side-channels/img/meltdown-ff.png create mode 100644 slides/2019-side-channels/img/meltdown-insn.png create mode 100644 slides/2019-side-channels/img/meltdown-isn create mode 100644 slides/2019-side-channels/img/meltdown-out-of-order.png create mode 100644 slides/2019-side-channels/img/meltdown-pageload.png create mode 100644 slides/2019-side-channels/img/meltdown.png create mode 100644 slides/2019-side-channels/img/memlayout.png create mode 100644 slides/2019-side-channels/img/pandora.jpg create mode 100644 slides/2019-side-channels/img/printersound.png create mode 100644 slides/2019-side-channels/img/security-door-zoomin.png create mode 100644 slides/2019-side-channels/img/security-door-zoomout.png create mode 100644 slides/2019-side-channels/img/security-door.png create mode 100644 slides/2019-side-channels/img/server.png create mode 100644 slides/2019-side-channels/img/smartcard.png create mode 100755 slides/2019-side-channels/img/strcmp.py create mode 100644 slides/2019-side-channels/img/timeit.png create mode 100644 slides/2019-side-channels/img/ultrasound.png create mode 100644 slides/2019-side-channels/img/voip.png create mode 100644 slides/2019-side-channels/main.tex create mode 100644 slides/2019-side-channels/slides.pdf create mode 100644 slides/2019-side-channels/src/body.tex create mode 100644 slides/2019-side-channels/src/preamble.tex create mode 100644 slides/2019-side-channels/src/titlepage.tex create mode 100644 slides/2021-aha/README create mode 100644 slides/2021-aha/beamercolorthemergd.sty create mode 100644 slides/2021-aha/beamerfontthemergd.sty create mode 100644 slides/2021-aha/beamerinnerthemergd.sty create mode 100644 slides/2021-aha/beamerouterthemergd.sty create mode 100644 slides/2021-aha/beamerthemergd.sty create mode 100644 slides/2021-aha/handout.pdf create mode 100644 slides/2021-aha/img/after.tex create mode 100644 slides/2021-aha/img/before.tex create mode 100644 slides/2021-aha/img/beverwijk.jpg create mode 100644 slides/2021-aha/img/clean.jpg create mode 100644 slides/2021-aha/img/ct.tex create mode 100644 slides/2021-aha/img/curl.jpg create mode 100644 slides/2021-aha/img/diginotar.jpg create mode 100755 slides/2021-aha/img/kau.png create mode 100644 slides/2021-aha/img/log-request.tex create mode 100644 slides/2021-aha/img/mt.tex create mode 100644 slides/2021-aha/img/mullvad.png create mode 100644 slides/2021-aha/img/openbsd.pdf create mode 100644 slides/2021-aha/img/rb.png create mode 100644 slides/2021-aha/img/rgdd.jpg create mode 100644 slides/2021-aha/img/thanks.pdf create mode 100644 slides/2021-aha/img/tree-leaf.trunnel create mode 100644 slides/2021-aha/main.tex create mode 100644 slides/2021-aha/slides.pdf create mode 100644 slides/2021-aha/src/body.tex create mode 100644 slides/2021-aha/src/preamble.tex create mode 100644 slides/2021-aha/src/titlepage.tex create mode 100644 slides/2021-padsec/README create mode 100644 slides/2021-padsec/beamercolorthemergd.sty create mode 100644 slides/2021-padsec/beamerfontthemergd.sty create mode 100644 slides/2021-padsec/beamerinnerthemergd.sty create mode 100644 slides/2021-padsec/beamerouterthemergd.sty create mode 100644 slides/2021-padsec/beamerthemergd.sty create mode 100644 slides/2021-padsec/handout.pdf create mode 100644 slides/2021-padsec/img/after.tex create mode 100644 slides/2021-padsec/img/before.tex create mode 100644 slides/2021-padsec/img/clean.jpg create mode 100644 slides/2021-padsec/img/curl.jpg create mode 100755 slides/2021-padsec/img/kau.png create mode 100644 slides/2021-padsec/img/log-request.tex create mode 100644 slides/2021-padsec/img/mt.tex create mode 100644 slides/2021-padsec/img/mullvad.png create mode 100644 slides/2021-padsec/img/openbsd.pdf create mode 100644 slides/2021-padsec/img/rb.png create mode 100644 slides/2021-padsec/img/rgdd.jpg create mode 100644 slides/2021-padsec/img/thanks.pdf create mode 100644 slides/2021-padsec/img/tree-leaf.trunnel create mode 100644 slides/2021-padsec/main.tex create mode 100644 slides/2021-padsec/slides.pdf create mode 100644 slides/2021-padsec/src/body.tex create mode 100644 slides/2021-padsec/src/preamble.tex create mode 100644 slides/2021-padsec/src/titlepage.tex create mode 100644 slides/2021-pets/.gitignore create mode 100644 slides/2021-pets/README create mode 100644 slides/2021-pets/beamercolorthemergd.sty create mode 100644 slides/2021-pets/beamerfontthemergd.sty create mode 100644 slides/2021-pets/beamerinnerthemergd.sty create mode 100644 slides/2021-pets/beamerouterthemergd.sty create mode 100644 slides/2021-pets/beamerthemergd.sty create mode 100644 slides/2021-pets/handout.pdf create mode 100644 slides/2021-pets/img/beverwijk.jpg create mode 100644 slides/2021-pets/img/chrome.png create mode 100644 slides/2021-pets/img/ct.tex create mode 100644 slides/2021-pets/img/design-full.pdf create mode 100644 slides/2021-pets/img/design-incremental.pdf create mode 100644 slides/2021-pets/img/diginotar.jpg create mode 100755 slides/2021-pets/img/kau.png create mode 100644 slides/2021-pets/img/magnify.png create mode 100644 slides/2021-pets/img/mullvad.png create mode 100644 slides/2021-pets/img/phase-1.png create mode 100644 slides/2021-pets/img/phase-2.png create mode 100644 slides/2021-pets/img/phase-3-4.png create mode 100644 slides/2021-pets/img/safari.png create mode 100644 slides/2021-pets/img/tb.png create mode 100644 slides/2021-pets/img/thanks.pdf create mode 100644 slides/2021-pets/main.tex create mode 100644 slides/2021-pets/slides.pdf create mode 100644 slides/2021-pets/src/body.tex create mode 100644 slides/2021-pets/src/end.tex create mode 100644 slides/2021-pets/src/preamble.tex create mode 100644 slides/2021-pets/src/start.tex create mode 100644 slides/2021-pets/src/titlepage.tex create mode 100644 slides/2021-surprise/.gitignore create mode 100644 slides/2021-surprise/README create mode 100644 slides/2021-surprise/beamercolorthemergd.sty create mode 100644 slides/2021-surprise/beamerfontthemergd.sty create mode 100644 slides/2021-surprise/beamerinnerthemergd.sty create mode 100644 slides/2021-surprise/beamerouterthemergd.sty create mode 100644 slides/2021-surprise/beamerthemergd.sty create mode 100644 slides/2021-surprise/handout.pdf create mode 100755 slides/2021-surprise/img/kau.png create mode 100644 slides/2021-surprise/img/tb.png create mode 100644 slides/2021-surprise/main.tex create mode 100644 slides/2021-surprise/src/body.tex create mode 100644 slides/2021-surprise/src/preamble.tex create mode 100644 slides/2021-surprise/src/titlepage.tex create mode 100644 slides/2021-swits/README create mode 100644 slides/2021-swits/beamercolorthemergd.sty create mode 100644 slides/2021-swits/beamerfontthemergd.sty create mode 100644 slides/2021-swits/beamerinnerthemergd.sty create mode 100644 slides/2021-swits/beamerouterthemergd.sty create mode 100644 slides/2021-swits/beamerthemergd.sty create mode 100644 slides/2021-swits/handout.pdf create mode 100644 slides/2021-swits/img/after.tex create mode 100644 slides/2021-swits/img/before.tex create mode 100644 slides/2021-swits/img/clean.jpg create mode 100755 slides/2021-swits/img/kau.png create mode 100644 slides/2021-swits/img/log-request.tex create mode 100644 slides/2021-swits/img/mt.tex create mode 100644 slides/2021-swits/img/mullvad.png create mode 100644 slides/2021-swits/img/rgdd.jpg create mode 100644 slides/2021-swits/img/thanks.pdf create mode 100644 slides/2021-swits/img/tree-leaf.trunnel create mode 100644 slides/2021-swits/main.tex create mode 100644 slides/2021-swits/slides.pdf create mode 100644 slides/2021-swits/src/body.tex create mode 100644 slides/2021-swits/src/preamble.tex create mode 100644 slides/2021-swits/src/titlepage.tex create mode 100644 slides/2022-ct-days/README create mode 100644 slides/2022-ct-days/beamercolorthemergd.sty create mode 100644 slides/2022-ct-days/beamerfontthemergd.sty create mode 100644 slides/2022-ct-days/beamerinnerthemergd.sty create mode 100644 slides/2022-ct-days/beamerouterthemergd.sty create mode 100644 slides/2022-ct-days/beamerthemergd.sty create mode 100644 slides/2022-ct-days/handout.pdf create mode 100644 slides/2022-ct-days/img/benlaurie/2017.png create mode 100644 slides/2022-ct-days/img/benlaurie/2018.png create mode 100644 slides/2022-ct-days/img/benlaurie/2019.png create mode 100644 slides/2022-ct-days/img/benlaurie/2020.png create mode 100644 slides/2022-ct-days/img/benlaurie/2021.png create mode 100644 slides/2022-ct-days/img/ctor/blog.png create mode 100644 slides/2022-ct-days/img/ctor/full.pdf create mode 100644 slides/2022-ct-days/img/ctor/incremental.pdf create mode 100644 slides/2022-ct-days/img/ctor/paper.png create mode 100644 slides/2022-ct-days/img/ctor/phase-1.pdf create mode 100644 slides/2022-ct-days/img/ctor/phase-2.png create mode 100644 slides/2022-ct-days/img/ctor/phase-3.pdf create mode 100644 slides/2022-ct-days/img/ctor/phase-4.pdf create mode 100644 slides/2022-ct-days/img/ctor/tb-to-auditor.pdf create mode 100644 slides/2022-ct-days/img/ctor/tb-to-log.pdf create mode 100755 slides/2022-ct-days/img/kau.png create mode 100644 slides/2022-ct-days/img/mullvad.png create mode 100644 slides/2022-ct-days/img/sigsum/foundation.png create mode 100644 slides/2022-ct-days/img/sigsum/history.png create mode 100644 slides/2022-ct-days/img/sigsum/sshsig create mode 100644 slides/2022-ct-days/img/sigsum/sshvalues create mode 100644 slides/2022-ct-days/img/thanks.pdf create mode 100644 slides/2022-ct-days/img/tor/overview.pdf create mode 100644 slides/2022-ct-days/img/tor/tb.png create mode 100644 slides/2022-ct-days/main.tex create mode 100644 slides/2022-ct-days/slides.pdf create mode 100644 slides/2022-ct-days/src/ctor.tex create mode 100644 slides/2022-ct-days/src/outline.tex create mode 100644 slides/2022-ct-days/src/preamble.tex create mode 100644 slides/2022-ct-days/src/sigsum.tex create mode 100644 slides/2022-ct-days/src/titlepage.tex create mode 100644 slides/2022-kll/.gitignore create mode 100644 slides/2022-kll/README create mode 100644 slides/2022-kll/beamercolorthemergd.sty create mode 100644 slides/2022-kll/beamerfontthemergd.sty create mode 100644 slides/2022-kll/beamerinnerthemergd.sty create mode 100644 slides/2022-kll/beamerouterthemergd.sty create mode 100644 slides/2022-kll/beamerthemergd.sty create mode 100644 slides/2022-kll/img/cas.pdf create mode 100644 slides/2022-kll/img/cas.svg create mode 100644 slides/2022-kll/img/cas/digicert.svg create mode 100644 slides/2022-kll/img/cas/google.svg create mode 100644 slides/2022-kll/img/cas/le.svg create mode 100644 slides/2022-kll/img/cas/sectigo.svg create mode 100644 slides/2022-kll/img/cas/trustasia.svg create mode 100644 slides/2022-kll/img/certificate.pdf create mode 100644 slides/2022-kll/img/certificate.svg create mode 100644 slides/2022-kll/img/crt.png create mode 100644 slides/2022-kll/img/ct.pdf create mode 100644 slides/2022-kll/img/ct.svg create mode 100644 slides/2022-kll/img/fire.pdf create mode 100644 slides/2022-kll/img/fire.svg create mode 100755 slides/2022-kll/img/kau.png create mode 100644 slides/2022-kll/img/lock.png create mode 100644 slides/2022-kll/img/login.png create mode 100644 slides/2022-kll/img/outline.pdf create mode 100644 slides/2022-kll/img/outline.svg create mode 100644 slides/2022-kll/main.tex create mode 100644 slides/2022-kll/slides.pdf create mode 100644 slides/2022-kll/src/body.tex create mode 100644 slides/2022-kll/src/preamble.tex create mode 100644 slides/2022-kll/src/titlepage.tex diff --git a/slides/2018-ct-intro/README b/slides/2018-ct-intro/README new file mode 100644 index 0000000..3e18970 --- /dev/null +++ b/slides/2018-ct-intro/README @@ -0,0 +1 @@ +Intro to CT when Tobias and I was doing a few guest lectures at Soleil IT. diff --git a/slides/2018-ct-intro/beamercolorthemergd.sty b/slides/2018-ct-intro/beamercolorthemergd.sty new file mode 100644 index 0000000..74ced1c --- /dev/null +++ b/slides/2018-ct-intro/beamercolorthemergd.sty @@ -0,0 +1,24 @@ +\mode + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} + +\mode diff --git a/slides/2018-ct-intro/beamerfontthemergd.sty b/slides/2018-ct-intro/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2018-ct-intro/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode diff --git a/slides/2018-ct-intro/beamerinnerthemergd.sty b/slides/2018-ct-intro/beamerinnerthemergd.sty new file mode 100644 index 0000000..0d49176 --- /dev/null +++ b/slides/2018-ct-intro/beamerinnerthemergd.sty @@ -0,0 +1,43 @@ +\mode + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + % Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](Logo){\includegraphics[width=3cm]{img/logo}} + (current page.west) -- + (current page.north west); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add subtitle + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{subtitle}\insertsubtitle\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=12pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + \end{tikzpicture} +} + +\mode diff --git a/slides/2018-ct-intro/beamerouterthemergd.sty b/slides/2018-ct-intro/beamerouterthemergd.sty new file mode 100644 index 0000000..ba757c6 --- /dev/null +++ b/slides/2018-ct-intro/beamerouterthemergd.sty @@ -0,0 +1,66 @@ +\mode + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add mail + \begin{beamercolorbox}[ + wd=0.22\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{trailer} + \texttt{rasmus.dahlberg@kau.se} + \end{beamercolorbox}% + % Add author + \begin{beamercolorbox}[ + wd=0.73\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{header} + %\insertauthor + \inserttitle + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.05\paperwidth, + ht=2ex, + dp=0.5ex, + right, + rightskip=1ex + ]{header} + \insertframenumber/\inserttotalframenumber + \end{beamercolorbox}% + } +} + +\mode diff --git a/slides/2018-ct-intro/beamerthemergd.sty b/slides/2018-ct-intro/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2018-ct-intro/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode diff --git a/slides/2018-ct-intro/img/apple-logo.png b/slides/2018-ct-intro/img/apple-logo.png new file mode 100644 index 0000000..2bdfbab Binary files /dev/null and b/slides/2018-ct-intro/img/apple-logo.png differ diff --git a/slides/2018-ct-intro/img/ca-mess.pdf b/slides/2018-ct-intro/img/ca-mess.pdf new file mode 100644 index 0000000..44b963a Binary files /dev/null and b/slides/2018-ct-intro/img/ca-mess.pdf differ diff --git a/slides/2018-ct-intro/img/chrome-cert.png b/slides/2018-ct-intro/img/chrome-cert.png new file mode 100644 index 0000000..32e1c5c Binary files /dev/null and b/slides/2018-ct-intro/img/chrome-cert.png differ diff --git a/slides/2018-ct-intro/img/chrome-http.png b/slides/2018-ct-intro/img/chrome-http.png new file mode 100644 index 0000000..284ab02 Binary files /dev/null and b/slides/2018-ct-intro/img/chrome-http.png differ diff --git a/slides/2018-ct-intro/img/chrome-https.png b/slides/2018-ct-intro/img/chrome-https.png new file mode 100644 index 0000000..e3d26f0 Binary files /dev/null and b/slides/2018-ct-intro/img/chrome-https.png differ diff --git a/slides/2018-ct-intro/img/chrome-logo.png b/slides/2018-ct-intro/img/chrome-logo.png new file mode 100644 index 0000000..070e192 Binary files /dev/null and b/slides/2018-ct-intro/img/chrome-logo.png differ diff --git a/slides/2018-ct-intro/img/ct.png b/slides/2018-ct-intro/img/ct.png new file mode 100644 index 0000000..10267e7 Binary files /dev/null and b/slides/2018-ct-intro/img/ct.png differ diff --git a/slides/2018-ct-intro/img/firefox-logo.png b/slides/2018-ct-intro/img/firefox-logo.png new file mode 100644 index 0000000..9ebb106 Binary files /dev/null and b/slides/2018-ct-intro/img/firefox-logo.png differ diff --git a/slides/2018-ct-intro/img/le.png b/slides/2018-ct-intro/img/le.png new file mode 100644 index 0000000..b7f89d9 Binary files /dev/null and b/slides/2018-ct-intro/img/le.png differ diff --git a/slides/2018-ct-intro/img/logo.png b/slides/2018-ct-intro/img/logo.png new file mode 100755 index 0000000..0c7c885 Binary files /dev/null and b/slides/2018-ct-intro/img/logo.png differ diff --git a/slides/2018-ct-intro/img/monitor-comodo.png b/slides/2018-ct-intro/img/monitor-comodo.png new file mode 100644 index 0000000..23484f5 Binary files /dev/null and b/slides/2018-ct-intro/img/monitor-comodo.png differ diff --git a/slides/2018-ct-intro/img/monitor-facebook.png b/slides/2018-ct-intro/img/monitor-facebook.png new file mode 100644 index 0000000..68f62c4 Binary files /dev/null and b/slides/2018-ct-intro/img/monitor-facebook.png differ diff --git a/slides/2018-ct-intro/img/monitor-facebook2.png b/slides/2018-ct-intro/img/monitor-facebook2.png new file mode 100644 index 0000000..e540815 Binary files /dev/null and b/slides/2018-ct-intro/img/monitor-facebook2.png differ diff --git a/slides/2018-ct-intro/img/monitor-sslmate.png b/slides/2018-ct-intro/img/monitor-sslmate.png new file mode 100644 index 0000000..8640a04 Binary files /dev/null and b/slides/2018-ct-intro/img/monitor-sslmate.png differ diff --git a/slides/2018-ct-intro/img/padlock.pdf b/slides/2018-ct-intro/img/padlock.pdf new file mode 100644 index 0000000..b902e72 Binary files /dev/null and b/slides/2018-ct-intro/img/padlock.pdf differ diff --git a/slides/2018-ct-intro/img/qleft.pdf b/slides/2018-ct-intro/img/qleft.pdf new file mode 100644 index 0000000..f35a078 Binary files /dev/null and b/slides/2018-ct-intro/img/qleft.pdf differ diff --git a/slides/2018-ct-intro/img/qright.pdf b/slides/2018-ct-intro/img/qright.pdf new file mode 100644 index 0000000..da2e8e3 Binary files /dev/null and b/slides/2018-ct-intro/img/qright.pdf differ diff --git a/slides/2018-ct-intro/img/roadmap.pdf b/slides/2018-ct-intro/img/roadmap.pdf new file mode 100644 index 0000000..867fb20 Binary files /dev/null and b/slides/2018-ct-intro/img/roadmap.pdf differ diff --git a/slides/2018-ct-intro/img/take-away.pdf b/slides/2018-ct-intro/img/take-away.pdf new file mode 100644 index 0000000..7d3b190 --- /dev/null +++ b/slides/2018-ct-intro/img/take-away.pdf @@ -0,0 +1,68 @@ +%PDF-1.4 +%µí®û +3 0 obj +<< /Length 4 0 R + /Filter /FlateDecode +>> +stream +xœmŒAÃ0"„‚ ŽýŒ>¡—¦‡äæÿRŸ#$–E³{’rÎã×Gy»àCš\ÅÆ`×Â;´ã»¨(dçUt€Ðè0fµ„-ÉÒTØ…¬ÕA7ïè TxÂ1f¯Õš;"£*¤4{È~éM7ä‘$ +endstream +endobj +4 0 obj + 118 +endobj +2 0 obj +<< + /ExtGState << + /a0 << /CA 1 /ca 1 >> + >> +>> +endobj +5 0 obj +<< /Type /Page + /Parent 1 0 R + /MediaBox [ 0 0 12.8 12.8 ] + /Contents 3 0 R + /Group << + /Type /Group + /S /Transparency + /I true + /CS /DeviceRGB + >> + /Resources 2 0 R +>> +endobj +1 0 obj +<< /Type /Pages + /Kids [ 5 0 R ] + /Count 1 +>> +endobj +6 0 obj +<< /Creator (cairo 1.14.0 (http://cairographics.org)) + /Producer (cairo 1.14.0 (http://cairographics.org)) +>> +endobj +7 0 obj +<< /Type /Catalog + /Pages 1 0 R +>> +endobj +xref +0 8 +0000000000 65535 f +0000000520 00000 n +0000000232 00000 n +0000000015 00000 n +0000000210 00000 n +0000000304 00000 n +0000000585 00000 n +0000000712 00000 n +trailer +<< /Size 8 + /Root 7 0 R + /Info 6 0 R +>> +startxref +764 +%%EOF diff --git a/slides/2018-ct-intro/img/ty.pdf b/slides/2018-ct-intro/img/ty.pdf new file mode 100644 index 0000000..9ad4dc8 Binary files /dev/null and b/slides/2018-ct-intro/img/ty.pdf differ diff --git a/slides/2018-ct-intro/main.tex b/slides/2018-ct-intro/main.tex new file mode 100644 index 0000000..f03c3ed --- /dev/null +++ b/slides/2018-ct-intro/main.tex @@ -0,0 +1,22 @@ +\pdfminorversion=4 +\documentclass[aspectratio=169]{beamer} +\usetheme{rgd} + +\input{src/preamble} + +\title{% + An Introduction to Certificate Transparency +} +%\subtitle{% +%} +\author{% + Rasmus Dahlberg and Tobias Pulls +} +\institute{% + Karlstad University +} +\date{% +} +\begin{document} + \input{src/body} +\end{document} diff --git a/slides/2018-ct-intro/makefile b/slides/2018-ct-intro/makefile new file mode 100644 index 0000000..b42d0ec --- /dev/null +++ b/slides/2018-ct-intro/makefile @@ -0,0 +1,25 @@ +.PHONY: clean tidy open + +MAIN = main + +TEX_SRC = src/$(wildcard:.tex) +TEX_IMG = \ + img/$(wildcard:.jpg) \ + img/$(wildcard:.tex) \ + img/$(wildcard:.pdf) \ + img/$(wildcard:.png) +TEX = \ + $(TEX_SRC) $(TEX_IMG) $(MAIN).tex + +$(MAIN).pdf: $(TEX) + pdflatex $(MAIN) + @pdflatex $(MAIN) + +open: $(MAIN).pdf + okular $(MAIN).pdf & + +tidy: + rm -rf *.nav *.out *.log *.aux *.toc *.snm + +clean: + rm -rf *.nav *.out *.log *.aux *.toc *.snm $(MAIN).pdf diff --git a/slides/2018-ct-intro/slides.pdf b/slides/2018-ct-intro/slides.pdf new file mode 100644 index 0000000..a46aec6 Binary files /dev/null and b/slides/2018-ct-intro/slides.pdf differ diff --git a/slides/2018-ct-intro/src/background.tex b/slides/2018-ct-intro/src/background.tex new file mode 100644 index 0000000..a61d205 --- /dev/null +++ b/slides/2018-ct-intro/src/background.tex @@ -0,0 +1,55 @@ +\begin{frame} + \frametitle{How is trust established on the web?} + \centering + \includegraphics<1>[height=0.85\textheight]{img/chrome-http} + \includegraphics<2>[height=0.85\textheight]{img/chrome-https} +\end{frame} + +\begin{frame} + \frametitle{What is the meaning of the padlock?} + \begin{columns} + \begin{column}{0.69\textwidth} + \begin{description} + \item[\tyes] Communication is encrypted + \item[\tyes] Communication is not tampered with + \item[\tyes] Server identity is verified + \end{description} + \end{column} + \begin{column}{0.29\textwidth} + \centering + \includegraphics[width=0.9\textwidth]{img/padlock} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Server verification relies on certificate issuance} + \centering + \includegraphics[height=0.85\textheight]{img/chrome-cert} +\end{frame} + +\begin{frame} + \frametitle{Tracking certificate issuance is a mess} + \centering + \includegraphics[height=0.8\textheight,width=0.7\textwidth]{img/ca-mess} + \scriptsize{\url{https://www.eff.org/files/colour_map_of_cas.pdf}} +\end{frame} + +\begin{frame} + \frametitle{Certificate issuance gone wrong...} + \centering + \begin{tabular}{cc|l} + Year & Issuer & Mis-issued certificates affected e.g. \\ + \toprule + 2010 & Versign & Unkown \\ + 2011 & Comodo & Google, Mozilla, Yahoo \\ + 2011 & DigiNotar & Google\footnote{These certificates were used to attack $\approx100,000$ gmail users in Iran}, Skype, Tor... \\ + 2012 & Trustwave & Enterprise employees \\ + 2012 & T\"{u}rkTrust & Google \\ + 2013 & ANSSI & Google \\ + 2013 & Thawte & Google \\ + 2016 & Let's Encrypt & Facebook \\ + ... & ... & ... \\ + \end{tabular} +\end{frame} + diff --git a/slides/2018-ct-intro/src/body.tex b/slides/2018-ct-intro/src/body.tex new file mode 100644 index 0000000..f3f6842 --- /dev/null +++ b/slides/2018-ct-intro/src/body.tex @@ -0,0 +1,7 @@ +\input{src/titlepage} +\input{src/outline} +\input{src/background} +\input{src/ct} +\input{src/your-role} +\input{src/take-away} +\input{src/questions} diff --git a/slides/2018-ct-intro/src/ct.tex b/slides/2018-ct-intro/src/ct.tex new file mode 100644 index 0000000..88496a3 --- /dev/null +++ b/slides/2018-ct-intro/src/ct.tex @@ -0,0 +1,77 @@ +\begin{frame} + \frametitle{Certificate Transparency (CT) to the resque} + \centering + \begin{columns} + \begin{column}{0.55\textwidth} + \begin{itemize} + \item Publicly log all certificates + \item Clients require proof of logging + \item Anyone can inspect the logs + \item Goal is to \alert{detect} mis-issuance + \end{itemize} + \end{column} + \begin{column}{0.49\textwidth} + \includegraphics[width=\textwidth]{img/ct} + \end{column} + \end{columns} + \vfill + \scriptsize{\url{https://www.certificate-transparency.org/what-is-ct}} +\end{frame} + +\begin{frame} + \frametitle{Adoption status of CT among common platforms} + \begin{columns} + \begin{column}{0.33\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/chrome-logo} + \\incrementally + \end{column} + \begin{column}{0.33\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/apple-logo} + \\incrementally soon + \end{column} + \begin{column}{0.33\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/firefox-logo} + \\unclear + \end{column} + \end{columns} + + \vfill + \begin{itemize} + \item Clients require at least two promises of log inclusion + \item Log is trusted until auditing hits deployment + \end{itemize} +\end{frame} + +\begin{frame} + \frametitle{Who are the log operators?} + \centering + \begin{columns} + \begin{column}{0.59\textwidth} + \begin{itemize} + \item Google Chrome includes 27 different CT logs + \item Three logs found cheating while auditing (mistakes) + \begin{itemize} + \item Same key for test and production log (Izenpe) + \item Time rollback after power outage (Venafi) + \item Invalid promises of log inclusion (Cloudflare) + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.39\textwidth} + \begin{tabular}{c|c} + Log operator & Number of logs \\ + \toprule + DigiCert & 10 \\ + Google & 9 \\ + Cloudflare & 4 \\ + Comodo & 2 \\ + CNNIC & 1 \\ + Venafi & 1 \\ + \bottomrule + \end{tabular} + \end{column} + \end{columns} +\end{frame} diff --git a/slides/2018-ct-intro/src/outline.tex b/slides/2018-ct-intro/src/outline.tex new file mode 100644 index 0000000..6e47792 --- /dev/null +++ b/slides/2018-ct-intro/src/outline.tex @@ -0,0 +1,16 @@ +\begin{frame} + \frametitle{Outline} + \begin{columns} + \begin{column}{0.49\textwidth} + \begin{enumerate} + \item Background + \item Principles + \item Status quo + \item Your role + \end{enumerate} + \end{column} + \begin{column}{0.49\textwidth} + \includegraphics[width=0.5\textwidth]{img/roadmap} + \end{column} + \end{columns} +\end{frame} diff --git a/slides/2018-ct-intro/src/preamble.tex b/slides/2018-ct-intro/src/preamble.tex new file mode 100644 index 0000000..6905b0f --- /dev/null +++ b/slides/2018-ct-intro/src/preamble.tex @@ -0,0 +1,62 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{pifont} +\usepackage{graphicx} +\usepackage{color} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + shapes.misc,% + positioning,% + arrows,% + snakes,% + calc,% + shadows,% + shapes.arrows,% + fit,% + backgrounds,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +%\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +%\setbeamertemplate{itemize item}[circle] +%\setbeamertemplate{itemize subitem}[default] +%\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} diff --git a/slides/2018-ct-intro/src/questions.tex b/slides/2018-ct-intro/src/questions.tex new file mode 100644 index 0000000..85cb2f3 --- /dev/null +++ b/slides/2018-ct-intro/src/questions.tex @@ -0,0 +1,17 @@ +\begin{frame} + \frametitle{Any questions?} \label{frm:que} + \begin{columns} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/qleft} + \end{column} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/qright} + \end{column} + \end{columns} + + \centering + \vspace{-1cm} + \includegraphics[width=0.20\textwidth]{img/ty} +\end{frame} diff --git a/slides/2018-ct-intro/src/take-away.tex b/slides/2018-ct-intro/src/take-away.tex new file mode 100644 index 0000000..448e1aa --- /dev/null +++ b/slides/2018-ct-intro/src/take-away.tex @@ -0,0 +1,24 @@ +\begin{frame} + \frametitle{Take away} + \begin{columns} + \begin{column}{0.69\textwidth} + \begin{itemize} + \item Certificate issuance has undergone a paradigm shift + \begin{itemize} + \item Automated and free certificates: Let's Encrypt + \item Transparency: CT, mandatory logging of certificates + \end{itemize} + \item CT does nothing for you without involvement + \begin{itemize} + \item Setup secure connections on your web services + \item Monitor domain names for mis-issued certificates + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.29\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/take-away} + \end{column} + \end{columns} + +\end{frame} diff --git a/slides/2018-ct-intro/src/titlepage.tex b/slides/2018-ct-intro/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2018-ct-intro/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} diff --git a/slides/2018-ct-intro/src/your-role.tex b/slides/2018-ct-intro/src/your-role.tex new file mode 100644 index 0000000..8ce8a65 --- /dev/null +++ b/slides/2018-ct-intro/src/your-role.tex @@ -0,0 +1,54 @@ +\begin{frame} + \frametitle{Ensure that your web solutions get the padlock} + \centering + \includegraphics[width=\textwidth]{img/le} + + \vfill + \begin{itemize} + \item There is a dedicated CT log for Let's Encrypt! + \end{itemize} +\end{frame} + +\begin{frame} + \frametitle{Inspect certificates interactively} + \centering + \includegraphics[width=\textwidth]{img/monitor-comodo} +\end{frame} + +\begin{frame} + \frametitle{Inspect certificates interactively (cont.)} + \centering + \includegraphics[height=0.85\textheight]{img/monitor-facebook2} +\end{frame} + +\begin{frame} + \frametitle{Sign up for certificate notifications} + \centering + \includegraphics[width=\textwidth]{img/monitor-facebook} +\end{frame} + +\begin{frame} + \frametitle{Sign up for certificate notifications (cont.)} + \centering + \includegraphics[width=\textwidth]{img/monitor-sslmate} +\end{frame} + +\begin{frame} + \frametitle{Get your hands dirty by running your own CT monitor} + \begin{itemize} + \item Continiously fetch certificates from all logs + \begin{itemize} + \item Rest API\footnote{ + \scriptsize{\url{https://tools.ietf.org/html/rfc6962}} + } + \item Certstream\footnote{% + \scriptsize{\url{https://github.com/CaliDog/certstream-server}} + } + \end{itemize} + \item Verify cryptographic properties + \begin{itemize} + \item Is yesterday's log included in today's log? + \item Are promises of inclusion honored? + \end{itemize} + \end{itemize} +\end{frame} diff --git a/slides/2018-lwm/.gitignore b/slides/2018-lwm/.gitignore new file mode 100644 index 0000000..4a7f033 --- /dev/null +++ b/slides/2018-lwm/.gitignore @@ -0,0 +1,12 @@ +*.aux +*.fdb_latexmk +*.fls +*.fls +*.log +*.nav +*.out +main.pdf +*.snm +*.toc +*.nav +*.snm diff --git a/slides/2018-lwm/README b/slides/2018-lwm/README new file mode 100644 index 0000000..21bb6c9 --- /dev/null +++ b/slides/2018-lwm/README @@ -0,0 +1 @@ +Presentation at NordSec. diff --git a/slides/2018-lwm/beamercolorthemergd.sty b/slides/2018-lwm/beamercolorthemergd.sty new file mode 100644 index 0000000..74ced1c --- /dev/null +++ b/slides/2018-lwm/beamercolorthemergd.sty @@ -0,0 +1,24 @@ +\mode + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} + +\mode diff --git a/slides/2018-lwm/beamerfontthemergd.sty b/slides/2018-lwm/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2018-lwm/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode diff --git a/slides/2018-lwm/beamerinnerthemergd.sty b/slides/2018-lwm/beamerinnerthemergd.sty new file mode 100644 index 0000000..4dfd6cf --- /dev/null +++ b/slides/2018-lwm/beamerinnerthemergd.sty @@ -0,0 +1,49 @@ +\mode + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + % Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](Logo){\includegraphics[width=3cm]{img/logo}} + (current page.west) -- + (current page.north west); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add subtitle + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{subtitle}\insertsubtitle\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=12pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + % Add date + \node[ + text=fg, + text width=0.75\paperwidth, + below right= 0.25cm and 4.5cm of current page.north, + ](Date) {\today}; + \end{tikzpicture} +} + +\mode diff --git a/slides/2018-lwm/beamerouterthemergd.sty b/slides/2018-lwm/beamerouterthemergd.sty new file mode 100644 index 0000000..ba757c6 --- /dev/null +++ b/slides/2018-lwm/beamerouterthemergd.sty @@ -0,0 +1,66 @@ +\mode + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add mail + \begin{beamercolorbox}[ + wd=0.22\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{trailer} + \texttt{rasmus.dahlberg@kau.se} + \end{beamercolorbox}% + % Add author + \begin{beamercolorbox}[ + wd=0.73\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{header} + %\insertauthor + \inserttitle + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.05\paperwidth, + ht=2ex, + dp=0.5ex, + right, + rightskip=1ex + ]{header} + \insertframenumber/\inserttotalframenumber + \end{beamercolorbox}% + } +} + +\mode diff --git a/slides/2018-lwm/beamerthemergd.sty b/slides/2018-lwm/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2018-lwm/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode diff --git a/slides/2018-lwm/handout.pdf b/slides/2018-lwm/handout.pdf new file mode 100644 index 0000000..823a3ba Binary files /dev/null and b/slides/2018-lwm/handout.pdf differ diff --git a/slides/2018-lwm/img/batch.pdf b/slides/2018-lwm/img/batch.pdf new file mode 100644 index 0000000..f98250f Binary files /dev/null and b/slides/2018-lwm/img/batch.pdf differ diff --git a/slides/2018-lwm/img/ct.png b/slides/2018-lwm/img/ct.png new file mode 100644 index 0000000..10267e7 Binary files /dev/null and b/slides/2018-lwm/img/ct.png differ diff --git a/slides/2018-lwm/img/frequency.pdf b/slides/2018-lwm/img/frequency.pdf new file mode 100644 index 0000000..4957b24 Binary files /dev/null and b/slides/2018-lwm/img/frequency.pdf differ diff --git a/slides/2018-lwm/img/logo.png b/slides/2018-lwm/img/logo.png new file mode 100755 index 0000000..0c7c885 Binary files /dev/null and b/slides/2018-lwm/img/logo.png differ diff --git a/slides/2018-lwm/img/mt.tex b/slides/2018-lwm/img/mt.tex new file mode 100644 index 0000000..984da14 --- /dev/null +++ b/slides/2018-lwm/img/mt.tex @@ -0,0 +1,26 @@ +\begin{tikzpicture}[ + sibling distance=32pt, + -latex, + apnode/.style = { + draw=none, + }, + ap/.style = { + draw=black, + }, +] + \Tree [ + .$r\gets\hash(h_{ab}\concat h_{cd})$ [ + .\node[apnode]{$h_{ab}\gets\hash(h_a\concat h_b)$}; [ + .$h_a\gets\hash(a)$ + ] [ + .$h_b\gets\hash(b)$ + ] + ] \edge[ap]; [ + .$h_{cd}\gets\hash(h_c\concat h_d)$ [ + .\node[apnode]{$h_c\gets\hash(c)$}; + ] \edge[ap]; [ + .$h_d\gets\hash(d)$ + ] + ] + ] +\end{tikzpicture} diff --git a/slides/2018-lwm/img/mtp.tex b/slides/2018-lwm/img/mtp.tex new file mode 100644 index 0000000..a62b333 --- /dev/null +++ b/slides/2018-lwm/img/mtp.tex @@ -0,0 +1,28 @@ +\begin{tikzpicture}[ + sibling distance=32pt, + -latex, + apnode/.style = { + draw=black, + dashed, + }, + ap/.style = { + draw=black, + dashed, + }, +] + \Tree [ + .$r\gets\hash(h_{ab}\concat h_{cd})$ [ + .\node[apnode]{$h_{ab}\gets\hash(h_a\concat h_b)$}; [ + .$h_a\gets\hash(a)$ + ] [ + .$h_b\gets\hash(b)$ + ] + ] \edge[ap]; [ + .$h_{cd}\gets\hash(h_c\concat h_d)$ [ + .\node[apnode]{$h_c\gets\hash(c)$}; + ] \edge[ap]; [ + .$h_d\gets\hash(d)$ + ] + ] + ] +\end{tikzpicture} diff --git a/slides/2018-lwm/img/overview.tex b/slides/2018-lwm/img/overview.tex new file mode 100644 index 0000000..9dff7b0 --- /dev/null +++ b/slides/2018-lwm/img/overview.tex @@ -0,0 +1,74 @@ +\begin{tikzpicture}[ + -latex, + rrs/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + ls/.style = { + font=\fontsize{6}{6}\selectfont, + }, +] +\draw (0, 1) node[rrs, fill=darkRed] (Log) {Log}; +\draw (0, -1) node[rrs, fill=darkGreen] (Subject) {Subject}; +\draw (3.5, 0) node[rrs, fill=darkBlue] (Endpoint) {Notifier}; +\draw (-3.5, 0) node[rrs, fill=gray] (Monitor) {Monitor}; + + +\path [draw, ->, rounded corners] + (Log.north) |- + ($ (Log.north) + (Log.west) - (Log) + (-0.25, 0.25) $) + node[ls, above, pos=0.75]{ + STH with snapshot extension + } |- + (Log.west); + +\path [draw, ->, rounded corners] + (Monitor.south) |- + ($ (Monitor.south) + (Monitor.west) - (Monitor) + (-0.25, -0.25) $) + node[ls, below, pos=0.75]{ + verify STH extension + } |- + (Monitor.west); + +\path [draw, ->, rounded corners] + (Subject.south) |- + ($ (Subject.south) + (Subject.east) - (Subject) + (0.25, -0.25) $) + node[ls, below, pos=0.75]{ + verify notification + } |- + (Subject.east); + +\path [draw, <-, dashed, rounded corners] + (Endpoint.north) |- + ($ (Endpoint.east) + (Endpoint.north) - (Endpoint) + (0.25, 0.25) $) + node[ls, above, pos=0.75]{ + optional verify + } |- + (Endpoint.east); + +\draw [->] + (Log.south east) -- + node[ls, sloped, anchor=center, above]{% + batch, STH + } + (Endpoint.north west); + +\draw [->] + (Endpoint.south west) -- + node[ls, sloped, anchor=center, above]{% + notification + } + (Subject.north east); + +\path [draw, ->] + (Log.south west) -- + node[ls, sloped, anchor=center, above]{% + batch, STH + } + (Monitor.north east); +\end{tikzpicture} diff --git a/slides/2018-lwm/img/perf.jpg b/slides/2018-lwm/img/perf.jpg new file mode 100644 index 0000000..42564f4 Binary files /dev/null and b/slides/2018-lwm/img/perf.jpg differ diff --git a/slides/2018-lwm/img/proofcom.pdf b/slides/2018-lwm/img/proofcom.pdf new file mode 100644 index 0000000..473d817 Binary files /dev/null and b/slides/2018-lwm/img/proofcom.pdf differ diff --git a/slides/2018-lwm/img/proofgen.pdf b/slides/2018-lwm/img/proofgen.pdf new file mode 100644 index 0000000..deb7ca4 Binary files /dev/null and b/slides/2018-lwm/img/proofgen.pdf differ diff --git a/slides/2018-lwm/img/proofvf.pdf b/slides/2018-lwm/img/proofvf.pdf new file mode 100644 index 0000000..a2db9d1 Binary files /dev/null and b/slides/2018-lwm/img/proofvf.pdf differ diff --git a/slides/2018-lwm/img/qleft.pdf b/slides/2018-lwm/img/qleft.pdf new file mode 100644 index 0000000..f35a078 Binary files /dev/null and b/slides/2018-lwm/img/qleft.pdf differ diff --git a/slides/2018-lwm/img/qright.pdf b/slides/2018-lwm/img/qright.pdf new file mode 100644 index 0000000..da2e8e3 Binary files /dev/null and b/slides/2018-lwm/img/qright.pdf differ diff --git a/slides/2018-lwm/img/self-monitor.tex b/slides/2018-lwm/img/self-monitor.tex new file mode 100644 index 0000000..0896990 --- /dev/null +++ b/slides/2018-lwm/img/self-monitor.tex @@ -0,0 +1,34 @@ +\begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + ls/.style = { + draw=none, + font=\fontsize{6}{6}\selectfont, + }, +] + \node[entity,fill=darkGreen](domain) at (0,0) {Subject}; + \node[entity,fill=darkRed](log) at (0,-3) {Log}; + \path[draw,thick,-latex] + (domain.south west) -- + node[ls,sloped,below]{Any new certs?} + (log.north west); + \path[draw,thick,-latex] + (log.north east) -- + node[ls,sloped,below]{List of certs} + (domain.south east); + \path[draw,thick,-latex] + (domain.north) |- + ($ (domain.west) + (domain.north) + (domain) + (-0.25, 0.25) $) + node[ls,above,pos=0.75]{ + All ok? + } |- + (domain.west); +\end{tikzpicture} diff --git a/slides/2018-lwm/img/snapshot.pdf b/slides/2018-lwm/img/snapshot.pdf new file mode 100644 index 0000000..df185f6 Binary files /dev/null and b/slides/2018-lwm/img/snapshot.pdf differ diff --git a/slides/2018-lwm/img/takeaway.pdf b/slides/2018-lwm/img/takeaway.pdf new file mode 100644 index 0000000..7d3b190 --- /dev/null +++ b/slides/2018-lwm/img/takeaway.pdf @@ -0,0 +1,68 @@ +%PDF-1.4 +%µí®û +3 0 obj +<< /Length 4 0 R + /Filter /FlateDecode +>> +stream +xœmŒAÃ0"„‚ ŽýŒ>¡—¦‡äæÿRŸ#$–E³{’rÎã×Gy»àCš\ÅÆ`×Â;´ã»¨(dçUt€Ðè0fµ„-ÉÒTØ…¬ÕA7ïè TxÂ1f¯Õš;"£*¤4{È~éM7ä‘$ +endstream +endobj +4 0 obj + 118 +endobj +2 0 obj +<< + /ExtGState << + /a0 << /CA 1 /ca 1 >> + >> +>> +endobj +5 0 obj +<< /Type /Page + /Parent 1 0 R + /MediaBox [ 0 0 12.8 12.8 ] + /Contents 3 0 R + /Group << + /Type /Group + /S /Transparency + /I true + /CS /DeviceRGB + >> + /Resources 2 0 R +>> +endobj +1 0 obj +<< /Type /Pages + /Kids [ 5 0 R ] + /Count 1 +>> +endobj +6 0 obj +<< /Creator (cairo 1.14.0 (http://cairographics.org)) + /Producer (cairo 1.14.0 (http://cairographics.org)) +>> +endobj +7 0 obj +<< /Type /Catalog + /Pages 1 0 R +>> +endobj +xref +0 8 +0000000000 65535 f +0000000520 00000 n +0000000232 00000 n +0000000015 00000 n +0000000210 00000 n +0000000304 00000 n +0000000585 00000 n +0000000712 00000 n +trailer +<< /Size 8 + /Root 7 0 R + /Info 6 0 R +>> +startxref +764 +%%EOF diff --git a/slides/2018-lwm/img/tp-monitor.tex b/slides/2018-lwm/img/tp-monitor.tex new file mode 100644 index 0000000..37a6241 --- /dev/null +++ b/slides/2018-lwm/img/tp-monitor.tex @@ -0,0 +1,43 @@ +\begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + ls/.style = { + draw=none, + font=\fontsize{6}{6}\selectfont, + }, +] + \node[entity,fill=darkGreen](domain) at (0,0) {Subject}; + \node[entity,fill=darkRed](log) at (0,-3) {Log}; + \node[entity,fill=darkBlue](monitor) at (3,-1.5) {Monitor}; + \path[draw,thick,-latex] + (domain) -| + node[ls,above]{Notify if you see my certs} + (monitor); + \path[draw,thick,-latex] + (monitor) -- + node[ls,sloped,above]{Found cert!} + (domain); + \path[draw,thick,-latex] + (monitor) |- + node[ls,below]{Any new certs?} + (log); + \path[draw,thick,-latex] + (log) -- + node[ls,sloped,above]{List of certs} + (monitor); + \path[draw,thick,-latex] + (domain.north) |- + ($ (domain.west) + (domain.north) + (domain) + (-0.25, 0.25) $) + node[ls,above,pos=0.75]{ + All ok? + } |- + (domain.west); +\end{tikzpicture} diff --git a/slides/2018-lwm/img/ty.pdf b/slides/2018-lwm/img/ty.pdf new file mode 100644 index 0000000..9ad4dc8 Binary files /dev/null and b/slides/2018-lwm/img/ty.pdf differ diff --git a/slides/2018-lwm/img/wildcard.tex b/slides/2018-lwm/img/wildcard.tex new file mode 100644 index 0000000..11f328e --- /dev/null +++ b/slides/2018-lwm/img/wildcard.tex @@ -0,0 +1,22 @@ +\begin{tikzpicture}[ + sibling distance=6pt, + level distance=150pt, + -latex, + grow=left, +] + \Tree [ + .$r\gets\hash(h_{01}\concat h_{23})$ [ + .$h_{01}\gets\hash(h_0\concat h_1)$ [ + .$h_0\gets\hash(\mathsf{gro.elpmaxe})$ + ] [ + .$h_1\gets\hash(\mathsf{moc.elpmaxe})$ + ] + ] [ + .$h_{23}\gets\hash(h_2\concat h_3)$ [ + .$h_2\gets\hash(\mathsf{moc.elpmaxe.bus})$ + ] [ + .$h_3\gets\hash(\mathsf{ten.elpmaxe})$ + ] + ] + ] +\end{tikzpicture} diff --git a/slides/2018-lwm/img/wish.pdf b/slides/2018-lwm/img/wish.pdf new file mode 100644 index 0000000..372db92 Binary files /dev/null and b/slides/2018-lwm/img/wish.pdf differ diff --git a/slides/2018-lwm/main.tex b/slides/2018-lwm/main.tex new file mode 100644 index 0000000..d1060f8 --- /dev/null +++ b/slides/2018-lwm/main.tex @@ -0,0 +1,27 @@ +\pdfminorversion=4 +%\documentclass[aspectratio=169]{beamer} +\documentclass[handout,aspectratio=169]{beamer} +\usetheme{rgd} + +\input{src/preamble} + +\title{% + Verifiable Light-Weight Monitoring for Certificate Transparency Logs +} +%\subtitle{% +%} +\author{% + \textbf{Rasmus Dahlberg} and Tobias Pulls +} +\institute{% + Karlstad University +} +\date{% + \today +} + +\begin{document} + \input{src/titlepage} + \input{src/body} + \input{src/questions} +\end{document} diff --git a/slides/2018-lwm/slides.pdf b/slides/2018-lwm/slides.pdf new file mode 100644 index 0000000..29be110 Binary files /dev/null and b/slides/2018-lwm/slides.pdf differ diff --git a/slides/2018-lwm/src/body.tex b/slides/2018-lwm/src/body.tex new file mode 100644 index 0000000..67f3c5e --- /dev/null +++ b/slides/2018-lwm/src/body.tex @@ -0,0 +1,268 @@ +\begin{frame} + \frametitle{Certificate Transparency (CT)} + \begin{columns} + \begin{column}{0.49\textwidth} + \begin{itemize} + \item Add transparency to CA ecosystem + \item Publicly log all certificates + \item No need\footnotemark{} to trust the log + \begin{itemize} + \item Membership proofs + \item Append-only proofs + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=\textwidth]{img/ct} + \burl{http://www.certificate-transparency.org/what-is-ct} + \end{column} + \end{columns} + \footnotetext{As deployed right now we do trust the logs tho \Frowny} +\end{frame} + +\begin{frame} + \frametitle{Certificate logging in greater detail + \titlefloatright{Merkle tree}} + \centering + \vfill + \input{img/mt} + \pause + \vfill + \begin{columns} + \begin{column}{0.49\textwidth} + \begin{itemize} + \item Append new certificates in batches + \end{itemize} + \end{column} + \begin{column}{0.49\textwidth} + \begin{itemize} + \item Sign tree head every hour \ding{224} STH + \end{itemize} + \end{column} + \end{columns} + \vfill + %\vfill\centering\alert{Anyone can audit and monitor the log, but as deployed + % not much of this yet} +\end{frame} + +\begin{frame} + \frametitle{Generating a membership proof + \titlefloatright{Audit path}} + \centering + \vfill + \input{img/mtp} + \vfill + \begin{columns} + \begin{column}{0.49\textwidth} + \begin{itemize} + \item Traverse tree from root to leaf + \end{itemize} + \end{column} + \begin{column}{0.49\textwidth} + \begin{itemize} + \item Grab all sibling hashes on the way + \end{itemize} + \end{column} + \end{columns} + \vfill +\end{frame} + +\begin{frame} + \frametitle{Two approaches towards monitoring a CT log} + \begin{columns} + \begin{column}{0.49\textwidth} + \centering + \vbox to 0.8\textheight { + \textbf{Self-monitoring} + \vfill + \input{img/self-monitor} + \vfill + \pause + \begin{description} + \item[\Frowny] Continuous uptime + \item[\Frowny] Download everything + \end{description} + \pause + } + \end{column} + \begin{column}{0.49\textwidth} + \centering + \vbox to 0.8\textheight { + \textbf{Monitoring-as-a-service} + \vfill + \input{img/tp-monitor} + \pause + \vfill + \begin{description} + \item[\Smiley] Ezpz + \item[\Frowny] Trusted 3rd party + \end{description} + } + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Notion of what we would like to achieve + \titlefloatright{`Wish list'}} + \begin{columns} + \begin{column}{0.59\textwidth} + \begin{itemize} + \item CT/bis backwards compatibility + \item Piggy-back on gossip-audit model + \item Self-monitor wildcards w/o full download + \item Reduced 3rd party monitoring trust + \end{itemize} + \end{column} + \begin{column}{0.39\textwidth} + \centering + \includegraphics[height=0.8\textheight]{img/wish} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{An overview of light-weight monitoring} + \centering + \input{img/overview} + \vfill + \begin{columns} + \begin{column}{0.49\textwidth} + \begin{itemize} + \item A new Merkle tree for each batch + \end{itemize} + \end{column} + \begin{column}{0.49\textwidth} + \begin{itemize} + \item Add snapshot to STH as extension + \end{itemize} + \end{column} + \end{columns} + \vfill\centering\alert{One wildcard (non-)membership notification per STH}\\ + \pause + \alert{How do you know if you got all notifications \ding{224} index + extension} +\end{frame} + +\begin{frame} + \frametitle{Wildcard notifications} + \centering + \input{img/wildcard} + \begin{columns} + \begin{column}{0.39\textwidth} + \begin{itemize} + \item Merkleize reverse-sorted list + \end{itemize} + \end{column} + \begin{column}{0.59\textwidth} + \begin{itemize} + \item Wildcard proof \ding{224} at most two audit paths + \end{itemize} + \end{column} + \end{columns} + \pause + \vfill\centering\alert{Security of this data structure? It is still just a + Merkle tree...} +\end{frame} + +\begin{frame} + \frametitle{Performance evaluation \titlefloatright{Experimental setup}} + \begin{columns} + \begin{column}{0.49\textwidth} + \vbox to .6\textheight{ + \begin{itemize} + \item PoC: 351 lines of Go\footnotemark + \item Interesting metrics + \begin{itemize} + \item Snapshot creation time + \item Proof generation time + \item Proof verification time + \item Bandwidth overhead + \end{itemize} + \item Two log characteristics that matter + \begin{itemize} + \item STH frequency + \item Batch size + \end{itemize} + \end{itemize} + \vfill\centering\alert{We observed all Chrome-included logs for eight + months to determine these characteristics} + } + \end{column} + \begin{column}{0.49\textwidth} + \vbox to 0.8\textheight{ + \centering + \vfill + \textbf{Google's Icarus Log}\\ + \vfill + \includegraphics[width=\textwidth]{img/frequency}\\ + \vfill + \includegraphics[width=\textwidth]{img/batch} + \vfill + } + \end{column} + \end{columns} + \footnotetext{\burl{https://github.com/rgdd/lwm}} +\end{frame} + +\begin{frame} + \frametitle{Snapshot creation time} + \centering + \includegraphics[height=0.6\textheight]{img/snapshot} + \vfill\centering\alert{Negligible in comparison to STH issuance rate (1h)} +\end{frame} + +\begin{frame} + \frametitle{Proof generation time} + \centering + \includegraphics[height=0.6\textheight]{img/proofgen} + \vfill\centering\alert{At least 288M non-membership proofs per hour on a + single core} +\end{frame} + +\begin{frame} + \frametitle{Proof generation and verification for *.com} + \centering + \includegraphics[height=0.6\textheight]{img/proofcom} + \vfill\centering\alert{352k matches in max batch \ding{224} 29k proofs per + hour on a single core} +\end{frame} + +\begin{frame} + \frametitle{Bandwidth overhead} + \begin{columns} + \begin{column}{0.69\textwidth} + \begin{description} + \item[Audit paths] max batch size \ding{224} 1 KB + \item[Self-monitor] compare to median batch size of 32.6 MB + \item[Notifier] 288M audit paths per hour \ding{224} 640 Mbps + \end{description} + \end{column} + \begin{column}{0.39\textwidth} + \centering\includegraphics[width=\textwidth]{img/perf} + \burl{http://blog.coviam.com/wp-content/uploads/2016/07/Performance-Evaluation-Process-z.jpg} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Take away} + \begin{columns} + \begin{column}{0.79\textwidth} + \begin{itemize} + \item Unfortunate if CT monitoring relies on trusted parties + \item Light-weight monitoring + \begin{itemize} + \item One verifiable wildcard notification per batch + \item Untrusted notification component with push/pull model + \item Untrusted log \ding{224} rely on one honest monitor + \item Trusted log \ding{224} no need to also trust monitor + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.19\textwidth} + \centering\includegraphics[width=\textwidth]{img/takeaway} + \end{column} + \end{columns} +\end{frame} diff --git a/slides/2018-lwm/src/preamble.tex b/slides/2018-lwm/src/preamble.tex new file mode 100644 index 0000000..abefa6d --- /dev/null +++ b/slides/2018-lwm/src/preamble.tex @@ -0,0 +1,99 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{marvosym} +\usepackage{rotate} +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{pifont} +\usepackage{graphicx} +\usepackage{color} +\usepackage{drawstack} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + shapes,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +\usepackage{floatrow} +%\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +\lstdefinestyle{CStyle}{ + backgroundcolor=\color{lightGray!25}, + commentstyle=\color{darkGreen}, + keywordstyle=\color{darkBlue}, + numberstyle=\tiny\color{darkRed}, + stringstyle=\color{darkPurple}, + basicstyle=\footnotesize, + breakatwhitespace=false, + breaklines=false, + captionpos=b, + keepspaces=true, + numbers=left, + numbersep=5pt, + showspaces=false, + showstringspaces=false, + showtabs=false, + tabsize=2, + language=C, + morekeywords={size_t}, +} + +%\setbeamertemplate{itemize item}[circle] +%\setbeamertemplate{itemize subitem}[default] +%\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\titlefloatright}[1]{\hspace{0pt plus 1 filll}#1$\;$} + +\def\rding{\rotatebox[origin=c]{-90}{\ding{224}}} diff --git a/slides/2018-lwm/src/questions.tex b/slides/2018-lwm/src/questions.tex new file mode 100644 index 0000000..85cb2f3 --- /dev/null +++ b/slides/2018-lwm/src/questions.tex @@ -0,0 +1,17 @@ +\begin{frame} + \frametitle{Any questions?