From 76bae02bcd7d6b3ec9eea428e5e95da184a8dbfb Mon Sep 17 00:00:00 2001 From: Rasmus Dahlberg Date: Tue, 15 Oct 2024 15:35:20 +0200 Subject: Rescue some slides from old private mono repos --- slides/2022-ct-days/src/ctor.tex | 222 +++++++++++ slides/2022-ct-days/src/outline.tex | 4 + slides/2022-ct-days/src/preamble.tex | 114 ++++++ slides/2022-ct-days/src/sigsum.tex | 675 ++++++++++++++++++++++++++++++++++ slides/2022-ct-days/src/titlepage.tex | 3 + 5 files changed, 1018 insertions(+) create mode 100644 slides/2022-ct-days/src/ctor.tex create mode 100644 slides/2022-ct-days/src/outline.tex create mode 100644 slides/2022-ct-days/src/preamble.tex create mode 100644 slides/2022-ct-days/src/sigsum.tex create mode 100644 slides/2022-ct-days/src/titlepage.tex (limited to 'slides/2022-ct-days/src') diff --git a/slides/2022-ct-days/src/ctor.tex b/slides/2022-ct-days/src/ctor.tex new file mode 100644 index 0000000..f7ed6c3 --- /dev/null +++ b/slides/2022-ct-days/src/ctor.tex @@ -0,0 +1,222 @@ +\begin{frame} + \mktitle{Tor crash course} + \centering\includegraphics[width=.8\textwidth]{img/tor/overview} + \footnotetext[1]{\tiny{Credit: figure created by Tobias Pulls}} + \footnotetext[2]{\tiny{Design: \burl{https://murdoch.is/papers/tor14design.pdf}}} +\end{frame} + +\begin{frame} + \mktitle{Tor Browser} + \begin{columns} + \begin{column}{0.6\textwidth} + \begin{itemize} + \item Firefox derivative + \item Route all traffic through Tor + \item Prevent user activity on one site from + being linked to activity on another + \item \alert<2->{Do not write any state to disk} + \item ... + \end{itemize} + \end{column} + \begin{column}{0.4\textwidth} + \includegraphics[width=.67\columnwidth]{img/tor/tb} + \end{column} + \end{columns} + \footnotetext[1]{\tiny{Credit: Tom Ritter, see \burl{https://ritter.vg/p/tor-v1.6.pdf}}} + \footnotetext[2]{\tiny{Design: \burl{https://2019.www.torproject.org/projects/torbrowser/design/}}} +\end{frame} + +\begin{frame} + \centering + \includegraphics[width=.75\textwidth]{img/ctor/paper} + \vfill + \includegraphics[width=.75\textwidth]{img/ctor/blog} +\end{frame} + +\begin{frame} + \mktitle{Problem statement} + \begin{columns} + \begin{column}{0.6\textwidth} + \begin{itemize} + \item Tor Browser does not enforce CT + \item Guard against prominent threats + \begin{itemize} + \item DigiNotar style attacks + \item Interception to deanonymize + \end{itemize} + \item Go beyond ``just CT compliance'' + \end{itemize} + \end{column} + \begin{column}{0.4\textwidth} + \centering + \includegraphics[width=.67\columnwidth]{img/tor/tb} + \end{column} + \end{columns} + \vfill\pause + \alert{Attacker in Tor's threat model + controls a CA and two CT logs} +\end{frame} + +\begin{frame} + \mktitle{Incremental deployment} + \begin{enumerate} + \item Catch up with CT compliant browsers + \floatright{\emph{pairs of logs} are trusted blindly} + \item Steps towards decentralized verification + \floatright{\emph{some log} is trusted blindly} + \item Fully decentralized verification + \floatright{\emph{no log} is trusted blindly} + \end{enumerate} +\end{frame} + +\begin{frame} + \mktitle{Full design} + \centering\includegraphics[height=.5\textheight]{img/ctor/full} + \vfill + \pause + \alert{Security? Difficult to interfere without detection in any phase} +\end{frame} + +\begin{frame} + \mktitle{Why not just...?} + \begin{columns} + \begin{column}{.5\textwidth}\centering + \includegraphics[width=.9\columnwidth]{img/ctor/tb-to-log}\\\vspace{.25cm} + Fetch an inclusion proof + \end{column} + \begin{column}{.5\textwidth}\centering + \includegraphics[width=.77\columnwidth]{img/ctor/tb-to-auditor}\\\vspace{.25cm} + Rely on a centralized party + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Phase 1: Submission} + \centering\includegraphics[width=.75\textwidth]{img/ctor/phase-1} + \vfill + \begin{columns} + \begin{column}{.2\textwidth}\centering + \end{column} + \begin{column}{.3\textwidth}\centering + \alert{1.