\begin{frame} \mktitle{Tweets you can probably relate to} \pause \begin{columns} \begin{column}{0.5\textwidth} \includegraphics[width=\columnwidth]{img/benlaurie/2017}\\\pause \includegraphics[width=\columnwidth]{img/benlaurie/2018}\\\pause \includegraphics[width=\columnwidth]{img/benlaurie/2019}\\\pause \includegraphics[width=\columnwidth]{img/benlaurie/2020}\\\pause \end{column} \begin{column}{0.5\textwidth} \centering \alert{2022?}\\ More initatives than can\\ be counted on two hands\\ \pause \vspace{.25cm} \burl{https://binary.transparency.dev}\\ ... \end{column} \end{columns} \end{frame} \begin{frame} \vfill \mktitle{Common denominator?} Certificates\\ Executable binaries\\ Source code\\ TPM quotes\\ Onion address rulesets\\ Official documents\\ ...\\ \end{frame} \begin{frame} \vfill \mktitle{Where is the low-hanging fruit?} \end{frame} \begin{frame} \begin{columns} \begin{column}{.4\textwidth} \mktitle{Meet the Sigsum project} \begin{itemize} \item FOSS \item Signed checksums \item Enforcement of logging \item Minimal building block \item ``Transparent key-usage'' \end{itemize} \end{column} \begin{column}{.5\textwidth} \centering \includegraphics[width=\columnwidth]{img/sigsum/history} \burl{https://git.sigsum.org/sigsum/tree/doc/history.md} \end{column} \end{columns} \end{frame} \begin{frame} \mktitle{Use-case - Signature Transparency} ``Oh, a new signature was created. That's weird. I'm at the gym.'' \end{frame} \begin{frame} \mktitle{Use-case - Binary Transparency} ``Oh, that's the key binaries are signed with''\\ ``By policy binaries are located at releases.example.com/\$CHECKSUM'' \end{frame} \begin{frame} \vfill \mktitle{s/binary/something else/} \end{frame} \begin{frame} \mktitle{Many answers and trade-offs} \vfill \begin{columns} \begin{column}{.3\textwidth} \begin{itemize} \item Purpose of logging \item What is (not) logged \item Auditing, SCTs \end{itemize} \end{column} \begin{column}{.25\textwidth} \begin{itemize} \item Gossip \item Anti-poison \item Anti-spam \end{itemize} \end{column} \begin{column}{.25\textwidth} \begin{itemize} \item Sharding \item Privacy \item Simple API \end{itemize} \end{column} \end{columns} \vfill \alert{Accept latency, no rich metadata, no complicated protocols and parsers} \end{frame} \begin{frame} \mktitle{System overview} \begin{tikzpicture}[ -latex, entity/.style = { draw = gray!30, thick, rounded rectangle, fill = white, minimum width = 2cm, font = \fontsize{8}{8}\selectfont, text = white, }, system/.style = { draw = gray, thick, rectangle, fill = white, minimum width = 1cm, font = \fontsize{8}{8}\selectfont, text = black, }, relation/.style = { draw = none, font = \fontsize{6}{6}\selectfont, }, path/.style = { draw, thick, -latex, rounded corners, }, ] %%% % Signing %%% \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; \path[path, dashed] ($ (Signer) + (0,1) $) -- node[relation, right] { \begin{tabular}{c} priv\\ data\\ \end{tabular} } (Signer); \pause %%% % Distribution %%% \node[entity, fill=darkPurple] (End-user) at (2.5,-3) {End-user}; \path[path, dashed] ($ (End-user) + (0,-1) $) -- node[relation, right] { \begin{tabular}{c} policy\\ pub \end{tabular} } (End-user); \path[path] (Signer) -| node[relation,above]{data, signature} (End-user); \node[system, above=1cm of