} \label{frm:que} + \begin{columns} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/qleft} + \end{column} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/qright} + \end{column} + \end{columns} + + \centering + \vspace{-1cm} + \includegraphics[width=0.20\textwidth]{img/ty} +\end{frame} diff --git a/slides/2018-lwm/src/titlepage.tex b/slides/2018-lwm/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2018-lwm/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} diff --git a/slides/2018-software-security/.gitignore b/slides/2018-software-security/.gitignore new file mode 100644 index 0000000..4a7f033 --- /dev/null +++ b/slides/2018-software-security/.gitignore @@ -0,0 +1,12 @@ +*.aux +*.fdb_latexmk +*.fls +*.fls +*.log +*.nav +*.out +main.pdf +*.snm +*.toc +*.nav +*.snm diff --git a/slides/2018-software-security/README b/slides/2018-software-security/README new file mode 100644 index 0000000..b236d9b --- /dev/null +++ b/slides/2018-software-security/README @@ -0,0 +1 @@ +~2x lectures on software security, used 2018-2019 at kau. diff --git a/slides/2018-software-security/beamercolorthemergd.sty b/slides/2018-software-security/beamercolorthemergd.sty new file mode 100644 index 0000000..74ced1c --- /dev/null +++ b/slides/2018-software-security/beamercolorthemergd.sty @@ -0,0 +1,24 @@ +\mode + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} + +\mode diff --git a/slides/2018-software-security/beamerfontthemergd.sty b/slides/2018-software-security/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2018-software-security/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode diff --git a/slides/2018-software-security/beamerinnerthemergd.sty b/slides/2018-software-security/beamerinnerthemergd.sty new file mode 100644 index 0000000..4dfd6cf --- /dev/null +++ b/slides/2018-software-security/beamerinnerthemergd.sty @@ -0,0 +1,49 @@ +\mode + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + % Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](Logo){\includegraphics[width=3cm]{img/logo}} + (current page.west) -- + (current page.north west); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add subtitle + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{subtitle}\insertsubtitle\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=12pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + % Add date + \node[ + text=fg, + text width=0.75\paperwidth, + below right= 0.25cm and 4.5cm of current page.north, + ](Date) {\today}; + \end{tikzpicture} +} + +\mode diff --git a/slides/2018-software-security/beamerouterthemergd.sty b/slides/2018-software-security/beamerouterthemergd.sty new file mode 100644 index 0000000..ba757c6 --- /dev/null +++ b/slides/2018-software-security/beamerouterthemergd.sty @@ -0,0 +1,66 @@ +\mode + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add mail + \begin{beamercolorbox}[ + wd=0.22\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{trailer} + \texttt{rasmus.dahlberg@kau.se} + \end{beamercolorbox}% + % Add author + \begin{beamercolorbox}[ + wd=0.73\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{header} + %\insertauthor + \inserttitle + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.05\paperwidth, + ht=2ex, + dp=0.5ex, + right, + rightskip=1ex + ]{header} + \insertframenumber/\inserttotalframenumber + \end{beamercolorbox}% + } +} + +\mode diff --git a/slides/2018-software-security/beamerthemergd.sty b/slides/2018-software-security/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2018-software-security/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode diff --git a/slides/2018-software-security/demo/cmd_complex b/slides/2018-software-security/demo/cmd_complex new file mode 100644 index 0000000..b8bc8e4 --- /dev/null +++ b/slides/2018-software-security/demo/cmd_complex @@ -0,0 +1,17 @@ +# compile +gcc -Wall -Werror -std=c99 -ggdb -fno-stack-protector -m32 -o complex complex.c + +# want +ptr to "/bin/bash" <-- will becomes system's first args +dummy RA <-- will becomes sytem's RA +ptr to system <-- RA +... + +# find /bin/bash +x/500s $rsp + +# find system +p system + +# run with args +run `python -c 'print "some stuff"'` diff --git a/slides/2018-software-security/demo/cmd_simple b/slides/2018-software-security/demo/cmd_simple new file mode 100644 index 0000000..266535e --- /dev/null +++ b/slides/2018-software-security/demo/cmd_simple @@ -0,0 +1,28 @@ +# compile +gcc -std=c99 -fno-stack-protector -Wno-deprecated-declarations -ggdb -o simple simple.c + +# run +gdb ./simple + +# demo commands +list main +list greeter +list fun + +disassemble main +disassemble greeter +disassemble fun + +info register + +b main +b greeter +b fun + +run + +# show +- return address / register values +- 11a -> "8a" +- segfault +- jump fun diff --git a/slides/2018-software-security/demo/complex.c b/slides/2018-software-security/demo/complex.c new file mode 100644 index 0000000..ae91ac6 --- /dev/null +++ b/slides/2018-software-security/demo/complex.c @@ -0,0 +1,13 @@ +#include +#include + +void f(char *b) { + char buf[8]; + strcpy(buf, b); + printf("buf: %s\n", buf); +} + +int main(int argc, char *argv[]) { + f(argv[1]); + return 0; +} diff --git a/slides/2018-software-security/demo/simple.c b/slides/2018-software-security/demo/simple.c new file mode 100644 index 0000000..cd07c07 --- /dev/null +++ b/slides/2018-software-security/demo/simple.c @@ -0,0 +1,22 @@ +#include +#include +#include + +void fun() { + printf("fun times!\n"); +} + +void mul(int first) { + int second = 0; + char buf[8] = {1,2,3,4,5,6,7,8}; + printf("Enter a number: "); + gets(buf); + second = atoi(buf); + printf("%d*%d = %d\n", first, second, first*second); +} + +int main() { + int first = 2; + mul(first); + return 0; +} diff --git a/slides/2018-software-security/handout.pdf b/slides/2018-software-security/handout.pdf new file mode 100644 index 0000000..00e1f42 Binary files /dev/null and b/slides/2018-software-security/handout.pdf differ diff --git a/slides/2018-software-security/img/afl.jpg b/slides/2018-software-security/img/afl.jpg new file mode 100644 index 0000000..42baef0 Binary files /dev/null and b/slides/2018-software-security/img/afl.jpg differ diff --git a/slides/2018-software-security/img/afl.png b/slides/2018-software-security/img/afl.png new file mode 100644 index 0000000..d259912 Binary files /dev/null and b/slides/2018-software-security/img/afl.png differ diff --git a/slides/2018-software-security/img/air-plane.pdf b/slides/2018-software-security/img/air-plane.pdf new file mode 100644 index 0000000..3b27910 Binary files /dev/null and b/slides/2018-software-security/img/air-plane.pdf differ diff --git a/slides/2018-software-security/img/attacker.pdf b/slides/2018-software-security/img/attacker.pdf new file mode 100644 index 0000000..bd8f863 Binary files /dev/null and b/slides/2018-software-security/img/attacker.pdf differ diff --git a/slides/2018-software-security/img/bad-encode.jpg b/slides/2018-software-security/img/bad-encode.jpg new file mode 100644 index 0000000..e9ea82e Binary files /dev/null and b/slides/2018-software-security/img/bad-encode.jpg differ diff --git a/slides/2018-software-security/img/bug.jpg b/slides/2018-software-security/img/bug.jpg new file mode 100644 index 0000000..3b86ec3 Binary files /dev/null and b/slides/2018-software-security/img/bug.jpg differ diff --git a/slides/2018-software-security/img/canary-after.png b/slides/2018-software-security/img/canary-after.png new file mode 100644 index 0000000..ad9965a Binary files /dev/null and b/slides/2018-software-security/img/canary-after.png differ diff --git a/slides/2018-software-security/img/canary-before.png b/slides/2018-software-security/img/canary-before.png new file mode 100644 index 0000000..0b7bebe Binary files /dev/null and b/slides/2018-software-security/img/canary-before.png differ diff --git a/slides/2018-software-security/img/canary-bird.jpg b/slides/2018-software-security/img/canary-bird.jpg new file mode 100644 index 0000000..c89b42c Binary files /dev/null and b/slides/2018-software-security/img/canary-bird.jpg differ diff --git a/slides/2018-software-security/img/checklist.pdf b/slides/2018-software-security/img/checklist.pdf new file mode 100644 index 0000000..ceeac09 Binary files /dev/null and b/slides/2018-software-security/img/checklist.pdf differ diff --git a/slides/2018-software-security/img/clang.png b/slides/2018-software-security/img/clang.png new file mode 100644 index 0000000..06dd0dd Binary files /dev/null and b/slides/2018-software-security/img/clang.png differ diff --git a/slides/2018-software-security/img/cwe.png b/slides/2018-software-security/img/cwe.png new file mode 100644 index 0000000..5d2fa27 Binary files /dev/null and b/slides/2018-software-security/img/cwe.png differ diff --git a/slides/2018-software-security/img/demo.png b/slides/2018-software-security/img/demo.png new file mode 100644 index 0000000..03a10fc Binary files /dev/null and b/slides/2018-software-security/img/demo.png differ diff --git a/slides/2018-software-security/img/google-rewards.png b/slides/2018-software-security/img/google-rewards.png new file mode 100644 index 0000000..34492fc Binary files /dev/null and b/slides/2018-software-security/img/google-rewards.png differ diff --git a/slides/2018-software-security/img/hb1.png b/slides/2018-software-security/img/hb1.png new file mode 100644 index 0000000..fe606c5 Binary files /dev/null and b/slides/2018-software-security/img/hb1.png differ diff --git a/slides/2018-software-security/img/hb2.png b/slides/2018-software-security/img/hb2.png new file mode 100644 index 0000000..b65179d Binary files /dev/null and b/slides/2018-software-security/img/hb2.png differ diff --git a/slides/2018-software-security/img/hb3.png b/slides/2018-software-security/img/hb3.png new file mode 100644 index 0000000..371b4c4 Binary files /dev/null and b/slides/2018-software-security/img/hb3.png differ diff --git a/slides/2018-software-security/img/hb4.png b/slides/2018-software-security/img/hb4.png new file mode 100644 index 0000000..8a52e7d Binary files /dev/null and b/slides/2018-software-security/img/hb4.png differ diff --git a/slides/2018-software-security/img/hb5.png b/slides/2018-software-security/img/hb5.png new file mode 100644 index 0000000..1df3291 Binary files /dev/null and b/slides/2018-software-security/img/hb5.png differ diff --git a/slides/2018-software-security/img/hb6.png b/slides/2018-software-security/img/hb6.png new file mode 100644 index 0000000..8cfb9b5 Binary files /dev/null and b/slides/2018-software-security/img/hb6.png differ diff --git a/slides/2018-software-security/img/heartbleed.png b/slides/2018-software-security/img/heartbleed.png new file mode 100644 index 0000000..27933db Binary files /dev/null and b/slides/2018-software-security/img/heartbleed.png differ diff --git a/slides/2018-software-security/img/icloud.tex b/slides/2018-software-security/img/icloud.tex new file mode 100644 index 0000000..e69de29 diff --git a/slides/2018-software-security/img/libc.jpg b/slides/2018-software-security/img/libc.jpg new file mode 100644 index 0000000..8dd2012 Binary files /dev/null and b/slides/2018-software-security/img/libc.jpg differ diff --git a/slides/2018-software-security/img/logo.png b/slides/2018-software-security/img/logo.png new file mode 100755 index 0000000..0c7c885 Binary files /dev/null and b/slides/2018-software-security/img/logo.png differ diff --git a/slides/2018-software-security/img/memlay.png b/slides/2018-software-security/img/memlay.png new file mode 100644 index 0000000..9c7aa52 Binary files /dev/null and b/slides/2018-software-security/img/memlay.png differ diff --git a/slides/2018-software-security/img/memory-safe/go.png b/slides/2018-software-security/img/memory-safe/go.png new file mode 100644 index 0000000..74266bb Binary files /dev/null and b/slides/2018-software-security/img/memory-safe/go.png differ diff --git a/slides/2018-software-security/img/memory-safe/java.png b/slides/2018-software-security/img/memory-safe/java.png new file mode 100644 index 0000000..b1fb238 Binary files /dev/null and b/slides/2018-software-security/img/memory-safe/java.png differ diff --git a/slides/2018-software-security/img/memory-safe/python.jpg b/slides/2018-software-security/img/memory-safe/python.jpg new file mode 100644 index 0000000..a1779d6 Binary files /dev/null and b/slides/2018-software-security/img/memory-safe/python.jpg differ diff --git a/slides/2018-software-security/img/memory-safe/rust.png b/slides/2018-software-security/img/memory-safe/rust.png new file mode 100644 index 0000000..0016983 Binary files /dev/null and b/slides/2018-software-security/img/memory-safe/rust.png differ diff --git a/slides/2018-software-security/img/mit1.png b/slides/2018-software-security/img/mit1.png new file mode 100644 index 0000000..bba6d7e Binary files /dev/null and b/slides/2018-software-security/img/mit1.png differ diff --git a/slides/2018-software-security/img/mit2.png b/slides/2018-software-security/img/mit2.png new file mode 100644 index 0000000..4d6a9ff Binary files /dev/null and b/slides/2018-software-security/img/mit2.png differ diff --git a/slides/2018-software-security/img/mit3.png b/slides/2018-software-security/img/mit3.png new file mode 100644 index 0000000..110c58e Binary files /dev/null and b/slides/2018-software-security/img/mit3.png differ diff --git a/slides/2018-software-security/img/qleft.pdf b/slides/2018-software-security/img/qleft.pdf new file mode 100644 index 0000000..f35a078 Binary files /dev/null and b/slides/2018-software-security/img/qleft.pdf differ diff --git a/slides/2018-software-security/img/qright.pdf b/slides/2018-software-security/img/qright.pdf new file mode 100644 index 0000000..da2e8e3 Binary files /dev/null and b/slides/2018-software-security/img/qright.pdf differ diff --git a/slides/2018-software-security/img/question.png b/slides/2018-software-security/img/question.png new file mode 100644 index 0000000..4e174a6 Binary files /dev/null and b/slides/2018-software-security/img/question.png differ diff --git a/slides/2018-software-security/img/real-bug.png b/slides/2018-software-security/img/real-bug.png new file mode 100644 index 0000000..05bb42d Binary files /dev/null and b/slides/2018-software-security/img/real-bug.png differ diff --git a/slides/2018-software-security/img/stack-smashing.png b/slides/2018-software-security/img/stack-smashing.png new file mode 100644 index 0000000..7d06eb2 Binary files /dev/null and b/slides/2018-software-security/img/stack-smashing.png differ diff --git a/slides/2018-software-security/img/summary.jpg b/slides/2018-software-security/img/summary.jpg new file mode 100644 index 0000000..3850ec7 Binary files /dev/null and b/slides/2018-software-security/img/summary.jpg differ diff --git a/slides/2018-software-security/img/take-away.pdf b/slides/2018-software-security/img/take-away.pdf new file mode 100644 index 0000000..7d3b190 --- /dev/null +++ b/slides/2018-software-security/img/take-away.pdf @@ -0,0 +1,68 @@ +%PDF-1.4 +%µí®û +3 0 obj +<< /Length 4 0 R + /Filter /FlateDecode +>> +stream +xœmŒAÃ0"„‚ ŽýŒ>¡—¦‡äæÿRŸ#$–E³{’rÎã×Gy»àCš\ÅÆ`×Â;´ã»¨(dçUt€Ðè0fµ„-ÉÒTØ…¬ÕA7ïè TxÂ1f¯Õš;"£*¤4{È~éM7ä‘$ +endstream +endobj +4 0 obj + 118 +endobj +2 0 obj +<< + /ExtGState << + /a0 << /CA 1 /ca 1 >> + >> +>> +endobj +5 0 obj +<< /Type /Page + /Parent 1 0 R + /MediaBox [ 0 0 12.8 12.8 ] + /Contents 3 0 R + /Group << + /Type /Group + /S /Transparency + /I true + /CS /DeviceRGB + >> + /Resources 2 0 R +>> +endobj +1 0 obj +<< /Type /Pages + /Kids [ 5 0 R ] + /Count 1 +>> +endobj +6 0 obj +<< /Creator (cairo 1.14.0 (http://cairographics.org)) + /Producer (cairo 1.14.0 (http://cairographics.org)) +>> +endobj +7 0 obj +<< /Type /Catalog + /Pages 1 0 R +>> +endobj +xref +0 8 +0000000000 65535 f +0000000520 00000 n +0000000232 00000 n +0000000015 00000 n +0000000210 00000 n +0000000304 00000 n +0000000585 00000 n +0000000712 00000 n +trailer +<< /Size 8 + /Root 7 0 R + /Info 6 0 R +>> +startxref +764 +%%EOF diff --git a/slides/2018-software-security/img/ty.pdf b/slides/2018-software-security/img/ty.pdf new file mode 100644 index 0000000..9ad4dc8 Binary files /dev/null and b/slides/2018-software-security/img/ty.pdf differ diff --git a/slides/2018-software-security/img/weird-machine.png b/slides/2018-software-security/img/weird-machine.png new file mode 100644 index 0000000..cd0bddf Binary files /dev/null and b/slides/2018-software-security/img/weird-machine.png differ diff --git a/slides/2018-software-security/img/zerodium.png b/slides/2018-software-security/img/zerodium.png new file mode 100644 index 0000000..3caa73a Binary files /dev/null and b/slides/2018-software-security/img/zerodium.png differ diff --git a/slides/2018-software-security/main.tex b/slides/2018-software-security/main.tex new file mode 100644 index 0000000..f442493 --- /dev/null +++ b/slides/2018-software-security/main.tex @@ -0,0 +1,27 @@ +\pdfminorversion=4 +%\documentclass[handout,aspectratio=169]{beamer} +\documentclass[aspectratio=169]{beamer} +\usetheme{rgd} + +\input{src/preamble} + +\title{% + Software Security I\&II +} +%\subtitle{% +%} +\author{% + Rasmus Dahlberg +} +\institute{% + Karlstad University +} +\date{% + \today +} + +\begin{document} + \input{src/titlepage} + \input{src/body} + \input{src/questions} +\end{document} diff --git a/slides/2018-software-security/sample/._bo-stack.c.swp b/slides/2018-software-security/sample/._bo-stack.c.swp new file mode 100644 index 0000000..376288d Binary files /dev/null and b/slides/2018-software-security/sample/._bo-stack.c.swp differ diff --git a/slides/2018-software-security/sample/_bo-heap.c b/slides/2018-software-security/sample/_bo-heap.c new file mode 100644 index 0000000..a89959c --- /dev/null +++ b/slides/2018-software-security/sample/_bo-heap.c @@ -0,0 +1,19 @@ +void verify_heap() +{ + char *buf = malloc(8*sizeof(char)); + char *verified = malloc(sizeof(int)); + *verified = 0; + gets(buf); + /* */ + if (*verified) { + printf("accept\n"); + } else { + printf("reject\n"); + } +} + +int main(int argc, char *argv[]) +{ + verify_heap(); + return 0; +} diff --git a/slides/2018-software-security/sample/_bo-stack.c b/slides/2018-software-security/sample/_bo-stack.c new file mode 100644 index 0000000..167496e --- /dev/null +++ b/slides/2018-software-security/sample/_bo-stack.c @@ -0,0 +1,21 @@ +#include + +void verify_stack() +{ + int verified = 0; + char buf[8] = {4,4,4,4,8,8,8,8}; + gets(buf); + /* */ + if (verified) { + printf("accept\n"); + } else { + printf("reject\n"); + } +} + +int main(int argc, char *argv[]) +{ + printf("Lucky number: %d\n", 1337); + verify_stack(); + return 0; +} diff --git a/slides/2018-software-security/sample/_stack-frame.c b/slides/2018-software-security/sample/_stack-frame.c new file mode 100644 index 0000000..32f4fe2 --- /dev/null +++ b/slides/2018-software-security/sample/_stack-frame.c @@ -0,0 +1,26 @@ +#include + +int add(int a, int b) +{ + int result; + result = a+b; + return result; +} + +int sub(int a, int b) +{ + int result; + result = add(a,-b); + return result; +} + +int algorithm() +{ + printf("result: %d\n", sub(2,1)); +} + +int main(int argc, char *argv[]) +{ + algorithm(); + return 0; +} diff --git a/slides/2018-software-security/sample/assignment-buffer-overflow.c b/slides/2018-software-security/sample/assignment-buffer-overflow.c new file mode 100644 index 0000000..2fb0d58 --- /dev/null +++ b/slides/2018-software-security/sample/assignment-buffer-overflow.c @@ -0,0 +1,15 @@ +#include +#include +#define SECRET UINT_MAX + +void gotcha() { printf("Gotcha!\n"); } + +int main() { + unsigned secret = 0; + char buf[8]; + scanf("%s", buf); + if (secret == SECRET) { + gotcha(); + } + return 0; +} diff --git a/slides/2018-software-security/sample/assignment-integer-overflow.c b/slides/2018-software-security/sample/assignment-integer-overflow.c new file mode 100644 index 0000000..58c59b1 --- /dev/null +++ b/slides/2018-software-security/sample/assignment-integer-overflow.c @@ -0,0 +1,15 @@ +#include + +int get_int() { + int v; printf("Enter an integer: "); + scanf("%d", &v); + return v; +} + +int main() { + int a=get_int(), b=get_int(), max=10; + if (a+b > max) + printf("%d+%d > %d\n", a, b, max); + else + printf("%d+%d <= %d\n", a, b, max); +} diff --git a/slides/2018-software-security/sample/bad-add.c b/slides/2018-software-security/sample/bad-add.c new file mode 100644 index 0000000..42424de --- /dev/null +++ b/slides/2018-software-security/sample/bad-add.c @@ -0,0 +1,10 @@ +void cat(char *dst, size_t n, + char *src1, size_t n1, + char *src2, size_t n2) +{ + if (n1+n2 <= n) { + strncpy(dst, src1, n); + strncat(dst, src2, n-n1); + } +} +... diff --git a/slides/2018-software-security/sample/bad-call.c b/slides/2018-software-security/sample/bad-call.c new file mode 100644 index 0000000..9d6d57b --- /dev/null +++ b/slides/2018-software-security/sample/bad-call.c @@ -0,0 +1,10 @@ +void init(char v, char *buf, int n) +{ + char *b = buf; + while (b < buf+n) { + *b++ = val; + } +} +... +char *buf = malloc(2); +init('A', buf, sizeof(buf)); diff --git a/slides/2018-software-security/sample/bad-index.c b/slides/2018-software-security/sample/bad-index.c new file mode 100644 index 0000000..37d94b3 --- /dev/null +++ b/slides/2018-software-security/sample/bad-index.c @@ -0,0 +1,4 @@ +char b[4] = "abc"; +b[3] = 'd'; +printf("b: %s\n", b); +... diff --git a/slides/2018-software-security/sample/bad-index2.c b/slides/2018-software-security/sample/bad-index2.c new file mode 100644 index 0000000..b9f5be6 --- /dev/null +++ b/slides/2018-software-security/sample/bad-index2.c @@ -0,0 +1,4 @@ +char b[4] = "abc"; +b[4] = 'd'; +printf("b: %s\n", s); +... diff --git a/slides/2018-software-security/sample/bad-printf.c b/slides/2018-software-security/sample/bad-printf.c new file mode 100644 index 0000000..7026600 --- /dev/null +++ b/slides/2018-software-security/sample/bad-printf.c @@ -0,0 +1,4 @@ +char b[4]; +fgets(b, 4, stdin); +printf(b); +... diff --git a/slides/2018-software-security/sample/bo-heap.c b/slides/2018-software-security/sample/bo-heap.c new file mode 100644 index 0000000..60fd29e --- /dev/null +++ b/slides/2018-software-security/sample/bo-heap.c @@ -0,0 +1,13 @@ +void verify_heap() +{ + char *buf = malloc(8*sizeof(char)); + int *verified = malloc(sizeof(int)); + *verified = 0; + gets(buf); + /* */ + if (*verified) { + printf("accept\n"); + } else { + printf("reject\n"); + } +} diff --git a/slides/2018-software-security/sample/bo-stack.c b/slides/2018-software-security/sample/bo-stack.c new file mode 100644 index 0000000..f8bcb55 --- /dev/null +++ b/slides/2018-software-security/sample/bo-stack.c @@ -0,0 +1,12 @@ +void verify_stack() +{ + int verified = 0; + char buf[8]; + gets(buf); + /* */ + if (verified) { + printf("accept\n"); + } else { + printf("reject\n"); + } +} diff --git a/slides/2018-software-security/sample/build b/slides/2018-software-security/sample/build new file mode 100755 index 0000000..123db54 --- /dev/null +++ b/slides/2018-software-security/sample/build @@ -0,0 +1,10 @@ +#!/bin/bash + +echo "[Compile] bo-stack" +gcc -g -O0 -fno-stack-protector -o bo-stack _bo-stack.c &> /dev/null + +echo "[Compile] bo-heap" +gcc -g -O0 -fno-stack-protector -o bo-heap _bo-heap.c &> /dev/null + +echo "[Compile] stack-frame" +gcc -g -O0 -fno-stack-protector -o stack-frame _stack-frame.c diff --git a/slides/2018-software-security/sample/ldd b/slides/2018-software-security/sample/ldd new file mode 100644 index 0000000..dc2cc99 --- /dev/null +++ b/slides/2018-software-security/sample/ldd @@ -0,0 +1,7 @@ +$ cat main.c +int main() { return 0; } +$ gcc main.c +$ ldd ./a.out + linux-vdso.so.1 (0x00007fff3a9e4000) + libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fa5bfeda000) + /lib64/ld-linux-x86-64.so.2 (0x00007fa5c04cd000) diff --git a/slides/2018-software-security/sample/ldd2 b/slides/2018-software-security/sample/ldd2 new file mode 100644 index 0000000..ff87494 --- /dev/null +++ b/slides/2018-software-security/sample/ldd2 @@ -0,0 +1,8 @@ +$ ldd ./a.out + linux-vdso.so.1 (0x00007ffdda7ce000) + libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f7f307ba000) + /lib64/ld-linux-x86-64.so.2 (0x00007f7f30dad000) +$ ldd ./a.out + linux-vdso.so.1 (0x00007ffe387d4000) + libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fdd793ef000) + /lib64/ld-linux-x86-64.so.2 (0x00007fdd799e2000) diff --git a/slides/2018-software-security/sample/main.c b/slides/2018-software-security/sample/main.c new file mode 100644 index 0000000..f8b643a --- /dev/null +++ b/slides/2018-software-security/sample/main.c @@ -0,0 +1,4 @@ +int main() +{ + return 0; +} diff --git a/slides/2018-software-security/sample/splint b/slides/2018-software-security/sample/splint new file mode 100644 index 0000000..af8501e --- /dev/null +++ b/slides/2018-software-security/sample/splint @@ -0,0 +1,17 @@ +static-analysis.c: (in function main) +static-analysis.c:7:9: Possibly null storage buf passed as non-null param: + fgets (buf, ...) + A possibly null pointer is passed as a parameter corresponding to a formal + parameter with no /*@null@*/ annotation. If NULL may be used for this + parameter, add a /*@null@*/ annotation to the function parameter declaration. + (Use -nullpass to inhibit warning) + static-analysis.c:6:15: Storage buf may become null +static-analysis.c:7:3: Return value (type char *) ignored: fgets(buf, 8, stdin) + Result returned by function call is not used. If this is intended, can cast + result to (void) to eliminate message. (Use -retvalother to inhibit warning) +static-analysis.c:9:12: Fresh storage buf not released before return + A memory leak has been detected. Storage allocated locally is not released + before the last reference to it is lost. (Use -mustfreefresh to inhibit + warning) + static-analysis.c:6:25: Fresh storage buf created + diff --git a/slides/2018-software-security/sample/stack-frame.c b/slides/2018-software-security/sample/stack-frame.c new file mode 100644 index 0000000..b5c962f --- /dev/null +++ b/slides/2018-software-security/sample/stack-frame.c @@ -0,0 +1,18 @@ +int add(int a, int b) +{ + int result; + result = a+b; + return result; +} + +int sub(int a, int b) +{ + int result; + result = add(a,-b); + return result; +} + +int algorithm() +{ + printf("result: %d\n", sub(2,1)); +} diff --git a/slides/2018-software-security/sample/static-analysis.c b/slides/2018-software-security/sample/static-analysis.c new file mode 100644 index 0000000..3d89478 --- /dev/null +++ b/slides/2018-software-security/sample/static-analysis.c @@ -0,0 +1,10 @@ +#include +#include + +int main() +{ + char *buf = malloc(8); + fgets(buf, 8, stdin); + printf("%s\n", buf); + return 0; +} diff --git a/slides/2018-software-security/slides.pdf b/slides/2018-software-security/slides.pdf new file mode 100644 index 0000000..b073cf6 Binary files /dev/null and b/slides/2018-software-security/slides.pdf differ diff --git a/slides/2018-software-security/src/body.tex b/slides/2018-software-security/src/body.tex new file mode 100644 index 0000000..0eb89e1 --- /dev/null +++ b/slides/2018-software-security/src/body.tex @@ -0,0 +1,1009 @@ +\begin{frame} +\frametitle{Learning outcomes} + \vfill\centering + \smartdiagramset{ + sequence item height=1.75cm, + sequence item width=2.5cm, + sequence item text width = 2.4cm, + } + \smartdiagram[sequence diagram]{% + What is software security,% + Software security gone wrong,% + Buffer overflows and + defenses% + } + \pause + \vfill\centering\textbf{Already covered here or elsewhere:} least privilege, + modern crypto, use secure APIs, pass strings to complex subsystems with + care, do unit testing, security audits, ... +\end{frame} + +\begin{frame} + \frametitle{Be aware of other common coding mistakes not covered here} + \centering\includegraphics[width=\textwidth]{img/cwe} + \burl{https://cwe.mitre.org/data/definitions/699.html} +\end{frame} + +\begin{frame} + \frametitle{Software vulnerabilities pay\titlefloatright{Zerodium's program}} + \centering\includegraphics[height=0.8\textheight]{img/zerodium}\\ + \burl{https://zerodium.com/program.html} +\end{frame} + +\begin{frame} + \frametitle{Software vulnerabilities pay\titlefloatright{Google's + program}} + \centering\includegraphics[height=0.8\textheight]{img/google-rewards}\\ + \burl{https://www.google.com/about/appsecurity/reward-program/index.html} +\end{frame} + + +\begin{frame} + \frametitle{% + What is software security about?% + \titlefloatright{% + Weird machines\footnote{\burl{https://en.wikipedia.org/wiki/Weird_machine}}% + }% + } + \centering + \includegraphics[height=0.4\textheight]{img/weird-machine} + \\\vfill + Security properties and threat model $\rightarrow$ + program should work as intended +\end{frame} + +\begin{frame} + \frametitle{Can you spell software vulnerability? \titlefloatright{BUG}} + \centering\includegraphics[height=0.5\textheight]{img/real-bug} + % REMEMBER@bug: bad composition, implementation error, logical error +\end{frame} + +\begin{frame} + %REMEMBER@bad comp: Mat Honan + \frametitle{Bad composition \titlefloatright{Gmail password + reset\footnote{% + \burl{https://www.wired.com/2012/08/apple-amazon-mat-honan-hacking/} + \titlefloatright{Credit: Nickolai Zeldovich and James Mickens} + }}} + \centering + \begin{tikzpicture} + \node[draw=gray, rounded rectangle, fill=gray!25, minimum width=4cm, + minimum height=2cm](gmail) at (0,0) {% + \begin{tabular}{c} + \textbf{Gmail reset}\\ + \begin{tabular}{l} + \textbf{-} use backup mail\\ + \textbf{-} \texttt{m****n@me.com}\\ + \\ + \end{tabular} + \end{tabular} + }; + \pause + + \node[draw=gray, rounded rectangle, fill=gray!25, minimum width=4cm, + minimum height=2cm, below=1cm of gmail](appleid) {% + \begin{tabular}{c} + \textbf{AppleID reset}\\ + \begin{tabular}{l} + \textbf{-} mail address\\ + \textbf{-} billing address\\ + \textbf{-} last four in CC\\ + \end{tabular} + \end{tabular} + }; + \pause + + \node[draw=gray, rounded rectangle, fill=gray!25, minimum width=4cm, + minimum height=2cm, right=3cm of gmail](amazon) {% + \begin{tabular}{c} + \textbf{Amazon reset}\\ + \begin{tabular}{l} + \textbf{-} name \\ + \textbf{-} billing address\\ + \textbf{-} CC number\\ + \end{tabular} + \end{tabular} + }; + \pause + + \node[draw=gray, rounded rectangle, fill=gray!25, minimum width=4cm, + minimum height=2cm, below=1cm of amazon](amazonadd) {% + \begin{tabular}{c} + \textbf{Amazon add CC}\\ + \begin{tabular}{l} + \textbf{-} name \\ + \textbf{-} mail address\\ + \textbf{-} billing address\\ + \end{tabular} + \end{tabular} + }; + + \pause + \path[draw,thick,-latex] + (amazonadd) -- + node[draw=none,right]{precaution\footnotemark} + (amazon); + \pause + \path[draw,thick,-latex] (amazon) -- (appleid); + \pause + \path[draw,thick,-latex] (appleid) -- (gmail); + \end{tikzpicture} + \footnotetext{\tiny{Obfuscate CC, s.t., only last last 4 CC digits are shown}} +\end{frame} + +\begin{frame} + \frametitle{Implementation error\titlefloatright{% + iCloud hack\footnote{% + \burl{https://github.com/hackappcom/ibrute} + \titlefloatright{Credit: Nickolai Zeldovich and James Mickens} + }}} + \centering + \begin{tikzpicture} + \node[draw=gray, thick, rounded rectangle, minimum width=4cm, minimum + height=2cm, fill=gray!25] (icloud) at (0,0) {iCloud}; + \node[draw=none, left=2cm of icloud](ifile) {Files}; + \node[draw=none, above=1cm of icloud](ifeature) {Other features}; + \coordinate(imid) at ($ (ifile.north) !.5! (ifeature) $); + \node[draw=none] (isharing) at ($ (imid) + (-.75,.5) $) {Sharing}; + \node[draw=none, right=2cm of icloud](ifind) {% + \begin{tabular}{c} + Find my\\ + iPhone + \end{tabular} + }; + \path[draw, -latex] (ifile) -- (icloud); + \path[draw, -latex] (isharing) -- (icloud); + \path[draw, -latex] (ifeature) -- (icloud); + \path[draw, -latex] (ifind) -- (icloud); + \end{tikzpicture} + \pause + \vfill + \begin{columns} + \begin{column}{0.49\textwidth} + \vbox to .2\textheight{ + \vfill + \begin{itemize} + \item User must login to use a feature + \pause + \item \textbf{Rate limited login attempts?} + \end{itemize} + \vfill + } + \end{column} + \begin{column}{0.49\textwidth} + \vbox to .2\textheight{ + \vfill + Files, sharing, other features? + \titlefloatright{\textcolor{darkGreen}{Yep}}\\ + \pause + Find my iPhone...? + \titlefloatright{\textcolor{darkRed}{Nop}} + \vfill + } + \end{column} + \end{columns} + \pause + \vfill + \alert{Lesson learned: the importance of testing against abnormal behaviour} +\end{frame} + +\begin{frame} + \frametitle{Implementation error\titlefloatright{Subject + names and TLS\footnote{% + \burl{https://www.blackhat.com/presentations/bh-usa-09/MARLINSPIKE/BHUSA09-Marlinspike-DefeatSSL-PAPER1.pdf} + }}} + \begin{columns} + \begin{column}{0.59\textwidth} + \begin{itemize} + \item TLS certificate: identity-to-key binding + \pause + \item Subject name? Pascal string + \begin{itemize} + \item Length followed by characters + \end{itemize} + \pause + \item Many TLS implementations? C string + \begin{itemize} + \item Characters with null-termination + \end{itemize} + \end{itemize} + \end{column} + \pause + \begin{column}{0.39\textwidth} + \includegraphics[width=\textwidth]{img/bad-encode} + \end{column} + \end{columns} + \pause + \vfill\centering\alert{Lesson learned: only process data at uniform formats} +\end{frame} + +\begin{frame} + \frametitle{The bad news :/} + \begin{columns} + \begin{column}{0.59\textwidth} + \begin{itemize} + \item Much software is written in \texttt{C}/\texttt{C++} + \item Recipe for disaster: + \begin{itemize} + \item Exposure to raw memory addresses + \item No built-in bound checking and safety + \item Operate on untrusted user input + \end{itemize} + \item Why? + \end{itemize} + \end{column} + \begin{column}{0.39\textwidth} + \centering\includegraphics[height=0.6\textheight]{img/clang}\\ + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{It is easy to get wrong \titlefloatright{1/2}} + \vfill + \begin{columns} + \begin{column}{0.33\textwidth} + \vbox to .4\textheight{ + \centering + \lstinputlisting[style=CStyle]{sample/bad-index.c} + \vfill + Problem? \\ + \pause + \textbf{over-read} \\ + \pause + } + \end{column} + \begin{column}{0.33\textwidth} + \vbox to .4\textheight{ + \centering + \lstinputlisting[style=CStyle]{sample/bad-index2.c} + \vfill + Problem? \\ + \pause + \textbf{over-write} \\ + \pause + } + \end{column} + \begin{column}{0.33\textwidth} + \vbox to .4\textheight{ + \centering + \lstinputlisting[style=CStyle]{sample/bad-printf.c} + \vfill + Problem? \\ + \pause + \textbf{over-read} \\ + } + \end{column} + \end{columns} + \vfill +\end{frame} + +\begin{frame} + \frametitle{It is easy to get wrong \titlefloatright{2/2}} + \vfill + \begin{columns} + \begin{column}{0.49\textwidth} + \vbox to .6\textheight{ + \centering + \lstinputlisting[style=CStyle]{sample/bad-call.c} + \vfill + Problem? \\ + \pause + \textbf{over-write} + \pause + } + \end{column} + \begin{column}{0.49\textwidth} + \vbox to .6\textheight{ + \centering + \lstinputlisting[style=CStyle]{sample/bad-add.c} + \vfill + Problem? \\ + \pause + \textbf{over-write} + } + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{A famous over-read in OpenSSL\titlefloatright{% + Heartbleed bug% + \includegraphics[height=16pt]{img/heartbleed}% + }} + \begin{columns} + \begin{column}{0.49\textwidth} + \includegraphics[width=\textwidth]{img/hb1} + \includegraphics[width=\textwidth]{img/hb2} + \includegraphics[width=\textwidth]{img/hb3} + \end{column} + \begin{column}{0.49\textwidth} + \includegraphics[width=\textwidth]{img/hb4} + \includegraphics[width=\textwidth]{img/hb5} + \includegraphics[width=\textwidth]{img/hb6} + \end{column} + \end{columns} + \vfill\centering\burl{https://xkcd.com/1354/} + %REMEMBER@after heartbleed: transition -> easy bug, not the typical case. Usually, attckers exploit buffer overflows (i.e., write outside of buffer boundaries) to change the program flow, e.g., by changing the value of adjacent variables. In extreme cases, entirely new functionality can be inserted - hello world program with buf overflow -> delete files... This is what we will work towards now. +\end{frame} + +\begin{frame} + %REMEMBER: explain stack briefly, and paint everything on board - local vars + \frametitle{Buffer overflow \titlefloatright{Stack}} + \begin{columns} + \begin{column}{0.59\textwidth} + \lstinputlisting[style=CStyle]{sample/bo-stack.c} + \end{column} + \pause + \begin{column}{0.39\textwidth} + \begin{itemize} + \item Input 1: Neal \ding{224} \textcolor{darkRed}{reject} + \pause + \item Input 2: Caffrey \ding{224} \textcolor{darkRed}{reject} + \pause + \item Input 3: Overflow! \ding{224} \textcolor{darkGreen}{accept} + \pause + \end{itemize} + \end{column} + \end{columns} + \vfill\centering\alert{Buffer overflow occurs when writing outside of a buffer's boundaries} +\end{frame} + +\begin{frame} + %REMEMBER: explain heapy briefly, and paint everything on board - need var lifetime that is longer than function lifetime + \frametitle{Buffer overflow \titlefloatright{Heap}} + \begin{columns} + \begin{column}{0.59\textwidth} + \lstinputlisting[style=CStyle]{sample/bo-heap.c} + \end{column} + \pause + \begin{column}{0.39\textwidth} + \begin{itemize} + \item Input 1: Neal \ding{224} \textcolor{darkRed}{reject} + \pause + \item Input 2: Caffrey \ding{224} \textcolor{darkRed}{reject} + \pause + \item Input 3: aaa...aaa \ding{224} \textcolor{darkGreen}{accept} + \end{itemize} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + % Just to make sure that everyone is on the same page now, and work towards stack frames + \frametitle{Memory layout} + \begin{columns} + \begin{column}{0.59\textwidth} + \begin{itemize} + \item Heap grows towards higher addresses + \begin{itemize} + \item Manual memory (de)allocation + \end{itemize} + \item Stack grows towards lower addresses + \begin{itemize} + \item Automatic memory (de)allocation + \item Each function has a `stack frame' + \end{itemize} + \item Data: e.g., global and static variables + \item Code: instructions that CPU can process + \end{itemize} + \end{column} + \begin{column}{0.39\textwidth} + \centering\includegraphics[height=0.6\textheight]{img/memlay} + \end{column} + \end{columns} + %\pause + %\vfill\centering\alert{Note: each process has its own virtual memory that + % is translated to physical memory} +\end{frame} + +\begin{frame} + \frametitle{Stack frames} + \begin{columns} + \begin{column}{0.49\textwidth} + \lstinputlisting[style=CStyle]{sample/stack-frame.c} + \end{column} + \begin{column}{0.49\textwidth} + Each function gets its own stack frame + \begin{itemize} + \item Local variables + \item Function parameters + \item Housekeeping such as: + \begin{itemize} + \item Return address + \item Register values + \end{itemize} + \end{itemize} + \vspace{12pt} + \alert{Push ordering} \ding{224} + \alert{see calling conventions} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Pushing an popping stack frames} + \begin{columns} + \begin{column}{0.166\textwidth} + \begin{drawstack}[scale=0.5] + \cell{algorithm} + \end{drawstack} + \end{column} + \begin{column}{0.166\textwidth} + \begin{drawstack}[scale=0.5] + \cell{algorithm} + \cell{sub} + \end{drawstack} + \end{column} + \begin{column}{0.166\textwidth} + \begin{drawstack}[scale=0.5] + \cell{algorithm} + \cell{sub} + \cell{add} + \end{drawstack} + \end{column} + \begin{column}{0.166\textwidth} + \begin{drawstack}[scale=0.5] + \cell{algorithm} + \cell{sub} + \end{drawstack} + \end{column} + \begin{column}{0.166\textwidth} + \begin{drawstack}[scale=0.5] + \cell{algorithm} + \end{drawstack} + \end{column} + \begin{column}{0.166\textwidth} + \begin{drawstack}[scale=0.5] + \cell{algorithm} + \cell{printf} + \end{drawstack} + \end{column} + \end{columns} + \vfill\centering\alert{Return to caller's context using housekeeping + information} +\end{frame} + +\begin{frame} + \frametitle{Buffer overflow on the stack continued \titlefloatright{(1/2)}} + \begin{columns} + \begin{column}{0.59\textwidth} + \lstinputlisting[style=CStyle]{sample/bo-stack.c} + \end{column} + \begin{column}{0.39\textwidth} + \begin{itemize} + \item Input 4: aaa...aaa \ding{224} \textcolor{darkRed}{segfault} + \item Why not segfault on heap? + \item Why segfault on stack? + \end{itemize} + \end{column} + \end{columns} +\end{frame} + + +\begin{frame} + \frametitle{Buffer overflow on the stack continued \titlefloatright{(2/2)}} + \begin{columns} + \begin{column}{0.49\textwidth} + %\lstinputlisting[style=CStyle,firstline=3,lastline=4,numbers=none]{% + % sample/bo-stack.c + %} + \lstinputlisting[style=CStyle]{sample/bo-stack.c} + \end{column} + \begin{column}{0.49\textwidth} + \centering + \begin{drawstack}[scale=0.5] + \cell{RA} \cellcomL{\scriptsize{0x...\textcolor{darkRed}{32}}} + \cell{\texttt{verified}} + \cellcomL{\scriptsize{0x...\textcolor{darkRed}{28}}} + \padding{3}{% + \begin{tabular}{c} + \texttt{buf[7]} \\ + ... \\ + \texttt{buf[0]} \\ + \end{tabular} + } \cellcomL{\scriptsize{0x...\textcolor{darkRed}{20}}} + \end{drawstack} + \end{column} + \end{columns} + \pause + \centering\vfill\alert{% + Can we solve the problem by pushing \texttt{buf} first?% + } +\end{frame} + +\begin{frame} + \frametitle{Buffer overflow that leads to code execution} + \centering\includegraphics[height=0.6\textheight]{img/demo} +\end{frame} + +\begin{frame} + \frametitle{Summary of principles for stack smashing attacks} + \centering\includegraphics[height=0.6\textheight]{img/stack-smashing}\\ + \vfill + \alert{1.} Gain control of return address + \titlefloatright{\alert{2.} Point to some malicious code} +\end{frame} + +\begin{frame} + \frametitle{The hard part is jumping to malicious code \titlefloatright{`In the buffer'}} + \begin{columns} + \begin{column}{0.49\textwidth} + \begin{enumerate} + \item Add asm instructions in the buffer + \begin{itemize} + \item Usually to open a shell + \item `Shell-code' + \end{itemize} + \item Jump to the buffer's shell-code + \end{enumerate} + \vspace{1cm}\centering + Exact address of buffer?\\ + \rding\\ + Use a nop-sled + \end{column} + \begin{column}{0.49\textwidth} + \centering + \begin{tikzpicture}[scale=0.5] + \stacktop{} + % cells + \cell{RA} \coordinate (ra) at (currentcell.east); + \cell{shell code} \coordinate (sc) at (currentcell.west); + \bcell{\texttt{nop}} \coordinate(nopl) at (currentcell.west); + \bcell{...} \coordinate(nopm) at (currentcell.east); + \bcell{\texttt{nop}} \coordinate(nopf) at (currentcell.west); + \cellptr{\texttt{\&buf[0]}} + % air plane + \coordinate(mid) at ($ (nopl) !.5! (nopf) $); + \node(plane) at ($ (mid) + (-2,0) $){% + \includegraphics[width=45pt]{img/air-plane} + }; + % edges + \path[draw=darkRed,-latex,rounded corners,dashed,thick] + (ra) -- ($ (ra) + (2,0) $) |- (nopm); + \stackbottom{} + \end{tikzpicture} + \end{column} + \end{columns} + \pause + \centering\vfill\alert{% + Note: nop-sled + asm may also be injected to the heap---`heap spraying' + } +\end{frame} + +\begin{frame} + \frametitle{The hard part is jumping to malicious code \titlefloatright{% + `Return-to-libc'}} + \begin{columns} + \begin{column}{0.49\textwidth} + \begin{enumerate} + \item Point to an already loaded function + \begin{itemize} + \item \texttt{system()} + \end{itemize} + \item Prepare stack with arguments + \begin{itemize} + \item \texttt{"rm -rf /home/\$USER"} + \end{itemize} + \end{enumerate} + \vspace{12pt} + \ding{224}\texttt{system("rm -rf /home/\$USER")} + \end{column} + \pause + \begin{column}{0.49\textwidth} + \centering\includegraphics[height=0.45\textheight]{img/libc} + \end{column} + \end{columns} + \vfill + \lstinputlisting[style=CStyle,numbers=none]{sample/ldd} +\end{frame} + +\begin{frame} + \frametitle{Widely used stack smashing mitigation techniques} + \textbf{Idea:} try to prevent the two necessary stack smashing conditions from + meeting met + \vfill + \pause + \begin{itemize} + \item<2-> Address randomization \titlefloatright{Increases jump uncertainty} + \item<3-> Non-executable memory \titlefloatright{Stop if instruction pointer + gets here} + \item<4-> Stack canaries \titlefloatright{Stop if RA got tampered with} + \end{itemize} + \vfill + \lstinputlisting[style=CStyle,numbers=none]{sample/ldd2} +\end{frame} + +\begin{frame} + \frametitle{Canaries} + \begin{columns} + \begin{column}{0.49\textwidth} + \centering + \vbox to .8\textheight{ + \vfill + \begin{quote} + `` [...] miners would bring a caged canary into new coal seams. Canaries + are especially sensitive to methane and carbon monoxide [...], as long + as the bird kept singing, the miners knew their air supply was safe.'' + \end{quote} + \vfill + \begin{quote} + ``\textbf{Short but meaningful}'' + \end{quote} + \vfill + } + \end{column} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[height=0.8\textheight]{img/canary-bird}\\ + \centering\burl{https://www.wisegeek.com/what-does-it-mean-to-be-a-canary-in-a-coal-mine.htm} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Stack canaries \titlefloatright{Before overflow}} + \centering + \includegraphics[width=0.95\textwidth]{img/canary-before} + \vfill + \begin{columns} + \begin{column}{0.49\textwidth} + \begin{itemize} + \item Terminator canaries + \item Random canaries + \item ... + \end{itemize} + \end{column} + \begin{column}{0.49\textwidth} + \centering + \textbf{Require:}\\ + CY must be valid to use RA + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Stack canaries \titlefloatright{After overflow}} + \centering + \includegraphics[width=0.8\textwidth]{img/canary-after} + \vfill + \textbf{Stop running---invalid canary value!} + \pause + \vfill + \vfill\centering\alert{Can anyone think of examples where the two canary + types fail?} + % == stack == + % - local variable which is a function pointer gets overwritten; when + % called the attacker's function is used instead + % - somehow extract random canary value from memory or rewrite it + % - guess canary, e.g., due to bad randomness + % == terminator == + % - you have a double buffer overflow vulnerability: first you overwrite as + % normal to hit RA, then subsequently you `repair' the predictable canary +\end{frame} + +\begin{frame} + \frametitle{Great mitigation techniques, but we realize that...} + \centering\Huge{% + it is still imperfect + \vfill + What else can we do? + } + \pause + \vfill + \normalsize + \begin{columns} + \begin{column}{0.33\textwidth} + \begin{itemize} + \item Avoid bugs in C/C++ code + \end{itemize} + \end{column} + \begin{column}{0.33\textwidth} + \begin{itemize} + \item Build and use tools that help catching bugs + \end{itemize} + \end{column} + \begin{column}{0.33\textwidth} + \begin{itemize} + \item Use memory safe programming languages + \end{itemize} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Avoid bugs in C/C\texttt{++} code} + \begin{columns} + \begin{column}{0.59\textwidth} + \begin{itemize} + \item Sanitize all untrusted user input + \item Manually verify all bounds \alert{correctly} + \item Be aware of integer underflow/overflow + \item Use safe(r) functions and learn caveats + \begin{itemize} + \item \texttt{fgets} vs.\ \texttt{gets} + \item \texttt{strncpy} vs.