} Probabilistic submit + \end{column} + \begin{column}{.3\textwidth}\centering + \alert{2.} Random CTR + \end{column} + \begin{column}{.2\textwidth}\centering + \end{column} + \end{columns} + \pause + + \vfill + \alert{Best attack: quickly take control over Tor Browser} +\end{frame} + +\begin{frame} + \mktitle{Phase 2: Buffering} + \begin{columns} + \begin{column}{.5\textwidth} + \begin{enumerate} + \item Buffer until logging is required + \item Add a random delay to leak less + \item Cache audited SFOs to leak less + \end{enumerate} + \end{column} + \begin{column}{.5\textwidth} + \centering + \includegraphics[width=.45\columnwidth]{img/ctor/phase-2} + \end{column} + \end{columns} + \pause + + \vfill\centering + \alert{Best attack: network-wide flush} +\end{frame} + +\begin{frame} + \mktitle{Phase 3: Auditing} + \begin{columns} + \begin{column}{.4\textwidth} + \begin{enumerate} + \item Fetch inclusion proof + \item STH from Tor's consensus + \item Collaborate with a watchdog + \begin{itemize} + \item CTR identification + \item ``Tagging'' + \end{itemize} + \end{enumerate} + \end{column} + \begin{column}{.6\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/ctor/phase-3} + \end{column} + \end{columns} + \pause + + \vfill\centering + \alert{Best attack: quickly take control over CTR} +\end{frame} + +\begin{frame} + \mktitle{Phase 4: Reporting} + \centering\includegraphics[width=.4\textwidth]{img/ctor/phase-4} + \vfill + \alert{1.} Report SFO on timeout + \pause + + \vfill + \alert{Best attack: n/a} +\end{frame} + +\begin{frame} + \vfill + \mktitle{This is quite the leap from ``just CT compliance''} +\end{frame} + +\begin{frame} + \mktitle{Incremental design} + \centering\includegraphics[height=.33\textheight]{img/ctor/incremental} + \vfill + \pause + + \alert{Use the log ecosystem against the attacker}\\ +\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{.41\textwidth} + \mktitle{Conclusion} + \begin{itemize} + \item Tor's setting is quite different + \item Delegated audiding is key here + \item Roadmap from start to finnish + \end{itemize} + \end{column} + \begin{column}{.25\textwidth} + \mktitle{Resources} + \begin{itemize} + \item PETS paper\footnotemark[1] + \item PETS talk\footnotemark[2] + \item Tor blog post\footnotemark[3] + \end{itemize} + \end{column} + \begin{column}{.35\textwidth} + \mktitle{Next steps} + \begin{itemize} + \item Torspec proposal(s) + \item Browser implementation + \item Relay implementation + \end{itemize} + \end{column} + \end{columns} + \footnotetext[1]{\burl{https://petsymposium.org/2021/files/papers/issue2/popets-2021-0024.pdf}} + \footnotetext[2]{\burl{https://www.youtube.com/watch?v=f7yDJOd6g3U}} + \footnotetext[3]{\burl{https://blog.torproject.org/tor-certificate-transparency/}} +\end{frame} + +\begin{frame} + \vfill + \mktitle{Halftime} +\end{frame} diff --git a/slides/2022-ct-days/src/outline.tex b/slides/2022-ct-days/src/outline.tex new file mode 100644 index 0000000..f04f431 --- /dev/null +++ b/slides/2022-ct-days/src/outline.tex @@ -0,0 +1,4 @@ +\begin{frame} + \vfill + \mktitle{CT in Tor \alert{$\cdots$} Halftime \alert{$\cdots$} Sigsum Logging} +\end{frame} diff --git a/slides/2022-ct-days/src/preamble.tex b/slides/2022-ct-days/src/preamble.tex new file mode 100644 index 0000000..86ae650 --- /dev/null +++ b/slides/2022-ct-days/src/preamble.tex @@ -0,0 +1,114 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[utf8]{inputenc} + +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{rotate} +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{pifont} +\usepackage{wasysym} +\usepackage{graphicx} +\usepackage{color} +\usepackage{drawstack} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + shapes,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +%\usepackage{floatrow}% this one causes error on arch for some reason +\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +\usepackage{hyperref} +\hypersetup{ + colorlinks = true, % Color links instead of boxes + urlcolor = darkBlue, % Color external hyper links + linkcolor = darkBlue, % Color internal links + citecolor = darkBlue, % Color citations +} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +\lstdefinestyle{CStyle}{ + backgroundcolor=\color{lightGray!25}, + commentstyle=\color{darkGreen}, + keywordstyle=\color{darkBlue}, + numberstyle=\tiny\color{darkRed}, + stringstyle=\color{darkPurple}, + %basicstyle=\footnotesize, + basicstyle=\scriptsize, + breakatwhitespace=false, + breaklines=false, + captionpos=b, + keepspaces=true, + numbers=left, + numbersep=5pt, + showspaces=false, + showstringspaces=false, + showtabs=false, + tabsize=2, + language=C, + morekeywords={size_t,def,in,zip,True,False,ord,u8,u64}, +} + +\setbeamertemplate{itemize item}[circle] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\floatright}[1]{\hspace{0pt plus 1 filll}#1$\;$} + +\def\rding{\rotatebox[origin=c]{-91}{\ding{224}}} +\def\lding{\rotatebox[origin=c]{91}{\ding{224}}} + +% TODO: fix this properly... +\newcommand{\mktitle}[1]{\centering\textbf{\large#1}\vfill\normalsize} diff --git a/slides/2022-ct-days/src/sigsum.tex b/slides/2022-ct-days/src/sigsum.tex new file mode 100644 index 0000000..02b5bd2 --- /dev/null +++ b/slides/2022-ct-days/src/sigsum.tex @@ -0,0 +1,675 @@ +\begin{frame} + \mktitle{Tweets you can probably relate to} + \pause + \begin{columns} + \begin{column}{0.5\textwidth} + \includegraphics[width=\columnwidth]{img/benlaurie/2017}\\\pause + \includegraphics[width=\columnwidth]{img/benlaurie/2018}\\\pause + \includegraphics[width=\columnwidth]{img/benlaurie/2019}\\\pause + \includegraphics[width=\columnwidth]{img/benlaurie/2020}\\\pause + \end{column} + \begin{column}{0.5\textwidth} + \centering + \alert{2022?}\\ + More initatives than can\\ + be counted on two hands\\ + \pause + + \vspace{.25cm} + \burl{https://binary.transparency.dev}\\ + ... + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \vfill + \mktitle{Common denominator?} + Certificates\\ + Executable binaries\\ + Source code\\ + TPM quotes\\ + Onion address rulesets\\ + Official documents\\ + ...\\ +\end{frame} + +\begin{frame} + \vfill + \mktitle{Where is the low-hanging fruit?} +\end{frame} + +\begin{frame} + \begin{columns} + \begin{column}{.4\textwidth} + \mktitle{Meet the Sigsum project} + \begin{itemize} + \item FOSS + \item Signed checksums + \item Enforcement of logging + \item Minimal building block + \item ``Transparent key-usage'' + \end{itemize} + \end{column} + \begin{column}{.5\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/sigsum/history} + \burl{https://git.sigsum.org/sigsum/tree/doc/history.md} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Use-case - Signature Transparency} + ``Oh, a new signature was created. That's weird. I'm at the gym.'' +\end{frame} + +\begin{frame} + \mktitle{Use-case - Binary Transparency} + + ``Oh, that's the key binaries are signed with''\\ + ``By policy binaries are located at releases.example.com/\$CHECKSUM'' + +\end{frame} + +\begin{frame} + \vfill + \mktitle{s/binary/something else/} +\end{frame} + +\begin{frame} + \mktitle{Many answers and trade-offs} + \vfill + \begin{columns} + \begin{column}{.3\textwidth} + \begin{itemize} + \item Purpose of logging + \item What is (not) logged + \item Auditing, SCTs + \end{itemize} + \end{column} + \begin{column}{.25\textwidth} + \begin{itemize} + \item Gossip + \item Anti-poison + \item Anti-spam + \end{itemize} + \end{column} + \begin{column}{.25\textwidth} + \begin{itemize} + \item