From 76bae02bcd7d6b3ec9eea428e5e95da184a8dbfb Mon Sep 17 00:00:00 2001 From: Rasmus Dahlberg Date: Tue, 15 Oct 2024 15:35:20 +0200 Subject: Rescue some slides from old private mono repos --- slides/2022-kll/src/body.tex | 109 ++++++++++++++++++++++++++++++++++++ slides/2022-kll/src/preamble.tex | 113 ++++++++++++++++++++++++++++++++++++++ slides/2022-kll/src/titlepage.tex | 3 + 3 files changed, 225 insertions(+) create mode 100644 slides/2022-kll/src/body.tex create mode 100644 slides/2022-kll/src/preamble.tex create mode 100644 slides/2022-kll/src/titlepage.tex (limited to 'slides/2022-kll/src') diff --git a/slides/2022-kll/src/body.tex b/slides/2022-kll/src/body.tex new file mode 100644 index 0000000..495bb27 --- /dev/null +++ b/slides/2022-kll/src/body.tex @@ -0,0 +1,109 @@ +% +% Landing page +% - Recall TLS from last lecture +% - Encrypted tunnel between client-server +% - Authenticate client, server, or both; trust anchors hand-waved +% - Today is about how to authenticate servers in the web's PKI +% + +\begin{frame} + \mktitle{Are we really connected to the real Google?} + \begin{tikzpicture} + \node[draw=none] (Login) at (0,0) {\includegraphics[height=0.8\textheight]{img/login}};\pause + %\node[draw=none] (Lock) at (0,0) {\includegraphics[height=0.8\textheight]{img/lock}};\pause + \node[draw=none] (Licence) at (Login.170) {\includegraphics[height=0.2\textheight]{img/certificate}};\pause + \node[draw=none] (CAs) at (Login.10) {\includegraphics[height=0.2\textheight]{img/cas}}; + \node[draw=none,below=0cm of CAs] (Text) {...and many more};\pause + \node[draw=none,below=0cm of Text] (Fire) {\includegraphics[height=0.1\textheight]{img/fire}}; + \end{tikzpicture} + + \footnotetext[1]{\tiny{Summary of the DigiNotar incidence: \url{https://www.enisa.europa.eu/media/news-items/operation-black-tulip/} (2011)}} +\end{frame} + +\begin{frame} + \mktitle{Learning outcomes} + \begin{columns} + \begin{column}{0.33\textwidth} + \centering\includegraphics[width=\columnwidth]{img/certificate}\\ + \textbf{X.509 certificates}\\ + Format, fields, ... + \end{column} + + \pause + \begin{column}{0.33\textwidth} + \centering\includegraphics[width=\columnwidth]{img/cas}\\ + \textbf{Certificate Authorities}\\ + Ecosystem, validation, ... + \end{column} + + \pause + \begin{column}{0.33\textwidth} + \centering\includegraphics[width=\columnwidth]{img/ct}\\ + \textbf{Certificate Transparency}\\ + Theory, practise, ...\\ + \end{column} + \end{columns} + + \pause + \vfill\alert{Why is this useful for me?} + % 1. You will likely encounter websites in one form or another. A site + % that's not working due to certificate errors; you need to get your own + % certificate for your site; etc. What should you get, why, and how? + % What steps are expected to keep your site's certificate secure? + % 2. Next time we will generalize. The technology surrounding certificate + % transparency is useful for a myriad of applications. Firmware, Go + % modules, official documents, etc. +\end{frame} + +\begin{frame} + \mktitle{Middle part---Cronological} + \centering\includegraphics[width=\textwidth]{img/outline} +\end{frame} + +\begin{frame} + \mktitle{Middle part---Segway to the end} + + CT logs and monitoring $\rightarrow$ no undeteted DigiNotar-style attacks +\end{frame} + +\begin{frame} + \mktitle{Middle part---Example of engagement} + + \begin{description} + \item[]\textbf{Select all statements that are true:} + \item[$\square$] An X.509 certificate proves ownership of a website + \item[$\square$] An EV certificate is more secure than a DV certificate + \item[$\square$] Only Swedish CAs can issue \texttt{.se} certificates + \item[$\square$] There are hundreds of CAs across the globe + \end{description} +\end{frame} + +\begin{frame} + \mktitle{Take away} + \begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item X.509 certificates + \begin{itemize} + \item ``Driver's licence for websites'' + \item Am I connected to the right site? + \end{itemize} + \item Certificate