\ \texttt{strcpy} + \item \texttt{man strncpy} \ding{224} null-termination? + \end{itemize} + \item \textbf{Adopt a secure coding standard} + \begin{itemize} + \item CERT C\footnotemark + \item MISRA C\footnotemark (embedded systems) + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.39\textwidth} + \centering\includegraphics[height=0.6\textheight]{img/checklist} + \end{column} + \end{columns} + \footnotetext[6]{\burl{https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf}} + \footnotetext{\burl{https://www.misra.org.uk/Activities/MISRAC/tabid/160/Default.aspx}} +\end{frame} + + +\begin{frame} + \frametitle{Build and use tools that help catching bugs \titlefloatright{% + Static analysis% + \footnote{\burl{https://www.perforce.com/blog/qac/what-static-code-analysis}} + }} + \begin{columns} + \begin{column}{0.69\textwidth} + \begin{itemize} + \item Automated source code analysis \alert{before} runtime + \item Output warnings if errors are suspected + \item Assess compliance with coding standards + \end{itemize} + \end{column} + \begin{column}{0.39\textwidth} + \vbox to .7\textheight{% + \centering + \lstinputlisting[style=CStyle]{sample/static-analysis.c} + \texttt{\$ splint main.c} \\ + \ding{224} 3 non-gcc warnings + \vfill + \tiny{\alert{Details:}} \burl{https://www.splint.org/} + } + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Build and use tools that help catching bugs \titlefloatright{Dynamic + analysis}} + \begin{columns} + \begin{column}{0.59\textwidth} + \begin{itemize} + \item Analyze what program does at \alert{runtime} + \item Valgrind---look for memory errors + \item Fuzzing\footnotemark---what happens on funky input? + \begin{itemize} + \item<2-> Random and mutation-based + \item<3-> Structure-aware + \item<4-> Program-aware + \item<5-> Automated feedback loops + \item<6-> ... + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.39\textwidth} + \vbox to .8\textheight{ + \vfill\centering + \includegraphics[width=\textwidth]{img/afl.jpg} + \burl{https://upload.wikimedia.org/wikipedia/commons/0/08/Rabbit_american_fuzzy_lop_buck_white.jpg} + \vfill + } + \end{column} + \end{columns} + \footnotetext{\tiny{Brief introduction and a few demos:} + \burl{https://www.youtube.com/watch?v=dMmsPwkSqOc}} +\end{frame} + +\begin{frame} + \frametitle{Is fuzzing worth the effort? \titlefloatright{American Fuzzer Lop + (AFL)}} + \centering + \includegraphics[width=0.8\textwidth]{img/afl}\\ + \burl{http://lcamtuf.coredump.cx/afl/} + \vfill\normalsize\alert{And around 120 more projects!} +\end{frame} + +\begin{frame} + \frametitle{Use memory-safe programming languages} + \begin{columns} + \begin{column}{0.59\textwidth} + \vbox to 0.5\textheight{% + \textbf{Intuition:} \texttt{x[y] = z} should stop normal program + execution if \texttt{x} is non-array or \texttt{y} is out-of-range, + and you should not operate on raw memory addresses\footnotemark + \vfill + \only<2->{ + \textbf{Challenges:} + \begin{itemize} + \item You need low-level access to hardware + \item You inherit a large \texttt{C}/\texttt{C++} project + \item Someone must implement the core correctly + \end{itemize} + } + } + \end{column} + \begin{column}{0.39\textwidth} + \begin{tikzpicture} + \node[draw=none](first) at (0,0) {% + \includegraphics[height=2cm]{img/memory-safe/go} + \includegraphics[height=2cm]{img/memory-safe/rust} + }; + \node[draw=none, below =0pt of first] (second) {% + \includegraphics[height=1cm]{img/memory-safe/python} + }; + \node[draw=none, below =0pt of second] (third) {% + \includegraphics[height=1.5cm]{img/memory-safe/java} + }; + \coordinate(mycord) at ($ (first.east) !.5! (third.east) $); + \node[draw=none](fourth) at ($ (mycord) !.5! (third) $) {% + \hspace{2cm}\huge{\texttt{C\#}} + }; + \end{tikzpicture} + \end{column} + \end{columns} + \vfill + \centering + \begin{description} + \item<3->[\alert{What about performance?}] \alert{Is it a valid concern?} + \end{description} + \footnotetext{\tiny{If you want a more precise intuition:} + \burl{http://www.pl-enthusiast.net/2014/07/21/memory-safety/} + } +\end{frame} + +%\begin{frame} +% \frametitle{Take a deeper dive into buffer overflow vulnerabilities and +% defenses} +% \vfill +% \begin{columns} +% \begin{column}{0.33\textwidth} +% \centering +% \includegraphics[width=\textwidth]{img/mit1} +% \burl{https://www.youtube.com/watch?v=GqmQg-cszw4&list=PLUl4u3cNGP62K2DjQLRxDNRi0z2IRWnNh&index=1} +% \end{column} +% \begin{column}{0.33\textwidth} +% \centering +% \includegraphics[width=\textwidth]{img/mit2} +% \burl{https://www.youtube.com/watch?v=r4KjHEgg9Wg&index=2&list=PLUl4u3cNGP62K2DjQLRxDNRi0z2IRWnNh} +% \end{column} +% \begin{column}{0.33\textwidth} +% \centering +% \includegraphics[width=\textwidth]{img/mit3} +% \burl{https://www.youtube.com/watch?v=xSQxaie_h1o&index=3&list=PLUl4u3cNGP62K2DjQLRxDNRi0z2IRWnNh} +% \end{column} +% \end{columns} +% \vfill\centering\alert{Optional!} +%\end{frame} + +\begin{frame} + \frametitle{Summary} + \begin{columns} + \begin{column}{.59\textwidth} + \begin{itemize} + \item Weird machines + \item Over-read, over-write + \item Change program flow + \item Mitigation techniques + \item Tools and other options + \end{itemize} + \end{column} + \begin{column}{.49\textwidth} + \centering\includegraphics[width=\textwidth]{img/take-away} + \end{column} + \end{columns} + %\centering\includegraphics[height=0.8\textheight]{img/summary} +\end{frame} + +\begin{frame} + \frametitle{Assignment questions \titlefloatright{(1/3)}} + \alert{1.} Suppose that the code below is compiled as follows: + \texttt{gcc -Wall -Werror -std=c99 main.c}. Provide two \alert{integer + inputs} that will result in `unintended behaviour' and name what this + threat is called. Make assumptions if necessary. + % Assume int is 4 bytes. + % - Number 1: 1 + % - Number 2: 2147483647 // 2^31 - 1 + % => 1+2147483647 <= 10 + % (integer overflow) + \begin{columns} + \begin{column}{0.59\textwidth} + \lstinputlisting[style=CStyle]{sample/assignment-integer-overflow.c} + \end{column} + \begin{column}{0.39\textwidth} + \vbox to .65\textheight{ + \vfill + \alert{2.} Determine which compiler option could be used to ensure + that the program aborts if such unintended behaviour occurs. Does + this solution work for \texttt{unsigned int}s? Why (not)? \\ + % -ftrapv: abort if signed integer overflow. Does not work for + % unsigned since overflow is well-defined and in many cases intended. + \vfill + \alert{3.} What is the compliant way of adding two unsigned integers + according to CERT C standard? + % §5.1.1.2, page 133 (find link to CERT C pdf in the slides) + % unsigned int ui_b, ui_a, sum; + % if (UINT_MAX - ui_a < ui_b) { + % /* handle error condition */ + % } else { + % sum = ui_a + ui_b; + % } + \vfill + } + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Assignment questions \titlefloatright{(2/3)}} + \alert{4.} Suppose that the code below is compiled as follows: \texttt{gcc + -Wall -Werror -std=c99 -fno-stack-protector main.c}. Explain the steps + necessary to trigger the print statement. Make assumptions if necessary. + % Assume that secret is 4 bytes and on a higher address than buf. + % Exploit: python -c 'print "\xff"*12' | ./a.out + \begin{columns} + \begin{column}{0.59\textwidth} + \lstinputlisting[style=CStyle]{sample/assignment-buffer-overflow.c} + \end{column} + \begin{column}{0.39\textwidth} + \vbox to .65\textheight{ + \vfill + \alert{5.} How would you adapt your strategy if \texttt{SECRET} was set + to \texttt{0xff0a0dff}? Explain principles. + % If we try to enter this value gets() will stop since CRLF. Instead + % we would have to overwrite the return address so that the program + % jumps to gotcha(). + \vfill + \alert{6.} Which type of buffer overflow mitigation technique does the + new secret value remind you of? + % Terminator-based stack canary + \vfill + \alert{7.} Explain two other mitigation techniques that make it harder + to execute code in a buffer overflow. + % - Address randomization: every time program executes all addresses + % are changed based on a cryptographically secure PRNG + % - Non-executable memory: halt program if instruction pointer takes + % on a value that corresponds to memory that should not be executed + % + % In other words: both of these techniques try to make it hard for + % the attacker to specify a return address that does not cause a crash + } + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Assignment questions \titlefloatright{(3/3)}} + \vfill + \alert{8.} Attackers may use \texttt{nop}-sleds to increase the likelihood of + jumping to their shell-code. To defend against this a colleague of yours + suggested that all user input be filtered for repeated \texttt{nop} + instructions. How would you trivially bypass such a filtering mechanism? + % Use other dummy instructions that increment instruction pointer, e.g., + % add, sub, mul, and write results to dummy register (not important). + \vfill + \alert{9.} What is the difference between static and dynamic code analysis?\\ + % Static code analysis takes place _before_ a program is being executed. + % Conversely, dynamic code analysis examines what a program does at runtime. + \vfill + \alert{10.} Briefly explain the process of fuzzing a program: how does it work + and what is the goal? Name one fuzzer that found a buffer overflow + vulnerability in a TLS library. + % - How: supply lots and lots of funky input and see what happens; record + % errors % and examine in more detail later. + % - Goal: find untested cases that cause `unintended behaviour' + % - Example: American Fuzzy Lop (AFL) + \vfill + \alert{11.} Suppose that you are hired by a consultant company to work on a + brand new project. Explain the circumstances in which you would choose to + program in \texttt{C/C++}, and why you might choose a different programming + language in most other cases. + % C/C++: if low-level access to memory is _required_, i.e., there should + % be a very clear motivation why you must use C as opposed to Go,C#, ... + % Memory safe languages: would be chosen otherwise, since it is generally + % easier not to mess up the code. + \vfill +\end{frame} diff --git a/slides/2018-software-security/src/preamble.tex b/slides/2018-software-security/src/preamble.tex new file mode 100644 index 0000000..cd99ec4 --- /dev/null +++ b/slides/2018-software-security/src/preamble.tex @@ -0,0 +1,98 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{rotate} +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{pifont} +\usepackage{graphicx} +\usepackage{color} +\usepackage{drawstack} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + shapes,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +%\usepackage{floatrow} +%\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +\lstdefinestyle{CStyle}{ + backgroundcolor=\color{lightGray!25}, + commentstyle=\color{darkGreen}, + keywordstyle=\color{darkBlue}, + numberstyle=\tiny\color{darkRed}, + stringstyle=\color{darkPurple}, + basicstyle=\footnotesize, + breakatwhitespace=false, + breaklines=false, + captionpos=b, + keepspaces=true, + numbers=left, + numbersep=5pt, + showspaces=false, + showstringspaces=false, + showtabs=false, + tabsize=2, + language=C, + morekeywords={size_t}, +} + +%\setbeamertemplate{itemize item}[circle] +%\setbeamertemplate{itemize subitem}[default] +%\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\titlefloatright}[1]{\hspace{0pt plus 1 filll}#1$\;$} + +\def\rding{\rotatebox[origin=c]{-90}{\ding{224}}} diff --git a/slides/2018-software-security/src/questions.tex b/slides/2018-software-security/src/questions.tex new file mode 100644 index 0000000..85cb2f3 --- /dev/null +++ b/slides/2018-software-security/src/questions.tex @@ -0,0 +1,17 @@ +\begin{frame} + \frametitle{Any questions?} \label{frm:que} + \begin{columns} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/qleft} + \end{column} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/qright} + \end{column} + \end{columns} + + \centering + \vspace{-1cm} + \includegraphics[width=0.20\textwidth]{img/ty} +\end{frame} diff --git a/slides/2018-software-security/src/titlepage.tex b/slides/2018-software-security/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2018-software-security/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} diff --git a/slides/2019-ctga/README b/slides/2019-ctga/README new file mode 100644 index 0000000..a3ded55 --- /dev/null +++ b/slides/2019-ctga/README @@ -0,0 +1,2 @@ +10m version of aggregation-based CT gossip at SWITS. The full 30m presentation +from the paper's conference no longer compile so this one will have to do. diff --git a/slides/2019-ctga/beamercolorthemergd.sty b/slides/2019-ctga/beamercolorthemergd.sty new file mode 100644 index 0000000..74ced1c --- /dev/null +++ b/slides/2019-ctga/beamercolorthemergd.sty @@ -0,0 +1,24 @@ +\mode + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} + +\mode diff --git a/slides/2019-ctga/beamerfontthemergd.sty b/slides/2019-ctga/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2019-ctga/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode diff --git a/slides/2019-ctga/beamerinnerthemergd.sty b/slides/2019-ctga/beamerinnerthemergd.sty new file mode 100644 index 0000000..0d49176 --- /dev/null +++ b/slides/2019-ctga/beamerinnerthemergd.sty @@ -0,0 +1,43 @@ +\mode + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + % Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](Logo){\includegraphics[width=3cm]{img/logo}} + (current page.west) -- + (current page.north west); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add subtitle + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{subtitle}\insertsubtitle\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=12pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + \end{tikzpicture} +} + +\mode diff --git a/slides/2019-ctga/beamerouterthemergd.sty b/slides/2019-ctga/beamerouterthemergd.sty new file mode 100644 index 0000000..ba757c6 --- /dev/null +++ b/slides/2019-ctga/beamerouterthemergd.sty @@ -0,0 +1,66 @@ +\mode + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add mail + \begin{beamercolorbox}[ + wd=0.22\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{trailer} + \texttt{rasmus.dahlberg@kau.se} + \end{beamercolorbox}% + % Add author + \begin{beamercolorbox}[ + wd=0.73\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{header} + %\insertauthor + \inserttitle + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.05\paperwidth, + ht=2ex, + dp=0.5ex, + right, + rightskip=1ex + ]{header} + \insertframenumber/\inserttotalframenumber + \end{beamercolorbox}% + } +} + +\mode diff --git a/slides/2019-ctga/beamerthemergd.sty b/slides/2019-ctga/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2019-ctga/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode diff --git a/slides/2019-ctga/img/ct.png b/slides/2019-ctga/img/ct.png new file mode 100644 index 0000000..10267e7 Binary files /dev/null and b/slides/2019-ctga/img/ct.png differ diff --git a/slides/2019-ctga/img/design.pdf b/slides/2019-ctga/img/design.pdf new file mode 100644 index 0000000..3a9aba1 Binary files /dev/null and b/slides/2019-ctga/img/design.pdf differ diff --git a/slides/2019-ctga/img/logo.png b/slides/2019-ctga/img/logo.png new file mode 100755 index 0000000..0c7c885 Binary files /dev/null and b/slides/2019-ctga/img/logo.png differ diff --git a/slides/2019-ctga/img/perf-netfpga.pdf b/slides/2019-ctga/img/perf-netfpga.pdf new file mode 100644 index 0000000..17ee58d Binary files /dev/null and b/slides/2019-ctga/img/perf-netfpga.pdf differ diff --git a/slides/2019-ctga/img/perf-xdp.pdf b/slides/2019-ctga/img/perf-xdp.pdf new file mode 100644 index 0000000..a4dae27 Binary files /dev/null and b/slides/2019-ctga/img/perf-xdp.pdf differ diff --git a/slides/2019-ctga/img/pl.pdf b/slides/2019-ctga/img/pl.pdf new file mode 100644 index 0000000..a03d97f Binary files /dev/null and b/slides/2019-ctga/img/pl.pdf differ diff --git a/slides/2019-ctga/img/qleft.pdf b/slides/2019-ctga/img/qleft.pdf new file mode 100644 index 0000000..f35a078 Binary files /dev/null and b/slides/2019-ctga/img/qleft.pdf differ diff --git a/slides/2019-ctga/img/qright.pdf b/slides/2019-ctga/img/qright.pdf new file mode 100644 index 0000000..da2e8e3 Binary files /dev/null and b/slides/2019-ctga/img/qright.pdf differ diff --git a/slides/2019-ctga/img/roadmap.pdf b/slides/2019-ctga/img/roadmap.pdf new file mode 100644 index 0000000..867fb20 Binary files /dev/null and b/slides/2019-ctga/img/roadmap.pdf differ diff --git a/slides/2019-ctga/img/take-away.pdf b/slides/2019-ctga/img/take-away.pdf new file mode 100644 index 0000000..7d3b190 --- /dev/null +++ b/slides/2019-ctga/img/take-away.pdf @@ -0,0 +1,68 @@ +%PDF-1.4 +%µí®û +3 0 obj +<< /Length 4 0 R + /Filter /FlateDecode +>> +stream +xœmŒAÃ0"„‚ ŽýŒ>¡—¦‡äæÿRŸ#$–E³{’rÎã×Gy»àCš\ÅÆ`×Â;´ã»¨(dçUt€Ðè0fµ„-ÉÒTØ…¬ÕA7ïè TxÂ1f¯Õš;"£*¤4{È~éM7ä‘$ +endstream +endobj +4 0 obj + 118 +endobj +2 0 obj +<< + /ExtGState << + /a0 << /CA 1 /ca 1 >> + >> +>> +endobj +5 0 obj +<< /Type /Page + /Parent 1 0 R + /MediaBox [ 0 0 12.8 12.8 ] + /Contents 3 0 R + /Group << + /Type /Group + /S /Transparency + /I true + /CS /DeviceRGB + >> + /Resources 2 0 R +>> +endobj +1 0 obj +<< /Type /Pages + /Kids [ 5 0 R ] + /Count 1 +>> +endobj +6 0 obj +<< /Creator (cairo 1.14.0 (http://cairographics.org)) + /Producer (cairo 1.14.0 (http://cairographics.org)) +>> +endobj +7 0 obj +<< /Type /Catalog + /Pages 1 0 R +>> +endobj +xref +0 8 +0000000000 65535 f +0000000520 00000 n +0000000232 00000 n +0000000015 00000 n +0000000210 00000 n +0000000304 00000 n +0000000585 00000 n +0000000712 00000 n +trailer +<< /Size 8 + /Root 7 0 R + /Info 6 0 R +>> +startxref +764 +%%EOF diff --git a/slides/2019-ctga/img/ty.pdf b/slides/2019-ctga/img/ty.pdf new file mode 100644 index 0000000..9ad4dc8 Binary files /dev/null and b/slides/2019-ctga/img/ty.pdf differ diff --git a/slides/2019-ctga/img/wcov-goo.pdf b/slides/2019-ctga/img/wcov-goo.pdf new file mode 100644 index 0000000..73f77b6 Binary files /dev/null and b/slides/2019-ctga/img/wcov-goo.pdf differ diff --git a/slides/2019-ctga/img/wcov-nor.pdf b/slides/2019-ctga/img/wcov-nor.pdf new file mode 100644 index 0000000..e7d216d Binary files /dev/null and b/slides/2019-ctga/img/wcov-nor.pdf differ diff --git a/slides/2019-ctga/main.tex b/slides/2019-ctga/main.tex new file mode 100644 index 0000000..12a7fb2 --- /dev/null +++ b/slides/2019-ctga/main.tex @@ -0,0 +1,28 @@ +\pdfminorversion=4 +\documentclass[aspectratio=169]{beamer} +\usetheme{rgd} + +\input{src/preamble} + +\title{% + Aggregating Certificate Transparency Gossip Using Programmable Packet + Processors +} +%\subtitle{% +%} +\author{% + \textbf{Rasmus Dahlberg}, + Tobias Pulls, + Jonathan Vestin,\\ + Toke H{\o}iland-J{\o}rgensen, and + Andreas Kassler +} +\institute{% + Karlstad University +} +\date{% + \today +} +\begin{document} + \input{src/body} +\end{document} diff --git a/slides/2019-ctga/makefile b/slides/2019-ctga/makefile new file mode 100644 index 0000000..b42d0ec --- /dev/null +++ b/slides/2019-ctga/makefile @@ -0,0 +1,25 @@ +.PHONY: clean tidy open + +MAIN = main + +TEX_SRC = src/$(wildcard:.tex) +TEX_IMG = \ + img/$(wildcard:.jpg) \ + img/$(wildcard:.tex) \ + img/$(wildcard:.pdf) \ + img/$(wildcard:.png) +TEX = \ + $(TEX_SRC) $(TEX_IMG) $(MAIN).tex + +$(MAIN).pdf: $(TEX) + pdflatex $(MAIN) + @pdflatex $(MAIN) + +open: $(MAIN).pdf + okular $(MAIN).pdf & + +tidy: + rm -rf *.nav *.out *.log *.aux *.toc *.snm + +clean: + rm -rf *.nav *.out *.log *.aux *.toc *.snm $(MAIN).pdf diff --git a/slides/2019-ctga/slides.pdf b/slides/2019-ctga/slides.pdf new file mode 100644 index 0000000..b7e43d2 Binary files /dev/null and b/slides/2019-ctga/slides.pdf differ diff --git a/slides/2019-ctga/src/background.tex b/slides/2019-ctga/src/background.tex new file mode 100644 index 0000000..49d5e94 --- /dev/null +++ b/slides/2019-ctga/src/background.tex @@ -0,0 +1,21 @@ +\begin{frame} + \frametitle{Certificate Transparency---in short CT} + \centering + \begin{columns} + \begin{column}{0.45\textwidth} + \begin{itemize} + \item Goal is to detect mis-issuance + \item Publicly log all certificates + \item Clients require proof of logging + \end{itemize} + \end{column} + \begin{column}{0.55\textwidth} + \centering + \includegraphics[width=0.8\textwidth]{img/ct} + \scriptsize{\url{https://www.certificate-transparency.org/what-is-ct}} + \end{column} + \end{columns} + \pause + \vfill + \alert{How do you know if you see the same log?} +\end{frame} diff --git a/slides/2019-ctga/src/body.tex b/slides/2019-ctga/src/body.tex new file mode 100644 index 0000000..10c9342 --- /dev/null +++ b/slides/2019-ctga/src/body.tex @@ -0,0 +1,6 @@ +\input{src/titlepage} +%\input{src/outline} +\input{src/background} +\input{src/ctga} +\input{src/take-away} +\input{src/questions} diff --git a/slides/2019-ctga/src/ctga.tex b/slides/2019-ctga/src/ctga.tex new file mode 100644 index 0000000..326b009 --- /dev/null +++ b/slides/2019-ctga/src/ctga.tex @@ -0,0 +1,32 @@ +\begin{frame} + \frametitle{Overview---in-line aggregation and off-path verification} + \centering + \includegraphics[width=\textwidth]{img/design} + \pause + Security notion---aggregation indistinguishability + \pause\\ + Intended attacker---distant + \pause\\ + (Multi)path fragmentation + \pause\\ + Implementation? XDP, P4, ... +\end{frame} + +\begin{frame} + \frametitle{Performance and aggregation indistinguishability---XDP} + \centering + \includegraphics[height=0.8\textheight]{img/perf-xdp} +\end{frame} + +\begin{frame} + \frametitle{Performance and aggregation indistinguishability---P4} + \centering + \includegraphics[height=0.8\textheight]{img/perf-netfpga} +\end{frame} + +\begin{frame} + \frametitle{Network measurements---split-view protection against Google and NORDUnet} + \centering + \includegraphics[width=0.7\textwidth]{img/wcov-goo} + \includegraphics[width=0.7\textwidth]{img/wcov-nor} +\end{frame} diff --git a/slides/2019-ctga/src/outline.tex b/slides/2019-ctga/src/outline.tex new file mode 100644 index 0000000..55b4f9f --- /dev/null +++ b/slides/2019-ctga/src/outline.tex @@ -0,0 +1,17 @@ +\begin{frame} + \frametitle{Outline} + \begin{columns} + \begin{column}{0.39\textwidth} + \centering + \begin{enumerate} + \item Motivation + \item Overview + \item Evaluation + \item Take away + \end{enumerate} + \end{column} + \begin{column}{0.39\textwidth} + \includegraphics[width=0.6\textwidth]{img/roadmap} + \end{column} + \end{columns} +\end{frame} diff --git a/slides/2019-ctga/src/preamble.tex b/slides/2019-ctga/src/preamble.tex new file mode 100644 index 0000000..6905b0f --- /dev/null +++ b/slides/2019-ctga/src/preamble.tex @@ -0,0 +1,62 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{pifont} +\usepackage{graphicx} +\usepackage{color} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + shapes.misc,% + positioning,% + arrows,% + snakes,% + calc,% + shadows,% + shapes.arrows,% + fit,% + backgrounds,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +%\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +%\setbeamertemplate{itemize item}[circle] +%\setbeamertemplate{itemize subitem}[default] +%\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} diff --git a/slides/2019-ctga/src/questions.tex b/slides/2019-ctga/src/questions.tex new file mode 100644 index 0000000..85cb2f3 --- /dev/null +++ b/slides/2019-ctga/src/questions.tex @@ -0,0 +1,17 @@ +\begin{frame} + \frametitle{Any questions?} \label{frm:que} + \begin{columns} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/qleft} + \end{column} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/qright} + \end{column} + \end{columns} + + \centering + \vspace{-1cm} + \includegraphics[width=0.20\textwidth]{img/ty} +\end{frame} diff --git a/slides/2019-ctga/src/take-away.tex b/slides/2019-ctga/src/take-away.tex new file mode 100644 index 0000000..1368c75 --- /dev/null +++ b/slides/2019-ctga/src/take-away.tex @@ -0,0 +1,15 @@ +\begin{frame} + \frametitle{Take away} + \begin{columns} + \begin{column}{0.69\textwidth} + \begin{itemize} + \item Program the network to gossip `as a service' + \item Easily deployed, not much opt-in needed + \end{itemize} + \end{column} + \begin{column}{0.29\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/take-away} + \end{column} + \end{columns} +\end{frame} diff --git a/slides/2019-ctga/src/titlepage.tex b/slides/2019-ctga/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2019-ctga/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} diff --git a/slides/2019-it-intro-computer-structure/.gitignore b/slides/2019-it-intro-computer-structure/.gitignore new file mode 100644 index 0000000..4a7f033 --- /dev/null +++ b/slides/2019-it-intro-computer-structure/.gitignore @@ -0,0 +1,12 @@ +*.aux +*.fdb_latexmk +*.fls +*.fls +*.log +*.nav +*.out +main.pdf +*.snm +*.toc +*.nav +*.snm diff --git a/slides/2019-it-intro-computer-structure/README b/slides/2019-it-intro-computer-structure/README new file mode 100644 index 0000000..c562a38 --- /dev/null +++ b/slides/2019-it-intro-computer-structure/README @@ -0,0 +1 @@ +Lecture on computer structure in an introduction to IT course at kau. diff --git a/slides/2019-it-intro-computer-structure/beamercolorthemergd.sty b/slides/2019-it-intro-computer-structure/beamercolorthemergd.sty new file mode 100644 index 0000000..74ced1c --- /dev/null +++ b/slides/2019-it-intro-computer-structure/beamercolorthemergd.sty @@ -0,0 +1,24 @@ +\mode + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} + +\mode diff --git a/slides/2019-it-intro-computer-structure/beamerfontthemergd.sty b/slides/2019-it-intro-computer-structure/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2019-it-intro-computer-structure/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode diff --git a/slides/2019-it-intro-computer-structure/beamerinnerthemergd.sty b/slides/2019-it-intro-computer-structure/beamerinnerthemergd.sty new file mode 100644 index 0000000..0d49176 --- /dev/null +++ b/slides/2019-it-intro-computer-structure/beamerinnerthemergd.sty @@ -0,0 +1,43 @@ +\mode + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + % Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](Logo){\includegraphics[width=3cm]{img/logo}} + (current page.west) -- + (current page.north west); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add subtitle + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{subtitle}\insertsubtitle\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=12pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + \end{tikzpicture} +} + +\mode diff --git a/slides/2019-it-intro-computer-structure/beamerouterthemergd.sty b/slides/2019-it-intro-computer-structure/beamerouterthemergd.sty new file mode 100644 index 0000000..ba757c6 --- /dev/null +++ b/slides/2019-it-intro-computer-structure/beamerouterthemergd.sty @@ -0,0 +1,66 @@ +\mode + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add mail + \begin{beamercolorbox}[ + wd=0.22\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{trailer} + \texttt{rasmus.dahlberg@kau.se} + \end{beamercolorbox}% + % Add author + \begin{beamercolorbox}[ + wd=0.73\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{header} + %\insertauthor + \inserttitle + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.05\paperwidth, + ht=2ex, + dp=0.5ex, + right, + rightskip=1ex + ]{header} + \insertframenumber/\inserttotalframenumber + \end{beamercolorbox}% + } +} + +\mode diff --git a/slides/2019-it-intro-computer-structure/beamerthemergd.sty b/slides/2019-it-intro-computer-structure/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2019-it-intro-computer-structure/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode diff --git a/slides/2019-it-intro-computer-structure/handout.pdf b/slides/2019-it-intro-computer-structure/handout.pdf new file mode 100644 index 0000000..ec23377 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/handout.pdf differ diff --git a/slides/2019-it-intro-computer-structure/img/ascii.png b/slides/2019-it-intro-computer-structure/img/ascii.png new file mode 100644 index 0000000..e989951 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/ascii.png differ diff --git a/slides/2019-it-intro-computer-structure/img/audio-card.jpg b/slides/2019-it-intro-computer-structure/img/audio-card.jpg new file mode 100644 index 0000000..666d859 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/audio-card.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/binary-joke.jpg b/slides/2019-it-intro-computer-structure/img/binary-joke.jpg new file mode 100644 index 0000000..5e636ab Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/binary-joke.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/binary.jpg b/slides/2019-it-intro-computer-structure/img/binary.jpg new file mode 100644 index 0000000..0a1b06c Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/binary.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/build-pc.jpg b/slides/2019-it-intro-computer-structure/img/build-pc.jpg new file mode 100644 index 0000000..2c60e4f Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/build-pc.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/case1.png b/slides/2019-it-intro-computer-structure/img/case1.png new file mode 100644 index 0000000..82aa630 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/case1.png differ diff --git a/slides/2019-it-intro-computer-structure/img/case2.png b/slides/2019-it-intro-computer-structure/img/case2.png new file mode 100644 index 0000000..7f97fe4 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/case2.png differ diff --git a/slides/2019-it-intro-computer-structure/img/computers-everywhere.jpg b/slides/2019-it-intro-computer-structure/img/computers-everywhere.jpg new file mode 100644 index 0000000..79ddcee Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/computers-everywhere.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/cpu.png b/slides/2019-it-intro-computer-structure/img/cpu.png new file mode 100644 index 0000000..1e7340f Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/cpu.png differ diff --git a/slides/2019-it-intro-computer-structure/img/dp.jpeg b/slides/2019-it-intro-computer-structure/img/dp.jpeg new file mode 100644 index 0000000..b6087a7 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/dp.jpeg differ diff --git a/slides/2019-it-intro-computer-structure/img/graphics-card.jpg b/slides/2019-it-intro-computer-structure/img/graphics-card.jpg new file mode 100644 index 0000000..fc0da5e Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/graphics-card.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/group.pdf b/slides/2019-it-intro-computer-structure/img/group.pdf new file mode 100644 index 0000000..515c974 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/group.pdf differ diff --git a/slides/2019-it-intro-computer-structure/img/hdd.jpg b/slides/2019-it-intro-computer-structure/img/hdd.jpg new file mode 100644 index 0000000..3b59ac9 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/hdd.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/hdmi.jpg b/slides/2019-it-intro-computer-structure/img/hdmi.jpg new file mode 100644 index 0000000..8ef0ae9 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/hdmi.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/iphone.png b/slides/2019-it-intro-computer-structure/img/iphone.png new file mode 100644 index 0000000..70b82fd Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/iphone.png differ diff --git a/slides/2019-it-intro-computer-structure/img/light-bulb.pdf b/slides/2019-it-intro-computer-structure/img/light-bulb.pdf new file mode 100644 index 0000000..1801ee0 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/light-bulb.pdf differ diff --git a/slides/2019-it-intro-computer-structure/img/light-bulb.svg b/slides/2019-it-intro-computer-structure/img/light-bulb.svg new file mode 100644 index 0000000..e5d8813 --- /dev/null +++ b/slides/2019-it-intro-computer-structure/img/light-bulb.svg @@ -0,0 +1,619 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/slides/2019-it-intro-computer-structure/img/logo.png b/slides/2019-it-intro-computer-structure/img/logo.png new file mode 100755 index 0000000..0c7c885 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/logo.png differ diff --git a/slides/2019-it-intro-computer-structure/img/mbp.png b/slides/2019-it-intro-computer-structure/img/mbp.png new file mode 100644 index 0000000..f491eba Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/mbp.png differ diff --git a/slides/2019-it-intro-computer-structure/img/memory.tex b/slides/2019-it-intro-computer-structure/img/memory.tex new file mode 100644 index 0000000..b15dc92 --- /dev/null +++ b/slides/2019-it-intro-computer-structure/img/memory.tex @@ -0,0 +1,50 @@ +\begin{tikzpicture}[ mem/.style={ + draw=lightGray, + top color=lightGray, + bottom color=white, + rounded rectangle, + shading=axis, + minimum width=2cm, + }, + plain/.style={ + draw=none, + }, + arrow/.style={ + thick, + decoration={ + markings, + mark=at position 1 with {\arrow[semithick]{open triangle 60}} + }, + double distance=1.4pt, shorten >= 5.5pt, + preaction = {decorate}, + postaction = {draw,line width=1.4pt, white,shorten >= 4.5pt} + }, +] + \node at (0, 2) [mem] (hdd) {HDD}; + \node[below=12pt of hdd, mem] (ssd) {SSD}; + \node[below=12pt of ssd, mem] (ram) {RAM}; + \node[below=12pt of ram, mem] (cache) {Cache}; + \node[below=12pt of cache, mem] (register) {Register}; + + \node[left=6pt of hdd, plain] {TB}; + \node[left=6pt of ssd, plain] {GB}; + \node[left=6pt of ram, plain] {GB}; + \node[left=6pt of cache, plain] {MB}; + \node[left=6pt of register, plain] {bits}; + + \node[right=6pt of hdd, plain] {persistent}; + \node[right=6pt of ssd, plain] {persistent}; + \node[right=6pt of ram, plain] {volatile}; + \node[right=6pt of cache, plain] {volatile}; + \node[right=6pt of register, plain] {volatile}; + + \draw[arrow] + ($ (current bounding box.south west) + (-0.5,0) $) -- + (current bounding box.north west); + \draw[arrow] + ($ (current bounding box.north east) + (0.5,0) $) -- + (current bounding box.south east); + + \node[above=0pt of current bounding box.north west] {largest}; + \node[below=0pt of current bounding box.south east] {fastest}; +\end{tikzpicture} diff --git a/slides/2019-it-intro-computer-structure/img/moderkort.pdf b/slides/2019-it-intro-computer-structure/img/moderkort.pdf new file mode 100644 index 0000000..d9bdc30 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/moderkort.pdf differ diff --git a/slides/2019-it-intro-computer-structure/img/moores-law.png b/slides/2019-it-intro-computer-structure/img/moores-law.png new file mode 100644 index 0000000..74772df Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/moores-law.png differ diff --git a/slides/2019-it-intro-computer-structure/img/motherboard.jpg b/slides/2019-it-intro-computer-structure/img/motherboard.jpg new file mode 100644 index 0000000..b3ad2cf Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/motherboard.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/network-card.jpg b/slides/2019-it-intro-computer-structure/img/network-card.jpg new file mode 100644 index 0000000..93a4d21 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/network-card.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/new-motherboard.jpg b/slides/2019-it-intro-computer-structure/img/new-motherboard.jpg new file mode 100644 index 0000000..c2318d3 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/new-motherboard.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/new-motherboard2.jpg b/slides/2019-it-intro-computer-structure/img/new-motherboard2.jpg new file mode 100644 index 0000000..b55e065 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/new-motherboard2.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/pc-cat.jpg b/slides/2019-it-intro-computer-structure/img/pc-cat.jpg new file mode 100644 index 0000000..202ab4f Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/pc-cat.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/qleft.pdf b/slides/2019-it-intro-computer-structure/img/qleft.pdf new file mode 100644 index 0000000..f35a078 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/qleft.pdf differ diff --git a/slides/2019-it-intro-computer-structure/img/qright.pdf b/slides/2019-it-intro-computer-structure/img/qright.pdf new file mode 100644 index 0000000..da2e8e3 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/qright.pdf differ diff --git a/slides/2019-it-intro-computer-structure/img/ram.png b/slides/2019-it-intro-computer-structure/img/ram.png new file mode 100644 index 0000000..4ddd0d8 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/ram.png differ diff --git a/slides/2019-it-intro-computer-structure/img/raspberrypi.jpg b/slides/2019-it-intro-computer-structure/img/raspberrypi.jpg new file mode 100644 index 0000000..7e44705 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/raspberrypi.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/ssd.png b/slides/2019-it-intro-computer-structure/img/ssd.png new file mode 100644 index 0000000..10733c9 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/ssd.png differ diff --git a/slides/2019-it-intro-computer-structure/img/ty.pdf b/slides/2019-it-intro-computer-structure/img/ty.pdf new file mode 100644 index 0000000..9ad4dc8 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/ty.pdf differ diff --git a/slides/2019-it-intro-computer-structure/img/usb.jpg b/slides/2019-it-intro-computer-structure/img/usb.jpg new file mode 100644 index 0000000..5a6040f Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/usb.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/usb1.jpg b/slides/2019-it-intro-computer-structure/img/usb1.jpg new file mode 100644 index 0000000..1723b4f Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/usb1.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/usb2.jpg b/slides/2019-it-intro-computer-structure/img/usb2.jpg new file mode 100644 index 0000000..bef5497 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/usb2.jpg differ diff --git a/slides/2019-it-intro-computer-structure/img/video.png b/slides/2019-it-intro-computer-structure/img/video.png new file mode 100644 index 0000000..fd5f338 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/video.png differ diff --git a/slides/2019-it-intro-computer-structure/img/z3.jpg b/slides/2019-it-intro-computer-structure/img/z3.jpg new file mode 100644 index 0000000..be1f262 Binary files /dev/null and b/slides/2019-it-intro-computer-structure/img/z3.jpg differ diff --git a/slides/2019-it-intro-computer-structure/main.tex b/slides/2019-it-intro-computer-structure/main.tex new file mode 100644 index 0000000..50976fa --- /dev/null +++ b/slides/2019-it-intro-computer-structure/main.tex @@ -0,0 +1,26 @@ +\pdfminorversion=4 +\documentclass[aspectratio=169]{beamer} +%\documentclass[handout,aspectratio=169]{beamer} +\usetheme{rgd} + +\input{src/preamble} + +\title{% + Computer Structure +} +%\subtitle{% +%} +\author{% + Rasmus Dahlberg +} +\institute{% + Karlstad University +} +\date{% + \today +} +\begin{document} + \input{src/titlepage} + \input{src/body} + \input{src/questions} +\end{document} diff --git a/slides/2019-it-intro-computer-structure/slides.pdf b/slides/2019-it-intro-computer-structure/slides.pdf new file mode 100644 index 0000000..f95eadd Binary files /dev/null and b/slides/2019-it-intro-computer-structure/slides.pdf differ diff --git a/slides/2019-it-intro-computer-structure/src/body.tex b/slides/2019-it-intro-computer-structure/src/body.tex new file mode 100644 index 0000000..5f98f22 --- /dev/null +++ b/slides/2019-it-intro-computer-structure/src/body.tex @@ -0,0 +1,601 @@ +\begin{frame} + \frametitle{Motivation} + \begin{columns} + \begin{column}{0.59\linewidth} + \includegraphics[height=0.8\textheight]{img/computers-everywhere} + %\burl{http://images.slideplayer.com/26/8674558/slides/slide_3.jpg} + \end{column} + \begin{column}{0.39\linewidth} + \begin{itemize} + \item What can a computer do? + \item How do you choose one? + \end{itemize} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Learning outcome based on syllabus} + \begin{itemize} + \item Describe the components of a computer and their interaction + (ISGA01) + \item Give an account of the components of a computer and their + interaction (ISGA06) + \item Give an account of the components of a computer and how they interact + (ISGA90) + \end{itemize} + \vfill\centering + \smartdiagramset{ + sequence item height=1.75cm, + sequence item width=2.5cm, + sequence item text width = 2.4cm, + } + \smartdiagram[sequence diagram]{% + What is a computer?,% + How is information processed?,% + Hardware components and purpose?% + } +\end{frame} + +%\begin{frame} +% \frametitle{The first computers} +% %The first computer? Z3 by Konrad Zuse (Germany, 1941)} +% \begin{columns} +% \begin{column}{0.59\textwidth} +% \includegraphics[width=\textwidth]{img/z3} +% %\burl{https://www.livescience.com/20718-computer-history.html} +% \end{column} +% \begin{column}{0.39\textwidth} +% % Say but not in slide: +% % - Brief history of Zuse (it's a funny story) +% % - Z3 destroyed in world-war II, rebuild in 1960 and now in museum +% % - MUL -> 3s :) +% \begin{itemize} +% \item 2000 `brain cells' +% \item Program is a punched film\footnotemark +% \item Keyboard for input +% \item Lamps for output +% \end{itemize} +% Other: +% \begin{itemize} +% \item ENIAC (1946) +% \end{itemize} +% \end{column} +% \end{columns} +% \footnotetext[1]{\tiny{Play with punch cards: \burl{https://www.vintageisthenewold.com/living-like-the-pioneers-code-fortran-in-a-punch-card/}}} +%\end{frame} + +\begin{frame} + \frametitle{A typical computer} + \centering\includegraphics[width=0.7\textwidth]{img/binary} + %\burl{http://amusementpark3.blogspot.com/2010/10/blog-entry-41.html} +\end{frame} + +\begin{frame} + \frametitle{Current computer definitions in Swedish and English} + \begin{itemize} + \item Digital enhet f\"{o}r ber\"{a}kning, symbolbehandling och + kommunikation\footnote{% + \burl{https://www.ne.se/uppslagsverk/encyklopedi/l\%C3\%A5ng/dator} + } + \item An electronic device for storing and processing data, typically in + binary form, according to instructions given to it in a variable program% + \footnote{% + \burl{https://en.oxforddictionaries.com/definition/computer} + } + \item A computer is a device that can be instructed to carry out sequences + of arithmetic or logical operations automatically via computer + programming\footnote{% + \burl{https://en.wikipedia.org/wiki/Computer} + } + \end{itemize} +\end{frame} + +\begin{frame} + \frametitle{Information theory} + \begin{columns} + \begin{column}{0.79\textwidth} + \begin{itemize} + \item The smallest piece of information is binary + \item One `bit' represents a zero or a one + \item Example of sending a single bit? + \item Example of sending multiple bits? + % + \end{itemize} + \end{column} + \begin{column}{0.19\textwidth} + \centering\includegraphics[width=\textwidth]{img/light-bulb} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{What does this mean?} + \centering\Huge{\texttt{% + 01011001% + 01101111% + 01100100% + 01100001% + }} + \large\vfill\pause + \alert{Many different things...} + \vfill + \centering + \begin{itemize} + \item 32-bit unsigned integer: 1500472417 + \item 32-bit floating point: $4.21143045\cdot 10^{15}$ + \item Groups of 8 bits: 89,~111,~100,~97 + \begin{itemize} + \item Byte + \item Number between 0--255 (\alert{why?}) + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} + \frametitle{Information theory continued} + \begin{columns} + \begin{column}{0.49\textwidth} + Decimal numbers as we know them: + \begin{flalign*} + 107 &= + \textcolor{red}{1}\cdot100 + + \textcolor{red}{0}\cdot10 + + \textcolor{red}{7}\cdot1 \\ + &= + \textcolor{red}{1}\cdot\textcolor{blue}{10}^2 + + \textcolor{red}{0}\cdot\textcolor{blue}{10}^1 + + \textcolor{red}{7}\cdot\textcolor{blue}{10}^0 + \end{flalign*} + A position is associated with 0--9 \\ + A position is weighted by $10^i$, $i\geq0$\\ + This is known as base \textcolor{blue}{10} \\ + \vspace{1cm} + \pause + \alert{Why is this intuitive for us?} + \pause + \end{column} + \begin{column}{0.49\textwidth} + Binary numbers follow the same idea: + \begin{flalign*} + 1101 &= + \textcolor{red}{1}\cdot8 + + \textcolor{red}{1}\cdot4 + + \textcolor{red}{0}\cdot2 + + \textcolor{red}{1}\cdot1 \\ + &= + \textcolor{red}{1}\cdot\textcolor{blue}{2}^3 + + \textcolor{red}{1}\cdot\textcolor{blue}{2}^2 + + \textcolor{red}{0}\cdot\textcolor{blue}{2}^1 + + \textcolor{red}{1}\cdot\textcolor{blue}{2}^0 = 13 + \end{flalign*} + A position is associated with 0--1 \\ + A position is weighted by $2^i$, $i\geq0$\\ + This is known as base \textcolor{blue}{2} \\ + \vspace{1cm} + \pause + \alert{Why is this intuitive for a computer?} + \end{column} + \end{columns} + \centering + \vfill +\end{frame} + +\begin{frame} + \frametitle{Now you can proudly wear this T-shirt!} + \centering\includegraphics[height=0.8\textheight]{img/binary-joke} +\end{frame} + +\begin{frame} + \frametitle{Be aware of different unit systems} + \begin{columns} + \begin{column}{0.49\textwidth} + \begin{tabular}{ccc} + \toprule + \textbf{unit} & \textbf{abbreviation} & \textbf{meaning} \\ + \midrule + kilo & k & $10^3$ \\ + mega & M & $10^6$ \\ + giga & G & $10^9$ \\ + tera & T & $10^{12}$ \\ + \bottomrule + \end{tabular}\\ + \vspace{6pt} + (Decimal numbers as we know them) + \vfill + \end{column} + \begin{column}{0.49\textwidth} + \begin{tabular}{ccc} + \toprule + \textbf{unit} & \textbf{abbreviation} & \textbf{meaning} \\ + \midrule + kibi & Ki & $2^{10}$ \\ + mebi & Mi & $2^{20}$ \\ + gibi & Gi & $2^{30}$ \\ + tebi & Ti & $2^{40}$ \\ + \bottomrule + \end{tabular}\\ + \vspace{6pt} + (Binary numbers, note $2^{10}=1024$)\\ + \end{column} + \end{columns} + \pause + \vfill\centering + \alert{``I bought a 500~GB hard drive, but Windows says it is 465.7~GB?''} +\end{frame} + +\begin{frame} + \frametitle{Amercian Standard Code for Information Interchange} + \begin{columns} + \begin{column}{0.79\textwidth} + \centering\includegraphics[height=0.9\textheight]{img/ascii} + %\burl{https://simple.wikipedia.org/wiki/ASCII\#/media/File:ASCII-Table-wide.svg} + \end{column} + \begin{column}{0.24\textwidth} + \begin{itemize} + \item 89: Y + \item 111: o + \item 100: d + \item 97: a + \pause + \item \aa, \"{a}, \"{o}? + \begin{itemize} + \item UTF-8 + \item UTF-16 + \item UTF-32 + \end{itemize} + \end{itemize} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Divide yourself into small groups} + %% Name required (or optional) parts in a typical computer + \centering + \includegraphics[height=0.5\textheight]{img/group} + \\\Huge{Interactive exersice} +\end{frame} + +\begin{frame} + \frametitle{My office setup\footnote{\burl{https://www.dustinhome.se/favorites/index/9620211}}} + \begin{columns} + \begin{column}{0.49\textwidth} + Computer case containing: + \begin{itemize} + \item Central Processing Unit (CPU) + \item Random Access Memory (RAM) + \item Solid State Drive (SSD) + \item Hard drive (HDD) + \item Power Supply Unit (PSU) + \item Fan for CPU cooling + \item Motherboard + \end{itemize} + \end{column} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[height=0.4\textheight]{img/case1} + \includegraphics[height=0.4\textheight]{img/case2} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Central Processing Unit (CPU) \titlefloatright{`Processor'}} + \begin{columns} + \begin{column}{0.59\textwidth} + \begin{itemize} + \item Does most of the computing + \item Instruction set + \begin{itemize} + \item load + \item store + \item add + \item conditional jump + \item ... + \end{itemize} + \item Registers + \item Clock speed + \item Number of cores + \end{itemize} + \end{column} + \begin{column}{0.39\textwidth} + \centering + \includegraphics[width=\textwidth]{img/cpu} + Intel Core i7 7700K / 4.2~GHz processor LGA1151 Socket + \end{column} + \end{columns} + \vfill\pause\centering\alert{Is faster clock speed always better?} +\end{frame} + +\begin{frame} + \frametitle{Gordon Moore predicted the number of transitors on a dense + integrated circuit} + \begin{columns} + \begin{column}{0.59\textwidth} + \includegraphics[width=\textwidth]{img/moores-law} + \burl{https://en.wikipedia.org/wiki/Moore\%27s\_law\#/media/File:Moore\%27s\_Law\_Transistor\_Count\_1971-2016.png} + \end{column} + \begin{column}{0.49\textwidth} + \begin{itemize} + \item Moore's law + \begin{itemize} + \item 1965: doubles every year + \item 1975: doubles every two years + \item $\approx$2025: dead + \end{itemize} + \item David House + \begin{itemize} + \item 18 months $\rightarrow$ 2x performance + \end{itemize} + \end{itemize} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Different types of memory, all storing zeros and ones only!