Sharding + \item Privacy + \item Simple API + \end{itemize} + \end{column} + \end{columns} + \vfill + \alert{Accept latency, no rich metadata, no complicated protocols and parsers} +\end{frame} + +\begin{frame} + \mktitle{System overview} + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + system/.style = { + draw = gray, + thick, + rectangle, + fill = white, + minimum width = 1cm, + font = \fontsize{8}{8}\selectfont, + text = black, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + rounded corners, + }, + ] + %%% + % Signing + %%% + \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; + \path[path, dashed] ($ (Signer) + (0,1) $) -- + node[relation, right] { + \begin{tabular}{c} + priv\\ + data\\ + \end{tabular} + } + (Signer); + \pause + + %%% + % Distribution + %%% + \node[entity, fill=darkPurple] (End-user) at (2.5,-3) {End-user}; + \path[path, dashed] ($ (End-user) + (0,-1) $) -- + node[relation, right] { + \begin{tabular}{c} + policy\\ + pub + \end{tabular} + } + (End-user); + \path[path] (Signer) -| node[relation,above]{data, signature} (End-user); + \node[system, above=1cm of End-user] (Distribution) {Distribution}; + \pause + + %%% + % Introduce the log + %%% + \node[entity, fill=darkGreen, left=3.25cm of Distribution] (Log) {Log}; + \pause + + %%% + % Setup DNS + %%% + \node[system, below=1cm of Signer] (DNS) {DNS}; + \path[path, dashed] (Signer) -- node[relation,right]{\hash(pub)} (DNS); + \pause + + + %%% + % Add leaf + %%% + \path[path] (Signer) -| node[relation,above]{add leaf} (Log); + \path[path] (DNS) -- node[relation,above]{\hash(pub)} (Log); + \pause + + %%% + % Witnessing + %%% + \node[entity, fill=darkRed, below=1cm of Log] (Witness) {Witness}; + \path[path] (Witness) -- node[relation,left]{cosign} (Log); + \pause + + %%% + % Collect proof + %%% + \path[path] (Log) -- node[relation,above,sloped]{proof} (Signer); + \node[relation,above=0.25cm of Distribution.40]{proof}; + \pause + + %%% + % Setup monitor + %%% + \node[entity, fill=darkOrange, below=.75cm of DNS] (Monitor) {Monitor}; + \path[path, dashed] ($ (Monitor) + (0,-1) $) -- + node[relation, right] { + \begin{tabular}{c} + policy\\ + pub + \end{tabular} + } + (Monitor); + \pause + + %%% + % Inspect the log + %%% + \path[path] (Log) -- node[relation,below,sloped,pos=.40]{leaves, proof} (Monitor); + \pause + + %%% + % Also get the data + %%% + \path[path] (Distribution) -- node[relation,above,sloped]{data} (Monitor); + \end{tikzpicture} +\end{frame} + +\begin{frame} + \vfill + \mktitle{A step-by-step breakdown} +\end{frame} + +\begin{frame} + \mktitle{Signing} + \centering + + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + system/.style = { + draw = gray, + thick, + rectangle, + fill = white, + minimum width = 1cm, + font = \fontsize{8}{8}\selectfont, + text = black, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + rounded corners, + }, + ] + %%% + % Signing + %%% + \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; + \path[path, dashed] ($ (Signer) + (0,1) $) -- + node[relation, right] { + \begin{tabular}{c} + priv\\ + data\\ + \end{tabular} + } + (Signer); + \end{tikzpicture} + \vfill + \pause + + \begin{columns} + \begin{column}{.5\textwidth}\centering + \lstinputlisting[style=CStyle]{img/sigsum/sshsig} + \burl{https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.sshsig\#L81} + \end{column} + \pause + \begin{column}{.5\textwidth}\centering + \lstinputlisting[style=CStyle]{img/sigsum/sshvalues} + \burl{https://git.sigsum.org/sigsum/tree/doc/proposals/2021-11-ssh-signature-format.md} + \end{column} + \end{columns} + \vfill + + \pause + \begin{columns} + \begin{column}{.33\textwidth}\centering + \texttt{ssh-keygen -Y} + \end{column} + \begin{column}{.33\textwidth}\centering + \texttt{signify} + \end{column} + \begin{column}{.33\textwidth}\centering + \texttt{minisign} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \vfill + \mktitle{Why not support more signing formats and tools?