End-user] (Distribution) {Distribution}; \pause %%% % Introduce the log %%% \node[entity, fill=darkGreen, left=3.25cm of Distribution] (Log) {Log}; \pause %%% % Setup DNS %%% \node[system, below=1cm of Signer] (DNS) {DNS}; \path[path, dashed] (Signer) -- node[relation,right]{\hash(pub)} (DNS); \pause %%% % Add leaf %%% \path[path] (Signer) -| node[relation,above]{add leaf} (Log); \path[path] (DNS) -- node[relation,above]{\hash(pub)} (Log); \pause %%% % Witnessing %%% \node[entity, fill=darkRed, below=1cm of Log] (Witness) {Witness}; \path[path] (Witness) -- node[relation,left]{cosign} (Log); \pause %%% % Collect proof %%% \path[path] (Log) -- node[relation,above,sloped]{proof} (Signer); \node[relation,above=0.25cm of Distribution.40]{proof}; \pause %%% % Setup monitor %%% \node[entity, fill=darkOrange, below=.75cm of DNS] (Monitor) {Monitor}; \path[path, dashed] ($ (Monitor) + (0,-1) $) -- node[relation, right] { \begin{tabular}{c} policy\\ pub \end{tabular} } (Monitor); \pause %%% % Inspect the log %%% \path[path] (Log) -- node[relation,below,sloped,pos=.40]{leaves, proof} (Monitor); \pause %%% % Also get the data %%% \path[path] (Distribution) -- node[relation,above,sloped]{data} (Monitor); \end{tikzpicture} \end{frame} \begin{frame} \vfill \mktitle{A step-by-step breakdown} \end{frame} \begin{frame} \mktitle{Signing} \centering \begin{tikzpicture}[ -latex, entity/.style = { draw = gray!30, thick, rounded rectangle, fill = white, minimum width = 2cm, font = \fontsize{8}{8}\selectfont, text = white, }, system/.style = { draw = gray, thick, rectangle, fill = white, minimum width = 1cm, font = \fontsize{8}{8}\selectfont, text = black, }, relation/.style = { draw = none, font = \fontsize{6}{6}\selectfont, }, path/.style = { draw, thick, -latex, rounded corners, }, ] %%% % Signing %%% \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; \path[path, dashed] ($ (Signer) + (0,1) $) -- node[relation, right] { \begin{tabular}{c} priv\\ data\\ \end{tabular} } (Signer); \end{tikzpicture} \vfill \pause \begin{columns} \begin{column}{.5\textwidth}\centering \lstinputlisting[style=CStyle]{img/sigsum/sshsig} \burl{https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.sshsig\#L81} \end{column} \pause \begin{column}{.5\textwidth}\centering \lstinputlisting[style=CStyle]{img/sigsum/sshvalues} \burl{https://git.sigsum.org/sigsum/tree/doc/proposals/2021-11-ssh-signature-format.md} \end{column} \end{columns} \vfill \pause \begin{columns} \begin{column}{.33\textwidth}\centering \texttt{ssh-keygen -Y} \end{column} \begin{column}{.33\textwidth}\centering \texttt{signify} \end{column} \begin{column}{.33\textwidth}\centering \texttt{minisign} \end{column} \end{columns} \end{frame} \begin{frame} \vfill \mktitle{Why not support more signing formats and tools?} \end{frame} \begin{frame} \mktitle{Submission} \begin{columns} \begin{column}{0.4\textwidth} \alert{HTTP POST ASCII} \begin{itemize} \item Shard hint \begin{itemize} \item $\in [\mathsf{shard\_start}, \mathsf{now}()]$ \end{itemize} \item Message \item Signature \item Public key \item Domain hint \begin{itemize} \item \texttt{\_sigsum\_v0.