} + \begin{columns} + \begin{column}{0.49\textwidth} + \input{img/memory} + \end{column} + \begin{column}{0.49\textwidth} + \begin{itemize} + \item HDD: `h\aa{}rddisk' + \item SSD: `typ en h\aa{}rddisk' + \item RAM: `internminne eller arbetsminne' + \item Cache: on and nearby the CPU + \item Register: on the CPU + \end{itemize} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Different types of memory continued} + \begin{columns} + \begin{column}{0.33\textwidth} + \centering + HDD \\ + \includegraphics[width=\textwidth]{img/hdd}\\ + WD Blue 4TB 3.5" Serial ATA-600 \\ + \end{column} + \begin{column}{0.33\textwidth} + \centering + SSD \\ + \includegraphics[width=\textwidth]{img/ssd} \\ + Crucial MX500 500GB Serial ATA-600 \\ + \end{column} + \begin{column}{0.33\textwidth} + \centering + RAM \\ + \includegraphics[width=\textwidth]{img/ram} \\ + CORSAIR V LPX 32GB (2X16) DDR4 2400MHZ \\ + \end{column} + \end{columns} + \vspace{1cm} + + \pause + \begin{columns} + \begin{column}{0.49\textwidth} + \begin{itemize} + % biggest different is no moving vs moving parts + % # most important from my point of view + % - life time: no moving parts -> survive longer + % - speed: no moving parts -> less work to do stuff + % - price per GB: ssd much more expensive due to underlying tech + % # important depending on use-case + % - noise (ssd < hdd) + % - temperature (ssd < hdd) + % - energy consumption (ssd < hdd) + % - weight (ssd < hdd) + % + % See more at: https://www.netonnet.se/Content/Info/ssd + \item Trade-offs between SSD and HDD? + \end{itemize} + \end{column} + \begin{column}{0.49\textwidth} + \begin{itemize} + % Depends on your use-case! + \item How much RAM do you need? + \end{itemize} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Motherboard (or, the thing everything is attached to) + \titlefloatright{`Moderkort'}} + % ATX power connector: this is where you connect PSU + % IDE connector: for hard drive, dvd, etc (newer: SATA) + % North bridge or `memory controller': controls transfers between CPU + % and RAM; hence it is nearby both of these components + % South bridge or `input/output controller': manages controllers between + % peripheral devices. + % The term `bridge' is generally used when connecting two buses + % Dynamic Vs Static ram -> has to do with underlying tech; static is + % faster but more expensive + % CMOS Backup battery: to remember important stuff while shutdown, e.g., + % BIOS settings and date. + % AGP slot: for some graphic cards (legacy, nowadays PCI) + % PCI slots: attach various extension cards here (i.e., daughter boards), + % e.g., network, audio, and graphic cards + \begin{columns} + \begin{column}{0.69\textwidth} + \centering\includegraphics[width=\textwidth]{img/motherboard} + \end{column} + \begin{column}{0.29\textwidth} + Contains at least: + \begin{itemize} + \item Processor slot + \item Memory slot + \item Connectors, e.g., + \begin{itemize} + \item Power + \item SATA + \item SCSI + \item ... + \end{itemize} + \item Control circuits + \begin{itemize} + \item BIOS + \item Cache + \item ... + \end{itemize} + \end{itemize} + \end{column} + \end{columns} + \pause + \vfill + \centering\alert{What should you think about when you buy hardware?} + % BIOS: Basic Input Output System + % - the first software to run when a computer is started + % - identifies and configures hardware, e.g., hard drive, CPU, memory, etc. + % - instructs the computer how to perform a number basic operations, e.g., + % controlling the keyboard and booting the OS. +\end{frame} + +\begin{frame} + \frametitle{A newer motherboard: ASUS PRIME Z370-P \titlefloatright{Manual\footnote{% + \burl{https://www.asus.com/us/Motherboards/PRIME-Z370-P/HelpDesk\_Manual/} + }}} + \centering\includegraphics[height=0.85\textheight]{img/new-motherboard2} +\end{frame} + +\begin{frame} + \frametitle{A newer motherboard continued} + \centering\includegraphics[height=0.85\textheight]{img/moderkort} +\end{frame} + +\begin{frame} + \frametitle{Expantion cards usually use PCI(e)\titlefloatright{`Instickskort'}} + \begin{columns} + \begin{column}{0.33\textwidth} + \hfill + \centering + % - It's common with 2000+ cores + % - It has its own dedicated RAM (e.g., 8GB) + % - Not so general purpose as a CPU, but it's good at what it does... + % - Fun with GPUs? Cryptocurrency mining and password cracking! + \alert{Graphics card} for complex math, geometry, and coloring + (`grafikkort') + \includegraphics[height=0.4\textheight]{img/graphics-card} + %\burl{https://www.techpowerup.com/img/16-12-20/917a7803f315.jpg}\\ + \end{column} + \begin{column}{0.33\textwidth} + \hfill + \centering + \alert{Audio card} for enhanced sound experiences + (`ljudkort') + \includegraphics[height=0.4\textheight]{img/audio-card} + %\burl{https://images-na.ssl-images-amazon.com/images/I/411rdurQRkL.jpg} + \end{column} + \begin{column}{0.33\textwidth} + \hfill + \centering + % For special needs, e.g., WiFi or 10GBit/s Ethernet + \alert{Network card} for data exchange over a computer network + (`n\"{a}tverkskort') + \includegraphics[height=0.4\textheight]{img/network-card} + \end{column} + \end{columns} + \pause + \vspace{0.5cm} + \centering\alert{Is my office setup without graphics, sound, and Internet?!} +\end{frame} + +\begin{frame} + \frametitle{A few common external connectors} + \begin{columns} + \begin{column}{0.49\textwidth} + \vbox to 0.8\textwidth{% + \centering + \alert{USB}\vspace{6pt}\\ + \includegraphics[width=0.8\textwidth]{img/usb1} + \includegraphics[width=0.8\textwidth]{img/usb2} + %\burl{https://www.bhphotovideo.com/explora/amp/computers/tips-and-solutions/thunderbolt-3-usb-31-usb-type-c-making-sense-connections} + \vfill + External HDD and devices + } + \end{column} + \begin{column}{0.49\textwidth} + \vbox to 0.8\textwidth{% + \begin{columns} + \begin{column}{0.49\textwidth} + \centering\alert{HDMI}\vspace{6pt}\\ + \includegraphics[height=0.3\textheight]{img/hdmi} + \end{column} + \begin{column}{0.49\textwidth} + \centering\alert{DP}\vspace{6pt}\\ + \includegraphics[height=0.3\textheight]{img/dp} + \end{column} + \end{columns} + \centering\vfill + Mainly video and audio + } + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{You will find the same basic components in every computer---Raspberry Pi} + \begin{columns} + \begin{column}{0.69\textwidth} + \centering\includegraphics[height=0.8\textheight]{img/raspberrypi}\\ + \burl{https://www.raspberrypi.org/} + \end{column} + \begin{column}{0.29\textwidth} + All components are embedded on a SoC: + \begin{itemize} + \item CPU + \item Memory + \item Connectors + \item Control circuits + \end{itemize} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{You will find the same basic components in every computer---MBP} + \centering\includegraphics[height=0.8\textheight]{img/mbp} + \burl{https://www.ifixit.com/Teardown/MacBook+Pro+15-Inch+Touch+Bar+Teardown/73395} +\end{frame} + + +\begin{frame} + \frametitle{You will find the same basic components in every computer---iPhone} + \centering\includegraphics[height=0.8\textheight]{img/iphone} + \burl{https://www.ifixit.com/Teardown/iPhone+5s+Teardown/17383} +\end{frame} + +\begin{frame} + \frametitle{In the labs you will (de)assemble a computer} + \begin{columns} + \begin{column}{0.59\textwidth} + \centering\includegraphics[width=\textwidth]{img/build-pc} + %\burl{https://cdn.fstoppers.com/styles/large-16-9/s3/lead/2017/05/best\_pc\_build\_for\_adobe\_premiere.jpg} + \end{column} + \begin{column}{0.39\textwidth} + \begin{itemize} + \item Be grounded + \item Be ``stern but fair'' + \item Be careful with cables + \begin{itemize} + \item Jank? No... + \item Pull? Gently! + \item Wiggle? If you must! + \end{itemize} + \item Attach in the right direction + \item Avoid touching circuit boards + \item Ask if you need help + \end{itemize} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Nervous? Prepare yourself by watching a computer being built} + \centering\includegraphics[height=0.8\textheight]{img/video} + \burl{https://www.youtube.com/watch?v=0bUghCx9iso} +\end{frame} diff --git a/slides/2019-it-intro-computer-structure/src/preamble.tex b/slides/2019-it-intro-computer-structure/src/preamble.tex new file mode 100644 index 0000000..e91df78 --- /dev/null +++ b/slides/2019-it-intro-computer-structure/src/preamble.tex @@ -0,0 +1,72 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{pifont} +\usepackage{graphicx} +\usepackage{color} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +\usepackage{floatrow} +%\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +%\setbeamertemplate{itemize item}[circle] +%\setbeamertemplate{itemize subitem}[default] +%\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\titlefloatright}[1]{\hspace{0pt plus 1 filll}#1} diff --git a/slides/2019-it-intro-computer-structure/src/questions.tex b/slides/2019-it-intro-computer-structure/src/questions.tex new file mode 100644 index 0000000..85cb2f3 --- /dev/null +++ b/slides/2019-it-intro-computer-structure/src/questions.tex @@ -0,0 +1,17 @@ +\begin{frame} + \frametitle{Any questions?} \label{frm:que} + \begin{columns} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/qleft} + \end{column} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/qright} + \end{column} + \end{columns} + + \centering + \vspace{-1cm} + \includegraphics[width=0.20\textwidth]{img/ty} +\end{frame} diff --git a/slides/2019-it-intro-computer-structure/src/titlepage.tex b/slides/2019-it-intro-computer-structure/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2019-it-intro-computer-structure/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} diff --git a/slides/2019-it-intro-computer-systems/.gitignore b/slides/2019-it-intro-computer-systems/.gitignore new file mode 100644 index 0000000..4a7f033 --- /dev/null +++ b/slides/2019-it-intro-computer-systems/.gitignore @@ -0,0 +1,12 @@ +*.aux +*.fdb_latexmk +*.fls +*.fls +*.log +*.nav +*.out +main.pdf +*.snm +*.toc +*.nav +*.snm diff --git a/slides/2019-it-intro-computer-systems/NOTE b/slides/2019-it-intro-computer-systems/NOTE new file mode 100644 index 0000000..cd9ac06 --- /dev/null +++ b/slides/2019-it-intro-computer-systems/NOTE @@ -0,0 +1,2 @@ +- Few more slides would be good here, or shrink down so that +computer fundamentals + computer systems -> 3h works too. diff --git a/slides/2019-it-intro-computer-systems/README b/slides/2019-it-intro-computer-systems/README new file mode 100644 index 0000000..68a8dc7 --- /dev/null +++ b/slides/2019-it-intro-computer-systems/README @@ -0,0 +1 @@ +Lecture on computer systems in an introduction to IT course at kau. diff --git a/slides/2019-it-intro-computer-systems/beamercolorthemergd.sty b/slides/2019-it-intro-computer-systems/beamercolorthemergd.sty new file mode 100644 index 0000000..74ced1c --- /dev/null +++ b/slides/2019-it-intro-computer-systems/beamercolorthemergd.sty @@ -0,0 +1,24 @@ +\mode + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} + +\mode diff --git a/slides/2019-it-intro-computer-systems/beamerfontthemergd.sty b/slides/2019-it-intro-computer-systems/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2019-it-intro-computer-systems/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode diff --git a/slides/2019-it-intro-computer-systems/beamerinnerthemergd.sty b/slides/2019-it-intro-computer-systems/beamerinnerthemergd.sty new file mode 100644 index 0000000..0d49176 --- /dev/null +++ b/slides/2019-it-intro-computer-systems/beamerinnerthemergd.sty @@ -0,0 +1,43 @@ +\mode + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + % Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](Logo){\includegraphics[width=3cm]{img/logo}} + (current page.west) -- + (current page.north west); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add subtitle + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{subtitle}\insertsubtitle\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=12pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + \end{tikzpicture} +} + +\mode diff --git a/slides/2019-it-intro-computer-systems/beamerouterthemergd.sty b/slides/2019-it-intro-computer-systems/beamerouterthemergd.sty new file mode 100644 index 0000000..ba757c6 --- /dev/null +++ b/slides/2019-it-intro-computer-systems/beamerouterthemergd.sty @@ -0,0 +1,66 @@ +\mode + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add mail + \begin{beamercolorbox}[ + wd=0.22\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{trailer} + \texttt{rasmus.dahlberg@kau.se} + \end{beamercolorbox}% + % Add author + \begin{beamercolorbox}[ + wd=0.73\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{header} + %\insertauthor + \inserttitle + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.05\paperwidth, + ht=2ex, + dp=0.5ex, + right, + rightskip=1ex + ]{header} + \insertframenumber/\inserttotalframenumber + \end{beamercolorbox}% + } +} + +\mode diff --git a/slides/2019-it-intro-computer-systems/beamerthemergd.sty b/slides/2019-it-intro-computer-systems/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2019-it-intro-computer-systems/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode diff --git a/slides/2019-it-intro-computer-systems/handout.pdf b/slides/2019-it-intro-computer-systems/handout.pdf new file mode 100644 index 0000000..945325c Binary files /dev/null and b/slides/2019-it-intro-computer-systems/handout.pdf differ diff --git a/slides/2019-it-intro-computer-systems/img/apps.jpg b/slides/2019-it-intro-computer-systems/img/apps.jpg new file mode 100644 index 0000000..1f41651 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/apps.jpg differ diff --git a/slides/2019-it-intro-computer-systems/img/apps2.jpg b/slides/2019-it-intro-computer-systems/img/apps2.jpg new file mode 100644 index 0000000..f6f7173 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/apps2.jpg differ diff --git a/slides/2019-it-intro-computer-systems/img/aws.png b/slides/2019-it-intro-computer-systems/img/aws.png new file mode 100644 index 0000000..ac9b4c3 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/aws.png differ diff --git a/slides/2019-it-intro-computer-systems/img/binary.jpg b/slides/2019-it-intro-computer-systems/img/binary.jpg new file mode 100644 index 0000000..5e636ab Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/binary.jpg differ diff --git a/slides/2019-it-intro-computer-systems/img/computer-system.tex b/slides/2019-it-intro-computer-systems/img/computer-system.tex new file mode 100644 index 0000000..7966868 --- /dev/null +++ b/slides/2019-it-intro-computer-systems/img/computer-system.tex @@ -0,0 +1,42 @@ +\begin{tikzpicture}[ + -latex, + entity/.style = { + draw=lightGray, + top color=lightGray, + bottom color=white, + rectangle, + shading=axis, + minimum width=2cm, + }, + nop/.style = { + draw=none, + }, + frame/.style = { + draw, + -, + dashed, + thick, + rounded corners, + }, + label/.style = { + draw=none, + }, +] + % Software and hardware + \node[entity] (hardware) at (0,0) {hardware}; + \node[entity, above=12pt of hardware] (software) {software}; + \node[nop] at ($ (software) !.5! (hardware) $) {+}; + \coordinate (l) at ($ (current bounding box.west) + (-0.5, 0 ) $); + \coordinate (r) at ($ (current bounding box.east) + ( 0.5, 0 ) $); + \coordinate (b) at ($ (current bounding box.south) + ( 0, -0.5) $); + \coordinate (t) at ($ (current bounding box.north) + ( 0, 0.5) $); + \path[frame] + (l) |- (t) + node[label,below]{computer system} -| + (r) |- (b) -| (l); + + % User and data + \node[nop, above=of t] (user) {\includegraphics[width=1cm]{img/user}}; + \node[nop, above=-10pt of user] {user}; + \draw[latex-latex] (user) -- node[label,right]{data} ($ (t) + (0, 0.25) $); +\end{tikzpicture} diff --git a/slides/2019-it-intro-computer-systems/img/data.pdf b/slides/2019-it-intro-computer-systems/img/data.pdf new file mode 100644 index 0000000..5426fba Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/data.pdf differ diff --git a/slides/2019-it-intro-computer-systems/img/driver.png b/slides/2019-it-intro-computer-systems/img/driver.png new file mode 100644 index 0000000..de83586 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/driver.png differ diff --git a/slides/2019-it-intro-computer-systems/img/ethernet.jpg b/slides/2019-it-intro-computer-systems/img/ethernet.jpg new file mode 100644 index 0000000..1168bd1 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/ethernet.jpg differ diff --git a/slides/2019-it-intro-computer-systems/img/gce.png b/slides/2019-it-intro-computer-systems/img/gce.png new file mode 100644 index 0000000..a4249e5 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/gce.png differ diff --git a/slides/2019-it-intro-computer-systems/img/google.png b/slides/2019-it-intro-computer-systems/img/google.png new file mode 100644 index 0000000..4f0a30d Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/google.png differ diff --git a/slides/2019-it-intro-computer-systems/img/group.pdf b/slides/2019-it-intro-computer-systems/img/group.pdf new file mode 100644 index 0000000..515c974 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/group.pdf differ diff --git a/slides/2019-it-intro-computer-systems/img/hdd.jpg b/slides/2019-it-intro-computer-systems/img/hdd.jpg new file mode 100644 index 0000000..3b59ac9 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/hdd.jpg differ diff --git a/slides/2019-it-intro-computer-systems/img/headphones.jpg b/slides/2019-it-intro-computer-systems/img/headphones.jpg new file mode 100644 index 0000000..44ff4d2 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/headphones.jpg differ diff --git a/slides/2019-it-intro-computer-systems/img/icloud.png b/slides/2019-it-intro-computer-systems/img/icloud.png new file mode 100644 index 0000000..774875d Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/icloud.png differ diff --git a/slides/2019-it-intro-computer-systems/img/ict.jpg b/slides/2019-it-intro-computer-systems/img/ict.jpg new file mode 100644 index 0000000..250c673 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/ict.jpg differ diff --git a/slides/2019-it-intro-computer-systems/img/internet.png b/slides/2019-it-intro-computer-systems/img/internet.png new file mode 100644 index 0000000..e5e9f27 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/internet.png differ diff --git a/slides/2019-it-intro-computer-systems/img/kbuss.png b/slides/2019-it-intro-computer-systems/img/kbuss.png new file mode 100644 index 0000000..8f0b122 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/kbuss.png differ diff --git a/slides/2019-it-intro-computer-systems/img/keyboard.jpeg b/slides/2019-it-intro-computer-systems/img/keyboard.jpeg new file mode 100644 index 0000000..734034e Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/keyboard.jpeg differ diff --git a/slides/2019-it-intro-computer-systems/img/know-it-all.tex b/slides/2019-it-intro-computer-systems/img/know-it-all.tex new file mode 100644 index 0000000..c2e44fa --- /dev/null +++ b/slides/2019-it-intro-computer-systems/img/know-it-all.tex @@ -0,0 +1,57 @@ +\newcommand{\twolines}[2]{\begin{tabular}{c}#1\\#2\end{tabular}} +\scalebox{0.8}{ + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw=lightGray, + thick, + ellipse, + minimum height=1.75cm, + top color = lightGray, + bottom color = white, + }, + plain/.style = { + draw=none, + }, + arrow/.style = { + draw = black, + -triangle 90,line width=1mm, + postaction={draw, line width=0.1cm, shorten >=0.1cm, -}, + }, + cs/.style = { + draw=lightGray, + thick, + cloud, + cloud puffs = 15.7, + cloud ignores aspect, + }, + ] + \node[entity] (vlsi) at (0,0) {Electronics}; + \node[entity, right=of vlsi] (hwa) {\twolines{Hardware}{architecture}}; + \node[entity, right=of hwa] (si) {\twolines{Software}{infrastructure}}; + \node[entity, right=of si] (as) {\twolines{Software}{development}}; + + \path[arrow] (vlsi) -- (hwa); + \path[arrow] (hwa) -- (si); + \path[arrow] (si) -- (as); + + \coordinate(l) at ($ (vlsi) !.5! (hwa) $); + \coordinate(m) at ($ (hwa) !.5! (si) $); + \coordinate(r) at ($ (si) !.5! (as) $); + + \pause + \node[plain, text=darkGreen, above=of l] {Computer parts}; + \pause + \node[plain, text=darkBlue, below=of m] {Hardware-software relation}; + \pause + \node[plain, text=darkRed, above=of r] {Programming and software engineering}; + + \pause + \node[cs, above=1cm of si] {% + \begin{tabular}{c} + Networking, security, and\\ + distributed computing + \end{tabular} + }; + \end{tikzpicture} +} diff --git a/slides/2019-it-intro-computer-systems/img/layered.tex b/slides/2019-it-intro-computer-systems/img/layered.tex new file mode 100644 index 0000000..565753f --- /dev/null +++ b/slides/2019-it-intro-computer-systems/img/layered.tex @@ -0,0 +1,29 @@ +\begin{tikzpicture}[ + entity/.style = { + draw=lightGray!30, + rounded rectangle, + minimum width=5cm, + minimum height=0.75cm, + bottom color = black!75, + text = white, + thick, + }, + arrow/.style = { + draw = darkOrange, + -triangle 90,line width=1mm, + postaction={draw, line width=0.1cm, shorten >=0.1cm, -}, + } +] +\node[entity, top color = darkBlue] (user) at (0,0) {user}; +\node[entity, top color = darkPurple, below=of user] (app) {application software}; +\node[entity, top color = darkGreen, below=of app] (sys) {system software}; +\node[entity, top color = darkRed, below=of sys] (hw) {hardware}; + +\path[arrow] (user.330) -- (app.30); +\path[arrow] (app.330) -- (sys.30); +\path[arrow] (sys.330) -- (hw.30); + +\path[arrow] (hw.150) -- (sys.210); +\path[arrow] (sys.150) -- (app.210); +\path[arrow] (app.150) -- (user.210); +\end{tikzpicture} diff --git a/slides/2019-it-intro-computer-systems/img/logo.png b/slides/2019-it-intro-computer-systems/img/logo.png new file mode 100755 index 0000000..0c7c885 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/logo.png differ diff --git a/slides/2019-it-intro-computer-systems/img/mcloud.png b/slides/2019-it-intro-computer-systems/img/mcloud.png new file mode 100644 index 0000000..3960700 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/mcloud.png differ diff --git a/slides/2019-it-intro-computer-systems/img/monitor.jpg b/slides/2019-it-intro-computer-systems/img/monitor.jpg new file mode 100644 index 0000000..5796969 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/monitor.jpg differ diff --git a/slides/2019-it-intro-computer-systems/img/mouse.png b/slides/2019-it-intro-computer-systems/img/mouse.png new file mode 100644 index 0000000..ec60d01 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/mouse.png differ diff --git a/slides/2019-it-intro-computer-systems/img/mouseclick.pdf b/slides/2019-it-intro-computer-systems/img/mouseclick.pdf new file mode 100644 index 0000000..09e9871 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/mouseclick.pdf differ diff --git a/slides/2019-it-intro-computer-systems/img/nop.jpg b/slides/2019-it-intro-computer-systems/img/nop.jpg new file mode 100644 index 0000000..2d8c1b7 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/nop.jpg differ diff --git a/slides/2019-it-intro-computer-systems/img/os.png b/slides/2019-it-intro-computer-systems/img/os.png new file mode 100644 index 0000000..5f93900 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/os.png differ diff --git a/slides/2019-it-intro-computer-systems/img/performance.tex b/slides/2019-it-intro-computer-systems/img/performance.tex new file mode 100644 index 0000000..5f4e816 --- /dev/null +++ b/slides/2019-it-intro-computer-systems/img/performance.tex @@ -0,0 +1,20 @@ +\begin{tikzpicture}[ + arrow/.style = { + draw, + -latex, + }, + plain/.style = { + draw=none, + } +] + \coordinate(o) at (0,0); + \coordinate(y) at (0,4); + \coordinate(x) at (6,0); + + \coordinate(c1) at (0.5,0.5); + \coordinate(c2) at (5.5,3); + + \path[arrow] (o) -- node[plain, below, pos=0.9]{time} (x); + \path[arrow] (o) -- node[plain, above, pos=1]{performance} (y); + \path[arrow] (c1) -- (c2); +\end{tikzpicture} diff --git a/slides/2019-it-intro-computer-systems/img/qleft.pdf b/slides/2019-it-intro-computer-systems/img/qleft.pdf new file mode 100644 index 0000000..f35a078 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/qleft.pdf differ diff --git a/slides/2019-it-intro-computer-systems/img/qright.pdf b/slides/2019-it-intro-computer-systems/img/qright.pdf new file mode 100644 index 0000000..da2e8e3 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/qright.pdf differ diff --git a/slides/2019-it-intro-computer-systems/img/radio-tower.pdf b/slides/2019-it-intro-computer-systems/img/radio-tower.pdf new file mode 100644 index 0000000..c38118f Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/radio-tower.pdf differ diff --git a/slides/2019-it-intro-computer-systems/img/reality.jpg b/slides/2019-it-intro-computer-systems/img/reality.jpg new file mode 100644 index 0000000..91e414a Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/reality.jpg differ diff --git a/slides/2019-it-intro-computer-systems/img/sensor.jpg b/slides/2019-it-intro-computer-systems/img/sensor.jpg new file mode 100644 index 0000000..7c54558 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/sensor.jpg differ diff --git a/slides/2019-it-intro-computer-systems/img/ssd.png b/slides/2019-it-intro-computer-systems/img/ssd.png new file mode 100644 index 0000000..10733c9 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/ssd.png differ diff --git a/slides/2019-it-intro-computer-systems/img/systems.tex b/slides/2019-it-intro-computer-systems/img/systems.tex new file mode 100644 index 0000000..d1be691 --- /dev/null +++ b/slides/2019-it-intro-computer-systems/img/systems.tex @@ -0,0 +1,27 @@ +\begin{tikzpicture}[ + plain/.style = { + draw=none, + }, + fill opacity = 0.5, +] + \coordinate(first) at (0,0); + \coordinate(second) at (45:2cm); + \coordinate(third) at (0:2cm); + + % CS, IS, and ICT circles + \fill[red] (first) circle (1.5cm); + \fill[green] (second) circle (1.5cm); + \fill[blue] (third) circle (1.5cm); + + % CS, IS, and ICT labels + \node[plain, below=0pt of first] (CS) {CS}; + \node[plain, above=0pt of second] (IS) {IS}; + \node[plain, below=0pt of third] (ICT) {ICT}; + + % IT intersection between CS and IS + \clip (first) circle (1.5cm); + \fill[white, fill opacity=0.75] (second) circle (1.5cm); + + % IT label + \node[plain] at ($ (CS) !.5! (IS) $) {IT}; +\end{tikzpicture} diff --git a/slides/2019-it-intro-computer-systems/img/traffic-light.png b/slides/2019-it-intro-computer-systems/img/traffic-light.png new file mode 100644 index 0000000..2b9a2de Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/traffic-light.png differ diff --git a/slides/2019-it-intro-computer-systems/img/trends.tex b/slides/2019-it-intro-computer-systems/img/trends.tex new file mode 100644 index 0000000..7dea798 --- /dev/null +++ b/slides/2019-it-intro-computer-systems/img/trends.tex @@ -0,0 +1,47 @@ +\begin{tikzpicture}[ + arrow/.style = { + draw, + -latex, + }, + plain/.style = { + draw=none, + } +] + \coordinate(o) at (0,0); + \coordinate(y) at (0,4); + \coordinate(x) at (6,0); + + \coordinate(c1) at (0.5,0.5); + \coordinate(c2) at (2.5,2.5); + \coordinate(c3) at (3.5,2.5); + \coordinate(c4) at (5.5,0.5); + + \path[arrow] + (o) -- + node[plain, below, pos=0.9]{time} + (x); + \path[arrow] + (o) -- + node[plain, pos=0.2, left]{% + \begin{tabular}{c} + thin\\ + clients + \end{tabular} + } + node[plain, pos=0.8, left]{% + \begin{tabular}{c} + thick\\ + clients + \end{tabular} + } + (y); + + \path[arrow] + (c1) -- + node[plain, sloped, above]{faster computers} + (c2); + \path[arrow] + (c3) -- + node[plain, sloped, above]{faster network} + (c4); +\end{tikzpicture} diff --git a/slides/2019-it-intro-computer-systems/img/tv-controller.jpg b/slides/2019-it-intro-computer-systems/img/tv-controller.jpg new file mode 100644 index 0000000..5b6d02e Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/tv-controller.jpg differ diff --git a/slides/2019-it-intro-computer-systems/img/ty.pdf b/slides/2019-it-intro-computer-systems/img/ty.pdf new file mode 100644 index 0000000..9ad4dc8 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/ty.pdf differ diff --git a/slides/2019-it-intro-computer-systems/img/user.pdf b/slides/2019-it-intro-computer-systems/img/user.pdf new file mode 100644 index 0000000..51ee41d Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/user.pdf differ diff --git a/slides/2019-it-intro-computer-systems/img/z3.jpg b/slides/2019-it-intro-computer-systems/img/z3.jpg new file mode 100644 index 0000000..be1f262 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/img/z3.jpg differ diff --git a/slides/2019-it-intro-computer-systems/main.tex b/slides/2019-it-intro-computer-systems/main.tex new file mode 100644 index 0000000..7f1f318 --- /dev/null +++ b/slides/2019-it-intro-computer-systems/main.tex @@ -0,0 +1,26 @@ +\pdfminorversion=4 +\documentclass[aspectratio=169]{beamer} +%\documentclass[handout,aspectratio=169]{beamer} +\usetheme{rgd} + +\input{src/preamble} + +\title{% + Computer Systems +} +%\subtitle{% +%} +\author{% + Rasmus Dahlberg +} +\institute{% + Karlstad University +} +\date{% + \today +} +\begin{document} + \input{src/titlepage} + \input{src/body} + \input{src/questions} +\end{document} diff --git a/slides/2019-it-intro-computer-systems/slides.pdf b/slides/2019-it-intro-computer-systems/slides.pdf new file mode 100644 index 0000000..cc9c299 Binary files /dev/null and b/slides/2019-it-intro-computer-systems/slides.pdf differ diff --git a/slides/2019-it-intro-computer-systems/src/body.tex b/slides/2019-it-intro-computer-systems/src/body.tex new file mode 100644 index 0000000..2bdb372 --- /dev/null +++ b/slides/2019-it-intro-computer-systems/src/body.tex @@ -0,0 +1,430 @@ +\begin{frame} + \frametitle{Recall computers (or, last lecture in TL;DR format)} + \begin{columns} + \begin{column}{0.79\textwidth} + \begin{itemize} + \item A digital computing device that stores and processes data, + typically in binary form, according to arithmetic and locical + instructions given to it in a variable program + \item Binary data is `easy' to store and process digitally + \item Examples that we can express data as we know it in binary + \begin{itemize} + \item Converting between base 10 and base 2 + \item ASCII + \item Unicode + \end{itemize} + \item Hardware that composes a basic computer + \begin{itemize} + \item Processor + \item Memory + \item I/O devices + \item ... + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.29\textwidth} + \centering\includegraphics[width=\textwidth]{img/binary} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Learning outcome based on syllabus} + \begin{itemize} + \item Describe the role of software in relation to the hardware + (ISGA01) + \item Describe the relation of the software to the hardware + (ISGA06) + \item Describe the role of software in relation to the hardware + (ISGA90) + \end{itemize} + \vfill\centering + \smartdiagramset{ + sequence item height=1.75cm, + sequence item width=2.5cm, + sequence item text width = 2.4cm, + } + \smartdiagram[sequence diagram]{% + What is a computer system?,% + Hardware software relation,% + Trends and related systems% + } +\end{frame} + +\begin{frame} + \frametitle{Q: What is a computer system? \titlefloatright{A: Hardware + software}} + \begin{itemize} + \item Ett datorsystem \"{a}r ett system av h\aa{}rdvara och mjukvara som + behandlar data p\aa{} ett meningsfullt s\"{a}tt\footnote{% + \burl{https://sv.wikipedia.org/wiki/Datorsystem} + } + \begin{columns} + \begin{column}{0.49\textwidth} + \begin{description} + \item[\tno] mjukvara + \item[\tno] h\aa{}rdvara + \item[?] meningsfullt + \end{description} + \end{column} + \begin{column}{0.49\textwidth} + \begin{description} + \item[\tyes] programvara + \item[\tyes] maskinvara + \item[?] TBC + \end{description} + \end{column} + \end{columns} + \item Dator(er) med ansluten \textbf{maskinvara}, se dator. Ordet + anv\"{a}nds ibland synonymt med databehandlingssystem, vilket + d\"{a}rut\"{o}ver omfattar \textbf{programvara} samt eventuell + organisation f\"{o}r databehandling\footnote{% + \burl{https://www.ne.se/uppslagsverk/encyklopedi/l\%C3\%A5ng/datorsystem} + } + \end{itemize} +\end{frame} + +\begin{frame} + \frametitle{Meaningful? Need combination of hardware, software, user, and + data\footnote{% + \tiny{Some define computer systems like this, see for example:} \burl{https://en.wikipedia.org/wiki/Category:Computer\_systems} + } + } + \begin{columns} + \begin{column}{0.59\textwidth} + \begin{itemize} + \item \textbf{Hardware} refers to physical components + \item \textbf{Software} refers to programs that instruct the hardware + what to do step-by-step + \item \textbf{Data} is supplied and interpreted by a \textbf{user} + \end{itemize} + \end{column} + \begin{column}{0.39\textwidth} + \vfill\centering + \input{img/computer-system} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Computer systems are layered to increase usability} + \begin{columns} + \begin{column}{0.59\textwidth} + \begin{itemize} + \item Users use input and output devices to interact with application + software (data exchange) + \item Application software relies on system software while providing + functionality + \item System software coordinates the hardware + \end{itemize} + \end{column} + \begin{column}{0.39\textwidth} + \centering\input{img/layered} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Users and application software exchange data via input and output + devices} + \begin{columns} + \begin{column}{0.33\textwidth} + \centering\includegraphics[height=0.25\textheight]{img/monitor} + \centering\includegraphics[height=0.25\textheight]{img/keyboard} + \centering\includegraphics[height=0.25\textheight]{img/mouse} + \centering\includegraphics[height=0.25\textheight]{img/headphones} + \end{column} + \begin{column}{0.33\textwidth} + \centering\includegraphics[height=0.25\textheight]{img/radio-tower}\\ + \centering\includegraphics[height=0.25\textheight]{img/ethernet}\\ + \centering\includegraphics[height=0.25\textheight]{img/hdd} + \end{column} + \begin{column}{0.33\textwidth} + \centering\includegraphics[height=0.25\textheight]{img/sensor} + \centering\includegraphics[height=0.25\textheight]{img/traffic-light}\\ + \vspace{12pt} + \centering\includegraphics[height=0.4\textheight]{img/kbuss} + \end{column} + \end{columns} +\end{frame} + +% more on what an application is next lecture +\begin{frame} + \frametitle{Application software helps a user perform a given task} + \centering\includegraphics[height=0.8\textheight]{img/apps2}\\ +\end{frame} + +\begin{frame} + \frametitle{System software provides a platform that application software + relies on} + \begin{columns} + \begin{column}{0.49\textwidth} + \centering\includegraphics[height=0.35\textheight]{img/os} + \begin{itemize} + \item Operating system software + \begin{itemize} + \item Program execution + \item Interrupts + \item System calls + \item ... + \end{itemize} + \item Drivers + \begin{itemize} + \item Bridge between OS and hardware + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.49\textwidth} + \centering\includegraphics[height=0.35\textheight]{img/driver} + \begin{itemize} + \item Firmware + \begin{itemize} + \item Persistently stored program for low-level hardware control + \item Found on most components + \item Recall BIOS on the motherboard + \end{itemize} + \item Window management software + \item ... + \end{itemize} + \vfill + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Actual hardware finally stores and processes data} + \centering + \begin{tikzpicture}[ + entity/.style = { + draw, + rectangle, + minimum width=3cm, + minimum height=1cm, + top color = lightGray, + bottom color = white, + }, + arrow/.style = { + draw, + }, + ] + \node[entity] (Memory) at (0,0) {Memory}; + \node[entity, right=of Memory] (Processor) {Processor}; + \node[entity, right=of Processor] (IO) {IO devices}; + + \path[draw, ultra thick] + ($ (Memory) + (0,-2.1) $) -- + node[label, below]{Internal communication and coordination via buses} + ($ (IO) + (0,-2.1) $); + + \path[arrow, latex-latex] ($ (Memory.south) + (0,-0.1) $) -- ($ (Memory) + (0,-2) $); + \path[arrow, latex-latex] ($ (Processor.south) + (0,-0.1) $) -- ($ (Processor) + (0,-2) $); + \path[arrow, latex-latex] ($ (IO.south) + (0,-0.1) $) -- ($ (IO) + (0,-2) $); + + \end{tikzpicture} +\end{frame} + +\begin{frame} + \frametitle{Doh! The more you know, the more you know you don't know} + \centering\input{img/know-it-all} +\end{frame} + +\begin{frame} + \frametitle{But we can still say something about the hardware-software + relation} + \centering + \begin{tabular}{ccc} + \textbf{Hardware} & \textbf{Software} & \textbf{Outcome} \\ + \toprule + \tno & \tno & - \\ + \tno & \tyes & useless \\ + \tyes & \tno & unusable \\ + \tyes & \tyes & usable \\ + \bottomrule + \end{tabular} + \pause + \vfill\alert{System software abstracts the hardware away, thereby making it + easier to use} +\end{frame} + +\begin{frame} + \frametitle{Example: what happens on a mouse click?} + \begin{columns} + \begin{column}{0.89\textwidth} + \begin{enumerate} + \item A user provides input data by clicking the mouse + \item The click creates contact with electrical components in the mouse + \item The mouse creates an interrupt signal on the bus: + `I have data to send' + \item The interrupt signal eventually gets CPU priority + \begin{itemize} + \item Stop current task + \item Load and execute driver routine + \item Clear interrupt siginal + \item Context switch back to previous task + \end{itemize} + \end{enumerate} + \end{column} + \begin{column}{0.09\textwidth} + \centering\includegraphics[width=\textwidth]{img/mouseclick} + \end{column} + \end{columns} + \pause + \vfill\alert{Similar: what happens when you press a button on your keyboard?} +\end{frame} + +\begin{frame} + \frametitle{Example: PlayStation 4 is a computer system} + \centering + \includegraphics[height=0.5\textheight]{img/group} + \\\Huge{Interactive demo + whiteboard} +\end{frame} + +\begin{frame} + \frametitle{Trends of computer systems} + \begin{columns} + \begin{column}{0.39\textwidth} + \begin{itemize} + \item Thick client + \item Thin client + \item Outsourced computing + \end{itemize} + \end{column} + \begin{column}{0.59\textwidth} + \centering\input{img/trends} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Major players that provide cloud services \titlefloatright{+ some + gossip!!}} + \includegraphics[height=0.2263\textheight]{img/mcloud} + \includegraphics[height=0.2263\textheight]{img/icloud} + \includegraphics[height=0.33\textheight]{img/aws} + \includegraphics[height=0.33\textheight]{img/gce} + \begin{columns} + \begin{column}{0.25\textwidth} + \begin{itemize} + \item Microsoft + \end{itemize} + \end{column} + \begin{column}{0.25\textwidth} + \begin{itemize} + \item Apple + \end{itemize} + \end{column} + \begin{column}{0.25\textwidth} + \begin{itemize} + \item Amazon + \end{itemize} + \end{column} + \begin{column}{0.25\textwidth} + \begin{itemize} + \item Google + \end{itemize} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Trends of computer systems continued} + \begin{columns} + \begin{column}{0.39\textwidth} + Performance metrics: + \begin{itemize} + \item MIPS + \item MFLOPS + \item Bandwidth + \item Execution time + \item SPEC\footnotemark + \item ... + \end{itemize} + \end{column} + \begin{column}{0.59\textwidth} + \centering\input{img/performance} + \end{column} + \end{columns} + \vfill + \pause + \centering + \alert{Cause and effect?} + \pause + \alert{Hardware improves, software demands more...} + + \footnotetext[4]{% + \tiny{Details for those that are interested:} + \burl{https://www.spec.org/} + } +\end{frame} + +\begin{frame} + \frametitle{Systems that are closely related to computers? CS, IS, IT and ICT} + \begin{columns} + \begin{column}{0.49\textwidth} + \begin{itemize} + \item Information System (IS): the study of complementary networks that + people and organizations use to collect, filter, process, create, and + distribute data + \item Computer System (CS): subset of IS + \item Information Technology (IT): CS + everything around it in an + enterprise + \item Information Technology and Communication (ICT): IT + telecom% + \footnotemark + \end{itemize} + \end{column} + \begin{column}{0.49\textwidth} + \centering\includegraphics[width=\textwidth]{img/ict} + \alert{Figure that depicts these relations?} + \end{column} + \end{columns} + \footnotetext[5]{\tiny{The transmission of data using different types of + techniques and mediums, e.g., Ethernet and WiFi.}} + \pause + \vfill\centering\alert{Be warned: these definitions are no exact science...} +\end{frame} + +\begin{frame} + \frametitle{Given the status quo of Internet...difference between IT and ICT?} + \begin{columns} + \begin{column}{0.59\textwidth} + % Only briefly, forward ref to telecom lecture + Internet is a network of networks: + \begin{itemize} + \item `Nuts and bolt' + \item Protocol stack + \end{itemize} + \only<2>{\vspace{18pt}\centering\alert{Name an IT system without + telecommunication?}} + \end{column} + \begin{column}{0.39\textwidth} + \centering\includegraphics[height=0.8\textheight]{img/internet} + \end{column} + \end{columns} +\end{frame} + +% Focus on the stuff related to this lecture, not networking +% + show in browser links where they can read more +\begin{frame} + \frametitle{Example: what happens when you enter google.com in your browser + software?} + \includegraphics[height=0.8\textheight]{img/google} +\end{frame} + +% backup slide if too fast +\begin{frame} + \frametitle{Computer systems: present and future?} + \begin{columns} + \begin{column}{0.49\textwidth} + \begin{itemize} + \item Reality + \item Internet of things + \item Artificial intelligence + \item Anarchy + \item Monopolism + \item Opportunity contra risk + \end{itemize} + \end{column} + \begin{column}{0.49\textwidth} + \includegraphics[width=\textwidth]{img/reality} + \end{column} + \end{columns} +\end{frame} diff --git a/slides/2019-it-intro-computer-systems/src/preamble.tex b/slides/2019-it-intro-computer-systems/src/preamble.tex new file mode 100644 index 0000000..1ef1078 --- /dev/null +++ b/slides/2019-it-intro-computer-systems/src/preamble.tex @@ -0,0 +1,73 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{pifont} +\usepackage{graphicx} +\usepackage{color} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + shapes,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +\usepackage{floatrow} +%\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +%\setbeamertemplate{itemize item}[circle] +%\setbeamertemplate{itemize subitem}[default] +%\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\titlefloatright}[1]{\hspace{0pt plus 1 filll}#1$\;$} diff --git a/slides/2019-it-intro-computer-systems/src/questions.tex b/slides/2019-it-intro-computer-systems/src/questions.tex new file mode 100644 index 0000000..85cb2f3 --- /dev/null +++ b/slides/2019-it-intro-computer-systems/src/questions.tex @@ -0,0 +1,17 @@ +\begin{frame} + \frametitle{Any questions?} \label{frm:que} + \begin{columns} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/qleft} + \end{column} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/qright} + \end{column} + \end{columns} + + \centering + \vspace{-1cm} + \includegraphics[width=0.20\textwidth]{img/ty} +\end{frame} diff --git a/slides/2019-it-intro-computer-systems/src/titlepage.tex b/slides/2019-it-intro-computer-systems/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2019-it-intro-computer-systems/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} diff --git a/slides/2019-it-intro-scrum/.gitignore b/slides/2019-it-intro-scrum/.gitignore new file mode 100644 index 0000000..4a7f033 --- /dev/null +++ b/slides/2019-it-intro-scrum/.gitignore @@ -0,0 +1,12 @@ +*.aux +*.fdb_latexmk +*.fls +*.fls +*.log +*.nav +*.out +main.pdf +*.snm +*.toc +*.nav +*.snm diff --git a/slides/2019-it-intro-scrum/README b/slides/2019-it-intro-scrum/README new file mode 100644 index 0000000..211af0c --- /dev/null +++ b/slides/2019-it-intro-scrum/README @@ -0,0 +1 @@ +Lecture on scrum in an introduction to IT course at kau. diff --git a/slides/2019-it-intro-scrum/beamercolorthemergd.sty b/slides/2019-it-intro-scrum/beamercolorthemergd.sty new file mode 100644 index 0000000..74ced1c --- /dev/null +++ b/slides/2019-it-intro-scrum/beamercolorthemergd.sty @@ -0,0 +1,24 @@ +\mode + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} + +\mode diff --git a/slides/2019-it-intro-scrum/beamerfontthemergd.sty b/slides/2019-it-intro-scrum/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2019-it-intro-scrum/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode diff --git a/slides/2019-it-intro-scrum/beamerinnerthemergd.sty b/slides/2019-it-intro-scrum/beamerinnerthemergd.sty new file mode 100644 index 0000000..0d49176 --- /dev/null +++ b/slides/2019-it-intro-scrum/beamerinnerthemergd.sty @@ -0,0 +1,43 @@ +\mode + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + % Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](Logo){\includegraphics[width=3cm]{img/logo}} + (current page.west) -- + (current page.north west); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add subtitle + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{subtitle}\insertsubtitle\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=12pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + \end{tikzpicture} +} + +\mode diff --git a/slides/2019-it-intro-scrum/beamerouterthemergd.sty b/slides/2019-it-intro-scrum/beamerouterthemergd.sty new file mode 100644 index 0000000..ba757c6 --- /dev/null +++ b/slides/2019-it-intro-scrum/beamerouterthemergd.sty @@ -0,0 +1,66 @@ +\mode + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add mail + \begin{beamercolorbox}[ + wd=0.22\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{trailer} + \texttt{rasmus.dahlberg@kau.se} + \end{beamercolorbox}% + % Add author + \begin{beamercolorbox}[ + wd=0.73\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{header} + %\insertauthor + \inserttitle + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.05\paperwidth, + ht=2ex, + dp=0.5ex, + right, + rightskip=1ex + ]{header} + \insertframenumber/\inserttotalframenumber + \end{beamercolorbox}% + } +} + +\mode diff --git a/slides/2019-it-intro-scrum/beamerthemergd.sty b/slides/2019-it-intro-scrum/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2019-it-intro-scrum/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode diff --git a/slides/2019-it-intro-scrum/handout.pdf b/slides/2019-it-intro-scrum/handout.pdf new file mode 100644 index 0000000..90cee2b Binary files /dev/null and b/slides/2019-it-intro-scrum/handout.pdf differ diff --git a/slides/2019-it-intro-scrum/img/agile-manifesto.png b/slides/2019-it-intro-scrum/img/agile-manifesto.png new file mode 100644 index 0000000..fab3c57 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/agile-manifesto.png differ diff --git a/slides/2019-it-intro-scrum/img/board.png b/slides/2019-it-intro-scrum/img/board.png new file mode 100644 index 0000000..a5c6386 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/board.png differ diff --git a/slides/2019-it-intro-scrum/img/burnout.jpg b/slides/2019-it-intro-scrum/img/burnout.jpg new file mode 100644 index 0000000..7ef2b29 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/burnout.jpg differ diff --git a/slides/2019-it-intro-scrum/img/cmp.png b/slides/2019-it-intro-scrum/img/cmp.png new file mode 100644 index 0000000..867c6a9 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/cmp.png differ diff --git a/slides/2019-it-intro-scrum/img/debt.jpg b/slides/2019-it-intro-scrum/img/debt.jpg new file mode 100644 index 0000000..99c7daa Binary files /dev/null and b/slides/2019-it-intro-scrum/img/debt.jpg differ diff --git a/slides/2019-it-intro-scrum/img/demo.png b/slides/2019-it-intro-scrum/img/demo.png new file mode 100644 index 0000000..03a10fc Binary files /dev/null and b/slides/2019-it-intro-scrum/img/demo.png differ diff --git a/slides/2019-it-intro-scrum/img/done.jpg b/slides/2019-it-intro-scrum/img/done.jpg new file mode 100644 index 0000000..9c10b79 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/done.jpg differ diff --git a/slides/2019-it-intro-scrum/img/esi.tex b/slides/2019-it-intro-scrum/img/esi.tex new file mode 100644 index 0000000..9ba5699 --- /dev/null +++ b/slides/2019-it-intro-scrum/img/esi.tex @@ -0,0 +1,16 @@ +\begin{tikzpicture} + \path[draw=lightGray, thick, shading=axis, top color=lightGray, bottom color=white] + (0,0) -- + node[sloped, anchor=center, below]{% + Estimate + } + (3,0) -- + node[sloped, anchor=center, above]{% + Scope + } + (1.5, 2) -- + node[sloped, anchor=center, above]{% + Importance + } + (0, 0); +\end{tikzpicture} diff --git a/slides/2019-it-intro-scrum/img/henke.png b/slides/2019-it-intro-scrum/img/henke.png new file mode 100644 index 0000000..8b549d7 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/henke.png differ diff --git a/slides/2019-it-intro-scrum/img/hurry.jpg b/slides/2019-it-intro-scrum/img/hurry.jpg new file mode 100644 index 0000000..9d22f9a Binary files /dev/null and b/slides/2019-it-intro-scrum/img/hurry.jpg differ diff --git a/slides/2019-it-intro-scrum/img/iterative.png b/slides/2019-it-intro-scrum/img/iterative.png new file mode 100644 index 0000000..5458170 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/iterative.png differ diff --git a/slides/2019-it-intro-scrum/img/logo.png b/slides/2019-it-intro-scrum/img/logo.png new file mode 100755 index 0000000..0c7c885 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/logo.png differ diff --git a/slides/2019-it-intro-scrum/img/manifesto.png b/slides/2019-it-intro-scrum/img/manifesto.png new file mode 100644 index 0000000..aca874b Binary files /dev/null and b/slides/2019-it-intro-scrum/img/manifesto.png differ diff --git a/slides/2019-it-intro-scrum/img/one-it.png b/slides/2019-it-intro-scrum/img/one-it.png new file mode 100644 index 0000000..1eb13d3 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/one-it.png differ diff --git a/slides/2019-it-intro-scrum/img/poker.png b/slides/2019-it-intro-scrum/img/poker.png new file mode 100644 index 0000000..af601eb Binary files /dev/null and b/slides/2019-it-intro-scrum/img/poker.png differ diff --git a/slides/2019-it-intro-scrum/img/qleft.pdf b/slides/2019-it-intro-scrum/img/qleft.pdf new file mode 100644 index 0000000..f35a078 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/qleft.pdf differ diff --git a/slides/2019-it-intro-scrum/img/qright.pdf b/slides/2019-it-intro-scrum/img/qright.pdf new file mode 100644 index 0000000..da2e8e3 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/qright.pdf differ diff --git a/slides/2019-it-intro-scrum/img/reality.jpg b/slides/2019-it-intro-scrum/img/reality.jpg new file mode 100644 index 0000000..81ed269 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/reality.jpg differ diff --git a/slides/2019-it-intro-scrum/img/retrospective.png b/slides/2019-it-intro-scrum/img/retrospective.png new file mode 100644 index 0000000..ef8afeb Binary files /dev/null and b/slides/2019-it-intro-scrum/img/retrospective.png differ diff --git a/slides/2019-it-intro-scrum/img/scrum-10m.png b/slides/2019-it-intro-scrum/img/scrum-10m.png new file mode 100644 index 0000000..fb97492 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/scrum-10m.png differ diff --git a/slides/2019-it-intro-scrum/img/scrum-1m.png b/slides/2019-it-intro-scrum/img/scrum-1m.png new file mode 100644 index 0000000..5f394ed Binary files /dev/null and b/slides/2019-it-intro-scrum/img/scrum-1m.png differ diff --git a/slides/2019-it-intro-scrum/img/scrum-2m.png b/slides/2019-it-intro-scrum/img/scrum-2m.png new file mode 100644 index 0000000..f7f469f Binary files /dev/null and b/slides/2019-it-intro-scrum/img/scrum-2m.png differ diff --git a/slides/2019-it-intro-scrum/img/scrum-and-xp.png b/slides/2019-it-intro-scrum/img/scrum-and-xp.png new file mode 100644 index 0000000..1208a53 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/scrum-and-xp.png differ diff --git a/slides/2019-it-intro-scrum/img/scrum-and-xp2.png b/slides/2019-it-intro-scrum/img/scrum-and-xp2.png new file mode 100644 index 0000000..4286a4b Binary files /dev/null and b/slides/2019-it-intro-scrum/img/scrum-and-xp2.png differ diff --git a/slides/2019-it-intro-scrum/img/scrum-guide.png b/slides/2019-it-intro-scrum/img/scrum-guide.png new file mode 100644 index 0000000..2872add Binary files /dev/null and b/slides/2019-it-intro-scrum/img/scrum-guide.png differ diff --git a/slides/2019-it-intro-scrum/img/scrum-overview.png b/slides/2019-it-intro-scrum/img/scrum-overview.png new file mode 100644 index 0000000..9cd195f Binary files /dev/null and b/slides/2019-it-intro-scrum/img/scrum-overview.png differ diff --git a/slides/2019-it-intro-scrum/img/scrum-whole.jpg b/slides/2019-it-intro-scrum/img/scrum-whole.jpg new file mode 100644 index 0000000..cbb5f13 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/scrum-whole.jpg differ diff --git a/slides/2019-it-intro-scrum/img/tia.png b/slides/2019-it-intro-scrum/img/tia.png new file mode 100644 index 0000000..e6db0c2 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/tia.png differ diff --git a/slides/2019-it-intro-scrum/img/timeline.png b/slides/2019-it-intro-scrum/img/timeline.png new file mode 100644 index 0000000..dc113a0 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/timeline.png differ diff --git a/slides/2019-it-intro-scrum/img/ty.pdf b/slides/2019-it-intro-scrum/img/ty.pdf new file mode 100644 index 0000000..9ad4dc8 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/ty.pdf differ diff --git a/slides/2019-it-intro-scrum/img/works.png b/slides/2019-it-intro-scrum/img/works.png new file mode 100644 index 0000000..fd97362 Binary files /dev/null and b/slides/2019-it-intro-scrum/img/works.png differ diff --git a/slides/2019-it-intro-scrum/main.tex b/slides/2019-it-intro-scrum/main.tex new file mode 100644 index 0000000..8ea9910 --- /dev/null +++ b/slides/2019-it-intro-scrum/main.tex @@ -0,0 +1,27 @@ +\pdfminorversion=4 +\documentclass[aspectratio=169]{beamer} +%\documentclass[handout,aspectratio=169]{beamer} +\usetheme{rgd} +\usepackage[swedish]{babel} + +\input{src/preamble} + +\title{% + Software Development Part II---Scrum +} +%\subtitle{% +%} +\author{% + \textbf{Rasmus Dahlberg}, Eivind J.