} +\end{frame} + +\begin{frame} + \mktitle{Submission} + \begin{columns} + \begin{column}{0.4\textwidth} + \alert{HTTP POST ASCII} + \begin{itemize} + \item Shard hint + \begin{itemize} + \item $\in [\mathsf{shard\_start}, \mathsf{now}()]$ + \end{itemize} + \item Message + \item Signature + \item Public key + \item Domain hint + \begin{itemize} + \item \texttt{\_sigsum\_v0.*} $\rightarrow\hash(\mathsf{pub})$ + \end{itemize} + \end{itemize} + \end{column} + \uncover<2>{% + \begin{column}{.27\textwidth} + \alert{Stored leaf (136 bytes)} + \begin{itemize} + \item Shard hint + \item Checksum + \item Signature + \item Key hash + \end{itemize} + \vspace{1.4cm} + \end{column} + } + \begin{column}{.33\textwidth}\centering + \vspace{-3cm} + \hspace{-1cm} + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + system/.style = { + draw = gray, + thick, + rectangle, + fill = white, + minimum width = 1cm, + font = \fontsize{8}{8}\selectfont, + text = black, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + rounded corners, + }, + ] + %%% + % Signing + %%% + \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; + \path[path, dashed] ($ (Signer) + (0,1) $) -- + node[relation, right] { + \begin{tabular}{c} + priv\\ + data\\ + \end{tabular} + } + (Signer); + + %%% + % Setup DNS + %%% + \node[system, below=1cm of Signer] (DNS) {DNS}; + \path[path, dashed] (Signer) -- node[relation,right]{\hash(pub)} (DNS); + + %%% + % Introduce the log + %%% + \node[entity, fill=darkGreen, left=1cm of DNS] (Log) {Log}; + + %%% + % Add leaf + %%% + \path[path] (Signer) -| node[relation,above]{add leaf} (Log); + \path[path] (DNS) -- node[relation,above]{\hash(pub)} (Log); + \end{tikzpicture} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \mktitle{Bundling \uncover<2->{and Distribution}} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item Signer must \textbf{wait} for witnessing\footnotemark[1] + \begin{itemize} + \item Append-only + \item Freshness + \item Some simplifications + \end{itemize} + \item Proof of logging + \begin{itemize} + \item Cosigned tree head + \item Inclusion proof + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{.5\textwidth}\centering + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + system/.style = { + draw = gray, + thick, + rectangle, + fill = white, + minimum width = 1cm, + font = \fontsize{8}{8}\selectfont, + text = black, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + rounded corners, + }, + ] + %%% + % Setup entities + %%% + \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; + \node[draw=none, below=1cm of Signer] (DNS) {}; + \node[entity, fill=darkGreen, left=1cm of DNS] (Log) {Log}; + + %%% + % Witnessing + %%% + \node[entity, fill=darkRed, below=1cm of Log] (Witness) {Witness}; + \path[path] (Witness) -- node[relation,left]{cosign} (Log); + + %%% + % Get proof + %%% + \path[path] (Log) -- node[relation,above,sloped]{proof} (Signer); + + \uncover<2->{ + %%% + % Distribution + %%% + \node[entity, fill=darkPurple] (End-user) at (2.5,-3) {End-user}; + \path[path] (Signer) -| node[relation,above]{data, signature} (End-user); + \node[system, above=1cm of End-user] (Distribution) {Distribution}; + \node[relation,above=0.25cm of Distribution.40]{proof}; + } + \end{tikzpicture} + \end{column} + \end{columns} + \footnotetext[1]{\tiny{Originally proposed by Syta et al.: \burl{https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7546521}}} + + \vfill +\end{frame} + +\begin{frame} + \vfill + \centering + \begin{columns} + \begin{column}{.33\textwidth} + Example policy + \begin{itemize} + \item Known logs + \item Known witnesses + \item M-of-N (co)signatures + \end{itemize} + \end{column} + \begin{column}{.67\textwidth} + \mktitle{Verification} + \vspace{.5cm} + \begin{tikzpicture}[ + -latex, + entity/.style = { + draw = gray!30, + thick, + rounded rectangle, + fill = white, + minimum width = 2cm, + font = \fontsize{8}{8}\selectfont, + text = white, + }, + system/.style = { + draw = gray, + thick, + rectangle, + fill = white, + minimum width = 1cm, + font = \fontsize{8}{8}\selectfont, + text = black, + }, + relation/.style = { + draw = none, + font = \fontsize{6}{6}\selectfont, + }, + path/.style = { + draw, + thick, + -latex, + rounded corners, + }, + ] + %%% + % Distribution + %%% + \node[entity, fill=darkPurple] (End-user) at (2.5,-3) {End-user}; + \path[path, dashed] ($ (End-user) + (0,-1) $) -- + node[relation, right] { + \begin{tabular}{c} + policy\\ + pub + \end{tabular} + } + (End-user); + \path[path] (Distribution) -- node[relation,right]{ + \begin{tabular}{c} + data\\ + signature\\ + proof\\ + \end{tabular}} + (End-user); + \node[system, above=1cm of End-user] (Distribution) {Distribution}; + + %%% + % Introduce the log + %%% + \node[entity, fill=darkGreen, left=3.25cm of Distribution] (Log) {Log}; + + %%% + % Setup DNS + %%% + \node[draw=none] (DNS) at ($ (Log) !.5! (Distribution) $) {}; + + %%% + % Witnessing + %%% + \node[entity, fill=darkRed, below=1cm of Log] (Witness) {Witness}; + \path[path] (Witness) -- node[relation,left]{cosign} (Log); + + %%% + % Setup monitor + %%% + \node[entity, fill=darkOrange, below=.75cm of DNS] (Monitor) {Monitor}; + \path[path, dashed] ($ (Monitor) + (0,-1) $) -- + node[relation, right] { + \begin{tabular}{c} + policy\\ + pub + \end{tabular} + } + (Monitor); + + %%% + % Inspect the log + %%% + \path[path] (Log) -- node[relation,above,sloped,pos=.60]{leaves, proof} (Monitor); + + %%% + % Also get the data + %%% + \path[path] (Distribution) -- node[relation,above,sloped]{data} (Monitor); + \end{tikzpicture} + \end{column} + \end{columns} + + \vfill + \alert{No reactive gossip/audit, offline verification by end-users (!)} +\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{.5\textwidth} + \mktitle{Current status} + \begin{itemize} + \item Solid foundation, hopefully(!) + \item V0 design\footnotemark[1] and API\footnotemark[2] is pretty stable + \item Public prototypes, log and witness + \item Tooling? Kind of ``pipe into \texttt{curl}'' + \item \url{https://git.sigsum.org} + \end{itemize} + \end{column} + \begin{column}{.5\textwidth} + \centering + \includegraphics[width=\columnwidth]{img/sigsum/foundation} + \burl{https://bygg.se/valj-ratt-husgrund-till-din-villa/} + \end{column} + \end{columns} + \footnotetext[1]{\burl{https://git.sigsum.org/sigsum/tree/doc/design.md}} + \footnotetext[2]{\burl{https://git.sigsum.org/sigsum/tree/doc/api.md}} + + \pause + \vfill + \centering + \alert{Next steps: more feedback, tooling, mature code, SLA for a v0 log, eventually v1 spec} +\end{frame} + +\begin{frame} + \vfill + \begin{columns} + \begin{column}{.1\textwidth} + \end{column} + \begin{column}{.4\textwidth} + \mktitle{Take away} + \begin{itemize} + \item Minimal building block + \item Log a signed checksum + \item Offline end-user verification + \item Many potential use-cases + \item Reach out to get involved\footnotemark[1] + \end{itemize} + \end{column} + \begin{column}{.4\textwidth} + \includegraphics[width=\columnwidth]{img/thanks} + \end{column} + \begin{column}{.1\textwidth} + \end{column} + \end{columns} + \footnotetext[1]{\tiny{irc, matrix, email list, etc., are linked from \burl{https://www.sigsum.org}}} +\end{frame} + +\begin{frame} + \vfill + \mktitle{Q/A} +\end{frame} diff --git a/slides/2022-ct-days/src/titlepage.tex b/slides/2022-ct-days/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2022-ct-days/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} -- cgit v1.2.3