Authorities (CAs) + \begin{itemize} + \item ``Transportstyrelsen for websites'' + \item DV/OV/EV validated certificates + \item Weakest-link security + \end{itemize} + \item Certificate Transparency (CT) + \begin{itemize} + \item Holds CAs accountable (detection) + \item Enforced by Chrome, Safari, Edge + \item Monitor your own websites + \end{itemize} + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} + \includegraphics[width=\columnwidth]{img/crt} + \end{column} + \end{columns} +\end{frame} diff --git a/slides/2022-kll/src/preamble.tex b/slides/2022-kll/src/preamble.tex new file mode 100644 index 0000000..4021351 --- /dev/null +++ b/slides/2022-kll/src/preamble.tex @@ -0,0 +1,113 @@ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Packages % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\usepackage[utf8]{inputenc} + +\usepackage[ + lambda, advantage, operators, sets, adversary, landau, probability, notions, + logic, ff, mm, primitives, events, complexity, asymptotics, keys +]{cryptocode} + +\usepackage{rotate} +\usepackage{graphicx} +\usepackage{mathtools} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{flowchart} +\usepackage{smartdiagram} +\usepackage{pifont} +\usepackage{wasysym} +\usepackage{graphicx} +\usepackage{color} +\usepackage{drawstack} +\usepackage{tikz} +\usepackage{tikz-qtree} +\usetikzlibrary{ + arrows,% + decorations.markings,% + backgrounds,% + calc,% + fit,% + positioning,% + shapes.misc,% + shadows,% + shapes.arrows,% + shapes,% + snakes,% +} +\usepackage{booktabs} +\usepackage{smartdiagram} +%\usepackage{floatrow}% this one causes error on arch for some reason +\usepackage[position=bottom]{subfig} % environment for nested figures + +\usepackage{xcolor} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} +\definecolor{darkGray}{HTML}{808080} +\definecolor{darkOrange}{HTML}{D77D00} +\definecolor{darkPurple}{HTML}{800080} +\colorlet{lightGray}{gray!33} +\colorlet{lightYellow}{yellow!50} +\definecolor{darkGreen}{HTML}{008000} +\definecolor{darkBlue}{HTML}{2809B2} +\definecolor{darkRed}{HTML}{CC0000} + +\usepackage{hyperref} +\hypersetup{ + colorlinks = true, % Color links instead of boxes + urlcolor = darkBlue, % Color external hyper links + linkcolor = darkBlue, % Color internal links + citecolor = darkBlue, % Color citations +} + +% Figures, tables and code +\usepackage{booktabs} +\usepackage{colortbl} +\usepackage{flowchart} +\usepackage{adjustbox} +\usepackage{listings} + +\lstdefinestyle{CStyle}{ + backgroundcolor=\color{lightGray!25}, + commentstyle=\color{darkGreen}, + keywordstyle=\color{darkBlue}, + numberstyle=\tiny\color{darkRed}, + stringstyle=\color{darkPurple}, + basicstyle=\footnotesize, + breakatwhitespace=false, + breaklines=false, + captionpos=b, + keepspaces=true, + numbers=left, + numbersep=5pt, + showspaces=false, + showstringspaces=false, + showtabs=false, + tabsize=2, + language=C, + morekeywords={size_t,def,in,zip,True,False,ord,u8,u64}, +} + +\setbeamertemplate{itemize item}[circle] +\setbeamertemplate{itemize subitem}[default] +\setbeamertemplate{caption}[numbered] + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% Defines % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\makeatletter +\let\@@magyar@captionfix\relax %needed for \titlefloatright +\makeatother + +\newcommand{\tyes}{\textcolor{darkGreen}{\ding{51}}} +\newcommand{\tno}{\textcolor{darkRed}{\ding{55}}} +\newcommand{\burl}[1]{\tiny{\url{#1}}} +\newcommand{\TODO}[1]{\textcolor{red}{TODO}: #1} +\newcommand{\floatright}[1]{\hspace{0pt plus 1 filll}#1$\;$} + +\def\rding{\rotatebox[origin=c]{-91}{\ding{224}}} +\def\lding{\rotatebox[origin=c]{91}{\ding{224}}} + +% TODO: fix this properly... +\newcommand{\mktitle}[1]{\centering\textbf{\large#1}\vfill\normalsize} diff --git a/slides/2022-kll/src/titlepage.tex b/slides/2022-kll/src/titlepage.tex new file mode 100644 index 0000000..9b18039 --- /dev/null +++ b/slides/2022-kll/src/titlepage.tex @@ -0,0 +1,3 @@ +\begin{frame} + \titlepage +\end{frame} -- cgit v1.2.3