\ Nordby, Martin Blom, and Tobias Pulls +} +\institute{% + Karlstad University +} +\date{% + \today +} +\begin{document} + \input{src/titlepage} + \input{src/body} + \input{src/questions} +\end{document} diff --git a/slides/2019-it-intro-scrum/slides.pdf b/slides/2019-it-intro-scrum/slides.pdf new file mode 100644 index 0000000..a62c7ef Binary files /dev/null and b/slides/2019-it-intro-scrum/slides.pdf differ diff --git a/slides/2019-it-intro-scrum/src/body.tex b/slides/2019-it-intro-scrum/src/body.tex new file mode 100644 index 0000000..531a9d8 --- /dev/null +++ b/slides/2019-it-intro-scrum/src/body.tex @@ -0,0 +1,383 @@ +\begin{frame} + \frametitle{Learning outcome based on syllabus} + \begin{itemize} + \item Give an account of different ways to develop software (ISGA01) + \item Describe different ways of developing software (ISGA06) + \item Explain the development process of an information system (ISGA90) + \end{itemize} + \vfill\centering + \smartdiagram[sequence diagram]{% + Reality check,% + Waterfall method,% + Scrum method% + } +\end{frame} + +\begin{frame} + \frametitle{Reality check} + \begin{columns} + \begin{column}{0.59\textwidth} + \begin{itemize} + \item Three things we wish were true + \begin{itemize} + \item Customers know what they want + \item Developers know how to build it + \item Nothing changes at the course of a project + \end{itemize} + \end{itemize} + \begin{itemize} + \item Three things we have to live with + \begin{itemize} + \item Customers figure out what they want + \item Developers figure out how to build it + \item Many things change at the course of a project + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.39\textwidth} + \includegraphics[width=\textwidth]{img/reality} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Timeline of different approaches towards product development} + \centering + \includegraphics[height=0.4\textheight]{img/timeline}\\ + \vfill\alert{Our scope: Agile and Scrum, briefly Waterfall and XP} +\end{frame} + +\begin{frame} + \frametitle{Monolithic vs Iterative and incremental} + \centering + \includegraphics[height=0.65\textheight]{img/iterative} + \vfill + \alert{Agile development is all about feedback cycles} +\end{frame} + +\begin{frame} + \frametitle{Each iteration is a mini project that involves all diciplines} + \centering + \includegraphics[height=0.7\textheight]{img/one-it}\\ + \alert{Note: not necessarily in this order!} +\end{frame} + +\begin{frame} + \frametitle{Agile vs Waterfall} + \centering + \includegraphics[height=0.70\textheight]{img/cmp} +\end{frame} + +\begin{frame} + \frametitle{Does it work? Results from a survey on agile software development} + \centering + \includegraphics[height=0.70\textheight]{img/works} +\end{frame} + +\begin{frame} + \frametitle{Scrum properties} + \begin{columns} + \begin{column}{0.59\textwidth} + \begin{itemize} + \item Emperical---progress based on real-world observations rather than + fictious plans + \item Identify problems early + \item Prioritize strictly + \item Plan for change and continuous improvement + \begin{itemize} + \item Short feedback loop + \item Ship working software frequently + \item ``Planning is needed, but always wrong'' + \end{itemize} + \item Cross-functional and self-organizing teams + \item Pull-scheduling + \item Timeboxing + \item Simple tools + \item ... + \end{itemize} + \end{column} + \begin{column}{0.39\textwidth} + \centering + \includegraphics[height=0.6\textheight]{img/tia} + \burl{https://www.scrum.org/resources/blog/three-pillars-empiricism-scrum} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{An overview of the Scrum process} + \begin{columns} + \begin{column}{0.69\textwidth} + \includegraphics[height=0.8\textheight]{img/scrum-overview} + \end{column} + \begin{column}{0.29\textwidth} + Roles: + \begin{itemize} + \item Product owner + \item Scrum master + \item Developer + \end{itemize} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{A typical sprint} + \begin{itemize} + \item \textbf{Sprint planning} \titlefloatright{\textbf{Timeboxed}} + \begin{itemize} + \item Update and prioritize features in the product backlog% + \titlefloatright{4h} + \item Add top-priority features to sprint backlog and divide into + tasks\titlefloatright{4h} + \end{itemize} + \item \textbf{Sprint execution} \titlefloatright{2--4 weeks} + \begin{itemize} + \item Daily scrum---a short stand-up meeting \titlefloatright{15m} + \begin{itemize} + \item What did you do yesterday? + \item What will you do today? + \item Any problems? + \end{itemize} + \end{itemize} + \item \textbf{Sprint review} \titlefloatright{4h} + \begin{itemize} + \item Team holds a demo for product owner and stakeholders + \end{itemize} + \item \textbf{Sprint retrospective} \titlefloatright{2h} + \begin{itemize} + \item The good and the bad? + \item How can we improve as a team? + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} + \frametitle{Sprint planning---what should we work on the next couple of weeks?} + \begin{columns} + \begin{column}{0.69\textwidth} + \begin{itemize} + \item Dialog between product owner and development team + \begin{itemize} + \item PO: present\&adapt priority features in product backlog + \item Team: how much can be done + \begin{itemize} + \item Story points + \item Sprint velocity + \item Poker estimates are common + \end{itemize} + \end{itemize} + \item Concrete output of this meeting? + \begin{itemize} + \item A sprint backlog and definitions of `done' + \item A set of tasks for each feature in the sprint backlog + \item A sprint goal, a demo date, and how to demo + \item A time and place for daily scrum + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.29\textwidth} + \centering + \input{img/esi} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{...using cards!} + \centering + \includegraphics[height=0.8\textheight]{img/poker} +\end{frame} + +\begin{frame} + \frametitle{Daily scrum---a short stand-up meeting that repeats every day} + \begin{columns} + \begin{column}{0.39\textwidth} + \begin{itemize} + \item Purpose---keep \textbf{team members} up-to-date + \item What did you do yesterday? + \item What will you do today? + \item Any problems? + \end{itemize} + \end{column} + \begin{column}{0.59\textwidth} + \centering + \includegraphics[width=\textwidth]{img/board}\\ + A board is used to track progress + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Sprint review---show-case the latest prototype and start a dialog} + \begin{columns} + \begin{column}{0.49\textwidth} + \begin{itemize} + \item Date and time already defined---\textbf{unconditional} + \item All roles attend, including stakeholders if invited + \item A demo of the prototype shows that the sprint goal is achieved + \begin{itemize} + \item How to demo? Sprint planning... + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=\textwidth]{img/demo}\\ + \end{column} + \end{columns} + \pause + \vfill\centering\alert{Wait w000t: what if we are not done?}\\ + \pause + \alert{This is identified early on and solved accordingly!} +\end{frame} + +\begin{frame} + \frametitle{Sprint retrospective---ensure that the team improves internally} + \begin{columns} + \begin{column}{0.59\textwidth} + \begin{itemize} + \item Product owner is excluded from this meeting + \item The goal is to improve the team productivity + \begin{itemize} + \item What did we do right? + \item What did we do wrong? + \item How can we improve? \textbf{Choose one!} + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.45\textwidth} + \centering + \includegraphics[width=\textwidth]{img/retrospective}\\ + Make lists and perhaps magnet vote + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{What does `done' really mean?} + \begin{columns} + \begin{column}{0.59\textwidth} + \begin{itemize} + \item \textbf{Can be delivered to the customer} + \begin{itemize} + \item A given feature is implemented + \item Code follows good engineering practises + \item Code is documented and refactored + \item ...or anything else defined at sprint planning + \end{itemize} + \item \textbf{If your estimates turn out to be wrong} + \begin{itemize} + \item Work harder, longer and/or smarter + \item Lower quality by skipping design, testing, integration and/or + documentation + \item Reduce and/or remove features + \item What are the pros and cons? + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.39\textwidth} + \centering + \includegraphics[width=\textwidth]{img/done} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Consequences of the `hurry-up' and `lowered-quality' approaches} + \begin{columns} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[height=0.4\textheight]{img/hurry} + \begin{itemize} + \item \textbf{Hurry-up}---work overtime, skip breaks, add more people, + ... + \begin{itemize} + \item Burnout + \item Errors + \item `More junk in short time' + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[height=0.4\textheight]{img/debt} + \begin{itemize} + \item \textbf{Lowered quality}---leads to technical debt and thus + reduced efficiency + \begin{itemize} + \item Harder to re-use code + \item Harder to add functionality + \item Harder to meet future goals + \end{itemize} + \end{itemize} + \end{column} + \end{columns} + \vfill\centering + \alert{In other words: involve product owner and go with option three} +\end{frame} + +\begin{frame} + \frametitle{From start to finnish---putting it all together} + \centering + \includegraphics[height=0.75\textheight]{img/scrum-whole} +\end{frame} + +\begin{frame} + \frametitle{Scrum and eXtreme Programming (XP)} + \begin{columns} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.9\textwidth]{img/scrum-and-xp} + \end{column} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.9\textwidth]{img/scrum-and-xp2} + \end{column} + \end{columns} + \begin{itemize} + \item Scrum can be viewed as a team-to-stakeholder interface + \item The team is self-organizing, but it \textbf{could} work using XP + practises + \end{itemize} +\end{frame} + +\begin{frame} + \frametitle{Can't get enough? Review the concepts or dig into the details + (Optional)} + \begin{columns} + \begin{column}{0.33\textwidth} + \centering + \includegraphics[width=\textwidth]{img/scrum-1m} + \burl{https://www.youtube.com/watch?v=TRcReyRYIMg} + \end{column} + \begin{column}{0.33\textwidth} + \centering + \includegraphics[width=\textwidth]{img/scrum-2m} + \burl{https://www.youtube.com/watch?v=WxiuE-1ujCM} + \end{column} + \begin{column}{0.33\textwidth} + \centering + \includegraphics[width=\textwidth]{img/scrum-10m} + \burl{https://www.youtube.com/watch?v=XU0llRltyFM} + \end{column} + \end{columns} + \vfill + \begin{columns} + \begin{column}{0.33\textwidth} + \centering + \includegraphics[width=\textwidth]{img/agile-manifesto} + \burl{http://agilemanifesto.org/} + \end{column} + \begin{column}{0.33\textwidth} + \centering + \includegraphics[width=\textwidth]{img/scrum-guide} + \burl{https://www.scrumguides.org/docs/scrumguide/v2017/2017-Scrum-Guide-US.pdf} + \end{column} + \begin{column}{0.33\textwidth} + \centering + \includegraphics[width=\textwidth]{img/henke} + \burl{http://wwwis.win.tue.nl/2R690/doc/ScrumAndXpFromTheTrenchesonline07-31.pdf} + \end{column} + \end{columns} +\end{frame} diff --git a/slides/2019-it-intro-scrum/src/preamble.tex b/slides/2019-it-intro-scrum/src/preamble.tex new file mode 100644 index 0000000..1ef1078 --- /dev/null +++ b/slides/2019-it-intro-scrum/src/preamble.tex @@ -0,0 +1,73 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{pifont} +\usepackage{graphicx} +\usepackage{color} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + shapes,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +\usepackage{floatrow} +%\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +%\setbeamertemplate{itemize item}[circle] +%\setbeamertemplate{itemize subitem}[default] +%\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\titlefloatright}[1]{\hspace{0pt plus 1 filll}#1$\;$} diff --git a/slides/2019-it-intro-scrum/src/questions.tex b/slides/2019-it-intro-scrum/src/questions.tex new file mode 100644 index 0000000..85cb2f3 --- /dev/null +++ b/slides/2019-it-intro-scrum/src/questions.tex @@ -0,0 +1,17 @@ +\begin{frame} + \frametitle{Any questions?} \label{frm:que} + \begin{columns} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/qleft} + \end{column} + \begin{column}{0.49\textwidth} + \centering + \includegraphics[width=0.75\textwidth]{img/qright} + \end{column} + \end{columns} + + \centering + \vspace{-1cm} + \includegraphics[width=0.20\textwidth]{img/ty} +\end{frame} diff --git a/slides/2019-it-intro-scrum/src/titlepage.tex b/slides/2019-it-intro-scrum/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2019-it-intro-scrum/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} diff --git a/slides/2019-side-channels/README b/slides/2019-side-channels/README new file mode 100644 index 0000000..c1ef746 --- /dev/null +++ b/slides/2019-side-channels/README @@ -0,0 +1 @@ +Guest lecture on side channels / timing attacks. diff --git a/slides/2019-side-channels/beamercolorthemergd.sty b/slides/2019-side-channels/beamercolorthemergd.sty new file mode 100644 index 0000000..74ced1c --- /dev/null +++ b/slides/2019-side-channels/beamercolorthemergd.sty @@ -0,0 +1,24 @@ +\mode + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} + +\mode diff --git a/slides/2019-side-channels/beamerfontthemergd.sty b/slides/2019-side-channels/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2019-side-channels/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode diff --git a/slides/2019-side-channels/beamerinnerthemergd.sty b/slides/2019-side-channels/beamerinnerthemergd.sty new file mode 100644 index 0000000..4dfd6cf --- /dev/null +++ b/slides/2019-side-channels/beamerinnerthemergd.sty @@ -0,0 +1,49 @@ +\mode + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + % Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](Logo){\includegraphics[width=3cm]{img/logo}} + (current page.west) -- + (current page.north west); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add subtitle + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{subtitle}\insertsubtitle\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=12pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + % Add date + \node[ + text=fg, + text width=0.75\paperwidth, + below right= 0.25cm and 4.5cm of current page.north, + ](Date) {\today}; + \end{tikzpicture} +} + +\mode diff --git a/slides/2019-side-channels/beamerouterthemergd.sty b/slides/2019-side-channels/beamerouterthemergd.sty new file mode 100644 index 0000000..15501a8 --- /dev/null +++ b/slides/2019-side-channels/beamerouterthemergd.sty @@ -0,0 +1,65 @@ +\mode + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add mail + \begin{beamercolorbox}[ + wd=0.22\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{trailer} + \texttt{rasmus.dahlberg@kau.se} + \end{beamercolorbox}% + % Add author + \begin{beamercolorbox}[ + wd=0.73\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{header} + \inserttitle--- \insertsubtitle + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.05\paperwidth, + ht=2ex, + dp=0.5ex, + right, + rightskip=1ex + ]{header} + \insertframenumber/\inserttotalframenumber + \end{beamercolorbox}% + } +} + +\mode diff --git a/slides/2019-side-channels/beamerthemergd.sty b/slides/2019-side-channels/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2019-side-channels/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode diff --git a/slides/2019-side-channels/img/attacker.jpg b/slides/2019-side-channels/img/attacker.jpg new file mode 100644 index 0000000..3a0adec Binary files /dev/null and b/slides/2019-side-channels/img/attacker.jpg differ diff --git a/slides/2019-side-channels/img/client.png b/slides/2019-side-channels/img/client.png new file mode 100644 index 0000000..f1ad88d Binary files /dev/null and b/slides/2019-side-channels/img/client.png differ diff --git a/slides/2019-side-channels/img/countermeasure.py b/slides/2019-side-channels/img/countermeasure.py new file mode 100755 index 0000000..dda0868 --- /dev/null +++ b/slides/2019-side-channels/img/countermeasure.py @@ -0,0 +1,18 @@ +#!/usr/bin/python + +def is_equal(s1, s2): + ''' + Returns true if the strings s1 and s2 encode the same information. + ''' + if len(s1) != len(s2): + return False + + result = 0 + for (x,y) in zip(s1,s2): + result |= ord(x) ^ ord(y) + + return result == 0 + +target, strs = "abc", [ "ab", "abc", "abcd", "bbc", "abe" ] +for s in strs: + print("{} == {} ? {}".format(target,s,is_equal(target,s))) diff --git a/slides/2019-side-channels/img/demo.png b/slides/2019-side-channels/img/demo.png new file mode 100644 index 0000000..509c9ad Binary files /dev/null and b/slides/2019-side-channels/img/demo.png differ diff --git a/slides/2019-side-channels/img/grandpa.png b/slides/2019-side-channels/img/grandpa.png new file mode 100644 index 0000000..1953027 Binary files /dev/null and b/slides/2019-side-channels/img/grandpa.png differ diff --git a/slides/2019-side-channels/img/isn b/slides/2019-side-channels/img/isn new file mode 100644 index 0000000..4e536b5 --- /dev/null +++ b/slides/2019-side-channels/img/isn @@ -0,0 +1,7 @@ +read(MEM[5]); +read(MEM[5]); +... +raise_exception(); +data = read(MEM[7]); +read(MEM[data]) +... diff --git a/slides/2019-side-channels/img/logo.png b/slides/2019-side-channels/img/logo.png new file mode 100755 index 0000000..0c7c885 Binary files /dev/null and b/slides/2019-side-channels/img/logo.png differ diff --git a/slides/2019-side-channels/img/meltdown-dump.png b/slides/2019-side-channels/img/meltdown-dump.png new file mode 100644 index 0000000..6ecf2cf Binary files /dev/null and b/slides/2019-side-channels/img/meltdown-dump.png differ diff --git a/slides/2019-side-channels/img/meltdown-ff.png b/slides/2019-side-channels/img/meltdown-ff.png new file mode 100644 index 0000000..f097f49 Binary files /dev/null and b/slides/2019-side-channels/img/meltdown-ff.png differ diff --git a/slides/2019-side-channels/img/meltdown-insn.png b/slides/2019-side-channels/img/meltdown-insn.png new file mode 100644 index 0000000..6b3b686 Binary files /dev/null and b/slides/2019-side-channels/img/meltdown-insn.png differ diff --git a/slides/2019-side-channels/img/meltdown-isn b/slides/2019-side-channels/img/meltdown-isn new file mode 100644 index 0000000..19e9bd5 --- /dev/null +++ b/slides/2019-side-channels/img/meltdown-isn @@ -0,0 +1,3 @@ +data = read(MEM[addr]) +raise_exception(); +read(probe_array[data * 4096]) diff --git a/slides/2019-side-channels/img/meltdown-out-of-order.png b/slides/2019-side-channels/img/meltdown-out-of-order.png new file mode 100644 index 0000000..b941373 Binary files /dev/null and b/slides/2019-side-channels/img/meltdown-out-of-order.png differ diff --git a/slides/2019-side-channels/img/meltdown-pageload.png b/slides/2019-side-channels/img/meltdown-pageload.png new file mode 100644 index 0000000..1304f32 Binary files /dev/null and b/slides/2019-side-channels/img/meltdown-pageload.png differ diff --git a/slides/2019-side-channels/img/meltdown.png b/slides/2019-side-channels/img/meltdown.png new file mode 100644 index 0000000..476eada Binary files /dev/null and b/slides/2019-side-channels/img/meltdown.png differ diff --git a/slides/2019-side-channels/img/memlayout.png b/slides/2019-side-channels/img/memlayout.png new file mode 100644 index 0000000..779f137 Binary files /dev/null and b/slides/2019-side-channels/img/memlayout.png differ diff --git a/slides/2019-side-channels/img/pandora.jpg b/slides/2019-side-channels/img/pandora.jpg new file mode 100644 index 0000000..b8763ea Binary files /dev/null and b/slides/2019-side-channels/img/pandora.jpg differ diff --git a/slides/2019-side-channels/img/printersound.png b/slides/2019-side-channels/img/printersound.png new file mode 100644 index 0000000..99e253d Binary files /dev/null and b/slides/2019-side-channels/img/printersound.png differ diff --git a/slides/2019-side-channels/img/security-door-zoomin.png b/slides/2019-side-channels/img/security-door-zoomin.png new file mode 100644 index 0000000..200de7f Binary files /dev/null and b/slides/2019-side-channels/img/security-door-zoomin.png differ diff --git a/slides/2019-side-channels/img/security-door-zoomout.png b/slides/2019-side-channels/img/security-door-zoomout.png new file mode 100644 index 0000000..934e998 Binary files /dev/null and b/slides/2019-side-channels/img/security-door-zoomout.png differ diff --git a/slides/2019-side-channels/img/security-door.png b/slides/2019-side-channels/img/security-door.png new file mode 100644 index 0000000..0a38cec Binary files /dev/null and b/slides/2019-side-channels/img/security-door.png differ diff --git a/slides/2019-side-channels/img/server.png b/slides/2019-side-channels/img/server.png new file mode 100644 index 0000000..8ca8af3 Binary files /dev/null and b/slides/2019-side-channels/img/server.png differ diff --git a/slides/2019-side-channels/img/smartcard.png b/slides/2019-side-channels/img/smartcard.png new file mode 100644 index 0000000..d8306cd Binary files /dev/null and b/slides/2019-side-channels/img/smartcard.png differ diff --git a/slides/2019-side-channels/img/strcmp.py b/slides/2019-side-channels/img/strcmp.py new file mode 100755 index 0000000..89688fc --- /dev/null +++ b/slides/2019-side-channels/img/strcmp.py @@ -0,0 +1,18 @@ +#!/usr/bin/python + +def is_equal(s1, s2): + ''' + Returns true if the strings s1 and s2 encode the same information. + ''' + if len(s1) != len(s2): + return False + + for (x,y) in zip(s1,s2): + if x != y: + return False + + return True + +target, strs = "abc", [ "ab", "abc", "abcd", "bbc", "abe" ] +for s in strs: + print("{} == {} ? {}".format(target,s,is_equal(target,s))) diff --git a/slides/2019-side-channels/img/timeit.png b/slides/2019-side-channels/img/timeit.png new file mode 100644 index 0000000..0ee3c11 Binary files /dev/null and b/slides/2019-side-channels/img/timeit.png differ diff --git a/slides/2019-side-channels/img/ultrasound.png b/slides/2019-side-channels/img/ultrasound.png new file mode 100644 index 0000000..b0de69e Binary files /dev/null and b/slides/2019-side-channels/img/ultrasound.png differ diff --git a/slides/2019-side-channels/img/voip.png b/slides/2019-side-channels/img/voip.png new file mode 100644 index 0000000..1c0a912 Binary files /dev/null and b/slides/2019-side-channels/img/voip.png differ diff --git a/slides/2019-side-channels/main.tex b/slides/2019-side-channels/main.tex new file mode 100644 index 0000000..89521c9 --- /dev/null +++ b/slides/2019-side-channels/main.tex @@ -0,0 +1,26 @@ +\pdfminorversion=4 +%\documentclass[handout,aspectratio=169]{beamer} +\documentclass[aspectratio=169]{beamer} +\usetheme{rgd} + +\input{src/preamble} + +\title{% + Side-channels that break security in practise +} +\subtitle{% +} +\author{% + Rasmus Dahlberg +} +\institute{% + Karlstad University +} +\date{% + \today +} + +\begin{document} + \input{src/titlepage} + \input{src/body} +\end{document} diff --git a/slides/2019-side-channels/slides.pdf b/slides/2019-side-channels/slides.pdf new file mode 100644 index 0000000..6009645 Binary files /dev/null and b/slides/2019-side-channels/slides.pdf differ diff --git a/slides/2019-side-channels/src/body.tex b/slides/2019-side-channels/src/body.tex new file mode 100644 index 0000000..a2ede47 --- /dev/null +++ b/slides/2019-side-channels/src/body.tex @@ -0,0 +1,536 @@ +\begin{frame} + \mktitle{Learning outcomes} + \begin{columns} + \begin{column}{0.75\textwidth} + \begin{itemize} + \item Understand the threat of side-channels + \item Get an intuition of timing attacks + \end{itemize} + \end{column} + \begin{column}{0.25\textwidth} + \centering + \includegraphics[width=.8\textwidth]{img/meltdown} + \end{column} + \end{columns} + \vfill + \alert{No in-depth programming and cryptographic details} +\end{frame} + +\begin{frame} + \mktitle{Setting and security} + \begin{tikzpicture} + \node[draw=none](server){ + \includegraphics[width=60pt]{img/server} + }; + \node[draw=none,left=100pt of server](client){ + \includegraphics[width=40pt]{img/client} + }; + \path[draw, latex-latex] (client) -- (server); + \end{tikzpicture} +\end{frame} + +\begin{frame} + \mktitle{Security on paper} + \includegraphics[height=.67\textheight]{img/security-door-zoomin} +\end{frame} + +\begin{frame} + \mktitle{Reality --- not a black box} + \includegraphics[height=.67\textheight]{img/security-door-zoomout} +\end{frame} + +\begin{frame} + \mktitle{Side channels --- Pandora's box} + \begin{columns} + \begin{column}{.5\textwidth} + \hfill + \includegraphics[height=.67\textheight]{img/pandora} + \end{column} + \begin{column}{.5\textwidth} + \begin{itemize} + \item Power consumption + \item EM radiation + \item Heat + \item Sound + \item Cache + \item Faults + \item Timing + \item Size + \item ... + % REMINDER@Pandora: ... -> e.g., disk access patterns + \end{itemize} + \end{column} + \end{columns} + % REMINDER@Pandora: sky is the limit, there are lots of things to measure +\end{frame} + +\begin{frame} + \mktitle{Printer sounds --- document content leaked} + \includegraphics[height=.67\textheight]{img/printersound} + \vfill\scriptsize{ + Backes \emph{et~al.}: + Acoustic Side-Channel Attacks on Printers, + In: USENIX Security + (2010) + } +\end{frame} + +\begin{frame} + \mktitle{Laptop sounds --- secret key leaked} + \includegraphics[width=.67\textwidth]{img/ultrasound} + \vfill\scriptsize{ + Genkin \emph{et~al.}: + RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis, + In: Crypto + (2014) + } +\end{frame} + +\begin{frame} + \mktitle{Energy consumption --- secret key leaked} + \includegraphics[width=.67\textwidth]{img/smartcard} + \vfill\scriptsize{ + Messerges \emph{et~al.}: + Power Analysis Attacks of Modular Exponentiation in Smartcards, + In: CHES (1999) + } +\end{frame} + +\begin{frame} + \mktitle{Packet size --- encrypted content leaked} + \includegraphics[height=.67\textheight]{img/voip} + \vfill\scriptsize{ + White \emph{et~al.}: + Phonotactic Reconstruction of Encrypted VoIP Conversations: + Hookt on Fon-iks, + In: IEEE SP + (2011) + } +\end{frame} + +\begin{frame} + \mktitle{Response timing --- message forgery} + \begin{tikzpicture} + \node[draw=none](server){ + \includegraphics[width=60pt]{img/server} + }; + \node[draw=none,left=100pt of server](client){ + \includegraphics[width=40pt]{img/attacker} + }; + \path[draw, -latex] + (client.34) |- + node[draw=none,above,pos=.75]{\texttt{msg, tag}} + (server.155); + \path[draw, -latex] + (server.199) |- + node[draw=none,above,pos=.75]{\texttt{yes/no}} + (client.335); + \end{tikzpicture} + \vfill\scriptsize{ + Crosby \emph{et al.}: + Opportunities and Limits of Remote Timing Attacks, + In: TISSEC + (2009) + }\\ + \scriptsize{ + Hale: + A lesson in timing attacks, + URL: \url{https://codahale.com/a-lesson-in-timing-attacks/} + (2009) + } +\end{frame} + +\begin{frame} + \mktitle{Scope} + \begin{tikzpicture} + \node[draw,rectangle, + minimum width=.6\textwidth, + minimum height=.4\textheight, + fill=gray!33, + ](sc){}; + \node[draw=none,below=0pt of sc.150]{side-channels}; + \node[draw,circle, + minimum width=.15\textwidth, + fill=rgdGreen, + text=white, + ](t){\textbf{timing}}; + \end{tikzpicture} +\end{frame} + +\begin{frame} + \mktitle{Effort to crack this password?} + \begin{tikzpicture}[ + rgddBox/.style = { + draw = black, + minimum width = 20pt, + minimum height = 20pt, + fill = gray!33, + font = \bfseries, + } + ] + \def\rgddBoxData{{z},{f},{T},{B},{s},{v},{g},{O},{e},{t}} + \foreach[count=\i] \x in \rgddBoxData{ + \ifnum\i=1\relax + \node[rgddBox](p\i){\x}; + \else + \pgfmathparse{int(\i-1)} + \node[rgddBox,right=6pt of p\pgfmathresult](p\i){\x}; + \fi + \node[draw=none,text=darkRed,above=0pt of p\i]{\i}; + } + %\pause + \foreach[count=\i] \x in \rgddBoxData{ + \node[draw=none,text=darkGreen,below=0pt of p\i]{52}; + } + \end{tikzpicture} + \pause + \vfill + 144555105949057024 + \pause + \vfill + $52^{10}$ combinations and 100M queries/s $\rightarrow$ 46 years + %REMINDER@Password: exponential increase for each character + \pause + \\\includegraphics[height=.2\textheight]{img/grandpa} +\end{frame} + +\begin{frame} + \mktitle{Experiment --- are these strings equal?} + \pause + \texttt{0000000000000000} \floatright{\texttt{9389349108837912}}\\ + \pause + \texttt{0000439513027213} \floatright{\texttt{0000431513027213}}\\ + \pause + \texttt{7485820126271479} \floatright{\texttt{7485820126371479}}\\ +\end{frame} + +\begin{frame} + \mktitle{Comparing strings like a programmer} + \begin{tikzpicture}[ + rgddBox/.style = { + draw = black, + minimum width = 20pt, + minimum height = 20pt, + fill = gray!33, + font = \bfseries, + }, + rgddPopup/.style = { + draw=rgdGreen, + thick, + rectangle, + fill=rgdYellow, + minimum width = \textwidth, + minimum height = 40pt, + }, + ] + \def\rgddBoxData{{7},{4},{8},{5}} + \foreach[count=\i] \x in \rgddBoxData{ + \ifnum\i=1\relax + \node[rgddBox](p\i){\x}; + \else + \pgfmathparse{int(\i-1)} + \node[rgddBox,right=6pt of p\pgfmathresult](p\i){\x}; + \fi + } + + \def\rgddBoxData{{7},{4},{0},{2}} + \foreach[count=\i] \x in \rgddBoxData{ + \ifnum\i=1\relax + \node[rgddBox,right=60pt of p4](q\i){\x}; + \else + \pgfmathparse{int(\i-1)} + \node[rgddBox,right=6pt of q\pgfmathresult](q\i){\x}; + \fi + } + + \foreach \i in {1,...,3}{ + \only<\i>{\node[draw=none,below=6pt of p\i]{\lding};} + \only<\i>{\node[draw=none,below=6pt of q\i]{\lding};} + } + + \only<4>{ + \node[rgddPopup] at ($ (p4) !.5! (q4) $) {\Huge no need to continue}; + } + \end{tikzpicture} +\end{frame} + +%\begin{frame} +% \mktitle{Programming 101 --- string comparison} +% \lstinputlisting[style=CStyle,firstline=3,lastline=14]{img/strcmp.py} +%\end{frame} + +\begin{frame} + \mktitle{Timing --- an inutitive note} + \includegraphics[width=\textwidth]{img/timeit} +\end{frame} + +\begin{frame} + \mktitle{Effort to crack this password?} + \begin{tikzpicture}[ + rgddBox/.style = { + draw = black, + minimum width = 20pt, + minimum height = 20pt, + fill = gray!33, + font = \bfseries, + } + ] + \def\rgddBoxData{{z},{f},{T},{B},{s},{v},{g},{O},{e},{t}} + \foreach[count=\i] \x in \rgddBoxData{ + \ifnum\i=1\relax + \node[rgddBox](p\i){\x}; + \else + \pgfmathparse{int(\i-1)} + \node[rgddBox,right=6pt of p\pgfmathresult](p\i){\x}; + \fi + \node[draw=none,text=darkRed,above=0pt of p\i]{\i}; + } + \foreach[count=\i] \x in \rgddBoxData{ + \node[draw=none,text=darkGreen,below=0pt of p\i]{52}; + } + \end{tikzpicture} + \vfill + + \pause + \begin{tikzpicture}[ + rgddBox/.style = { + draw = black, + minimum width = 20pt, + minimum height = 20pt, + fill = gray!33, + font = \bfseries, + } + ] + \def\rgddBoxData{{a},{a},{a},{a},{a},{a},{a},{a},{a},{a}} + \foreach[count=\i] \x in \rgddBoxData{ + \ifnum\i=1\relax + \node[rgddBox](q\i){\x}; + \else + \pgfmathparse{int(\i-1)} + \node[rgddBox,right=6pt of q\pgfmathresult](q\i){\x}; + \fi + + } + + \def\rgddBoxData{{z},{f},{T},{B},{s},{v},{g},{O},{e},{t}} + \foreach[count=\i] \x in \rgddBoxData{ + \ifnum\i<5\pause\fi + \ifnum\i=1\relax + \node[rgddBox, text=darkOrange](q\i){\x}; + \else + \pgfmathparse{int(\i-1)} + \node[rgddBox, text=darkOrange, right=6pt of q\pgfmathresult](q\i){\x}; + \fi + } + \end{tikzpicture} + %$52*10$ tries $\rightarrow$ ``negl'' time + %REMINDER@Password: linear increase for each character +\end{frame} + +\begin{frame} + \mktitle{Demo --- Experimental setup} + + \begin{tikzpicture} + \node[draw=none](server){ + \includegraphics[width=60pt]{img/server} + }; + \node[draw=none,left=100pt of server](client){ + \includegraphics[width=40pt]{img/attacker} + }; + \path[draw, -latex] + (client.34) |- + node[draw=none,above,pos=.75]{\texttt{msg, tag}} + (server.155); + \path[draw, -latex] + (server.199) |- + node[draw=none,above,pos=.75]{\texttt{yes/no}} + (client.335); + \path[draw,-latex] + (server) edge[loop right] + node[draw=none,pos=.7,below]{ + \begin{tabular}{c} + byte-by-byte cmp\\ + with $\approx$ms sleep + \end{tabular} + } + (); + + \end{tikzpicture} + \vfill\url{https://github.com/rgdd/timing-server} +\end{frame} + +\begin{frame} + \mktitle{Can you recommend another demo? Asking for a friend} + \includegraphics[height=.67\textheight]{img/demo} + \url{https://www.youtube.com/watch?v=2-zQp26nbY8} +\end{frame} + +\begin{frame} + \mktitle{Countermeasure -- constant time compare} + \begin{tikzpicture}[ + rgddBox/.style = { + draw = black, + minimum width = 20pt, + minimum height = 20pt, + fill = gray!33, + font = \bfseries, + }, + rgddPopup/.style = { + draw=rgdGreen, + thick, + rectangle, + fill=rgdYellow, + minimum width = \textwidth, + minimum height = 40pt, + }, + ] + \def\rgddBoxData{{7},{4},{8},{5}} + \foreach[count=\i] \x in \rgddBoxData{ + \ifnum\i=1\relax + \node[rgddBox](p\i){\x}; + \else + \pgfmathparse{int(\i-1)} + \node[rgddBox,right=6pt of p\pgfmathresult](p\i){\x}; + \fi + } + + \def\rgddBoxData{{7},{4},{0},{2}} + \foreach[count=\i] \x in \rgddBoxData{ + \ifnum\i=1\relax + \node[rgddBox,right=60pt of p4](q\i){\x}; + \else + \pgfmathparse{int(\i-1)} + \node[rgddBox,right=6pt of q\pgfmathresult](q\i){\x}; + \fi + } + + \foreach \i in {1,...,4}{ + \only<\i>{\node[draw=none,below=6pt of p\i]{\lding};} + \only<\i>{\node[draw=none,below=6pt of q\i]{\lding};} + } + \end{tikzpicture} +\end{frame} + +%\begin{frame} +% \mktitle{Countermeasure --- constant time compare} +% \lstinputlisting[style=CStyle,firstline=3,lastline=14]{img/countermeasure.py} +%\end{frame} + +\begin{frame} + \mktitle{Lessons learned} + \centering + + \textbf{Adversarial input?} + Think twice before using standard equality operators + + \vfill + \textbf{Cryptography in code?} Stick to cryptographic libraries, hope for + the best +\end{frame} + +\begin{frame} + \mktitle{Meltdown} + \includegraphics[height=.67\textheight]{img/meltdown} + \vfill\scriptsize{ + Lipp \emph{et~al.}: + Meltdown, + In: CoRR abs/1801.01207 + (2018) + } +\end{frame} + +\begin{frame} + \mktitle{Preliminaries --- per-process virtual memory layout} + \includegraphics[width=.67\textwidth]{img/memlayout} + \vfill + \begin{tikzpicture} + \Tree [ + .{page table} [ + .{\textcolor{darkBlue}{address translation}} + ] [ + .{\textcolor{darkGreen}{privelege checks}} + ] + ] + \end{tikzpicture} +\end{frame} + +\begin{frame} + \mktitle{Preliminaries --- caching and out-of-order execution} + \begin{tikzpicture}[ + rgddBox/.style = { + draw = black, + minimum width = 20pt, + minimum height = 20pt, + fill = gray!33, + font = \bfseries, + } + ] + \def\rgddBoxData{{},{},{},{},{},{},{},{},{}} + \foreach[count=\i] \x in \rgddBoxData{ + \ifnum\i=1\relax + \node[rgddBox](p\i){\x}; + \else + \pgfmathparse{int(\i-1)} + \node[rgddBox,right=6pt of p\pgfmathresult](p\i){\x}; + \fi + \node[draw=none,text=darkRed,above=0pt of p\i]{\i}; + + } + + % First access + \node[draw=none,below=of p3,font=\rmfamily](call1){% + \texttt{access}($\mathsf{MEM}[5]$) + }; + \path[draw, -latex] + (call1) -- + node[draw=none,sloped,above,font=\scriptsize]{slow} + (p5.248); + + % Second access + \node[draw=none,below=of p7,font=\rmfamily](call2){% + \texttt{access}($\mathsf{MEM}[5]$) + }; + \path[draw, -latex] + (call2) -- + node[draw=none,sloped,above,font=\scriptsize]{fast} + (p5.292); + \end{tikzpicture} + + \pause + \begin{columns} + \begin{column}{.29\textwidth} + \lstinputlisting[style=CStyle]{img/isn} + \end{column} + + \begin{column}{.49\textwidth} + \includegraphics[width=\textwidth]{img/meltdown-out-of-order} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Ooops --- leaked privileged memory?} + \begin{columns} + \begin{column}{.45\textwidth} + \lstinputlisting[style=CStyle]{img/meltdown-isn} + \end{column} + \end{columns} + \pause + \vfill + \includegraphics[width=.67\textwidth]{img/meltdown-pageload} +\end{frame} + +\begin{frame} + \mktitle{Proof of concept} + \hfill + \includegraphics[height=.5\textheight]{img/meltdown-dump} + \hfill + \includegraphics[height=.5\textheight]{img/meltdown-ff} + \hfill +\end{frame} + +\begin{frame} + \vfill\centering\Large\textbf{ + That's it --- questions? + }\vfill +\end{frame} diff --git a/slides/2019-side-channels/src/preamble.tex b/slides/2019-side-channels/src/preamble.tex new file mode 100644 index 0000000..56ed3df --- /dev/null +++ b/slides/2019-side-channels/src/preamble.tex @@ -0,0 +1,114 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[utf8]{inputenc} +\usepackage[swedish]{babel} + +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{rotate} +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{pifont} +\usepackage{wasysym} +\usepackage{graphicx} +\usepackage{color} +\usepackage{drawstack} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + shapes,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +%\usepackage{floatrow}% this one causes error on arch for some reason +\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +\usepackage{hyperref} +\hypersetup{ + colorlinks = true, % Color links instead of boxes + urlcolor = darkBlue, % Color external hyper links + linkcolor = darkBlue, % Color internal links + citecolor = darkBlue, % Color citations +} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +\lstdefinestyle{CStyle}{ + backgroundcolor=\color{lightGray!25}, + commentstyle=\color{darkGreen}, + keywordstyle=\color{darkBlue}, + numberstyle=\tiny\color{darkRed}, + stringstyle=\color{darkPurple}, + basicstyle=\footnotesize, + breakatwhitespace=false, + breaklines=false, + captionpos=b, + keepspaces=true, + numbers=left, + numbersep=5pt, + showspaces=false, + showstringspaces=false, + showtabs=false, + tabsize=2, + language=C, + morekeywords={size_t,def,in,zip,True,False,ord}, +} + +\setbeamertemplate{itemize item}[circle] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\floatright}[1]{\hspace{0pt plus 1 filll}#1$\;$} + +\def\rding{\rotatebox[origin=c]{-91}{\ding{224}}} +\def\lding{\rotatebox[origin=c]{91}{\ding{224}}} + +% TODO: fix this properly... +\newcommand{\mktitle}[1]{\centering\textbf{\large#1}\vfill\normalsize} diff --git a/slides/2019-side-channels/src/titlepage.tex b/slides/2019-side-channels/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2019-side-channels/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} diff --git a/slides/2021-aha/README b/slides/2021-aha/README new file mode 100644 index 0000000..e8027a5 --- /dev/null +++ b/slides/2021-aha/README @@ -0,0 +1 @@ +An internal talk I did at Mullvad VPN. diff --git a/slides/2021-aha/beamercolorthemergd.sty b/slides/2021-aha/beamercolorthemergd.sty new file mode 100644 index 0000000..74ced1c --- /dev/null +++ b/slides/2021-aha/beamercolorthemergd.sty @@ -0,0 +1,24 @@ +\mode + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} + +\mode diff --git a/slides/2021-aha/beamerfontthemergd.sty b/slides/2021-aha/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2021-aha/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode diff --git a/slides/2021-aha/beamerinnerthemergd.sty b/slides/2021-aha/beamerinnerthemergd.sty new file mode 100644 index 0000000..b96a415 --- /dev/null +++ b/slides/2021-aha/beamerinnerthemergd.sty @@ -0,0 +1,49 @@ +\mode + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + % Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](LogoMul){\includegraphics[width=3.5cm]{img/mullvad}} + (current page.west) -- + (current page.north west); + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north east) -- + (current page.north) -- + node[draw=none,pos=0.5](LogoKau){\includegraphics[width=3cm]{img/kau}} + (current page.east) -- + (current page.north east); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add date + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{date}\today\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + \end{tikzpicture} +} + +\mode diff --git a/slides/2021-aha/beamerouterthemergd.sty b/slides/2021-aha/beamerouterthemergd.sty new file mode 100644 index 0000000..45ba820 --- /dev/null +++ b/slides/2021-aha/beamerouterthemergd.sty @@ -0,0 +1,71 @@ +\mode + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add metadata + \begin{beamercolorbox}[ + wd=0.50\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{trailer} + \href{https://rgdd.github.io}{rgdd.github.io} + $\cdots$ + \href{https://twitter.com/\_\_rgdd}{@\_\_rgdd} + $\cdots$ + \href{mailto:rasmus@mullvad.net}{rasmus@mullvad.net} + $\cdots$ + \href{mailto:rasmus.dahlberg@kau.se}{rasmus.dahlberg@kau.se} + \end{beamercolorbox}% + % Add title + \begin{beamercolorbox}[ + wd=0.45\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{header} + \inserttitle + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.05\paperwidth, + ht=2ex, + dp=0.5ex, + right, + rightskip=1ex + ]{header} + \insertframenumber/\inserttotalframenumber + \end{beamercolorbox}% + } +} + +\mode diff --git a/slides/2021-aha/beamerthemergd.sty b/slides/2021-aha/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2021-aha/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode diff --git a/slides/2021-aha/handout.pdf b/slides/2021-aha/handout.pdf new file mode 100644 index 0000000..e210a10 Binary files /dev/null and b/slides/2021-aha/handout.pdf differ diff --git a/slides/2021-aha/img/after.tex b/slides/2021-aha/img/after.tex new file mode 100644 index 0000000..c2af725 --- /dev/null +++ b/slides/2021-aha/img/after.tex @@ -0,0 +1,70 @@ +\begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + }, +] + \node[entity, fill=darkBlue] (Publisher) at (0,0) { Publisher }; + \node[entity, fill=darkGreen, below=1.5cm of Publisher] (EndUser) {End-user}; + \node[entity, fill=darkOrange, left=1.5cm of Publisher] (Log) {Log}; + \node[entity, fill=darkRed, below=1.5cm of Log] (Witness) {Witness}; + + % Key setup + \path[path, dashed] ($ (EndUser) + (2,0) $) -- + node[relation, above] { Public keys } + (EndUser); + % Get data and signature + \path[path] (Publisher) -- + node[relation, right] { + \begin{tabular}{c} + Opaque data\\ + Signature\\ + Proofs of logging\\ + \end{tabular} + } + (EndUser); + % Verification + \path[path, rounded corners] + (EndUser.180) -| + ($ (EndUser) + (-1.25,-.75) $) + node[relation, below]{ + Verify + } -| + (EndUser.210); + + + % Cosigning + \path[path] (Witness) edge[bend right] + node[relation,right]{Cosignature} + (Log); + \path[path] (Log) edge[bend right] + node[relation,left]{Tree head} + (Witness); + \path[path, rounded corners] + (Witness.180) -| + ($ (Witness) + (-1.25,-.75) $) + node[relation, below]{ + Verify + } -| + (Witness.210); + + % Get proofs + \path[path] (Log) -- + node[relation,above]{Proofs of logging} + (Publisher); +\end{tikzpicture} diff --git a/slides/2021-aha/img/before.tex b/slides/2021-aha/img/before.tex new file mode 100644 index 0000000..f634ef4 --- /dev/null +++ b/slides/2021-aha/img/before.tex @@ -0,0 +1,46 @@ +\begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + }, +] + \node[entity, fill=darkBlue] (Publisher) at (0,0) { Publisher }; + \node[entity, fill=darkGreen, below=1.5cm of Publisher] (EndUser) {End-user}; + + % Key setup + \path[path, dashed] ($ (EndUser) + (2,0) $) -- + node[relation, above] { Public key } + (EndUser); + % Get data and signature + \path[path] (Publisher) -- + node[relation, right] { + \begin{tabular}{c} + Opaque data\\ + Signature\\ + \end{tabular} + } + (EndUser); + % Verification + \path[path, rounded corners] + (EndUser.180) -| + ($ (EndUser) + (-1.25,-.75) $) + node[relation, below]{ + Verify + } -| + (EndUser.210); +\end{tikzpicture} diff --git a/slides/2021-aha/img/beverwijk.jpg b/slides/2021-aha/img/beverwijk.jpg new file mode 100644 index 0000000..3ac9d1a Binary files /dev/null and b/slides/2021-aha/img/beverwijk.jpg differ diff --git a/slides/2021-aha/img/clean.jpg b/slides/2021-aha/img/clean.jpg new file mode 100644 index 0000000..2465e5e Binary files /dev/null and b/slides/2021-aha/img/clean.jpg differ diff --git a/slides/2021-aha/img/ct.tex b/slides/2021-aha/img/ct.tex new file mode 100644 index 0000000..9ae60c3 --- /dev/null +++ b/slides/2021-aha/img/ct.tex @@ -0,0 +1,69 @@ +\begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + }, +] + \node[entity, fill=darkBlue] (Website) at (0,0) { Website }; + \node[entity, fill=darkGreen, below=1.5cm of Website] (Browser) {Browser}; + \node[entity, fill=darkOrange, left=1.5cm of Website] (Log) {Log}; + \node[entity, fill=darkRed, below=1.5cm of Log] (Monitor) {Monitor}; + + % Get certificate and proofs of logging + \path[path] (Website) -- + node[relation, right] { + \begin{tabular}{c} + Certificate\\ + Proofs of logging\\ + \end{tabular} + } + (Browser); + % Verification + \path[path, rounded corners] + (Browser.180) -| + ($ (Browser) + (-1.25,-.75) $) + node[relation, below]{ + Verify + } -| + (Browser.210); + + % Monitoring + \path[path] (Monitor) edge[bend right] + node[relation,right]{} + (Log); + \path[path] (Log) edge[bend right] + node[relation,left]{} + (Monitor); + \path[path, rounded corners] + (Monitor.180) -| + ($ (Monitor) + (-1.25,-.75) $) + node[relation, below]{ + Mis-issuance? + } -| + (Monitor.210); + + % Get proofs + \path[path, dashed] (Log) -- + node[relation,above]{Proofs of logging} + (Website); + + % Add certificates to log + \path[path, dashed] ($ (Log) + (-2,0) $) -- + node[relation, above] { Certificates } + (Log); +\end{tikzpicture} diff --git a/slides/2021-aha/img/curl.jpg b/slides/2021-aha/img/curl.jpg new file mode 100644 index 0000000..51765e7 Binary files /dev/null and b/slides/2021-aha/img/curl.jpg differ diff --git a/slides/2021-aha/img/diginotar.jpg b/slides/2021-aha/img/diginotar.jpg new file mode 100644 index 0000000..c185e38 Binary files /dev/null and b/slides/2021-aha/img/diginotar.jpg differ diff --git a/slides/2021-aha/img/kau.png b/slides/2021-aha/img/kau.png new file mode 100755 index 0000000..0c7c885 Binary files /dev/null and b/slides/2021-aha/img/kau.png differ diff --git a/slides/2021-aha/img/log-request.tex b/slides/2021-aha/img/log-request.tex new file mode 100644 index 0000000..08edf87 --- /dev/null +++ b/slides/2021-aha/img/log-request.tex @@ -0,0 +1,47 @@ +\begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + }, +] + \node[entity, fill=darkBlue] (Publisher) at (0,0) { Publisher }; + \node[entity, fill=darkGreen, below=1.5cm of Publisher] (DNS) {DNS}; + \node[entity, fill=darkOrange, left=1.5cm of Publisher] (Log) {Log}; + + % Setup DNS + \path[path, dashed] (Publisher) -- + node[relation, right] {TXT RR} + (DNS); + + \path[path] (Publisher) edge[bend right] + node[relation, above] { + Key-value pairs + } + (Log); + \path[path] (Log) edge[bend right] + node[relation,below] { + accept/reject + } + (Publisher); + + \path[path, rounded corners] (Log) |- + node[relation,below,pos=.75]{ + verify TXT RR + } + (DNS); +\end{tikzpicture} diff --git a/slides/2021-aha/img/mt.tex b/slides/2021-aha/img/mt.tex new file mode 100644 index 0000000..3deaf62 --- /dev/null +++ b/slides/2021-aha/img/mt.tex @@ -0,0 +1,19 @@ +\begin{tikzpicture}[ + -latex, +] + \Tree [ + .