*} $\rightarrow\hash(\mathsf{pub})$ \end{itemize} \end{itemize} \end{column} \uncover<2>{% \begin{column}{.27\textwidth} \alert{Stored leaf (136 bytes)} \begin{itemize} \item Shard hint \item Checksum \item Signature \item Key hash \end{itemize} \vspace{1.4cm} \end{column} } \begin{column}{.33\textwidth}\centering \vspace{-3cm} \hspace{-1cm} \begin{tikzpicture}[ -latex, entity/.style = { draw = gray!30, thick, rounded rectangle, fill = white, minimum width = 2cm, font = \fontsize{8}{8}\selectfont, text = white, }, system/.style = { draw = gray, thick, rectangle, fill = white, minimum width = 1cm, font = \fontsize{8}{8}\selectfont, text = black, }, relation/.style = { draw = none, font = \fontsize{6}{6}\selectfont, }, path/.style = { draw, thick, -latex, rounded corners, }, ] %%% % Signing %%% \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; \path[path, dashed] ($ (Signer) + (0,1) $) -- node[relation, right] { \begin{tabular}{c} priv\\ data\\ \end{tabular} } (Signer); %%% % Setup DNS %%% \node[system, below=1cm of Signer] (DNS) {DNS}; \path[path, dashed] (Signer) -- node[relation,right]{\hash(pub)} (DNS); %%% % Introduce the log %%% \node[entity, fill=darkGreen, left=1cm of DNS] (Log) {Log}; %%% % Add leaf %%% \path[path] (Signer) -| node[relation,above]{add leaf} (Log); \path[path] (DNS) -- node[relation,above]{\hash(pub)} (Log); \end{tikzpicture} \end{column} \end{columns} \end{frame} \begin{frame} \mktitle{Bundling \uncover<2->{and Distribution}} \begin{columns} \begin{column}{0.5\textwidth} \begin{itemize} \item Signer must \textbf{wait} for witnessing\footnotemark[1] \begin{itemize} \item Append-only \item Freshness \item Some simplifications \end{itemize} \item Proof of logging \begin{itemize} \item Cosigned tree head \item Inclusion proof \end{itemize} \end{itemize} \end{column} \begin{column}{.5\textwidth}\centering \begin{tikzpicture}[ -latex, entity/.style = { draw = gray!30, thick, rounded rectangle, fill = white, minimum width = 2cm, font = \fontsize{8}{8}\selectfont, text = white, }, system/.style = { draw = gray, thick, rectangle, fill = white, minimum width = 1cm, font = \fontsize{8}{8}\selectfont, text = black, }, relation/.style = { draw = none, font = \fontsize{6}{6}\selectfont, }, path/.style = { draw, thick, -latex, rounded corners, }, ] %%% % Setup entities %%% \node[entity, fill=darkBlue] (Signer) at (0,0) { Signer }; \node[draw=none, below=1cm of Signer] (DNS) {}; \node[entity, fill=darkGreen, left=1cm of DNS] (Log) {Log}; %%% % Witnessing %%% \node[entity, fill=darkRed, below=1cm of Log] (Witness) {Witness}; \path[path] (Witness) -- node[relation,left]{cosign} (Log); %%% % Get proof %%% \path[path] (Log) -- node[relation,above,sloped]{proof} (Signer); \uncover<2->{ %%% % Distribution %%% \node[entity, fill=darkPurple] (End-user) at (2.5,-3) {End-user}; \path[path] (Signer) -| node[relation,above]{data, signature} (End-user); \node[system, above=1cm of End-user] (Distribution) {Distribution}; \node[relation,above=0.25cm of Distribution.40]{proof}; } \end{tikzpicture} \end{column} \end{columns} \footnotetext[1]{\tiny{Originally proposed by Syta et al.: \burl{https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7546521}}} \vfill \end{frame} \begin{frame} \vfill \centering \begin{columns} \begin{column}{.33\textwidth} Example policy \begin{itemize} \item Known logs \item Known witnesses \item M-of-N (co)signatures \end{itemize} \end{column} \begin{column}{.67\textwidth} \mktitle{Verification} \vspace{.5cm} \begin{tikzpicture}[ -latex, entity/.style = { draw = gray!30, thick, rounded rectangle, fill = white, minimum width = 2cm, font = \fontsize{8}{8}\selectfont, text = white, }, system/.style = { draw = gray, thick, rectangle, fill = white, minimum width = 1cm, font = \fontsize{8}{8}\selectfont, text = black, }, relation/.style = { draw = none, font = \fontsize{6}{6}\selectfont, }, path/.style = { draw, thick, -latex, rounded corners, }, ] %%% % Distribution %%% \node[entity, fill=darkPurple] (End-user) at (2.5,-3) {End-user}; \path[path, dashed] ($ (End-user) + (0,-1) $) -- node[relation, right] { \begin{tabular}{c} policy\\ pub \end{tabular} } (End-user); \path[path] (Distribution) -- node[relation,right]{ \begin{tabular}{c} data\\ signature\\ proof\\ \end{tabular}} (End-user); \node[system, above=1cm of End-user] (Distribution) {Distribution}; %%% % Introduce the log %%% \node[entity, fill=darkGreen, left=3.25cm of Distribution] (Log) {Log}; %%% % Setup DNS %%% \node[draw=none] (DNS) at ($ (Log) !.5! (Distribution) $) {}; %%% % Witnessing %%% \node[entity, fill=darkRed, below=1cm of Log] (Witness) {Witness}; \path[path] (Witness) -- node[relation,left]{cosign} (Log); %%% % Setup monitor %%% \node[entity, fill=darkOrange, below=.75cm of DNS] (Monitor) {Monitor}; \path[path, dashed] ($ (Monitor) + (0,-1) $) -- node[relation, right] { \begin{tabular}{c} policy\\ pub \end{tabular} } (Monitor); %%% % Inspect the log %%% \path[path] (Log) -- node[relation,above,sloped,pos=.60]{leaves, proof} (Monitor); %%% % Also get the data %%% \path[path] (Distribution) -- node[relation,above,sloped]{data} (Monitor); \end{tikzpicture} \end{column} \end{columns} \vfill \alert{No reactive gossip/audit, offline verification by end-users (!)} \end{frame} \begin{frame} \vfill \begin{columns} \begin{column}{.5\textwidth} \mktitle{Current status} \begin{itemize} \item Solid foundation, hopefully(!) \item V0 design\footnotemark[1] and API\footnotemark[2] is pretty stable \item Public prototypes, log and witness \item Tooling? Kind of ``pipe into \texttt{curl}'' \item \url{https://git.sigsum.org} \end{itemize} \end{column} \begin{column}{.5\textwidth} \centering \includegraphics[width=\columnwidth]{img/sigsum/foundation} \burl{https://bygg.se/valj-ratt-husgrund-till-din-villa/} \end{column} \end{columns} \footnotetext[1]{\burl{https://git.sigsum.org/sigsum/tree/doc/design.md}} \footnotetext[2]{\burl{https://git.sigsum.org/sigsum/tree/doc/api.md}} \pause \vfill \centering \alert{Next steps: more feedback, tooling, mature code, SLA for a v0 log, eventually v1 spec} \end{frame} \begin{frame} \vfill \begin{columns} \begin{column}{.1\textwidth} \end{column} \begin{column}{.4\textwidth} \mktitle{Take away} \begin{itemize} \item Minimal building block \item Log a signed checksum \item Offline end-user verification \item Many potential use-cases \item Reach out to get involved\footnotemark[1] \end{itemize} \end{column} \begin{column}{.4\textwidth} \includegraphics[width=\columnwidth]{img/thanks} \end{column} \begin{column}{.1\textwidth} \end{column} \end{columns} \footnotetext[1]{\tiny{irc, matrix, email list, etc., are linked from \burl{https://www.sigsum.org}}} \end{frame} \begin{frame} \vfill \mktitle{Q/A} \end{frame}