$\hash(h_{01}\concat h_{23})$ [ + .$h_{01}\coloneqq\hash(h_0\concat h_1)$ [ + .$h_0\coloneqq\hash(\mathsf{foo})$ + ] [ + .$h_1\coloneqq\hash(\mathsf{bar})$ + ] + ] [ + .$h_{23}\coloneqq\hash(h_2\concat h_3)$ [ + .$h_2\coloneqq\hash(\mathsf{baz})$ + ] [ + .$h_3\coloneqq\hash(\mathsf{qux})$ + ] + ] + ] +\end{tikzpicture} diff --git a/slides/2021-aha/img/mullvad.png b/slides/2021-aha/img/mullvad.png new file mode 100644 index 0000000..4574eb1 Binary files /dev/null and b/slides/2021-aha/img/mullvad.png differ diff --git a/slides/2021-aha/img/openbsd.pdf b/slides/2021-aha/img/openbsd.pdf new file mode 100644 index 0000000..53c6c98 Binary files /dev/null and b/slides/2021-aha/img/openbsd.pdf differ diff --git a/slides/2021-aha/img/rb.png b/slides/2021-aha/img/rb.png new file mode 100644 index 0000000..a0b30cb Binary files /dev/null and b/slides/2021-aha/img/rb.png differ diff --git a/slides/2021-aha/img/rgdd.jpg b/slides/2021-aha/img/rgdd.jpg new file mode 100644 index 0000000..597b406 Binary files /dev/null and b/slides/2021-aha/img/rgdd.jpg differ diff --git a/slides/2021-aha/img/thanks.pdf b/slides/2021-aha/img/thanks.pdf new file mode 100644 index 0000000..9ad4dc8 Binary files /dev/null and b/slides/2021-aha/img/thanks.pdf differ diff --git a/slides/2021-aha/img/tree-leaf.trunnel b/slides/2021-aha/img/tree-leaf.trunnel new file mode 100644 index 0000000..c3806f3 --- /dev/null +++ b/slides/2021-aha/img/tree-leaf.trunnel @@ -0,0 +1,9 @@ +/* + * The logged Merkle tree leaf data + */ +struct tree_leaf { + u64 shard_hint; + u8 checksum[32]; + u8 signature[64]; + u8 key_hash[32]; +} diff --git a/slides/2021-aha/main.tex b/slides/2021-aha/main.tex new file mode 100644 index 0000000..2d8a8b6 --- /dev/null +++ b/slides/2021-aha/main.tex @@ -0,0 +1,21 @@ +\pdfminorversion=4 +%\documentclass[handout,aspectratio=169]{beamer} +\documentclass[aspectratio=169]{beamer} +\usetheme{rgd} + +\input{src/preamble} + +\title{% + Transparent Logging---An introduction and ongoing work +} +\author{% + Rasmus Dahlberg +} +\date{% + \today +} + +\begin{document} + \input{src/titlepage} + \input{src/body} +\end{document} diff --git a/slides/2021-aha/slides.pdf b/slides/2021-aha/slides.pdf new file mode 100644 index 0000000..c3dc16b Binary files /dev/null and b/slides/2021-aha/slides.pdf differ diff --git a/slides/2021-aha/src/body.tex b/slides/2021-aha/src/body.tex new file mode 100644 index 0000000..0778fe7 --- /dev/null +++ b/slides/2021-aha/src/body.tex @@ -0,0 +1,465 @@ +% +% Title page +% - Hi everyone +% - Welcome to my talk +% - I'm Rasmus +% -- I work in the TCR group together with Fredrik and others +% -- I've been here since September, and it started out as an internship. Then +% we decided to prolong that into something more permanent. +% -- I am also aff. with Kau, where I do my PhD studies. +% -- Surprise surprise, my thesis is about transparent logs. +% + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{0.5\textwidth} + \mktitle{Outline} + \begin{enumerate} + \item Transparent Logging + \begin{itemize} + \item Why? % Let's talk DigiNotar + \item How? % Let's talk CT + \item What? % What should you make transparent + \end{itemize} + \item ``System Transparency Logging'' + \end{enumerate} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/rgdd} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{0.45\textwidth} + \mktitle{Let's travel in space and time} + \begin{itemize} + \item June, 2011 + \item Netherlands, Beverwijk + \item DigiNotar + \end{itemize} + \end{column} + \begin{column}{0.55\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/beverwijk} + \burl{https://creativecommons.org/licenses/by-sa/3.0/} + % https://commons.wikimedia.org/wiki/File:Nzkanaal2.jpg + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + % + % To give you the backdrop. + % + % DigiNotar was a so-called certificate authority that issues web certs + % - If this means nothing to you, it is sort of like passports but for + % websites. In real life we have a trusted government body that is + % responsible of issuing our passports. We trust that a passport will not + % be issued for us unless we can prove that we are who we say we are. + % - In the digital world certificate authorities play this role but for + % websites. This way, you can be sure that you are really visiting + % mullvad.net, and not someone that is impersonating our domain. + % + % So, the expectation here is that you would only issue a certificate to the + % rightful domain owner. At minimum, this requires some identity checking. + % + % Let's get back to what happened then. + % + % It turns out that DigiNotar was hacked. They issued fraudulent + % certificates for Google, Facebook, Twitter, Mozilla, Tor, and many others. + % + % This was detected by DigiNotar a week after the incident. + % - They decided to be silent. + % + % The only reason why we detected this is because of a large scale attack + % in Iran, which targeted 300k gmail users. If the attacker had been more + % stealthy, we probably would not have detected the attack. + % + % Fortunately we did detect the attack. Soon thereafter, none of the major + % browser trusted DigiNotar anymore. In September, a bankruptcy was filed. + % + \vfill + \begin{columns} + \begin{column}{0.45\textwidth} + \mktitle{What happened?} + \begin{itemize} + \item DigiNotar issued web certificates + \item Did not live up to expectations + \item Then lied about it for weeks + \end{itemize} + \end{column} + \begin{column}{0.55\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/diginotar} + \burl{https://www.bbc.com/news/technology-14989334} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + % + % What to make of this then? + % + % First of all, DigiNotar was neither the first nor the last. Many + % certificate authorities messed up before them. Many certificate + % authorities messed up after them. + % + % It would be incredibly helpful if we could detect if a certificate + % authority makes mistakes. In the case of certificate management, + % detection really comes down to the ability of discovering which + % certificates have been issued for whom. + % + % From this intuition the idea of Certificate Transparency is simple. + % - Talk about figure. + % - Emphasize that the log is not a trusted party due to crypto magic. + % + \vfill + \begin{columns} + \begin{column}{0.5\textwidth} + \mktitle{What to make of this} + \begin{itemize} + \item DigiNotar was neither first nor last\footnotemark + \item Detection of certificate mis-issuance? + \item Discoverability with transparent logs\footnotemark + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \input{img/ct} + \end{column} + \end{columns} + \vfill + \pause + \centering\alert{Chrome and Safari enforce Certificate Transparency} + + \footnotetext[1]{\burl{https://sslmate.com/certspotter/failures}} + \footnotetext[2]{\burl{https://certificate.transparency.dev/}} +\end{frame} + +\begin{frame} + % + % Okay, great that we have transparency for certificates. Does that mean + % are done? + % + % The short answer is no. We are definitely not done. There is still a lot + % of remaining work with Certificate Transparency. There is even more work + % left to do when we think about other use-cases of transparency logging. + % + % (Use do you get the same binaries as everyone else for example, leave the + % rest for them to think about if they want to) + % + \mktitle{Transparency logging is good for more than just certificates} + Source code \\ + Binaries \\ + Config files \\ + TPM quotes \\ + Media content \\ + Tax declarations \\ + Documents of ownership \\ + BGP announcements \\ + Tor's consensus \\ + ... \\ + \vfill + \pause + \alert{The log we are working on is helpful for all these use-cases!} +\end{frame} + +% +% https://curl.se/download.html +% +\begin{frame} + % + % 1. Introduce the setup. Daniel represents many software projects. + % 2. How would you know if your private key got compromised? + % + \mktitle{Example use-case\#1} + \begin{columns} + \begin{column}{0.5\textwidth} + \mktitle{Meet Daniel} + \begin{itemize} + \item The author of \texttt{curl} + \item Digitally signs new releases + \item Long-term signing key-pair + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \includegraphics[height=.6\textheight]{img/curl} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +% +% https://arxiv.org/pdf/2104.06020.pdf, page 6 for the challenge. +% +\begin{frame} + % + % 1. What is R-B. + % 2. Challenge + % 3. How I think that challenge could be approached + % + \mktitle{Example use-case\#2} + \begin{columns} + \begin{column}{0.6\textwidth} + \mktitle{Meet the R-B project} + \begin{itemize} + \item Same input gives the same output + \item Consensus of ``valid'' checksum? + \end{itemize} + \end{column} + \begin{column}{0.4\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/rb} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Problem summary} + \vfill + \begin{columns} + \begin{column}{0.125\textwidth} + \end{column} + \begin{column}{0.75\textwidth} + \begin{enumerate} + \item Which signatures were produced by what private keys? + \item Consensus of checksums that should be considered valid? + \end{enumerate} + \end{column} + \begin{column}{0.125\textwidth} + \end{column} + \end{columns} + \vfill +\end{frame} + +\begin{frame} + % + % 1. Introduce the system. Think first two paragraphs in design.md + % + \mktitle{Our starting point} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Data publisher + \item End-user + \item Assumptions + \begin{itemize} + \item Public key can be located + \item Signed data can be located + \item End-user can install extra tooling + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \input{img/before} + \end{column} + \end{columns} + \vfill + \pause + \alert{The attacker can compromise the data publisher}\\ + \pause + \alert{The goal is to detect unwanted key-usage} +\end{frame} + +\begin{frame} + % + % 1. Our design is about transparency logs. So, I need to explain briefly + % what a transparency log is. + % 2. Append-only Merkle tree. You can think of the data as being stored in + % the leaves. Each leaf is hashed. Parents concatenate their children + % hashes to produces their own hash values. Repeat until single root hash. + % 3. The root hash is usually called a tree head. + % 4. Tree head interesting because it fixes the structure and the content of + % the tree. Add/remove/modify -> new tree head. + % 5. If the log signs the tree head, you can hold it accountable for its + % structure and content. + % 6. This is important because the attacker can control the log. + % 7. So we cannot trust that the log is append-only. We will need to verify + % that. To this end we have consistency proofs. The intuition is that you + % can force the log to reveal a number of cryptographic hashes. These + % hashes will prove that the tree head you see today is consistent with the + % tree head you saw yesterday. + % 8. You can also prove that something is in the log efficiently. This is + % called an inclusion proof. The intuition is that you reveal a number of + % hashes. If you can use them to reconstruct the root of a globally + % consistent tree head you can be sure that some data is in the log. + % 8. Global consistency (as opposed to just consistency) is what prevents + % the log from creating forks. I will return to this later on because it is + % an important part of our design. + % (9. Not having global consistency would be like having a blockchain + % without a consensus mechanism.) + % + \mktitle{An intuition of transparency log properties} + \input{img/mt} + \vfill + \begin{columns} + \begin{column}{0.33\textwidth} + \begin{itemize} + \item Tree head + \end{itemize} + \end{column} + \begin{column}{0.33\textwidth} + \begin{itemize} + \item Consistency proof + \end{itemize} + \end{column} + \begin{column}{0.33\textwidth} + \begin{itemize} + \item Inclusion proof + \end{itemize} + \end{column} + \end{columns} + \vfill + \pause + \alert{The attacker can control the log} +\end{frame} + +\begin{frame} + \mktitle{Preparing a logging request} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Select a shard hint and checksum + \item Sign using your private key + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \lstinputlisting[style=CStyle]{img/tree-leaf.trunnel} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Submitting a logging request} + \begin{columns} + \begin{column}{0.2\textwidth} + \underline{Key-value pairs:} + \begin{itemize} + \item Shard hint + \item Checksum + \item Signature + \item Public key + \item Domain hint + \end{itemize} + \end{column} + \begin{column}{0.8\textwidth} + \centering + \input{img/log-request} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Distributing proofs of public logging} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item End-user will not talk to the log + \item Proofs of logging + \begin{itemize} + \item Inclusion proof + \item Tree head + \end{itemize} + \item Witness cosigning + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \input{img/after} + \end{column} + \end{columns} + \pause + \alert{The attacker can control a threshold of witnesses} +\end{frame} + +\begin{frame} + \mktitle{Example use-case\#1} + \begin{columns} + \begin{column}{0.5\textwidth} + \mktitle{Remember Daniel?} + \begin{itemize} + \item Sign a checksum of each \texttt{curl} release + \item Start logging every signed checksum + \item Monitor the log for your own leaves + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \includegraphics[height=.6\textheight]{img/curl} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Example use-case\#2} + \begin{columns} + \begin{column}{0.6\textwidth} + \mktitle{Remember the R-B project?} + \begin{itemize} + \item Sign the expected checksum of each build + \item A valid checksum is a logged checksum + \item Rebuilders validate logged checksums + \end{itemize} + \end{column} + \begin{column}{0.4\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/rb} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Summary and feature overview} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Signed checksums + \item Sharding + \item Preserved data flows + \item Anti-spam + \item Global consistency + \item Few simple parsers + \item No cryptographic agility + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \includegraphics[width=\columnwidth]{img/clean} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{0.7\textwidth} + \mktitle{Current status} + \begin{itemize} + \item Version v0 README and documentation\footnotemark + \item A public instance of the log is up and running + \item At least one party is witnessing the log + \item Come say hello and contribute if you want! + \begin{itemize} + \item \texttt{irc/oftc \#siglog} + \item Matrix bridge\footnotemark + \item Open meetings every Tuesday, 1300 + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.3\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/thanks} + \end{column} + \end{columns} + \footnotetext[1]{\burl{https://github.com/system-transparency/stfe/}} + \footnotetext[2]{\burl{https://app.element.io/\#/room/\#siglog:matrix.org}} +\end{frame} diff --git a/slides/2021-aha/src/preamble.tex b/slides/2021-aha/src/preamble.tex new file mode 100644 index 0000000..4021351 --- /dev/null +++ b/slides/2021-aha/src/preamble.tex @@ -0,0 +1,113 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[utf8]{inputenc} + +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{rotate} +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{pifont} +\usepackage{wasysym} +\usepackage{graphicx} +\usepackage{color} +\usepackage{drawstack} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + shapes,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +%\usepackage{floatrow}% this one causes error on arch for some reason +\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +\usepackage{hyperref} +\hypersetup{ + colorlinks = true, % Color links instead of boxes + urlcolor = darkBlue, % Color external hyper links + linkcolor = darkBlue, % Color internal links + citecolor = darkBlue, % Color citations +} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +\lstdefinestyle{CStyle}{ + backgroundcolor=\color{lightGray!25}, + commentstyle=\color{darkGreen}, + keywordstyle=\color{darkBlue}, + numberstyle=\tiny\color{darkRed}, + stringstyle=\color{darkPurple}, + basicstyle=\footnotesize, + breakatwhitespace=false, + breaklines=false, + captionpos=b, + keepspaces=true, + numbers=left, + numbersep=5pt, + showspaces=false, + showstringspaces=false, + showtabs=false, + tabsize=2, + language=C, + morekeywords={size_t,def,in,zip,True,False,ord,u8,u64}, +} + +\setbeamertemplate{itemize item}[circle] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\floatright}[1]{\hspace{0pt plus 1 filll}#1$\;$} + +\def\rding{\rotatebox[origin=c]{-91}{\ding{224}}} +\def\lding{\rotatebox[origin=c]{91}{\ding{224}}} + +% TODO: fix this properly... +\newcommand{\mktitle}[1]{\centering\textbf{\large#1}\vfill\normalsize} diff --git a/slides/2021-aha/src/titlepage.tex b/slides/2021-aha/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2021-aha/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} diff --git a/slides/2021-padsec/README b/slides/2021-padsec/README new file mode 100644 index 0000000..9bb6769 --- /dev/null +++ b/slides/2021-padsec/README @@ -0,0 +1 @@ +My talk at the 1st padsec conference. diff --git a/slides/2021-padsec/beamercolorthemergd.sty b/slides/2021-padsec/beamercolorthemergd.sty new file mode 100644 index 0000000..74ced1c --- /dev/null +++ b/slides/2021-padsec/beamercolorthemergd.sty @@ -0,0 +1,24 @@ +\mode + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} + +\mode diff --git a/slides/2021-padsec/beamerfontthemergd.sty b/slides/2021-padsec/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2021-padsec/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode diff --git a/slides/2021-padsec/beamerinnerthemergd.sty b/slides/2021-padsec/beamerinnerthemergd.sty new file mode 100644 index 0000000..b96a415 --- /dev/null +++ b/slides/2021-padsec/beamerinnerthemergd.sty @@ -0,0 +1,49 @@ +\mode + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + % Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](LogoMul){\includegraphics[width=3.5cm]{img/mullvad}} + (current page.west) -- + (current page.north west); + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north east) -- + (current page.north) -- + node[draw=none,pos=0.5](LogoKau){\includegraphics[width=3cm]{img/kau}} + (current page.east) -- + (current page.north east); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add date + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{date}\today\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + \end{tikzpicture} +} + +\mode diff --git a/slides/2021-padsec/beamerouterthemergd.sty b/slides/2021-padsec/beamerouterthemergd.sty new file mode 100644 index 0000000..45ba820 --- /dev/null +++ b/slides/2021-padsec/beamerouterthemergd.sty @@ -0,0 +1,71 @@ +\mode + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add metadata + \begin{beamercolorbox}[ + wd=0.50\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{trailer} + \href{https://rgdd.github.io}{rgdd.github.io} + $\cdots$ + \href{https://twitter.com/\_\_rgdd}{@\_\_rgdd} + $\cdots$ + \href{mailto:rasmus@mullvad.net}{rasmus@mullvad.net} + $\cdots$ + \href{mailto:rasmus.dahlberg@kau.se}{rasmus.dahlberg@kau.se} + \end{beamercolorbox}% + % Add title + \begin{beamercolorbox}[ + wd=0.45\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{header} + \inserttitle + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.05\paperwidth, + ht=2ex, + dp=0.5ex, + right, + rightskip=1ex + ]{header} + \insertframenumber/\inserttotalframenumber + \end{beamercolorbox}% + } +} + +\mode diff --git a/slides/2021-padsec/beamerthemergd.sty b/slides/2021-padsec/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2021-padsec/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode diff --git a/slides/2021-padsec/handout.pdf b/slides/2021-padsec/handout.pdf new file mode 100644 index 0000000..a262e86 Binary files /dev/null and b/slides/2021-padsec/handout.pdf differ diff --git a/slides/2021-padsec/img/after.tex b/slides/2021-padsec/img/after.tex new file mode 100644 index 0000000..c2af725 --- /dev/null +++ b/slides/2021-padsec/img/after.tex @@ -0,0 +1,70 @@ +\begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + }, +] + \node[entity, fill=darkBlue] (Publisher) at (0,0) { Publisher }; + \node[entity, fill=darkGreen, below=1.5cm of Publisher] (EndUser) {End-user}; + \node[entity, fill=darkOrange, left=1.5cm of Publisher] (Log) {Log}; + \node[entity, fill=darkRed, below=1.5cm of Log] (Witness) {Witness}; + + % Key setup + \path[path, dashed] ($ (EndUser) + (2,0) $) -- + node[relation, above] { Public keys } + (EndUser); + % Get data and signature + \path[path] (Publisher) -- + node[relation, right] { + \begin{tabular}{c} + Opaque data\\ + Signature\\ + Proofs of logging\\ + \end{tabular} + } + (EndUser); + % Verification + \path[path, rounded corners] + (EndUser.180) -| + ($ (EndUser) + (-1.25,-.75) $) + node[relation, below]{ + Verify + } -| + (EndUser.210); + + + % Cosigning + \path[path] (Witness) edge[bend right] + node[relation,right]{Cosignature} + (Log); + \path[path] (Log) edge[bend right] + node[relation,left]{Tree head} + (Witness); + \path[path, rounded corners] + (Witness.180) -| + ($ (Witness) + (-1.25,-.75) $) + node[relation, below]{ + Verify + } -| + (Witness.210); + + % Get proofs + \path[path] (Log) -- + node[relation,above]{Proofs of logging} + (Publisher); +\end{tikzpicture} diff --git a/slides/2021-padsec/img/before.tex b/slides/2021-padsec/img/before.tex new file mode 100644 index 0000000..f634ef4 --- /dev/null +++ b/slides/2021-padsec/img/before.tex @@ -0,0 +1,46 @@ +\begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + }, +] + \node[entity, fill=darkBlue] (Publisher) at (0,0) { Publisher }; + \node[entity, fill=darkGreen, below=1.5cm of Publisher] (EndUser) {End-user}; + + % Key setup + \path[path, dashed] ($ (EndUser) + (2,0) $) -- + node[relation, above] { Public key } + (EndUser); + % Get data and signature + \path[path] (Publisher) -- + node[relation, right] { + \begin{tabular}{c} + Opaque data\\ + Signature\\ + \end{tabular} + } + (EndUser); + % Verification + \path[path, rounded corners] + (EndUser.180) -| + ($ (EndUser) + (-1.25,-.75) $) + node[relation, below]{ + Verify + } -| + (EndUser.210); +\end{tikzpicture} diff --git a/slides/2021-padsec/img/clean.jpg b/slides/2021-padsec/img/clean.jpg new file mode 100644 index 0000000..2465e5e Binary files /dev/null and b/slides/2021-padsec/img/clean.jpg differ diff --git a/slides/2021-padsec/img/curl.jpg b/slides/2021-padsec/img/curl.jpg new file mode 100644 index 0000000..51765e7 Binary files /dev/null and b/slides/2021-padsec/img/curl.jpg differ diff --git a/slides/2021-padsec/img/kau.png b/slides/2021-padsec/img/kau.png new file mode 100755 index 0000000..0c7c885 Binary files /dev/null and b/slides/2021-padsec/img/kau.png differ diff --git a/slides/2021-padsec/img/log-request.tex b/slides/2021-padsec/img/log-request.tex new file mode 100644 index 0000000..08edf87 --- /dev/null +++ b/slides/2021-padsec/img/log-request.tex @@ -0,0 +1,47 @@ +\begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + }, +] + \node[entity, fill=darkBlue] (Publisher) at (0,0) { Publisher }; + \node[entity, fill=darkGreen, below=1.5cm of Publisher] (DNS) {DNS}; + \node[entity, fill=darkOrange, left=1.5cm of Publisher] (Log) {Log}; + + % Setup DNS + \path[path, dashed] (Publisher) -- + node[relation, right] {TXT RR} + (DNS); + + \path[path] (Publisher) edge[bend right] + node[relation, above] { + Key-value pairs + } + (Log); + \path[path] (Log) edge[bend right] + node[relation,below] { + accept/reject + } + (Publisher); + + \path[path, rounded corners] (Log) |- + node[relation,below,pos=.75]{ + verify TXT RR + } + (DNS); +\end{tikzpicture} diff --git a/slides/2021-padsec/img/mt.tex b/slides/2021-padsec/img/mt.tex new file mode 100644 index 0000000..3deaf62 --- /dev/null +++ b/slides/2021-padsec/img/mt.tex @@ -0,0 +1,19 @@ +\begin{tikzpicture}[ + -latex, +] + \Tree [ + .$\hash(h_{01}\concat h_{23})$ [ + .$h_{01}\coloneqq\hash(h_0\concat h_1)$ [ + .$h_0\coloneqq\hash(\mathsf{foo})$ + ] [ + .$h_1\coloneqq\hash(\mathsf{bar})$ + ] + ] [ + .$h_{23}\coloneqq\hash(h_2\concat h_3)$ [ + .$h_2\coloneqq\hash(\mathsf{baz})$ + ] [ + .$h_3\coloneqq\hash(\mathsf{qux})$ + ] + ] + ] +\end{tikzpicture} diff --git a/slides/2021-padsec/img/mullvad.png b/slides/2021-padsec/img/mullvad.png new file mode 100644 index 0000000..4574eb1 Binary files /dev/null and b/slides/2021-padsec/img/mullvad.png differ diff --git a/slides/2021-padsec/img/openbsd.pdf b/slides/2021-padsec/img/openbsd.pdf new file mode 100644 index 0000000..53c6c98 Binary files /dev/null and b/slides/2021-padsec/img/openbsd.pdf differ diff --git a/slides/2021-padsec/img/rb.png b/slides/2021-padsec/img/rb.png new file mode 100644 index 0000000..a0b30cb Binary files /dev/null and b/slides/2021-padsec/img/rb.png differ diff --git a/slides/2021-padsec/img/rgdd.jpg b/slides/2021-padsec/img/rgdd.jpg new file mode 100644 index 0000000..597b406 Binary files /dev/null and b/slides/2021-padsec/img/rgdd.jpg differ diff --git a/slides/2021-padsec/img/thanks.pdf b/slides/2021-padsec/img/thanks.pdf new file mode 100644 index 0000000..9ad4dc8 Binary files /dev/null and b/slides/2021-padsec/img/thanks.pdf differ diff --git a/slides/2021-padsec/img/tree-leaf.trunnel b/slides/2021-padsec/img/tree-leaf.trunnel new file mode 100644 index 0000000..c3806f3 --- /dev/null +++ b/slides/2021-padsec/img/tree-leaf.trunnel @@ -0,0 +1,9 @@ +/* + * The logged Merkle tree leaf data + */ +struct tree_leaf { + u64 shard_hint; + u8 checksum[32]; + u8 signature[64]; + u8 key_hash[32]; +} diff --git a/slides/2021-padsec/main.tex b/slides/2021-padsec/main.tex new file mode 100644 index 0000000..2c617fa --- /dev/null +++ b/slides/2021-padsec/main.tex @@ -0,0 +1,21 @@ +\pdfminorversion=4 +%\documentclass[handout,aspectratio=169]{beamer} +\documentclass[aspectratio=169]{beamer} +\usetheme{rgd} + +\input{src/preamble} + +\title{% + An Introduction to System Transparency Logging +} +\author{% + Rasmus Dahlberg +} +\date{% + \today +} + +\begin{document} + \input{src/titlepage} + \input{src/body} +\end{document} diff --git a/slides/2021-padsec/slides.pdf b/slides/2021-padsec/slides.pdf new file mode 100644 index 0000000..9e9872d Binary files /dev/null and b/slides/2021-padsec/slides.pdf differ diff --git a/slides/2021-padsec/src/body.tex b/slides/2021-padsec/src/body.tex new file mode 100644 index 0000000..f748c79 --- /dev/null +++ b/slides/2021-padsec/src/body.tex @@ -0,0 +1,366 @@ +\begin{frame} + \begin{columns} + \begin{column}{0.5\textwidth} + \mktitle{Outline} + \begin{enumerate} + \item Explore the problem area + \item A bird's view of the design + \item Revisit the problem area + \item How to get involved + \end{enumerate} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/rgdd} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +% +% https://curl.se/download.html +% +\begin{frame} + % + % 1. Introduce the setup. Daniel represents many software projects. + % 2. How would you know if your private key got compromised? + % + \begin{columns} + \begin{column}{0.5\textwidth} + \mktitle{Meet Daniel, the author of \texttt{curl}} + \begin{itemize} + \item Digital signing using \texttt{gpg} + \item Long-term RSA public key + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \includegraphics[height=.75\textheight]{img/curl} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +%% +%% signify: https://www.openbsd.org/papers/bsdcan-signify.html +%% +%% Locate next public key from the current OpenBSD, version 69. +%% 1. Download from mirror: https://cdn.openbsd.org/pub/OpenBSD/6.9/ +%% 2. Unpack src.tar.gz +%% 3. See etc/signify/openbsd-70-base.pub +%% +%\begin{frame} +% % +% % 1. Introduce the setup. A newer type of tooling than gpg. Sort of built- +% % in revocation by "ignoring the problem until it goes away". +% % 2. However, you would still like to know if you have a problem or not. +% % +% \vfill +% \begin{columns} +% \begin{column}{0.5\textwidth} +% \mktitle{Meet Puffy, the OpenBSD cartoon} +% \begin{itemize} +% \item Digital signing using \texttt{signify} +% \item Basically an interface to use Ed25519 +% \item Public keys are rotated every release +% \end{itemize} +% \end{column} +% \begin{column}{0.5\textwidth} +% \centering +% \includegraphics[width=\columnwidth]{img/openbsd} +% \burl{https://www.openbsd.org/art4.html} +% \end{column} +% \end{columns} +%\end{frame} + +% +% https://arxiv.org/pdf/2104.06020.pdf, page 6 for the challenge. +% +\begin{frame} + % + % 1. What is R-B. + % 2. Challenge + % 3. How I think that challenge could be approached + % + \vfill + \begin{columns} + \begin{column}{0.5\textwidth} + \mktitle{Meet the R-B project} + \begin{itemize} + \item Same input gives the same output + \item Consensus of ``valid'' checksum? + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/rb} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Problem summary} + \vfill + \begin{columns} + \begin{column}{0.125\textwidth} + \end{column} + \begin{column}{0.75\textwidth} + \begin{enumerate} + \item What signatures were produced by a given private key? + \item Consensus of checksums that should be considered valid? + \end{enumerate} + \end{column} + \begin{column}{0.125\textwidth} + \end{column} + \end{columns} + \vfill +\end{frame} + +\begin{frame} + % + % 1. Introduce the system. Think first two paragraphs in design.md + % + \mktitle{Our starting point} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Data publisher + \item End-user + \item Assumptions + \begin{itemize} + \item Public key can be located + \item Signed data can be located + \item End-user can install extra tooling + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \input{img/before} + \end{column} + \end{columns} + \vfill + \pause + \alert{The attacker can compromise the data publisher}\\ + \pause + \alert{The goal is to detect unwanted key-usage} +\end{frame} + +\begin{frame} + % + % 1. Our design is about transparency logs. So, I need to explain briefly + % what a transparency log is. + % 2. Append-only Merkle tree. You can think of the data as being stored in + % the leaves. Each leaf is hashed. Parents concatenate their children + % hashes to produces their own hash values. Repeat until single root hash. + % 3. The root hash is usually called a tree head. + % 4. Tree head interesting because it fixes the structure and the content of + % the tree. Add/remove/modify -> new tree head. + % 5. If the log signs the tree head, you can hold it accountable for its + % structure and content. + % 6. This is important because the attacker can control the log. + % 7. So we cannot trust that the log is append-only. We will need to verify + % that. To this end we have consistency proofs. The intuition is that you + % can force the log to reveal a number of cryptographic hashes. These + % hashes will prove that the tree head you see today is consistent with the + % tree head you saw yesterday. + % 8. You can also prove that something is in the log efficiently. This is + % called an inclusion proof. The intuition is that you reveal a number of + % hashes. If you can use them to reconstruct the root of a globally + % consistent tree head you can be sure that some data is in the log. + % 8. Global consistency (as opposed to just consistency) is what prevents + % the log from creating forks. I will return to this later on because it is + % an important part of our design. + % (9. Not having global consistency would be like having a blockchain + % without a consensus mechanism.) + % + \mktitle{A quick step back---Transparency log crash course} + \input{img/mt} + \vfill + \begin{columns} + \begin{column}{0.33\textwidth} + \begin{itemize} + \item Tree head + \end{itemize} + \end{column} + \begin{column}{0.33\textwidth} + \begin{itemize} + \item Consistency proof + \end{itemize} + \end{column} + \begin{column}{0.33\textwidth} + \begin{itemize} + \item Inclusion proof + \end{itemize} + \end{column} + \end{columns} + \vfill + \pause + \alert{The attacker can control the log} +\end{frame} + +\begin{frame} + \mktitle{Preparing a logging request} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Select a shard hint and checksum + \item Sign using your private key + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \lstinputlisting[style=CStyle]{img/tree-leaf.trunnel} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Submitting a logging request} + \begin{columns} + \begin{column}{0.2\textwidth} + \underline{Key-value pairs:} + \begin{itemize} + \item Shard hint + \item Checksum + \item Signature + \item Public key + \item Domain hint + \end{itemize} + \end{column} + \begin{column}{0.8\textwidth} + \centering + \input{img/log-request} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Distributing proofs of public logging} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item End-user will not talk to the log + \item Proofs of logging + \begin{itemize} + \item Inclusion proof + \item Tree head + \end{itemize} + \item Witness cosigning + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \input{img/after} + \end{column} + \end{columns} + \pause + \alert{The attacker can control a threshold of witnesses} +\end{frame} + +\begin{frame} + \mktitle{Summary and additional details} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Signed checksums + \item Sharding + \item Preserved data flows + \item Anti-spam + \item Global consistency + \item Few simple parsers + \item No cryptographic agility + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \includegraphics[width=\columnwidth]{img/clean} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \begin{columns} + \begin{column}{0.5\textwidth} + \mktitle{Remember Daniel?} + \begin{itemize} + \item (Cross-)sign with Ed25519 + \item Backwards compatible verification? + \begin{enumerate} + \item Verify RSA \texttt{gpg} signature + \item Verify the rest with tlog tooling + \end{enumerate} + \item Monitor the log for your own leaves + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \includegraphics[height=.75\textheight]{img/curl} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +%\begin{frame} +% \vfill +% \begin{columns} +% \begin{column}{0.5\textwidth} +% \mktitle{Remember Puffy?} +% \begin{itemize} +% \item No extra key-pair +% \item Cross-sign for backwards compatibility +% \item Possible end-user verification +% \begin{enumerate} +% \item Verify \texttt{signify} signature +% \item Verify the rest with tlog tooling +% \end{enumerate} +% \end{itemize} +% \end{column} +% \begin{column}{0.5\textwidth} +% \centering +% \includegraphics[width=\columnwidth]{img/openbsd} +% \burl{https://www.openbsd.org/art4.html} +% \end{column} +% \end{columns} +%\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{0.5\textwidth} + \mktitle{Remember the R-B project?} + \begin{itemize} + \item Sign and log the expected checksums + \item Valid checksum is a logged checksum + \item Rebuilders monitor the log + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/rb} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{0.7\textwidth} + \mktitle{Get involved} + \begin{itemize} + \item Feedback on our v0 design\footnotemark and API\footnotemark? + \item Is this a service that you would use? Why (not)? + \item Want to run an experimental log or witness? + \item Implementation and tooling is still early-days + \item Reach out via slack\footnotemark, GitHub, or DM + \end{itemize} + \end{column} + \begin{column}{0.3\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/thanks} + \end{column} + \end{columns} + \footnotetext[1]{\burl{https://github.com/system-transparency/stfe/blob/design/doc/design.md}} + \footnotetext[2]{\burl{https://github.com/system-transparency/stfe/blob/design/doc/api.md}} + \footnotetext[3]{\burl{https://communityinviter.com/apps/system-transparency/join}} +\end{frame} diff --git a/slides/2021-padsec/src/preamble.tex b/slides/2021-padsec/src/preamble.tex new file mode 100644 index 0000000..4021351 --- /dev/null +++ b/slides/2021-padsec/src/preamble.tex @@ -0,0 +1,113 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[utf8]{inputenc} + +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{rotate} +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{pifont} +\usepackage{wasysym} +\usepackage{graphicx} +\usepackage{color} +\usepackage{drawstack} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + shapes,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +%\usepackage{floatrow}% this one causes error on arch for some reason +\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +\usepackage{hyperref} +\hypersetup{ + colorlinks = true, % Color links instead of boxes + urlcolor = darkBlue, % Color external hyper links + linkcolor = darkBlue, % Color internal links + citecolor = darkBlue, % Color citations +} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +\lstdefinestyle{CStyle}{ + backgroundcolor=\color{lightGray!25}, + commentstyle=\color{darkGreen}, + keywordstyle=\color{darkBlue}, + numberstyle=\tiny\color{darkRed}, + stringstyle=\color{darkPurple}, + basicstyle=\footnotesize, + breakatwhitespace=false, + breaklines=false, + captionpos=b, + keepspaces=true, + numbers=left, + numbersep=5pt, + showspaces=false, + showstringspaces=false, + showtabs=false, + tabsize=2, + language=C, + morekeywords={size_t,def,in,zip,True,False,ord,u8,u64}, +} + +\setbeamertemplate{itemize item}[circle] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\floatright}[1]{\hspace{0pt plus 1 filll}#1$\;$} + +\def\rding{\rotatebox[origin=c]{-91}{\ding{224}}} +\def\lding{\rotatebox[origin=c]{91}{\ding{224}}} + +% TODO: fix this properly... +\newcommand{\mktitle}[1]{\centering\textbf{\large#1}\vfill\normalsize} diff --git a/slides/2021-padsec/src/titlepage.tex b/slides/2021-padsec/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2021-padsec/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} diff --git a/slides/2021-pets/.gitignore b/slides/2021-pets/.gitignore new file mode 100644 index 0000000..d1e39cc --- /dev/null +++ b/slides/2021-pets/.gitignore @@ -0,0 +1,9 @@ +main.aux +main.fdb_latexmk +main.fls +main.log +main.nav +main.out +main.pdf +main.snm +main.toc diff --git a/slides/2021-pets/README b/slides/2021-pets/README new file mode 100644 index 0000000..8b89967 --- /dev/null +++ b/slides/2021-pets/README @@ -0,0 +1,3 @@ +My (transcribed) PETS 2021 talk. + +Edit 2024-10-15: seems like there's some nit compiling now. diff --git a/slides/2021-pets/beamercolorthemergd.sty b/slides/2021-pets/beamercolorthemergd.sty new file mode 100644 index 0000000..74ced1c --- /dev/null +++ b/slides/2021-pets/beamercolorthemergd.sty @@ -0,0 +1,24 @@ +\mode + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} + +\mode diff --git a/slides/2021-pets/beamerfontthemergd.sty b/slides/2021-pets/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2021-pets/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode diff --git a/slides/2021-pets/beamerinnerthemergd.sty b/slides/2021-pets/beamerinnerthemergd.sty new file mode 100644 index 0000000..1c50b47 --- /dev/null +++ b/slides/2021-pets/beamerinnerthemergd.sty @@ -0,0 +1,43 @@ +\mode + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](LogoMul){\includegraphics[width=3.5cm]{img/kau}} + (current page.west) -- + (current page.north west); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add date + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{date}\insertdate\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + \end{tikzpicture} +} + +\mode diff --git a/slides/2021-pets/beamerouterthemergd.sty b/slides/2021-pets/beamerouterthemergd.sty new file mode 100644 index 0000000..456290a --- /dev/null +++ b/slides/2021-pets/beamerouterthemergd.sty @@ -0,0 +1,69 @@ +\mode + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add metadata + \begin{beamercolorbox}[ + wd=0.50\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{trailer} + \href{https://rgdd.github.io}{rgdd.github.io} + $\;\;\;\;\;\;\;\;\cdots\;\;\;\;\;\;\;\;$ + \href{https://twitter.com/\_\_rgdd}{@\_\_rgdd} + $\;\;\;\;\;\;\;\cdots\;\;\;\;\;\;\;$ + \href{mailto:rasmus.dahlberg@kau.se}{rasmus.dahlberg@kau.se} + \end{beamercolorbox}% + % Add title + \begin{beamercolorbox}[ + wd=0.45\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{header} + \insertsubtitle + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.05\paperwidth, + ht=2ex, + dp=0.5ex, + right, + rightskip=1ex + ]{header} + \insertframenumber/\inserttotalframenumber + \end{beamercolorbox}% + } +} + +\mode diff --git a/slides/2021-pets/beamerthemergd.sty b/slides/2021-pets/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2021-pets/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode diff --git a/slides/2021-pets/handout.pdf b/slides/2021-pets/handout.pdf new file mode 100644 index 0000000..211f95a Binary files /dev/null and b/slides/2021-pets/handout.pdf differ diff --git a/slides/2021-pets/img/beverwijk.jpg b/slides/2021-pets/img/beverwijk.jpg new file mode 100644 index 0000000..3ac9d1a Binary files /dev/null and b/slides/2021-pets/img/beverwijk.jpg differ diff --git a/slides/2021-pets/img/chrome.png b/slides/2021-pets/img/chrome.png new file mode 100644 index 0000000..b874d44 Binary files /dev/null and b/slides/2021-pets/img/chrome.png differ diff --git a/slides/2021-pets/img/ct.tex b/slides/2021-pets/img/ct.tex new file mode 100644 index 0000000..ae1213c --- /dev/null +++ b/slides/2021-pets/img/ct.tex @@ -0,0 +1,72 @@ +\begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + }, +] + \node[entity, fill=darkBlue] (Log) at (0,0) { Log }; + \node[entity, fill=darkGreen, below=1.5cm of Log] (Browser) {Browser}; + \node[entity, fill=darkOrange, left=1.5cm of Log] (CA) {CA}; + \node[entity, fill=darkRed, below=1.5cm of CA] (Website) {Website}; + + % Logging + \path[path] (CA) edge[bend left] + node[relation,right,below]{Certificate} + (Log); + \path[path] (Log) edge[bend left] + node[relation,left,above]{Proofs} + (CA); + + % Distribution + \path[path] (CA) -- + node[relation, below, sloped]{% + \begin{tabular}{c} + Certificate\\ + Proofs \\ + \end{tabular} + } + (Website); + + + % Serve + \path[path] (Website) -- + node[relation, below] { + \begin{tabular}{c} + Certificate\\ + Proofs \\ + \end{tabular} + } + (Browser); + + % Monitor + \path[path, dashed] (Website.15) -- + node[relation]{% + \includegraphics[width=.8cm]{img/magnify} + } + (Log.290); + + % Verify + \path[path, rounded corners] + (Browser.0) -| + ($ (Browser) + (1.25,.75) $) + node[relation, above]{ + Verify + } -| + (Browser.30); + +\end{tikzpicture} diff --git a/slides/2021-pets/img/design-full.pdf b/slides/2021-pets/img/design-full.pdf new file mode 100644 index 0000000..5602116 Binary files /dev/null and b/slides/2021-pets/img/design-full.pdf differ diff --git a/slides/2021-pets/img/design-incremental.pdf b/slides/2021-pets/img/design-incremental.pdf new file mode 100644 index 0000000..7c7160d Binary files /dev/null and b/slides/2021-pets/img/design-incremental.pdf differ diff --git a/slides/2021-pets/img/diginotar.jpg b/slides/2021-pets/img/diginotar.jpg new file mode 100644 index 0000000..c185e38 Binary files /dev/null and b/slides/2021-pets/img/diginotar.jpg differ diff --git a/slides/2021-pets/img/kau.png b/slides/2021-pets/img/kau.png new file mode 100755 index 0000000..0c7c885 Binary files /dev/null and b/slides/2021-pets/img/kau.png differ diff --git a/slides/2021-pets/img/magnify.png b/slides/2021-pets/img/magnify.png new file mode 100644 index 0000000..9b8ec7d Binary files /dev/null and b/slides/2021-pets/img/magnify.png differ diff --git a/slides/2021-pets/img/mullvad.png b/slides/2021-pets/img/mullvad.png new file mode 100644 index 0000000..4574eb1 Binary files /dev/null and b/slides/2021-pets/img/mullvad.png differ diff --git a/slides/2021-pets/img/phase-1.png b/slides/2021-pets/img/phase-1.png new file mode 100644 index 0000000..6d90fa0 Binary files /dev/null and b/slides/2021-pets/img/phase-1.png differ diff --git a/slides/2021-pets/img/phase-2.png b/slides/2021-pets/img/phase-2.png new file mode 100644 index 0000000..0638293 Binary files /dev/null and b/slides/2021-pets/img/phase-2.png differ diff --git a/slides/2021-pets/img/phase-3-4.png b/slides/2021-pets/img/phase-3-4.png new file mode 100644 index 0000000..f7fd529 Binary files /dev/null and b/slides/2021-pets/img/phase-3-4.png differ diff --git a/slides/2021-pets/img/safari.png b/slides/2021-pets/img/safari.png new file mode 100644 index 0000000..0fb75ec Binary files /dev/null and b/slides/2021-pets/img/safari.png differ diff --git a/slides/2021-pets/img/tb.png b/slides/2021-pets/img/tb.png new file mode 100644 index 0000000..3fd6852 Binary files /dev/null and b/slides/2021-pets/img/tb.png differ diff --git a/slides/2021-pets/img/thanks.pdf b/slides/2021-pets/img/thanks.pdf new file mode 100644 index 0000000..9ad4dc8 Binary files /dev/null and b/slides/2021-pets/img/thanks.pdf differ diff --git a/slides/2021-pets/main.tex b/slides/2021-pets/main.tex new file mode 100644 index 0000000..861b8ed --- /dev/null +++ b/slides/2021-pets/main.tex @@ -0,0 +1,27 @@ +\pdfminorversion=4 +%\documentclass[handout,aspectratio=169]{beamer} +\documentclass[aspectratio=169]{beamer} +\usetheme{rgd} + +\input{src/preamble} + +\title{%full version that is shown on the front page + Privacy-Preserving \& Incrementally-Deployable Support for Certificate + Transparency in Tor +} +\subtitle{%short version that is shown in the footer on each slide + Certificate Transparency in Tor +} +\author{% + \textbf{Rasmus Dahlberg}, Tobias Pulls, Tom Ritter, and Paul Syverson +} +\date{% + July 15, 2021 +} + +\begin{document} + \input{src/titlepage} + \input{src/start} + \input{src/body} + \input{src/end} +\end{document} diff --git a/slides/2021-pets/slides.pdf b/slides/2021-pets/slides.pdf new file mode 100644 index 0000000..39a9e6b Binary files /dev/null and b/slides/2021-pets/slides.pdf differ diff --git a/slides/2021-pets/src/body.tex b/slides/2021-pets/src/body.tex new file mode 100644 index 0000000..8d38999 --- /dev/null +++ b/slides/2021-pets/src/body.tex @@ -0,0 +1,413 @@ +\begin{frame} + % + % The problem that we are trying to take on in this paper is adding support + % for CT in Tor Browser. In other words, right now CT is not enforced at + % all and that is something we would like to change. + % + % The reason why we would like to change that is - first of all - we don't + % want users of Tor Browser to be subject to DigiNotar style attacks. This + % is in fact easier against Tor Browser because you can position + % yourself in the network by volunteering to run Tor relays. This type of + % attacker has been observed several times in Tor - for example by + % using self-signed certificates or simply targeting HTTP traffic. Now that + % encryption on the web matured and continues to mature, you kind of need a + % mis-issued certificate to pull of these attacks. So, this is probably a + % good enough argument already to add CT in Tor Browser. + % + % The second threat that is very important for Tor is that an attacker may + % rely on interception to de-anonymize a subset of users. For context, + % recall that Tor is a low-latency anonymity network that routes your + % traffic through a guard relay, a middle relay, and an exit relay. At + % each hop a layer of encryption is pealed off, such that the guard only + % learns the sender's identity and the exit only learns the visited website. + % + % If the attacker can intercept the encrypted traffic at the exit - using a + % mis-issued certificate - it would be trivial to de-anonymize a user that + % logs in to a service. + % + % We have also observed cases in the past where attackers break Tor's + % anonymity by serving zero-day exploits to the browser. A pre-requisite to + % serve such an exploit is the ability to make it load. Again, because the + % web is mostly encrypted these days, a mis-issued certificate can help to + % make the loading procedure happen. + % + % So, in terms of threat modelling we assume a powerful attacker that has + % access to a browser zero-day exploit. The attacker also has the usual Tor + % capabilities like controlling and denying service to a fraction of relays, + % and in addition to that the attacker has access to a Certificate Authority + % that can mis-issue certificates on request. + % + % Our design further permits the attacker to control enough CT logs, so that + % you can trivially bypass today's definition of CT compliance. + % + % This is actually one of the reasons why we started looking into Tor in + % the first place. If a major problem with full decentralized verification + % is privacy, then we might have better luck in Tor's more private setting. + % + \mktitle{Problem statement} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Tor Browser does not enforce CT + \item Guard against prominent threats + \begin{itemize} + \item DigiNotar style attacks + \item Interception to deanonymize + \end{itemize} + \item Aim higher than CT compliance + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering\includegraphics[width=.5\columnwidth]{img/tb} + \end{column} + \end{columns} + \vfill + \pause + \centering\alert{% + Attacker with browser exploit, CA, CT logs, and usual Tor capabilities + } +\end{frame} + +\begin{frame} + % + % What we are proposing is a gradual roll-out plan. + % + % The first step is to catch up with today's CT compliant browsers. Pairs + % of logs are trusted blindly because there is no follow-up verification + % of the log's SCTs. Recall from earlier that SCTs are promises of public + % logging. In an ideal world, these promises are also verified by someone. + % + % Is this first step suboptimal? + % - Yes. + % Is it a significant improvement when compared to what we had before? + % - Also yes. + % + % How to do this is not really a research problem to be honest. It is, + % however, a reasonable starting point that we know doesn't break the web. + % The reason why we know that is because other browsers already do it. + % I like to think of this first increment as ruling out many weaker + % attackers that may control certificate authorities but not enough CT logs. + % + % Next, we propose some incremental steps to get started with the + % decentralized verification that will reduce trust in the log ecosystem. + % I will get back to this later, because it is more intuitive to introduce + % the full design that places no blind trust in the log ecosystem. + % + % In terms of trust assumptions we go from + % pairs of logs that are trusted blindly, + % to some log that is trusted blindly, + % to no log that is trusted blindly. + % + \vfill + \mktitle{Gradual roll-out plan} + \begin{enumerate} + \item Catch up with CT compliant browsers + \floatright{\emph{pairs of logs} are trusted blindly} + \item Steps towards decentralized verification + \floatright{\emph{some log} is trusted blindly} + \item Fully decentralized verification + \floatright{\emph{no log} is trusted blindly} + \end{enumerate} + \vfill +\end{frame} + +\begin{frame} + % + % Okay. What I'm hoping to do for the remainder of this presentation is to + % give you an intuition of + % a) how we arrived at the full design that is now in front of us, and + % b) what complexities can we get rid of to roll it out gradually + % + % To help us think and reason about the design we divided it into phases. + % + % Phase 1 takes place before phase 2. + % Phase 2 takes place before phase 3. + % And so forth. + % + % For security, it should be difficult for the attacker to reliably + % interfere without detection in any phase. Misbehavior of Certificate + % Authorities and/or CT logs are detected after the final phase played out. + % + % Examples of misbehavior include creating a mis-issued certificate or not + % making it available to the public after promising to do so. + % + % Let's look at each phase separately. + % + \mktitle{Overview of the full design} + \centering\includegraphics[height=.5\textheight]{img/design-full} + \vfill + \pause + \alert{Security? Difficult to interfere without detection in any phase} +\end{frame} + +\begin{frame} + % + % The first phase happens in Tor Browser. + % A so-called SFO, which is really just a certificate chain and its + % associated SCTs, is presented to Tor Browser during a website visit. + % If this SFO is CT compliant, we accept the connection to avoid any + % blocking and degraded user experience. + % + % Now we want to do better than just trusting the logs' promises of public + % logging. This means that we will need to audit encountered SFOs by + % interacting with the logs. + % + % The simplest thing that comes to mind is to fetch an inclusion proof from + % a log. This interaction is privacy invasive with a regular browser, but + % less so with Tor Browser because of its anonymity properties. + % + % An immediate problem, however, is that Tor Browser has a disk avoidance + % criteria. This means that no browsing related activity can be persisted + % after closing Tor Browser. This includes encountered SFOs that have yet + % to be audited. In practise, it takes up to 24 hours before a certificate + % is logged. This follows from a so-called Maximum Merge Delay. + % + % In other words, we will have to wait at least 24 hours before a newly + % issued certificate can be audited. Tor Browser has likely been shutdown + % by then, which means that the SFO will be deleted and thus not audited. + % + % A second problem is that the attacker controls the log, and in our threat + % model the attacker also has a zero-day exploit against the browser. The + % attacker could trivially delay the log's response while taking control of + % the browser to disable the auditing mechanism all together. + % + % So, what we need is to get the encountered SFO away from Tor Browser as + % soon as possible so that _someone_ can audit it. A straw man design would + % be to send all SFOs to a centralized third-party that is trusted. + % However, that party would get a considerable aggregation of browsing + % history. Such population data is valuable and better not collected. + % + % Another problem is that a centralized solution does not scale with the + % network. What we do instead is to utilize Tor's existing relays to help + % with CT auditing. Such Certificate Transparency Relays are called CTRs in + % our design. Relays may be assigned the CTR flag similar to how a Tor + % relay may be assigned the HSDir flag if some conditions are met. + % + % To reduce overhead, only a sample of SFOs are submitted to randomly + % selected CTRs. The probability of detection can therefore not be larger + % than the probability that an encountered SFO is submitted for auditing. + % + % Note that it is important that the attacker cannot infer which CTR + % received an SFO because Tor's threat model includes DoS attacks on + % individual CTRs. If you can take the right CTR offline, the submitted + % SFO would not be audited and any misbehavior would thus not be detected. + % + % We discuss how the attacker can try to infer this in the paper using their + % zero-day exploit. It boils down to winning a race against us submitting + % the SFO on a one-time Tor circuit that was prepared ahead-of-time. + % + \mktitle{Submission phase} + \centering\includegraphics[width=.75\textwidth]{img/phase-1} + \vfill + \begin{columns} + \begin{column}{.1\textwidth} + \end{column} + \begin{column}{.4\textwidth} + \textbf{Straw man proposals} + \begin{itemize} + \item Fetch an inclusion proof + \item Rely on a centralized party + \end{itemize} + \end{column} + \begin{column}{.1\textwidth} + \end{column} + \begin{column}{.4\textwidth} + \textbf{What we do instead} + \begin{itemize} + \item Use Tor relays, ``CTRs'' + \item Probabilistic submit + \end{itemize} + \end{column} + \end{columns} + \vfill + \pause + \centering\alert{It must be difficult to infer which CTR received an SFO} +\end{frame} + +\begin{frame} + % + % Okay. + % + % A CTR received a submitted SFO. Now what? + % + % The simplest thing would be to challenge the log to prove inclusion if + % the SFO's Maximum Merge Delay elapsed, and otherwise wait until it does. + % + % The problem with contacting the log immediately is that it leaks a lot of + % valuable information to the attacker. For example, it is deterministic + % when the CTR will do its auditing. That helps with interference planning. + % + % It also leaks real-time browsing patterns which are helpful for traffic + % analysis against Tor. Since we will anyway need to buffer newly issued + % SFOs until the Maximum Merge Delay elapsed, it is not an added complexity + % to always buffer SFOs for a random amount of time to reduce this leakage. + % + % Leakage to CT logs are also reduced because CTRs cache audited SFOs. + % + % To summarize the basics of the buffer phase then. + % + % You receive an SFO. If you have not seen it before, you buffer the SFO + % until the log's Maximum Merge Delay elapsed. You also add a random + % auditing delay to obfuscate real-time browsing patterns. + % + % Phase 3 starts when it is time to do the auditing. + % + % The attacker's best bet to interfere in phase 2 is to do a so-called + % network-wide flush. Please refer to our paper for more details. The + % TL;DR is that we cannot prevent such interference, but it is trivially + % detected and draws unwanted attention if CTRs publish relevant metrics. + % + \mktitle{Buffering phase} + \begin{columns} + \begin{column}{.5\textwidth} + \begin{itemize} + \item Buffer until logging is required + \item Add a random delay to leak less + \item Cache audited SFOs to leak less + \end{itemize} + \end{column} + \begin{column}{.5\textwidth} + \centering + \includegraphics[width=.5\columnwidth]{img/phase-2} + \end{column} + \end{columns} + \vfill + \pause + \centering\alert{% + The attacker's best bet to interfere is trivially detectable + } +\end{frame} + +\begin{frame} + % + % After an SFO's buffering phase is over, the CTR will challenge a log to + % prove inclusion. This inclusion proof will reference the first signed + % tree head in Tor's consensus that should have merged it by now. + % + % If you are familiar with gossip, notice that the difficulty of presenting + % an undetected split-view here is as difficult as breaking Tor's consensus + % mechanism. Other user agents than Tor Browser can benefit from this. + % + % Anyhow, an important detail that we discuss in the paper is that the + % attacker (who controls the log) can likely infer which CTR queried for + % inclusion. Surprisingly, perhaps, it may even be so despite using Tor. + % + % It is problematic if the attacker can infer the CTR's identity. Then you + % basically do a DoS on that relay and the mis-issued SFO goes unnoticed. + % + % To err on the safe side, we decided to assume that the attacker can in + % fact identify which CTR queried for inclusion. In other words, once a + % mis-issued SFO has been queried for, the querying CTR becomes unavailable. + % + % To prepare against this threat each CTR collaborates with another CTR. + % That other CTR is called a watchdog in our design. Before doing an + % inclusion query, the CTR sends the SFO upfront to a watchdog. If the + % query succeeded the watchdog receives an acknowledgment. If there is no + % timely acknowledgment, it is the watchdog's responsibility to report that + % SFO to a trusted auditor that will investigate the issue further. + % + % The reason why it is not the watchdog that does the final investigation is + % because the average Tor relay operator cannot be expected to do so. Tor + % relays are also designed not to write data to disk unless debugging is + % enabled. Such disk writes would increase the risk of unwanted search, + % seizure, and forensic analysis of the operator's physical servers. + % + % Now you might feel like you got the run around. We started by saying that + % we cannot have a centralized third-party auditor. Yet, in the end it is a + % centralized third-party auditor that investigates potential issues. + % + % What's different here is that the number of SFOs that reach these auditors + % are reduced in numbers. Under normal circumstances, an auditor should not + % receive any report at all. If some log suffers from bad availability, the + % number of reports are also limited in our design because CTRs back-off + % immediately after a failed query. What we trust these auditors with is a + % tiny subset of SFOs that need further investigation. + % + % These auditors also do not have to scale with the network because the + % expected number of reports is very small. + % + \begin{columns} + \begin{column}{.6\textwidth} + \mktitle{Audit and report phases} + \begin{itemize} + \item Fetch inclusion proof against a specific STH + \item Rely on Tor's consensus to agree on STHs + \item Watchdog CTRs do the reporting if needed + \begin{itemize} + \item Protects against CTR identification + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{.4\textwidth} + \includegraphics[width=\columnwidth]{img/phase-3-4} + \end{column} + \end{columns} + \vfill + \pause + \centering\alert{Why not just send to a trusted auditor immediately?} +\end{frame} + +\begin{frame} + % + % Let's put it all together. + % + % For each certificate validation in Tor Browser, we basically flip a coin + % if it should be submitted to a random CTR for auditing. We made it as + % difficult as possible for the attacker to identify this CTR. + % + % CTRs buffer incoming SFOs until they can be audited. To reduce leakage + % to the logs, random delays are added and audited SFOs are cached. + % + % SFOs are audited against signed tree heads in Tor's consensus. This makes + % it as difficult to fork the log as it is to forge a valid Tor consensus. + % Other ecosystems can benefit from this and not just Tor. + % + % While an SFO is audited we erred on the safe side and assumed that the + % attacker can infer from the inclusion query which CTR holds evidence of + % Certificate Authority + % and/or log misbehavior. This means that the holding CTR can be knocked + % offline shortly thereafter. To guard against this threat, a watchdog + % receives the SFO upfront. If there is no timely acknowledgment, a report + % is sent to a trusted auditor that investigates the issue further. + % + % Such reporting should be rare, even if a log becomes unavailable our + % design ensures that a limited amount of SFOs leak to these auditors. + % + % Although these auditors don't have to scale with the network anymore, it + % requires both new software and operations to be deployed. The overall + % complexity in phase two, three, and four, is also quite a leap from just + % basic CT compliance. Therefore, we proposed a simplified version that + % can be deployed incrementally. + % + \mktitle{Putting it all together} + \centering\includegraphics[height=.5\textheight]{img/design-full} + \vfill + \pause + \alert{This is quite a leap from CT compliance} +\end{frame} + +\begin{frame} + % + % Phase 1 is identical in our incremental design. The main difference is + % that no inclusion proofs will be fetched. Instead, CTRs are going to + % cross-log certificates and possibly entire SFOs if CT logs allow it. + % + % You can think of this as using the log ecosystem against the attacker. CT + % logs are basically repurposed as CT auditors. A cross-logged certificate + % becomes public so that Certificate Authority misbehavior can be detected + % by anyone that inspects the logs. + % + % Of course, this assumes that at least some log is honest. + % + % We can also detect log misbehavior if CT logs allowed logging of SCTs, not + % just certificates. That, however, requires an extended CT log API. + % + % Personally, I think that would be a valuable addition to the log ecosystem + % because it provides a well-defined place to do casual SFO reporting. + % + \mktitle{Incremental design} + \centering\includegraphics[height=.33\textheight]{img/design-incremental} + \vfill + \pause + \alert{Use the log ecosystem against the attacker}\\ +\end{frame} diff --git a/slides/2021-pets/src/end.tex b/slides/2021-pets/src/end.tex new file mode 100644 index 0000000..56beaf3 --- /dev/null +++ b/slides/2021-pets/src/end.tex @@ -0,0 +1,34 @@ +\begin{frame} + % + % As a take away I hope that you are convinced that Tor Browser would + % benefit from CT. + % - This was the first part of the presentation. + % + % CT would also benefit from more auditing, which we can do here in a secure + % and privacy-preserving manner because of and how we use Tor. + % - This was the second part of the presentation. + % + % Although not presented here, we show in our paper that the resulting + % system is also performant based on estimations from two public data sets. + % + % An important insight from our work is that pushing the auditing logic + % away from Tor Browser is important to defend against relevant threats. + % The simple approach of "just fetching an inclusion proof" does not work. + % + % That's it. Thanks! + \vfill + \begin{columns} + \begin{column}{0.6\textwidth} + \mktitle{Take away} + \begin{itemize} + \item Tor Browser would benefit from CT + \item CT would benefit from more auditing + \item Delegated auditing is key in our setting + \end{itemize} + \end{column} + \begin{column}{0.4\textwidth} + \centering + \includegraphics[width=.8\columnwidth]{img/thanks} + \end{column} + \end{columns} +\end{frame} diff --git a/slides/2021-pets/src/preamble.tex b/slides/2021-pets/src/preamble.tex new file mode 100644 index 0000000..403d146 --- /dev/null +++ b/slides/2021-pets/src/preamble.tex @@ -0,0 +1,112 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[utf8]{inputenc} + +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{rotate} +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{wasysym} +\usepackage{graphicx} +\usepackage{color} +\usepackage{drawstack} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + shapes,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +%\usepackage{floatrow}% this one causes error on arch for some reason +\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +\usepackage{hyperref} +\hypersetup{ + colorlinks = true, % Color links instead of boxes + urlcolor = darkBlue, % Color external hyper links + linkcolor = darkBlue, % Color internal links + citecolor = darkBlue, % Color citations +} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +\lstdefinestyle{CStyle}{ + backgroundcolor=\color{lightGray!25}, + commentstyle=\color{darkGreen}, + keywordstyle=\color{darkBlue}, + numberstyle=\tiny\color{darkRed}, + stringstyle=\color{darkPurple}, + basicstyle=\footnotesize, + breakatwhitespace=false, + breaklines=false, + captionpos=b, + keepspaces=true, + numbers=left, + numbersep=5pt, + showspaces=false, + showstringspaces=false, + showtabs=false, + tabsize=2, + language=C, + morekeywords={size_t,def,in,zip,True,False,ord,u8,u64}, +} + +\setbeamertemplate{itemize item}[circle] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\floatright}[1]{\hspace{0pt plus 1 filll}#1$\;$} + +\def\rding{\rotatebox[origin=c]{-91}{\ding{224}}} +\def\lding{\rotatebox[origin=c]{91}{\ding{224}}} + +% TODO: fix this properly... +\newcommand{\mktitle}[1]{\centering\textbf{\large#1}\vfill\normalsize} diff --git a/slides/2021-pets/src/start.tex b/slides/2021-pets/src/start.tex new file mode 100644 index 0000000..00226e2 --- /dev/null +++ b/slides/2021-pets/src/start.tex @@ -0,0 +1,189 @@ +% +% Title page +% +% Hi everyone. Welcome to our talk "privacy-preserving and incrementally +% deployable support for Certificate Transparency in Tor". I'm Rasmus, a PhD +% student at Karlstad University. This is joint work together with +% Tobias Pulls from Karlstad University, +% Tom Ritter from Mozilla, and +% Paul Syverson from the US Naval Research Laboratory. +% + +\begin{frame} + % + % To get started I would like to remind us of the past. + % + % The year is 2011. Summer just arrived, and we are located in the northern + % parts of Netherlands. The offices of DigiNotar appear to be operating as + % usual. Had we been there at the time, we probably wouldn't have thought + % they'd be out of business in September. + % + \vfill + \begin{columns} + \begin{column}{0.45\textwidth} + \mktitle{A flash-back into the past} + \begin{itemize} + \item June, 2011 + \item Netherlands, Beverwijk + \item DigiNotar + \end{itemize} + \end{column} + \begin{column}{0.55\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/beverwijk} + \burl{https://creativecommons.org/licenses/by-sa/3.0/} + % https://commons.wikimedia.org/wiki/File:Nzkanaal2.jpg + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + % + % What happened? + % + % Let me give you the backdrop. + % + % DigiNotar was a so-called certificate authority that issued certificates + % for the web. Your browser uses these certificates to verify that you are + % really visiting the website that you intended to and not some attacker. + % + % Sounds great! What's the catch? + % Well. + % You have to trust that no Certificate Authority is going to mess up the + % certificate issuance process. Any failure in this process may result in a + % mis-issued certificate, which in turn may result in insecure connections. + % + % Okay. So, + % I think most of you know what happened. DigiNotar was hacked. They + % mis-issued certificates for Google, Mozilla, Tor, and many others. + % + % This was actually detected by DigiNotar. + % In response, they decided to be silent and cover it up. + % + % The main reason why we, the public, detected that DigiNotar was no longer + % operating in good faith is because of a large scale attack in Iran. Some + % of the mis-issued certificates were used to intercept network traffic of + % 300k gmail users. Perhaps we were actually lucky to detect the attack at + % all. If the attacker had been more stealthy, DigiNotar might still have + % been in operation today. That is a scary though. Can we do better? + % + % Fortunately, the answer is yes. We can do better. The overall ecosystem + % improved significantly since 2011. This talk covers one such improvement: + % - Certificate Transparency + % + \vfill + \begin{columns} + \begin{column}{0.45\textwidth} + \mktitle{What happened?} + \begin{itemize} + \item DigiNotar issued web certificates + \item Did not live up to expectations + \item Then tried to cover it up\footnotemark + \end{itemize} + \end{column} + \begin{column}{0.55\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/diginotar} + \burl{https://www.bbc.com/news/technology-14989334} + \end{column} + \end{columns} + \vfill + \pause + \centering\alert{A stealthy attacker might have gotten away with it!} + \footnotetext[1]{% + \tiny{ + FoxIT. + Black Tulip: Report of the investigation into the DigiNotar Certificate + Authority breach. + Page 3. + } + } +\end{frame} + +\begin{frame} + % + % Just to make sure that we are on the same page. + % + % A large scale attack should not be necessary to detect if a trusted party + % like DigiNotar misbehaves. And it is not like we are only talking about a + % single isolated incident. The real problem is that we have hundreds of + % Certificate Authorities that claim to issue certificates only to the + % rightful domain owners. Every now and then, someone gets it wrong. What + % we are left with is an incident that endangers our digital safety, + % sometimes even our physical safety depending on the real-world context. + % + % What Certificate Transparency brings to the table is the ability to detect + % mis-issued certificates. The basic idea is that every issued certificate + % must be disclosed in a public log that anyone can inspect. + % + % Usually, Certificate authorities are the ones doing the logging. Websites + % then serve the issued certificate together with some proofs of logging. + % The browser verifies these proofs before accepting the certificate as + % valid. + % + % This is actually great, because now a website can look for certificates + % that match their domain name in the log. If something shows up that they + % did not ask for - well - now they are aware of that. They probably + % wouldn't have been without the log. In response, you might question the + % certificate authority, initiate a revocation process, and so forth. + % + \vfill + \begin{columns} + \begin{column}{0.5\textwidth} + \mktitle{Larger problem and solution?} + \begin{itemize} + \item Digitar was not a one-time incident\footnotemark + \item Many other parties can get it wrong + \item Add visibility into issued certificates\footnotemark + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \input{img/ct} + \end{column} + \end{columns} + \footnotetext[2]{\burl{https://sslmate.com/certspotter/failures}} + \footnotetext[3]{\burl{https://certificate.transparency.dev/}} +\end{frame} + +\begin{frame} + % + % Certificate Transparency, or CT for short, has been - and is still being - + % gradually rolled-out by Google and others. For example, every certificate + % must be CT compliant to validate in Google Chrome and Apple's Safari. + % + % CT compliance basically means that at least two logs must have "promised" + % to make that certificate available to the public. Such a promise is + % usually called an SCT and it is hard-coded into the issued certificate. + % + % Browsers currently use SCTs as proofs of logging. It is possible to + % verify that these promises are in fact true. That is an important part to + % ensure that blind trust is not shifted from Certificate Authorities to CT + % logs. However, such verification is challenging because of the added + % complexity and possible privacy concerns. + % + % For example, to verify that a certificate is in fact included in a log, + % you need to interact with the log ecosystem. Such interactions leak + % a user's browsing patterns to the logs and that is kind of problematic. + % + \mktitle{Certificate Transparency (CT) compliance\footnotemark} + \begin{columns} + \begin{column}{0.25\textwidth} + \end{column} + \begin{column}{0.25\textwidth} + \centering\includegraphics[width=.67\columnwidth]{img/chrome} + \end{column} + \begin{column}{0.25\textwidth} + \centering\includegraphics[width=.7\columnwidth]{img/safari} + \end{column} + \begin{column}{0.25\textwidth} + \end{column} + \end{columns} + \vfill + ``Two logs promised that they will make the certificate public'' + + \footnotetext[4]{% + \burl{https://github.com/chromium/ct-policy/blob/master/ct_policy.md} + \& + \burl{https://support.apple.com/en-us/HT205280}% + } +\end{frame} diff --git a/slides/2021-pets/src/titlepage.tex b/slides/2021-pets/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2021-pets/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} diff --git a/slides/2021-surprise/.gitignore b/slides/2021-surprise/.gitignore new file mode 100644 index 0000000..d1e39cc --- /dev/null +++ b/slides/2021-surprise/.gitignore @@ -0,0 +1,9 @@ +main.aux +main.fdb_latexmk +main.fls +main.log +main.nav +main.out +main.pdf +main.snm +main.toc diff --git a/slides/2021-surprise/README b/slides/2021-surprise/README new file mode 100644 index 0000000..a7c8b5b --- /dev/null +++ b/slides/2021-surprise/README @@ -0,0 +1,3 @@ +(Transcribed) lightning-talk on what our CT in Tor work was about. Target +audience was funders/partners in the SURPRISE project. Not presented by me, +slides and hints was for Simone who attended the meeting. diff --git a/slides/2021-surprise/beamercolorthemergd.sty b/slides/2021-surprise/beamercolorthemergd.sty new file mode 100644 index 0000000..74ced1c --- /dev/null +++ b/slides/2021-surprise/beamercolorthemergd.sty @@ -0,0 +1,24 @@ +\mode + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} + +\mode diff --git a/slides/2021-surprise/beamerfontthemergd.sty b/slides/2021-surprise/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2021-surprise/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode diff --git a/slides/2021-surprise/beamerinnerthemergd.sty b/slides/2021-surprise/beamerinnerthemergd.sty new file mode 100644 index 0000000..1c50b47 --- /dev/null +++ b/slides/2021-surprise/beamerinnerthemergd.sty @@ -0,0 +1,43 @@ +\mode + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](LogoMul){\includegraphics[width=3.5cm]{img/kau}} + (current page.west) -- + (current page.north west); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add date + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{date}\insertdate\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + \end{tikzpicture} +} + +\mode diff --git a/slides/2021-surprise/beamerouterthemergd.sty b/slides/2021-surprise/beamerouterthemergd.sty new file mode 100644 index 0000000..456290a --- /dev/null +++ b/slides/2021-surprise/beamerouterthemergd.sty @@ -0,0 +1,69 @@ +\mode + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add metadata + \begin{beamercolorbox}[ + wd=0.50\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{trailer} + \href{https://rgdd.github.io}{rgdd.github.io} + $\;\;\;\;\;\;\;\;\cdots\;\;\;\;\;\;\;\;$ + \href{https://twitter.com/\_\_rgdd}{@\_\_rgdd} + $\;\;\;\;\;\;\;\cdots\;\;\;\;\;\;\;$ + \href{mailto:rasmus.dahlberg@kau.se}{rasmus.dahlberg@kau.se} + \end{beamercolorbox}% + % Add title + \begin{beamercolorbox}[ + wd=0.45\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{header} + \insertsubtitle + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.05\paperwidth, + ht=2ex, + dp=0.5ex, + right, + rightskip=1ex + ]{header} + \insertframenumber/\inserttotalframenumber + \end{beamercolorbox}% + } +} + +\mode diff --git a/slides/2021-surprise/beamerthemergd.sty b/slides/2021-surprise/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2021-surprise/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode diff --git a/slides/2021-surprise/handout.pdf b/slides/2021-surprise/handout.pdf new file mode 100644 index 0000000..df4657a Binary files /dev/null and b/slides/2021-surprise/handout.pdf differ diff --git a/slides/2021-surprise/img/kau.png b/slides/2021-surprise/img/kau.png new file mode 100755 index 0000000..0c7c885 Binary files /dev/null and b/slides/2021-surprise/img/kau.png differ diff --git a/slides/2021-surprise/img/tb.png b/slides/2021-surprise/img/tb.png new file mode 100644 index 0000000..3fd6852 Binary files /dev/null and b/slides/2021-surprise/img/tb.png differ diff --git a/slides/2021-surprise/main.tex b/slides/2021-surprise/main.tex new file mode 100644 index 0000000..dc4e82c --- /dev/null +++ b/slides/2021-surprise/main.tex @@ -0,0 +1,27 @@ +\pdfminorversion=4 +\documentclass[handout,aspectratio=169]{beamer} +%\documentclass[aspectratio=169]{beamer} +\usetheme{rgd} + +\input{src/preamble} + +\title{%full version that is shown on the front page + Privacy-Preserving \& Incrementally-Deployable Support for Certificate + Transparency in Tor +} +\subtitle{%short version that is shown in the footer on each slide + Certificate Transparency in Tor +} +\author{% + Rasmus Dahlberg, Tobias Pulls, Tom Ritter, and Paul Syverson +} +\date{% + July 15, 2021 +} + +\begin{document} + \input{src/titlepage} + \input{src/start} + \input{src/body} + \input{src/end} +\end{document} diff --git a/slides/2021-surprise/src/body.tex b/slides/2021-surprise/src/body.tex new file mode 100644 index 0000000..9b336e5 --- /dev/null +++ b/slides/2021-surprise/src/body.tex @@ -0,0 +1,50 @@ +\begin{frame} + % + % To explain the paper's contribution we can simply break down the title: + % privacy-preserving and incrementally deployable support for Certificate + % Transparency in Tor. + % + % To make a long story short, Tor Browser does not support Certificate + % Transparency. The reason why you want to do that is because it makes it + % possible to detect if visited websites are being impersonated or not. + % + % For example, an attacker may want to impersonate a website to steal a + % user's credit card number. It is also helpful to de-anonymize a Tor user. + % + % So, our work focus on adding support for Certificate Transparency in Tor + % Browser. We do that while focusing on two key properties. + % + % The proposed solution should be _privacy-preserving_. We achieve this + % because of and how we use Tor. + % + % The proposed solution should also be incrementally-deployable, and in the + % end have a stronger threat model than current Certificate Transparency + % deployments in Chrome and Safari that trust so-called CT logs blindly. + % + % In more detail, our incrementally-deployable design goes from: + % pairs of CT logs that are trusted blindly, to + % at least one CT log is trusted blindly, to + % no CT log that is trusted blindly. + % + % It is fair to say that we have a strong threat model where the attacker + % even has a zero-day exploit against Tor Browser. In spite of this very + % strong threat model, the involved performance overhead is modest. + % + % For more detail, please refer to our paper and/or watch the presentation. + % + \mktitle{Breaking down the title} + \begin{columns} + \begin{column}{0.55\textwidth} + \begin{itemize} + \item Support Certificate Transparency in Tor + \item Privacy-Preserving + \item Incrementally-deployable + \end{itemize} + \end{column} + \begin{column}{0.45\textwidth} + \centering\includegraphics[width=.5\columnwidth]{img/tb} + \end{column} + \end{columns} + \footnotetext[1]{\tiny{Paper: \url{https://petsymposium.org/2021/files/papers/issue2/popets-2021-0024.pdf}}} + \footnotetext[2]{\tiny{Presentation: \url{https://www.youtube.com/watch?v=f7yDJOd6g3U}}} +\end{frame} diff --git a/slides/2021-surprise/src/preamble.tex b/slides/2021-surprise/src/preamble.tex new file mode 100644 index 0000000..4021351 --- /dev/null +++ b/slides/2021-surprise/src/preamble.tex @@ -0,0 +1,113 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[utf8]{inputenc} + +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{rotate} +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{pifont} +\usepackage{wasysym} +\usepackage{graphicx} +\usepackage{color} +\usepackage{drawstack} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + shapes,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +%\usepackage{floatrow}% this one causes error on arch for some reason +\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +\usepackage{hyperref} +\hypersetup{ + colorlinks = true, % Color links instead of boxes + urlcolor = darkBlue, % Color external hyper links + linkcolor = darkBlue, % Color internal links + citecolor = darkBlue, % Color citations +} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +\lstdefinestyle{CStyle}{ + backgroundcolor=\color{lightGray!25}, + commentstyle=\color{darkGreen}, + keywordstyle=\color{darkBlue}, + numberstyle=\tiny\color{darkRed}, + stringstyle=\color{darkPurple}, + basicstyle=\footnotesize, + breakatwhitespace=false, + breaklines=false, + captionpos=b, + keepspaces=true, + numbers=left, + numbersep=5pt, + showspaces=false, + showstringspaces=false, + showtabs=false, + tabsize=2, + language=C, + morekeywords={size_t,def,in,zip,True,False,ord,u8,u64}, +} + +\setbeamertemplate{itemize item}[circle] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\floatright}[1]{\hspace{0pt plus 1 filll}#1$\;$} + +\def\rding{\rotatebox[origin=c]{-91}{\ding{224}}} +\def\lding{\rotatebox[origin=c]{91}{\ding{224}}} + +% TODO: fix this properly... +\newcommand{\mktitle}[1]{\centering\textbf{\large#1}\vfill\normalsize} diff --git a/slides/2021-surprise/src/titlepage.tex b/slides/2021-surprise/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2021-surprise/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} diff --git a/slides/2021-swits/README b/slides/2021-swits/README new file mode 100644 index 0000000..07de40e --- /dev/null +++ b/slides/2021-swits/README @@ -0,0 +1,2 @@ +My talk at SWITS, a conference for (mostly) academics in Sweden that are working +on privacy and security. diff --git a/slides/2021-swits/beamercolorthemergd.sty b/slides/2021-swits/beamercolorthemergd.sty new file mode 100644 index 0000000..74ced1c --- /dev/null +++ b/slides/2021-swits/beamercolorthemergd.sty @@ -0,0 +1,24 @@ +\mode + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} + +\mode diff --git a/slides/2021-swits/beamerfontthemergd.sty b/slides/2021-swits/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2021-swits/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode diff --git a/slides/2021-swits/beamerinnerthemergd.sty b/slides/2021-swits/beamerinnerthemergd.sty new file mode 100644 index 0000000..b96a415 --- /dev/null +++ b/slides/2021-swits/beamerinnerthemergd.sty @@ -0,0 +1,49 @@ +\mode + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + % Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](LogoMul){\includegraphics[width=3.5cm]{img/mullvad}} + (current page.west) -- + (current page.north west); + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north east) -- + (current page.north) -- + node[draw=none,pos=0.5](LogoKau){\includegraphics[width=3cm]{img/kau}} + (current page.east) -- + (current page.north east); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add date + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{date}\today\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + \end{tikzpicture} +} + +\mode diff --git a/slides/2021-swits/beamerouterthemergd.sty b/slides/2021-swits/beamerouterthemergd.sty new file mode 100644 index 0000000..45ba820 --- /dev/null +++ b/slides/2021-swits/beamerouterthemergd.sty @@ -0,0 +1,71 @@ +\mode + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add metadata + \begin{beamercolorbox}[ + wd=0.50\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{trailer} + \href{https://rgdd.github.io}{rgdd.github.io} + $\cdots$ + \href{https://twitter.com/\_\_rgdd}{@\_\_rgdd} + $\cdots$ + \href{mailto:rasmus@mullvad.net}{rasmus@mullvad.net} + $\cdots$ + \href{mailto:rasmus.dahlberg@kau.se}{rasmus.dahlberg@kau.se} + \end{beamercolorbox}% + % Add title + \begin{beamercolorbox}[ + wd=0.45\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{header} + \inserttitle + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.05\paperwidth, + ht=2ex, + dp=0.5ex, + right, + rightskip=1ex + ]{header} + \insertframenumber/\inserttotalframenumber + \end{beamercolorbox}% + } +} + +\mode diff --git a/slides/2021-swits/beamerthemergd.sty b/slides/2021-swits/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2021-swits/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode diff --git a/slides/2021-swits/handout.pdf b/slides/2021-swits/handout.pdf new file mode 100644 index 0000000..93ac3ca Binary files /dev/null and b/slides/2021-swits/handout.pdf differ diff --git a/slides/2021-swits/img/after.tex b/slides/2021-swits/img/after.tex new file mode 100644 index 0000000..c2af725 --- /dev/null +++ b/slides/2021-swits/img/after.tex @@ -0,0 +1,70 @@ +\begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + }, +] + \node[entity, fill=darkBlue] (Publisher) at (0,0) { Publisher }; + \node[entity, fill=darkGreen, below=1.5cm of Publisher] (EndUser) {End-user}; + \node[entity, fill=darkOrange, left=1.5cm of Publisher] (Log) {Log}; + \node[entity, fill=darkRed, below=1.5cm of Log] (Witness) {Witness}; + + % Key setup + \path[path, dashed] ($ (EndUser) + (2,0) $) -- + node[relation, above] { Public keys } + (EndUser); + % Get data and signature + \path[path] (Publisher) -- + node[relation, right] { + \begin{tabular}{c} + Opaque data\\ + Signature\\ + Proofs of logging\\ + \end{tabular} + } + (EndUser); + % Verification + \path[path, rounded corners] + (EndUser.180) -| + ($ (EndUser) + (-1.25,-.75) $) + node[relation, below]{ + Verify + } -| + (EndUser.210); + + + % Cosigning + \path[path] (Witness) edge[bend right] + node[relation,right]{Cosignature} + (Log); + \path[path] (Log) edge[bend right] + node[relation,left]{Tree head} + (Witness); + \path[path, rounded corners] + (Witness.180) -| + ($ (Witness) + (-1.25,-.75) $) + node[relation, below]{ + Verify + } -| + (Witness.210); + + % Get proofs + \path[path] (Log) -- + node[relation,above]{Proofs of logging} + (Publisher); +\end{tikzpicture} diff --git a/slides/2021-swits/img/before.tex b/slides/2021-swits/img/before.tex new file mode 100644 index 0000000..f634ef4 --- /dev/null +++ b/slides/2021-swits/img/before.tex @@ -0,0 +1,46 @@ +\begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + }, +] + \node[entity, fill=darkBlue] (Publisher) at (0,0) { Publisher }; + \node[entity, fill=darkGreen, below=1.5cm of Publisher] (EndUser) {End-user}; + + % Key setup + \path[path, dashed] ($ (EndUser) + (2,0) $) -- + node[relation, above] { Public key } + (EndUser); + % Get data and signature + \path[path] (Publisher) -- + node[relation, right] { + \begin{tabular}{c} + Opaque data\\ + Signature\\ + \end{tabular} + } + (EndUser); + % Verification + \path[path, rounded corners] + (EndUser.180) -| + ($ (EndUser) + (-1.25,-.75) $) + node[relation, below]{ + Verify + } -| + (EndUser.210); +\end{tikzpicture} diff --git a/slides/2021-swits/img/clean.jpg b/slides/2021-swits/img/clean.jpg new file mode 100644 index 0000000..2465e5e Binary files /dev/null and b/slides/2021-swits/img/clean.jpg differ diff --git a/slides/2021-swits/img/kau.png b/slides/2021-swits/img/kau.png new file mode 100755 index 0000000..0c7c885 Binary files /dev/null and b/slides/2021-swits/img/kau.png differ diff --git a/slides/2021-swits/img/log-request.tex b/slides/2021-swits/img/log-request.tex new file mode 100644 index 0000000..08edf87 --- /dev/null +++ b/slides/2021-swits/img/log-request.tex @@ -0,0 +1,47 @@ +\begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + }, +] + \node[entity, fill=darkBlue] (Publisher) at (0,0) { Publisher }; + \node[entity, fill=darkGreen, below=1.5cm of Publisher] (DNS) {DNS}; + \node[entity, fill=darkOrange, left=1.5cm of Publisher] (Log) {Log}; + + % Setup DNS + \path[path, dashed] (Publisher) -- + node[relation, right] {TXT RR} + (DNS); + + \path[path] (Publisher) edge[bend right] + node[relation, above] { + Key-value pairs + } + (Log); + \path[path] (Log) edge[bend right] + node[relation,below] { + accept/reject + } + (Publisher); + + \path[path, rounded corners] (Log) |- + node[relation,below,pos=.75]{ + verify TXT RR + } + (DNS); +\end{tikzpicture} diff --git a/slides/2021-swits/img/mt.tex b/slides/2021-swits/img/mt.tex new file mode 100644 index 0000000..3deaf62 --- /dev/null +++ b/slides/2021-swits/img/mt.tex @@ -0,0 +1,19 @@ +\begin{tikzpicture}[ + -latex, +] + \Tree [ + .$\hash(h_{01}\concat h_{23})$ [ + .$h_{01}\coloneqq\hash(h_0\concat h_1)$ [ + .$h_0\coloneqq\hash(\mathsf{foo})$ + ] [ + .$h_1\coloneqq\hash(\mathsf{bar})$ + ] + ] [ + .$h_{23}\coloneqq\hash(h_2\concat h_3)$ [ + .$h_2\coloneqq\hash(\mathsf{baz})$ + ] [ + .$h_3\coloneqq\hash(\mathsf{qux})$ + ] + ] + ] +\end{tikzpicture} diff --git a/slides/2021-swits/img/mullvad.png b/slides/2021-swits/img/mullvad.png new file mode 100644 index 0000000..4574eb1 Binary files /dev/null and b/slides/2021-swits/img/mullvad.png differ diff --git a/slides/2021-swits/img/rgdd.jpg b/slides/2021-swits/img/rgdd.jpg new file mode 100644 index 0000000..597b406 Binary files /dev/null and b/slides/2021-swits/img/rgdd.jpg differ diff --git a/slides/2021-swits/img/thanks.pdf b/slides/2021-swits/img/thanks.pdf new file mode 100644 index 0000000..9ad4dc8 Binary files /dev/null and b/slides/2021-swits/img/thanks.pdf differ diff --git a/slides/2021-swits/img/tree-leaf.trunnel b/slides/2021-swits/img/tree-leaf.trunnel new file mode 100644 index 0000000..c3806f3 --- /dev/null +++ b/slides/2021-swits/img/tree-leaf.trunnel @@ -0,0 +1,9 @@ +/* + * The logged Merkle tree leaf data + */ +struct tree_leaf { + u64 shard_hint; + u8 checksum[32]; + u8 signature[64]; + u8 key_hash[32]; +} diff --git a/slides/2021-swits/main.tex b/slides/2021-swits/main.tex new file mode 100644 index 0000000..2c617fa --- /dev/null +++ b/slides/2021-swits/main.tex @@ -0,0 +1,21 @@ +\pdfminorversion=4 +%\documentclass[handout,aspectratio=169]{beamer} +\documentclass[aspectratio=169]{beamer} +\usetheme{rgd} + +\input{src/preamble} + +\title{% + An Introduction to System Transparency Logging +} +\author{% + Rasmus Dahlberg +} +\date{% + \today +} + +\begin{document} + \input{src/titlepage} + \input{src/body} +\end{document} diff --git a/slides/2021-swits/slides.pdf b/slides/2021-swits/slides.pdf new file mode 100644 index 0000000..b568efd Binary files /dev/null and b/slides/2021-swits/slides.pdf differ diff --git a/slides/2021-swits/src/body.tex b/slides/2021-swits/src/body.tex new file mode 100644 index 0000000..8a5f9f5 --- /dev/null +++ b/slides/2021-swits/src/body.tex @@ -0,0 +1,202 @@ +\begin{frame} + \begin{columns} + \begin{column}{0.5\textwidth} + \mktitle{Outline} + \begin{enumerate} + \item Setting and problem + \item Design overview + \item How to get involved + \end{enumerate} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/rgdd} + \burl{https://creativecommons.org/licenses/by-sa/4.0/} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + % + % 1. Introduce the system. Think first two paragraphs in design.md + % + \mktitle{Our starting point} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Data publisher + \item End-user + \item Assumptions + \begin{itemize} + \item Public key can be located + \item Signed data can be located + \item End-user can install extra tooling + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \input{img/before} + \end{column} + \end{columns} + \vfill + \pause + \alert{The attacker can compromise the data publisher}\\ + \pause + \alert{The goal is to detect unwanted key-usage} +\end{frame} + +\begin{frame} + % + % 1. Our design is about transparency logs. So, I need to explain briefly + % what a transparency log is. + % 2. Append-only Merkle tree. You can think of the data as being stored in + % the leaves. Each leaf is hashed. Parents concatenate their children + % hashes to produces their own hash values. Repeat until single root hash. + % 3. The root hash is usually called a tree head. + % 4. Tree head interesting because it fixes the structure and the content of + % the tree. Add/remove/modify -> new tree head. + % 5. If the log signs the tree head, you can hold it accountable for its + % structure and content. + % 6. This is important because the attacker can control the log. + % 7. So we cannot trust that the log is append-only. We will need to verify + % that. To this end we have consistency proofs. The intuition is that you + % can force the log to reveal a number of cryptographic hashes. These + % hashes will prove that the tree head you see today is consistent with the + % tree head you saw yesterday. + % 8. You can also prove that something is in the log efficiently. This is + % called an inclusion proof. The intuition is that you reveal a number of + % hashes. If you can use them to reconstruct the root of a globally + % consistent tree head you can be sure that some data is in the log. + % 8. Global consistency (as opposed to just consistency) is what prevents + % the log from creating forks. I will return to this later on because it is + % an important part of our design. + % (9. Not having global consistency would be like having a blockchain + % without a consensus mechanism.) + % + \mktitle{A quick step back---Transparency log crash course} + \input{img/mt} + \vfill + \begin{columns} + \begin{column}{0.33\textwidth} + \begin{itemize} + \item Tree head + \end{itemize} + \end{column} + \begin{column}{0.33\textwidth} + \begin{itemize} + \item Consistency proof + \end{itemize} + \end{column} + \begin{column}{0.33\textwidth} + \begin{itemize} + \item Inclusion proof + \end{itemize} + \end{column} + \end{columns} + \vfill + \pause + \alert{The attacker can control the log} +\end{frame} + +\begin{frame} + \mktitle{Preparing a logging request} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Select a shard hint and checksum + \item Sign using your private key + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \lstinputlisting[style=CStyle]{img/tree-leaf.trunnel} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Submitting a logging request} + \begin{columns} + \begin{column}{0.2\textwidth} + \underline{Key-value pairs:} + \begin{itemize} + \item Shard hint + \item Checksum + \item Signature + \item Public key + \item Domain hint + \end{itemize} + \end{column} + \begin{column}{0.8\textwidth} + \centering + \input{img/log-request} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Distributing proofs of public logging} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item End-user will not talk to the log + \item Proofs of logging + \begin{itemize} + \item Inclusion proof + \item Tree head + \end{itemize} + \item Witness cosigning + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \centering + \input{img/after} + \end{column} + \end{columns} + \pause + \alert{The attacker can control a threshold of witnesses} +\end{frame} + +\begin{frame} + \mktitle{Summary and additional details} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Signed checksums + \item Sharding + \item Preserved data flows + \item Anti-spam + \item Global consistency + \item Few simple parsers + \item No cryptographic agility + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \includegraphics[width=\columnwidth]{img/clean} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{0.7\textwidth} + \mktitle{Get involved} + \begin{itemize} + \item Feedback on our v0 design\footnotemark and API\footnotemark? + \item Is this a service that you would use? Why (not)? + \item Want to run an experimental log or witness? + \item Implementation and tooling is still early-days + \item Reach out via slack\footnotemark, IRC\footnotemark, GitHub, or DM + \end{itemize} + \end{column} + \begin{column}{0.3\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/thanks} + \end{column} + \end{columns} + \footnotetext[1]{\burl{https://github.com/system-transparency/stfe/blob/design/doc/design.md}} + \footnotetext[2]{\burl{https://github.com/system-transparency/stfe/blob/design/doc/api.md}} + \footnotetext[3]{\burl{https://communityinviter.com/apps/system-transparency/join}} + \footnotetext[4]{\tiny{\texttt{irc/oftc \#siglog}}} +\end{frame} diff --git a/slides/2021-swits/src/preamble.tex b/slides/2021-swits/src/preamble.tex new file mode 100644 index 0000000..4021351 --- /dev/null +++ b/slides/2021-swits/src/preamble.tex @@ -0,0 +1,113 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[utf8]{inputenc} + +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{rotate} +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{pifont} +\usepackage{wasysym} +\usepackage{graphicx} +\usepackage{color} +\usepackage{drawstack} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + shapes,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +%\usepackage{floatrow}% this one causes error on arch for some reason +\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +\usepackage{hyperref} +\hypersetup{ + colorlinks = true, % Color links instead of boxes + urlcolor = darkBlue, % Color external hyper links + linkcolor = darkBlue, % Color internal links + citecolor = darkBlue, % Color citations +} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +\lstdefinestyle{CStyle}{ + backgroundcolor=\color{lightGray!25}, + commentstyle=\color{darkGreen}, + keywordstyle=\color{darkBlue}, + numberstyle=\tiny\color{darkRed}, + stringstyle=\color{darkPurple}, + basicstyle=\footnotesize, + breakatwhitespace=false, + breaklines=false, + captionpos=b, + keepspaces=true, + numbers=left, + numbersep=5pt, + showspaces=false, + showstringspaces=false, + showtabs=false, + tabsize=2, + language=C, + morekeywords={size_t,def,in,zip,True,False,ord,u8,u64}, +} + +\setbeamertemplate{itemize item}[circle] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\floatright}[1]{\hspace{0pt plus 1 filll}#1$\;$} + +\def\rding{\rotatebox[origin=c]{-91}{\ding{224}}} +\def\lding{\rotatebox[origin=c]{91}{\ding{224}}} + +% TODO: fix this properly... +\newcommand{\mktitle}[1]{\centering\textbf{\large#1}\vfill\normalsize} diff --git a/slides/2021-swits/src/titlepage.tex b/slides/2021-swits/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2021-swits/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} diff --git a/slides/2022-ct-days/README b/slides/2022-ct-days/README new file mode 100644 index 0000000..caf1151 --- /dev/null +++ b/slides/2022-ct-days/README @@ -0,0 +1 @@ +My 2x talks in a 45m slot at CT days. diff --git a/slides/2022-ct-days/beamercolorthemergd.sty b/slides/2022-ct-days/beamercolorthemergd.sty new file mode 100644 index 0000000..1bce7c7 --- /dev/null +++ b/slides/2022-ct-days/beamercolorthemergd.sty @@ -0,0 +1,27 @@ +\mode + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +\definecolor{rgddBackgroundColor}{RGB}{251,251,251} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} +\setbeamercolor*{background canvas}{bg=rgddBackgroundColor} + +\mode diff --git a/slides/2022-ct-days/beamerfontthemergd.sty b/slides/2022-ct-days/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2022-ct-days/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode diff --git a/slides/2022-ct-days/beamerinnerthemergd.sty b/slides/2022-ct-days/beamerinnerthemergd.sty new file mode 100644 index 0000000..b96a415 --- /dev/null +++ b/slides/2022-ct-days/beamerinnerthemergd.sty @@ -0,0 +1,49 @@ +\mode + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + % Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](LogoMul){\includegraphics[width=3.5cm]{img/mullvad}} + (current page.west) -- + (current page.north west); + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north east) -- + (current page.north) -- + node[draw=none,pos=0.5](LogoKau){\includegraphics[width=3cm]{img/kau}} + (current page.east) -- + (current page.north east); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add date + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{date}\today\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + \end{tikzpicture} +} + +\mode diff --git a/slides/2022-ct-days/beamerouterthemergd.sty b/slides/2022-ct-days/beamerouterthemergd.sty new file mode 100644 index 0000000..4087139 --- /dev/null +++ b/slides/2022-ct-days/beamerouterthemergd.sty @@ -0,0 +1,68 @@ +\mode + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add metadata + \begin{beamercolorbox}[ + wd=0.20\paperwidth, + ht=2ex, + dp=0.5ex, + left, + ]{trailer} + \hfill + \href{https://www.rgdd.se}{www.rgdd.se} + \hfill + \end{beamercolorbox}% + % Add title + \begin{beamercolorbox}[ + wd=0.6\paperwidth, + ht=2ex, + dp=0.5ex, + left, + ]{header} + \hfill + \inserttitle + \hfill + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.20\paperwidth, + ht=2ex, + dp=0.5ex, + left, + ]{trailer} + \hfill + \insertframenumber/\inserttotalframenumber + \hfill + \end{beamercolorbox}% + } +} + +\mode diff --git a/slides/2022-ct-days/beamerthemergd.sty b/slides/2022-ct-days/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2022-ct-days/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode diff --git a/slides/2022-ct-days/handout.pdf b/slides/2022-ct-days/handout.pdf new file mode 100644 index 0000000..955a0a8 Binary files /dev/null and b/slides/2022-ct-days/handout.pdf differ diff --git a/slides/2022-ct-days/img/benlaurie/2017.png b/slides/2022-ct-days/img/benlaurie/2017.png new file mode 100644 index 0000000..46004d1 Binary files /dev/null and b/slides/2022-ct-days/img/benlaurie/2017.png differ diff --git a/slides/2022-ct-days/img/benlaurie/2018.png b/slides/2022-ct-days/img/benlaurie/2018.png new file mode 100644 index 0000000..d39670d Binary files /dev/null and b/slides/2022-ct-days/img/benlaurie/2018.png differ diff --git a/slides/2022-ct-days/img/benlaurie/2019.png b/slides/2022-ct-days/img/benlaurie/2019.png new file mode 100644 index 0000000..da1883e Binary files /dev/null and b/slides/2022-ct-days/img/benlaurie/2019.png differ diff --git a/slides/2022-ct-days/img/benlaurie/2020.png b/slides/2022-ct-days/img/benlaurie/2020.png new file mode 100644 index 0000000..5e17209 Binary files /dev/null and b/slides/2022-ct-days/img/benlaurie/2020.png differ diff --git a/slides/2022-ct-days/img/benlaurie/2021.png b/slides/2022-ct-days/img/benlaurie/2021.png new file mode 100644 index 0000000..14c56af Binary files /dev/null and b/slides/2022-ct-days/img/benlaurie/2021.png differ diff --git a/slides/2022-ct-days/img/ctor/blog.png b/slides/2022-ct-days/img/ctor/blog.png new file mode 100644 index 0000000..1064170 Binary files /dev/null and b/slides/2022-ct-days/img/ctor/blog.png differ diff --git a/slides/2022-ct-days/img/ctor/full.pdf b/slides/2022-ct-days/img/ctor/full.pdf new file mode 100644 index 0000000..5c6c801 Binary files /dev/null and b/slides/2022-ct-days/img/ctor/full.pdf differ diff --git a/slides/2022-ct-days/img/ctor/incremental.pdf b/slides/2022-ct-days/img/ctor/incremental.pdf new file mode 100644 index 0000000..7c7160d Binary files /dev/null and b/slides/2022-ct-days/img/ctor/incremental.pdf differ diff --git a/slides/2022-ct-days/img/ctor/paper.png b/slides/2022-ct-days/img/ctor/paper.png new file mode 100644 index 0000000..6ecd8c8 Binary files /dev/null and b/slides/2022-ct-days/img/ctor/paper.png differ diff --git a/slides/2022-ct-days/img/ctor/phase-1.pdf b/slides/2022-ct-days/img/ctor/phase-1.pdf new file mode 100644 index 0000000..f37895e Binary files /dev/null and b/slides/2022-ct-days/img/ctor/phase-1.pdf differ diff --git a/slides/2022-ct-days/img/ctor/phase-2.png b/slides/2022-ct-days/img/ctor/phase-2.png new file mode 100644 index 0000000..0638293 Binary files /dev/null and b/slides/2022-ct-days/img/ctor/phase-2.png differ diff --git a/slides/2022-ct-days/img/ctor/phase-3.pdf b/slides/2022-ct-days/img/ctor/phase-3.pdf new file mode 100644 index 0000000..9260ce1 Binary files /dev/null and b/slides/2022-ct-days/img/ctor/phase-3.pdf differ diff --git a/slides/2022-ct-days/img/ctor/phase-4.pdf b/slides/2022-ct-days/img/ctor/phase-4.pdf new file mode 100644 index 0000000..10f1f2d Binary files /dev/null and b/slides/2022-ct-days/img/ctor/phase-4.pdf differ diff --git a/slides/2022-ct-days/img/ctor/tb-to-auditor.pdf b/slides/2022-ct-days/img/ctor/tb-to-auditor.pdf new file mode 100644 index 0000000..c68ca73 Binary files /dev/null and b/slides/2022-ct-days/img/ctor/tb-to-auditor.pdf differ diff --git a/slides/2022-ct-days/img/ctor/tb-to-log.pdf b/slides/2022-ct-days/img/ctor/tb-to-log.pdf new file mode 100644 index 0000000..d4b2047 Binary files /dev/null and b/slides/2022-ct-days/img/ctor/tb-to-log.pdf differ diff --git a/slides/2022-ct-days/img/kau.png b/slides/2022-ct-days/img/kau.png new file mode 100755 index 0000000..0c7c885 Binary files /dev/null and b/slides/2022-ct-days/img/kau.png differ diff --git a/slides/2022-ct-days/img/mullvad.png b/slides/2022-ct-days/img/mullvad.png new file mode 100644 index 0000000..4574eb1 Binary files /dev/null and b/slides/2022-ct-days/img/mullvad.png differ diff --git a/slides/2022-ct-days/img/sigsum/foundation.png b/slides/2022-ct-days/img/sigsum/foundation.png new file mode 100644 index 0000000..695bac0 Binary files /dev/null and b/slides/2022-ct-days/img/sigsum/foundation.png differ diff --git a/slides/2022-ct-days/img/sigsum/history.png b/slides/2022-ct-days/img/sigsum/history.png new file mode 100644 index 0000000..748451e Binary files /dev/null and b/slides/2022-ct-days/img/sigsum/history.png differ diff --git a/slides/2022-ct-days/img/sigsum/sshsig b/slides/2022-ct-days/img/sigsum/sshsig new file mode 100644 index 0000000..f8abbb2 --- /dev/null +++ b/slides/2022-ct-days/img/sigsum/sshsig @@ -0,0 +1,7 @@ +#define MAGIC_PREAMBLE "SSHSIG" + +byte[6] MAGIC_PREAMBLE +string namespace +string reserved +string hash_algorithm +string H(message) diff --git a/slides/2022-ct-days/img/sigsum/sshvalues b/slides/2022-ct-days/img/sigsum/sshvalues new file mode 100644 index 0000000..6abfe96 --- /dev/null +++ b/slides/2022-ct-days/img/sigsum/sshvalues @@ -0,0 +1,7 @@ +Values used by Sigsum (only Ed25519) + + +"tree_leaf:v0:@sigsum.org" +"" +"sha256" +message = H(data) diff --git a/slides/2022-ct-days/img/thanks.pdf b/slides/2022-ct-days/img/thanks.pdf new file mode 100644 index 0000000..9ad4dc8 Binary files /dev/null and b/slides/2022-ct-days/img/thanks.pdf differ diff --git a/slides/2022-ct-days/img/tor/overview.pdf b/slides/2022-ct-days/img/tor/overview.pdf new file mode 100644 index 0000000..5b80ca5 Binary files /dev/null and b/slides/2022-ct-days/img/tor/overview.pdf differ diff --git a/slides/2022-ct-days/img/tor/tb.png b/slides/2022-ct-days/img/tor/tb.png new file mode 100644 index 0000000..3fd6852 Binary files /dev/null and b/slides/2022-ct-days/img/tor/tb.png differ diff --git a/slides/2022-ct-days/main.tex b/slides/2022-ct-days/main.tex new file mode 100644 index 0000000..33b7497 --- /dev/null +++ b/slides/2022-ct-days/main.tex @@ -0,0 +1,20 @@ +\pdfminorversion=4 +%\documentclass[handout,aspectratio=169]{beamer} +\documentclass[aspectratio=169]{beamer} +\usetheme{rgd} + +\input{src/preamble} + +\title{% + Certificate Transparency in Tor and Sigsum Logging +} +\author{% + Rasmus Dahlberg +} + +\begin{document} + \input{src/titlepage} + \input{src/outline} + \input{src/ctor} + \input{src/sigsum} +\end{document} diff --git a/slides/2022-ct-days/slides.pdf b/slides/2022-ct-days/slides.pdf new file mode 100644 index 0000000..dbdd266 Binary files /dev/null and b/slides/2022-ct-days/slides.pdf differ diff --git a/slides/2022-ct-days/src/ctor.tex b/slides/2022-ct-days/src/ctor.tex new file mode 100644 index 0000000..f7ed6c3 --- /dev/null +++ b/slides/2022-ct-days/src/ctor.tex @@ -0,0 +1,222 @@ +\begin{frame} + \mktitle{Tor crash course} + \centering\includegraphics[width=.8\textwidth]{img/tor/overview} + \footnotetext[1]{\tiny{Credit: figure created by Tobias Pulls}} + \footnotetext[2]{\tiny{Design: \burl{https://murdoch.is/papers/tor14design.pdf}}} +\end{frame} + +\begin{frame} + \mktitle{Tor Browser} + \begin{columns} + \begin{column}{0.6\textwidth} + \begin{itemize} + \item Firefox derivative + \item Route all traffic through Tor + \item Prevent user activity on one site from + being linked to activity on another + \item \alert<2->{Do not write any state to disk} + \item ... + \end{itemize} + \end{column} + \begin{column}{0.4\textwidth} + \includegraphics[width=.67\columnwidth]{img/tor/tb} + \end{column} + \end{columns} + \footnotetext[1]{\tiny{Credit: Tom Ritter, see \burl{https://ritter.vg/p/tor-v1.6.pdf}}} + \footnotetext[2]{\tiny{Design: \burl{https://2019.www.torproject.org/projects/torbrowser/design/}}} +\end{frame} + +\begin{frame} + \centering + \includegraphics[width=.75\textwidth]{img/ctor/paper} + \vfill + \includegraphics[width=.75\textwidth]{img/ctor/blog} +\end{frame} + +\begin{frame} + \mktitle{Problem statement} + \begin{columns} + \begin{column}{0.6\textwidth} + \begin{itemize} + \item Tor Browser does not enforce CT + \item Guard against prominent threats + \begin{itemize} + \item DigiNotar style attacks + \item Interception to deanonymize + \end{itemize} + \item Go beyond ``just CT compliance'' + \end{itemize} + \end{column} + \begin{column}{0.4\textwidth} + \centering + \includegraphics[width=.67\columnwidth]{img/tor/tb} + \end{column} + \end{columns} + \vfill\pause + \alert{Attacker in Tor's threat model + controls a CA and two CT logs} +\end{frame} + +\begin{frame} + \mktitle{Incremental deployment} + \begin{enumerate} + \item Catch up with CT compliant browsers + \floatright{\emph{pairs of logs} are trusted blindly} + \item Steps towards decentralized verification + \floatright{\emph{some log} is trusted blindly} + \item Fully decentralized verification + \floatright{\emph{no log} is trusted blindly} + \end{enumerate} +\end{frame} + +\begin{frame} + \mktitle{Full design} + \centering\includegraphics[height=.5\textheight]{img/ctor/full} + \vfill + \pause + \alert{Security? Difficult to interfere without detection in any phase} +\end{frame} + +\begin{frame} + \mktitle{Why not just...?} + \begin{columns} + \begin{column}{.5\textwidth}\centering + \includegraphics[width=.9\columnwidth]{img/ctor/tb-to-log}\\\vspace{.25cm} + Fetch an inclusion proof + \end{column} + \begin{column}{.5\textwidth}\centering + \includegraphics[width=.77\columnwidth]{img/ctor/tb-to-auditor}\\\vspace{.25cm} + Rely on a centralized party + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Phase 1: Submission} + \centering\includegraphics[width=.75\textwidth]{img/ctor/phase-1} + \vfill + \begin{columns} + \begin{column}{.2\textwidth}\centering + \end{column} + \begin{column}{.3\textwidth}\centering + \alert{1.} Probabilistic submit + \end{column} + \begin{column}{.3\textwidth}\centering + \alert{2.} Random CTR + \end{column} + \begin{column}{.2\textwidth}\centering + \end{column} + \end{columns} + \pause + + \vfill + \alert{Best attack: quickly take control over Tor Browser} +\end{frame} + +\begin{frame} + \mktitle{Phase 2: Buffering} + \begin{columns} + \begin{column}{.5\textwidth} + \begin{enumerate} + \item Buffer until logging is required + \item Add a random delay to leak less + \item Cache audited SFOs to leak less + \end{enumerate} + \end{column} + \begin{column}{.5\textwidth} + \centering + \includegraphics[width=.45\columnwidth]{img/ctor/phase-2} + \end{column} + \end{columns} + \pause + + \vfill\centering + \alert{Best attack: network-wide flush} +\end{frame} + +\begin{frame} + \mktitle{Phase 3: Auditing} + \begin{columns} + \begin{column}{.4\textwidth} + \begin{enumerate} + \item Fetch inclusion proof + \item STH from Tor's consensus + \item Collaborate with a watchdog + \begin{itemize} + \item CTR identification + \item ``Tagging'' + \end{itemize} + \end{enumerate} + \end{column} + \begin{column}{.6\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/ctor/phase-3} + \end{column} + \end{columns} + \pause + + \vfill\centering + \alert{Best attack: quickly take control over CTR} +\end{frame} + +\begin{frame} + \mktitle{Phase 4: Reporting} + \centering\includegraphics[width=.4\textwidth]{img/ctor/phase-4} + \vfill + \alert{1.} Report SFO on timeout + \pause + + \vfill + \alert{Best attack: n/a} +\end{frame} + +\begin{frame} + \vfill + \mktitle{This is quite the leap from ``just CT compliance''} +\end{frame} + +\begin{frame} + \mktitle{Incremental design} + \centering\includegraphics[height=.33\textheight]{img/ctor/incremental} + \vfill + \pause + + \alert{Use the log ecosystem against the attacker}\\ +\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{.41\textwidth} + \mktitle{Conclusion} + \begin{itemize} + \item Tor's setting is quite different + \item Delegated audiding is key here + \item Roadmap from start to finnish + \end{itemize} + \end{column} + \begin{column}{.25\textwidth} + \mktitle{Resources} + \begin{itemize} + \item PETS paper\footnotemark[1] + \item PETS talk\footnotemark[2] + \item Tor blog post\footnotemark[3] + \end{itemize} + \end{column} + \begin{column}{.35\textwidth} + \mktitle{Next steps} + \begin{itemize} + \item Torspec proposal(s) + \item Browser implementation + \item Relay implementation + \end{itemize} + \end{column} + \end{columns} + \footnotetext[1]{\burl{https://petsymposium.org/2021/files/papers/issue2/popets-2021-0024.pdf}} + \footnotetext[2]{\burl{https://www.youtube.com/watch?v=f7yDJOd6g3U}} + \footnotetext[3]{\burl{https://blog.torproject.org/tor-certificate-transparency/}} +\end{frame} + +\begin{frame} + \vfill + \mktitle{Halftime} +\end{frame} diff --git a/slides/2022-ct-days/src/outline.tex b/slides/2022-ct-days/src/outline.tex new file mode 100644 index 0000000..f04f431 --- /dev/null +++ b/slides/2022-ct-days/src/outline.tex @@ -0,0 +1,4 @@ +\begin{frame} + \vfill + \mktitle{CT in Tor \alert{$\cdots$} Halftime \alert{$\cdots$} Sigsum Logging} +\end{frame} diff --git a/slides/2022-ct-days/src/preamble.tex b/slides/2022-ct-days/src/preamble.tex new file mode 100644 index 0000000..86ae650 --- /dev/null +++ b/slides/2022-ct-days/src/preamble.tex @@ -0,0 +1,114 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[utf8]{inputenc} + +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{rotate} +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{pifont} +\usepackage{wasysym} +\usepackage{graphicx} +\usepackage{color} +\usepackage{drawstack} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + shapes,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +%\usepackage{floatrow}% this one causes error on arch for some reason +\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +\usepackage{hyperref} +\hypersetup{ + colorlinks = true, % Color links instead of boxes + urlcolor = darkBlue, % Color external hyper links + linkcolor = darkBlue, % Color internal links + citecolor = darkBlue, % Color citations +} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +\lstdefinestyle{CStyle}{ + backgroundcolor=\color{lightGray!25}, + commentstyle=\color{darkGreen}, + keywordstyle=\color{darkBlue}, + numberstyle=\tiny\color{darkRed}, + stringstyle=\color{darkPurple}, + %basicstyle=\footnotesize, + basicstyle=\scriptsize, + breakatwhitespace=false, + breaklines=false, + captionpos=b, + keepspaces=true, + numbers=left, + numbersep=5pt, + showspaces=false, + showstringspaces=false, + showtabs=false, + tabsize=2, + language=C, + morekeywords={size_t,def,in,zip,True,False,ord,u8,u64}, +} + +\setbeamertemplate{itemize item}[circle] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\floatright}[1]{\hspace{0pt plus 1 filll}#1$\;$} + +\def\rding{\rotatebox[origin=c]{-91}{\ding{224}}} +\def\lding{\rotatebox[origin=c]{91}{\ding{224}}} + +% TODO: fix this properly... +\newcommand{\mktitle}[1]{\centering\textbf{\large#1}\vfill\normalsize} diff --git a/slides/2022-ct-days/src/sigsum.tex b/slides/2022-ct-days/src/sigsum.tex new file mode 100644 index 0000000..02b5bd2 --- /dev/null +++ b/slides/2022-ct-days/src/sigsum.tex @@ -0,0 +1,675 @@ +\begin{frame} + \mktitle{Tweets you can probably relate to} + \pause + \begin{columns} + \begin{column}{0.5\textwidth} + \includegraphics[width=\columnwidth]{img/benlaurie/2017}\\\pause + \includegraphics[width=\columnwidth]{img/benlaurie/2018}\\\pause + \includegraphics[width=\columnwidth]{img/benlaurie/2019}\\\pause + \includegraphics[width=\columnwidth]{img/benlaurie/2020}\\\pause + \end{column} + \begin{column}{0.5\textwidth} + \centering + \alert{2022?}\\ + More initatives than can\\ + be counted on two hands\\ + \pause + + \vspace{.25cm} + \burl{https://binary.transparency.dev}\\ + ... + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \vfill + \mktitle{Common denominator?} + Certificates\\ + Executable binaries\\ + Source code\\ + TPM quotes\\ + Onion address rulesets\\ + Official documents\\ + ...\\ +\end{frame} + +\begin{frame} + \vfill + \mktitle{Where is the low-hanging fruit?} +\end{frame} + +\begin{frame} + \begin{columns} + \begin{column}{.4\textwidth} + \mktitle{Meet the Sigsum project} + \begin{itemize} + \item FOSS + \item Signed checksums + \item Enforcement of logging + \item Minimal building block + \item ``Transparent key-usage'' + \end{itemize} + \end{column} + \begin{column}{.5\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/sigsum/history} + \burl{https://git.sigsum.org/sigsum/tree/doc/history.md} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Use-case - Signature Transparency} + ``Oh, a new signature was created. That's weird. I'm at the gym.'' +\end{frame} + +\begin{frame} + \mktitle{Use-case - Binary Transparency} + + ``Oh, that's the key binaries are signed with''\\ + ``By policy binaries are located at releases.example.com/\$CHECKSUM'' + +\end{frame} + +\begin{frame} + \vfill + \mktitle{s/binary/something else/} +\end{frame} + +\begin{frame} + \mktitle{Many answers and trade-offs} + \vfill + \begin{columns} + \begin{column}{.3\textwidth} + \begin{itemize} + \item Purpose of logging + \item What is (not) logged + \item Auditing, SCTs + \end{itemize} + \end{column} + \begin{column}{.25\textwidth} + \begin{itemize} + \item Gossip + \item Anti-poison + \item Anti-spam + \end{itemize} + \end{column} + \begin{column}{.25\textwidth} + \begin{itemize} + \item Sharding + \item Privacy + \item Simple API + \end{itemize} + \end{column} + \end{columns} + \vfill + \alert{Accept latency, no rich metadata, no complicated protocols and parsers} +\end{frame} + +\begin{frame} + \mktitle{System overview} + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + system/.style = { + draw = gray, + thick, + rectangle, + fill = white, + minimum width = 1cm, + font = \fontsize{8}{8}\selectfont, + text = black, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + rounded corners, + }, + ] + %%% + % Signing + %%% + \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; + \path[path, dashed] ($ (Signer) + (0,1) $) -- + node[relation, right] { + \begin{tabular}{c} + priv\\ + data\\ + \end{tabular} + } + (Signer); + \pause + + %%% + % Distribution + %%% + \node[entity, fill=darkPurple] (End-user) at (2.5,-3) {End-user}; + \path[path, dashed] ($ (End-user) + (0,-1) $) -- + node[relation, right] { + \begin{tabular}{c} + policy\\ + pub + \end{tabular} + } + (End-user); + \path[path] (Signer) -| node[relation,above]{data, signature} (End-user); + \node[system, above=1cm of End-user] (Distribution) {Distribution}; + \pause + + %%% + % Introduce the log + %%% + \node[entity, fill=darkGreen, left=3.25cm of Distribution] (Log) {Log}; + \pause + + %%% + % Setup DNS + %%% + \node[system, below=1cm of Signer] (DNS) {DNS}; + \path[path, dashed] (Signer) -- node[relation,right]{\hash(pub)} (DNS); + \pause + + + %%% + % Add leaf + %%% + \path[path] (Signer) -| node[relation,above]{add leaf} (Log); + \path[path] (DNS) -- node[relation,above]{\hash(pub)} (Log); + \pause + + %%% + % Witnessing + %%% + \node[entity, fill=darkRed, below=1cm of Log] (Witness) {Witness}; + \path[path] (Witness) -- node[relation,left]{cosign} (Log); + \pause + + %%% + % Collect proof + %%% + \path[path] (Log) -- node[relation,above,sloped]{proof} (Signer); + \node[relation,above=0.25cm of Distribution.40]{proof}; + \pause + + %%% + % Setup monitor + %%% + \node[entity, fill=darkOrange, below=.75cm of DNS] (Monitor) {Monitor}; + \path[path, dashed] ($ (Monitor) + (0,-1) $) -- + node[relation, right] { + \begin{tabular}{c} + policy\\ + pub + \end{tabular} + } + (Monitor); + \pause + + %%% + % Inspect the log + %%% + \path[path] (Log) -- node[relation,below,sloped,pos=.40]{leaves, proof} (Monitor); + \pause + + %%% + % Also get the data + %%% + \path[path] (Distribution) -- node[relation,above,sloped]{data} (Monitor); + \end{tikzpicture} +\end{frame} + +\begin{frame} + \vfill + \mktitle{A step-by-step breakdown} +\end{frame} + +\begin{frame} + \mktitle{Signing} + \centering + + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + system/.style = { + draw = gray, + thick, + rectangle, + fill = white, + minimum width = 1cm, + font = \fontsize{8}{8}\selectfont, + text = black, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + rounded corners, + }, + ] + %%% + % Signing + %%% + \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; + \path[path, dashed] ($ (Signer) + (0,1) $) -- + node[relation, right] { + \begin{tabular}{c} + priv\\ + data\\ + \end{tabular} + } + (Signer); + \end{tikzpicture} + \vfill + \pause + + \begin{columns} + \begin{column}{.5\textwidth}\centering + \lstinputlisting[style=CStyle]{img/sigsum/sshsig} + \burl{https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.sshsig\#L81} + \end{column} + \pause + \begin{column}{.5\textwidth}\centering + \lstinputlisting[style=CStyle]{img/sigsum/sshvalues} + \burl{https://git.sigsum.org/sigsum/tree/doc/proposals/2021-11-ssh-signature-format.md} + \end{column} + \end{columns} + \vfill + + \pause + \begin{columns} + \begin{column}{.33\textwidth}\centering + \texttt{ssh-keygen -Y} + \end{column} + \begin{column}{.33\textwidth}\centering + \texttt{signify} + \end{column} + \begin{column}{.33\textwidth}\centering + \texttt{minisign} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \vfill + \mktitle{Why not support more signing formats and tools?} +\end{frame} + +\begin{frame} + \mktitle{Submission} + \begin{columns} + \begin{column}{0.4\textwidth} + \alert{HTTP POST ASCII} + \begin{itemize} + \item Shard hint + \begin{itemize} + \item $\in [\mathsf{shard\_start}, \mathsf{now}()]$ + \end{itemize} + \item Message + \item Signature + \item Public key + \item Domain hint + \begin{itemize} + \item \texttt{\_sigsum\_v0.*} $\rightarrow\hash(\mathsf{pub})$ + \end{itemize} + \end{itemize} + \end{column} + \uncover<2>{% + \begin{column}{.27\textwidth} + \alert{Stored leaf (136 bytes)} + \begin{itemize} + \item Shard hint + \item Checksum + \item Signature + \item Key hash + \end{itemize} + \vspace{1.4cm} + \end{column} + } + \begin{column}{.33\textwidth}\centering + \vspace{-3cm} + \hspace{-1cm} + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + system/.style = { + draw = gray, + thick, + rectangle, + fill = white, + minimum width = 1cm, + font = \fontsize{8}{8}\selectfont, + text = black, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + rounded corners, + }, + ] + %%% + % Signing + %%% + \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; + \path[path, dashed] ($ (Signer) + (0,1) $) -- + node[relation, right] { + \begin{tabular}{c} + priv\\ + data\\ + \end{tabular} + } + (Signer); + + %%% + % Setup DNS + %%% + \node[system, below=1cm of Signer] (DNS) {DNS}; + \path[path, dashed] (Signer) -- node[relation,right]{\hash(pub)} (DNS); + + %%% + % Introduce the log + %%% + \node[entity, fill=darkGreen, left=1cm of DNS] (Log) {Log}; + + %%% + % Add leaf + %%% + \path[path] (Signer) -| node[relation,above]{add leaf} (Log); + \path[path] (DNS) -- node[relation,above]{\hash(pub)} (Log); + \end{tikzpicture} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Bundling \uncover<2->{and Distribution}} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Signer must \textbf{wait} for witnessing\footnotemark[1] + \begin{itemize} + \item Append-only + \item Freshness + \item Some simplifications + \end{itemize} + \item Proof of logging + \begin{itemize} + \item Cosigned tree head + \item Inclusion proof + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{.5\textwidth}\centering + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + system/.style = { + draw = gray, + thick, + rectangle, + fill = white, + minimum width = 1cm, + font = \fontsize{8}{8}\selectfont, + text = black, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + rounded corners, + }, + ] + %%% + % Setup entities + %%% + \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; + \node[draw=none, below=1cm of Signer] (DNS) {}; + \node[entity, fill=darkGreen, left=1cm of DNS] (Log) {Log}; + + %%% + % Witnessing + %%% + \node[entity, fill=darkRed, below=1cm of Log] (Witness) {Witness}; + \path[path] (Witness) -- node[relation,left]{cosign} (Log); + + %%% + % Get proof + %%% + \path[path] (Log) -- node[relation,above,sloped]{proof} (Signer); + + \uncover<2->{ + %%% + % Distribution + %%% + \node[entity, fill=darkPurple] (End-user) at (2.5,-3) {End-user}; + \path[path] (Signer) -| node[relation,above]{data, signature} (End-user); + \node[system, above=1cm of End-user] (Distribution) {Distribution}; + \node[relation,above=0.25cm of Distribution.40]{proof}; + } + \end{tikzpicture} + \end{column} + \end{columns} + \footnotetext[1]{\tiny{Originally proposed by Syta et al.: \burl{https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7546521}}} + + \vfill +\end{frame} + +\begin{frame} + \vfill + \centering + \begin{columns} + \begin{column}{.33\textwidth} + Example policy + \begin{itemize} + \item Known logs + \item Known witnesses + \item M-of-N (co)signatures + \end{itemize} + \end{column} + \begin{column}{.67\textwidth} + \mktitle{Verification} + \vspace{.5cm} + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + system/.style = { + draw = gray, + thick, + rectangle, + fill = white, + minimum width = 1cm, + font = \fontsize{8}{8}\selectfont, + text = black, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + rounded corners, + }, + ] + %%% + % Distribution + %%% + \node[entity, fill=darkPurple] (End-user) at (2.5,-3) {End-user}; + \path[path, dashed] ($ (End-user) + (0,-1) $) -- + node[relation, right] { + \begin{tabular}{c} + policy\\ + pub + \end{tabular} + } + (End-user); + \path[path] (Distribution) -- node[relation,right]{ + \begin{tabular}{c} + data\\ + signature\\ + proof\\ + \end{tabular}} + (End-user); + \node[system, above=1cm of End-user] (Distribution) {Distribution}; + + %%% + % Introduce the log + %%% + \node[entity, fill=darkGreen, left=3.25cm of Distribution] (Log) {Log}; + + %%% + % Setup DNS + %%% + \node[draw=none] (DNS) at ($ (Log) !.5! (Distribution) $) {}; + + %%% + % Witnessing + %%% + \node[entity, fill=darkRed, below=1cm of Log] (Witness) {Witness}; + \path[path] (Witness) -- node[relation,left]{cosign} (Log); + + %%% + % Setup monitor + %%% + \node[entity, fill=darkOrange, below=.75cm of DNS] (Monitor) {Monitor}; + \path[path, dashed] ($ (Monitor) + (0,-1) $) -- + node[relation, right] { + \begin{tabular}{c} + policy\\ + pub + \end{tabular} + } + (Monitor); + + %%% + % Inspect the log + %%% + \path[path] (Log) -- node[relation,above,sloped,pos=.60]{leaves, proof} (Monitor); + + %%% + % Also get the data + %%% + \path[path] (Distribution) -- node[relation,above,sloped]{data} (Monitor); + \end{tikzpicture} + \end{column} + \end{columns} + + \vfill + \alert{No reactive gossip/audit, offline verification by end-users (!)} +\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{.5\textwidth} + \mktitle{Current status} + \begin{itemize} + \item Solid foundation, hopefully(!) + \item V0 design\footnotemark[1] and API\footnotemark[2] is pretty stable + \item Public prototypes, log and witness + \item Tooling? Kind of ``pipe into \texttt{curl}'' + \item \url{https://git.sigsum.org} + \end{itemize} + \end{column} + \begin{column}{.5\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/sigsum/foundation} + \burl{https://bygg.se/valj-ratt-husgrund-till-din-villa/} + \end{column} + \end{columns} + \footnotetext[1]{\burl{https://git.sigsum.org/sigsum/tree/doc/design.md}} + \footnotetext[2]{\burl{https://git.sigsum.org/sigsum/tree/doc/api.md}} + + \pause + \vfill + \centering + \alert{Next steps: more feedback, tooling, mature code, SLA for a v0 log, eventually v1 spec} +\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{.1\textwidth} + \end{column} + \begin{column}{.4\textwidth} + \mktitle{Take away} + \begin{itemize} + \item Minimal building block + \item Log a signed checksum + \item Offline end-user verification + \item Many potential use-cases + \item Reach out to get involved\footnotemark[1] + \end{itemize} + \end{column} + \begin{column}{.4\textwidth} + \includegraphics[width=\columnwidth]{img/thanks} + \end{column} + \begin{column}{.1\textwidth} + \end{column} + \end{columns} + \footnotetext[1]{\tiny{irc, matrix, email list, etc., are linked from \burl{https://www.sigsum.org}}} +\end{frame} + +\begin{frame} + \vfill + \mktitle{Q/A} +\end{frame} diff --git a/slides/2022-ct-days/src/titlepage.tex b/slides/2022-ct-days/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2022-ct-days/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} diff --git a/slides/2022-kll/.gitignore b/slides/2022-kll/.gitignore new file mode 100644 index 0000000..d1e39cc --- /dev/null +++ b/slides/2022-kll/.gitignore @@ -0,0 +1,9 @@ +main.aux +main.fdb_latexmk +main.fls +main.log +main.nav +main.out +main.pdf +main.snm +main.toc diff --git a/slides/2022-kll/README b/slides/2022-kll/README new file mode 100644 index 0000000..ddf4d57 --- /dev/null +++ b/slides/2022-kll/README @@ -0,0 +1,4 @@ +My presentation of how I would have done a 2h lecture on PKI. Part of a +teaching course at Kau. + +Edit 2024-10-15: seems like there's some nit compiling now. diff --git a/slides/2022-kll/beamercolorthemergd.sty b/slides/2022-kll/beamercolorthemergd.sty new file mode 100644 index 0000000..e5d40d8 --- /dev/null +++ b/slides/2022-kll/beamercolorthemergd.sty @@ -0,0 +1,28 @@ +\mode + +%%% +% Color definitions +%%% +\RequirePackage{xcolor} +\definecolor{rgdGreen}{RGB}{33,114,106} +\definecolor{rgdYellow}{RGB}{255,210,4} +\definecolor{rgdOrange}{RGB}{232,114,12} +\colorlet{rgdGray}{gray!33} +\colorlet{rgdBlack}{black} + +\definecolor{sigsumWhite}{HTML}{FAF9F5} + +%%% +% Beamer colors +%%% +\setbeamercolor*{titlepage}{fg=rgdBlack} +\setbeamercolor*{author}{fg=rgdGreen} +\setbeamercolor*{date}{fg=black} +\setbeamercolor*{header}{bg=rgdYellow,fg=black} +\setbeamercolor*{trailer}{bg=rgdGray,fg=black} +\setbeamercolor*{item}{fg=rgdGreen} +\setbeamercolor*{alerted text}{fg=rgdGreen} + +\setbeamercolor*{background canvas}{bg=sigsumWhite} + +\mode diff --git a/slides/2022-kll/beamerfontthemergd.sty b/slides/2022-kll/beamerfontthemergd.sty new file mode 100644 index 0000000..a6d212c --- /dev/null +++ b/slides/2022-kll/beamerfontthemergd.sty @@ -0,0 +1,9 @@ +\mode + +\setbeamerfont{title}{size=\large,shape=\bfseries} +\setbeamerfont{subtitle}{size=\normalsize,shape=\bfseries} +\setbeamerfont{frametitle}{size=\large,shape=\bfseries} +\setbeamerfont{institute}{size=\small} +\setbeamerfont{date}{size=\small} + +\mode diff --git a/slides/2022-kll/beamerinnerthemergd.sty b/slides/2022-kll/beamerinnerthemergd.sty new file mode 100644 index 0000000..1c50b47 --- /dev/null +++ b/slides/2022-kll/beamerinnerthemergd.sty @@ -0,0 +1,43 @@ +\mode + +%%% +% Title page +%%% +\defbeamertemplate*{title page}{rgd}[1][]{ + \begin{tikzpicture}[remember picture, overlay] + \usebeamercolor{titlepage} + Add top-left triangle with university logo + \filldraw[draw=rgdGray,fill=rgdGray] + (current page.north west) -- + (current page.north) -- + node[draw=none,pos=0.5](LogoMul){\includegraphics[width=3.5cm]{img/kau}} + (current page.west) -- + (current page.north west); + % Add title + \node[ + text=fg, + text width=0.75\paperwidth, + ] (Title) at ([shift={(0,-0.5cm)}]current page){% + \centering\usebeamerfont{title}\inserttitle\\% + }; + % Add date + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Title, + ] (Subtitle) {% + \centering\usebeamerfont{date}\insertdate\\% + }; + % Add authors + \usebeamercolor{author} + \node[ + text=fg, + text width=0.75\paperwidth, + below=0pt of Subtitle, + ] (Author) {% + \centering\usebeamerfont{author}\insertauthor\\% + }; + \end{tikzpicture} +} + +\mode diff --git a/slides/2022-kll/beamerouterthemergd.sty b/slides/2022-kll/beamerouterthemergd.sty new file mode 100644 index 0000000..2b4ef3f --- /dev/null +++ b/slides/2022-kll/beamerouterthemergd.sty @@ -0,0 +1,65 @@ +\mode + +%%% +% Frame header +%%% +\defbeamertemplate*{frametitle}{corporate}[1][]{% + \nointerlineskip + % Add frame title + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=3ex, + dp=1.5ex, + left, + leftskip=2ex + ]{header} + \insertframetitle + \end{beamercolorbox} + % Add line after header + \nointerlineskip + \begin{beamercolorbox}[ + wd=\paperwidth, + ht=0.25ex + ]{trailer} + \end{beamercolorbox}% +} + +%%% +% Frame trailer +%%% +\defbeamertemplate*{footline}{corporate}{% + \hbox{% + % Add metadata + \begin{beamercolorbox}[ + wd=0.50\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{trailer} + \hfill\url{www.rgdd.se}\hfill + \end{beamercolorbox}% + % Add title + \begin{beamercolorbox}[ + wd=0.45\paperwidth, + ht=2ex, + dp=0.5ex, + left, + leftskip=2ex + ]{header} + \hfill\insertsubtitle\hfill + \end{beamercolorbox}% + % Add page counter + \begin{beamercolorbox}[ + wd=0.05\paperwidth, + ht=2ex, + dp=0.5ex, + right, + rightskip=1ex + ]{header} + \insertframenumber/\inserttotalframenumber + \end{beamercolorbox}% + } +} + +\mode diff --git a/slides/2022-kll/beamerthemergd.sty b/slides/2022-kll/beamerthemergd.sty new file mode 100644 index 0000000..022ef2c --- /dev/null +++ b/slides/2022-kll/beamerthemergd.sty @@ -0,0 +1,23 @@ +\mode + +%%% +% Load beamer settings +%%% +\usecolortheme{rgd} +\usefonttheme{rgd} +\useinnertheme{rgd} +\useoutertheme{rgd} + +%%% +% Disable navigation tools on slides +%%% +\setbeamertemplate{navigation symbols}{} + +%%% +% Object styles +%%% +\setbeamertemplate{itemize item}[square] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{sections/subsections in toc}[square] + +\mode diff --git a/slides/2022-kll/img/cas.pdf b/slides/2022-kll/img/cas.pdf new file mode 100644 index 0000000..81c98d8 Binary files /dev/null and b/slides/2022-kll/img/cas.pdf differ diff --git a/slides/2022-kll/img/cas.svg b/slides/2022-kll/img/cas.svg new file mode 100644 index 0000000..ae6cf6d --- /dev/null +++ b/slides/2022-kll/img/cas.svg @@ -0,0 +1,450 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Layer 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/slides/2022-kll/img/cas/digicert.svg b/slides/2022-kll/img/cas/digicert.svg new file mode 100644 index 0000000..32744c3 --- /dev/null +++ b/slides/2022-kll/img/cas/digicert.svg @@ -0,0 +1,17 @@ + + +DigiCert logo +A certificate authority that issue TLS certificates + + + + image/svg+xml + + + + + + + + + diff --git a/slides/2022-kll/img/cas/google.svg b/slides/2022-kll/img/cas/google.svg new file mode 100644 index 0000000..00fc2b3 --- /dev/null +++ b/slides/2022-kll/img/cas/google.svg @@ -0,0 +1,8 @@ + + + + + + + + diff --git a/slides/2022-kll/img/cas/le.svg b/slides/2022-kll/img/cas/le.svg new file mode 100644 index 0000000..8542216 --- /dev/null +++ b/slides/2022-kll/img/cas/le.svg @@ -0,0 +1,38 @@ + + + + + Layer 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/slides/2022-kll/img/cas/sectigo.svg b/slides/2022-kll/img/cas/sectigo.svg new file mode 100644 index 0000000..6bce9b8 --- /dev/null +++ b/slides/2022-kll/img/cas/sectigo.svg @@ -0,0 +1,25 @@ + + + + + + + + + + + + + + + + + + + + + + diff --git a/slides/2022-kll/img/cas/trustasia.svg b/slides/2022-kll/img/cas/trustasia.svg new file mode 100644 index 0000000..e44fbe2 --- /dev/null +++ b/slides/2022-kll/img/cas/trustasia.svg @@ -0,0 +1,68 @@ + + + 亚洲诚信logo + + + + + + + + \ No newline at end of file diff --git a/slides/2022-kll/img/certificate.pdf b/slides/2022-kll/img/certificate.pdf new file mode 100644 index 0000000..8352ac0 Binary files /dev/null and b/slides/2022-kll/img/certificate.pdf differ diff --git a/slides/2022-kll/img/certificate.svg b/slides/2022-kll/img/certificate.svg new file mode 100644 index 0000000..cb220eb --- /dev/null +++ b/slides/2022-kll/img/certificate.svg @@ -0,0 +1,291 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/slides/2022-kll/img/crt.png b/slides/2022-kll/img/crt.png new file mode 100644 index 0000000..2ba79b4 Binary files /dev/null and b/slides/2022-kll/img/crt.png differ diff --git a/slides/2022-kll/img/ct.pdf b/slides/2022-kll/img/ct.pdf new file mode 100644 index 0000000..cbbed4a Binary files /dev/null and b/slides/2022-kll/img/ct.pdf differ diff --git a/slides/2022-kll/img/ct.svg b/slides/2022-kll/img/ct.svg new file mode 100644 index 0000000..ac992bb --- /dev/null +++ b/slides/2022-kll/img/ct.svg @@ -0,0 +1,229 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + Connector + Exit to or entry from another part of chart. + + + + + + + + + + + + + + + Logs + Monitors + Auditors + + diff --git a/slides/2022-kll/img/fire.pdf b/slides/2022-kll/img/fire.pdf new file mode 100644 index 0000000..475a06d Binary files /dev/null and b/slides/2022-kll/img/fire.pdf differ diff --git a/slides/2022-kll/img/fire.svg b/slides/2022-kll/img/fire.svg new file mode 100644 index 0000000..ecdc539 --- /dev/null +++ b/slides/2022-kll/img/fire.svg @@ -0,0 +1,223 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + image/svg+xml + + + + + Openclipart + + + + + + + + + + + diff --git a/slides/2022-kll/img/kau.png b/slides/2022-kll/img/kau.png new file mode 100755 index 0000000..0c7c885 Binary files /dev/null and b/slides/2022-kll/img/kau.png differ diff --git a/slides/2022-kll/img/lock.png b/slides/2022-kll/img/lock.png new file mode 100644 index 0000000..65e313e Binary files /dev/null and b/slides/2022-kll/img/lock.png differ diff --git a/slides/2022-kll/img/login.png b/slides/2022-kll/img/login.png new file mode 100644 index 0000000..f910d34 Binary files /dev/null and b/slides/2022-kll/img/login.png differ diff --git a/slides/2022-kll/img/outline.pdf b/slides/2022-kll/img/outline.pdf new file mode 100644 index 0000000..ad77aef Binary files /dev/null and b/slides/2022-kll/img/outline.pdf differ diff --git a/slides/2022-kll/img/outline.svg b/slides/2022-kll/img/outline.svg new file mode 100644 index 0000000..8270810 --- /dev/null +++ b/slides/2022-kll/img/outline.svg @@ -0,0 +1,292 @@ + + + + + + + + + + + + + + + + + + + + Keying + Operation using a key-driven device, e.g. typing. (IBM) + + + + + Certificates + Web PKI + CT logs + CT in practise + + + + + Conceptually,X.509 format,How to view + + Certificateauhtorities,DV/OV/EV + + Overall idea,Properties,RFC 6962 + + Policy,Limitations,Monitoring + + diff --git a/slides/2022-kll/main.tex b/slides/2022-kll/main.tex new file mode 100644 index 0000000..1ad5919 --- /dev/null +++ b/slides/2022-kll/main.tex @@ -0,0 +1,25 @@ +\pdfminorversion=4 +\documentclass[handout,aspectratio=169]{beamer} +%\documentclass[aspectratio=169]{beamer} +\usetheme{rgd} + +\input{src/preamble} + +\title{%full version that is shown on the front page + The web's public-key infrastructure +} +\subtitle{%short version that is shown in the footer on each slide + The web's public-key infrastructure +} +\author{% + \textbf{Rasmus Dahlberg}\\ + \texttt{rasmus.dahlberg@kau.se} +} +\date{% + \today +} + +\begin{document} + \input{src/titlepage} + \input{src/body} +\end{document} diff --git a/slides/2022-kll/slides.pdf b/slides/2022-kll/slides.pdf new file mode 100644 index 0000000..c0c4885 Binary files /dev/null and b/slides/2022-kll/slides.pdf differ diff --git a/slides/2022-kll/src/body.tex b/slides/2022-kll/src/body.tex new file mode 100644 index 0000000..495bb27 --- /dev/null +++ b/slides/2022-kll/src/body.tex @@ -0,0 +1,109 @@ +% +% Landing page +% - Recall TLS from last lecture +% - Encrypted tunnel between client-server +% - Authenticate client, server, or both; trust anchors hand-waved +% - Today is about how to authenticate servers in the web's PKI +% + +\begin{frame} + \mktitle{Are we really connected to the real Google?} + \begin{tikzpicture} + \node[draw=none] (Login) at (0,0) {\includegraphics[height=0.8\textheight]{img/login}};\pause + %\node[draw=none] (Lock) at (0,0) {\includegraphics[height=0.8\textheight]{img/lock}};\pause + \node[draw=none] (Licence) at (Login.170) {\includegraphics[height=0.2\textheight]{img/certificate}};\pause + \node[draw=none] (CAs) at (Login.10) {\includegraphics[height=0.2\textheight]{img/cas}}; + \node[draw=none,below=0cm of CAs] (Text) {...and many more};\pause + \node[draw=none,below=0cm of Text] (Fire) {\includegraphics[height=0.1\textheight]{img/fire}}; + \end{tikzpicture} + + \footnotetext[1]{\tiny{Summary of the DigiNotar incidence: \url{https://www.enisa.europa.eu/media/news-items/operation-black-tulip/} (2011)}} +\end{frame} + +\begin{frame} + \mktitle{Learning outcomes} + \begin{columns} + \begin{column}{0.33\textwidth} + \centering\includegraphics[width=\columnwidth]{img/certificate}\\ + \textbf{X.509 certificates}\\ + Format, fields, ... + \end{column} + + \pause + \begin{column}{0.33\textwidth} + \centering\includegraphics[width=\columnwidth]{img/cas}\\ + \textbf{Certificate Authorities}\\ + Ecosystem, validation, ... + \end{column} + + \pause + \begin{column}{0.33\textwidth} + \centering\includegraphics[width=\columnwidth]{img/ct}\\ + \textbf{Certificate Transparency}\\ + Theory, practise, ...\\ + \end{column} + \end{columns} + + \pause + \vfill\alert{Why is this useful for me?} + % 1. You will likely encounter websites in one form or another. A site + % that's not working due to certificate errors; you need to get your own + % certificate for your site; etc. What should you get, why, and how? + % What steps are expected to keep your site's certificate secure? + % 2. Next time we will generalize. The technology surrounding certificate + % transparency is useful for a myriad of applications. Firmware, Go + % modules, official documents, etc. +\end{frame} + +\begin{frame} + \mktitle{Middle part---Cronological} + \centering\includegraphics[width=\textwidth]{img/outline} +\end{frame} + +\begin{frame} + \mktitle{Middle part---Segway to the end} + + CT logs and monitoring $\rightarrow$ no undeteted DigiNotar-style attacks +\end{frame} + +\begin{frame} + \mktitle{Middle part---Example of engagement} + + \begin{description} + \item[]\textbf{Select all statements that are true:} + \item[$\square$] An X.509 certificate proves ownership of a website + \item[$\square$] An EV certificate is more secure than a DV certificate + \item[$\square$] Only Swedish CAs can issue \texttt{.se} certificates + \item[$\square$] There are hundreds of CAs across the globe + \end{description} +\end{frame} + +\begin{frame} + \mktitle{Take away} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item X.509 certificates + \begin{itemize} + \item ``Driver's licence for websites'' + \item Am I connected to the right site? + \end{itemize} + \item Certificate Authorities (CAs) + \begin{itemize} + \item ``Transportstyrelsen for websites'' + \item DV/OV/EV validated certificates + \item Weakest-link security + \end{itemize} + \item Certificate Transparency (CT) + \begin{itemize} + \item Holds CAs accountable (detection) + \item Enforced by Chrome, Safari, Edge + \item Monitor your own websites + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \includegraphics[width=\columnwidth]{img/crt} + \end{column} + \end{columns} +\end{frame} diff --git a/slides/2022-kll/src/preamble.tex b/slides/2022-kll/src/preamble.tex new file mode 100644 index 0000000..4021351 --- /dev/null +++ b/slides/2022-kll/src/preamble.tex @@ -0,0 +1,113 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[utf8]{inputenc} + +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{rotate} +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{pifont} +\usepackage{wasysym} +\usepackage{graphicx} +\usepackage{color} +\usepackage{drawstack} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + shapes,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +%\usepackage{floatrow}% this one causes error on arch for some reason +\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +\usepackage{hyperref} +\hypersetup{ + colorlinks = true, % Color links instead of boxes + urlcolor = darkBlue, % Color external hyper links + linkcolor = darkBlue, % Color internal links + citecolor = darkBlue, % Color citations +} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +\lstdefinestyle{CStyle}{ + backgroundcolor=\color{lightGray!25}, + commentstyle=\color{darkGreen}, + keywordstyle=\color{darkBlue}, + numberstyle=\tiny\color{darkRed}, + stringstyle=\color{darkPurple}, + basicstyle=\footnotesize, + breakatwhitespace=false, + breaklines=false, + captionpos=b, + keepspaces=true, + numbers=left, + numbersep=5pt, + showspaces=false, + showstringspaces=false, + showtabs=false, + tabsize=2, + language=C, + morekeywords={size_t,def,in,zip,True,False,ord,u8,u64}, +} + +\setbeamertemplate{itemize item}[circle] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\floatright}[1]{\hspace{0pt plus 1 filll}#1$\;$} + +\def\rding{\rotatebox[origin=c]{-91}{\ding{224}}} +\def\lding{\rotatebox[origin=c]{91}{\ding{224}}} + +% TODO: fix this properly... +\newcommand{\mktitle}[1]{\centering\textbf{\large#1}\vfill\normalsize} diff --git a/slides/2022-kll/src/titlepage.tex b/slides/2022-kll/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2022-kll/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} -- cgit v1.2.3