blob: 8a5f9f5483a6943a18e537451bc88c8dcb897c41 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
|
\begin{frame}
\begin{columns}
\begin{column}{0.5\textwidth}
\mktitle{Outline}
\begin{enumerate}
\item Setting and problem
\item Design overview
\item How to get involved
\end{enumerate}
\end{column}
\begin{column}{0.5\textwidth}
\centering
\includegraphics[width=\columnwidth]{img/rgdd}
\burl{https://creativecommons.org/licenses/by-sa/4.0/}
\end{column}
\end{columns}
\end{frame}
\begin{frame}
%
% 1. Introduce the system. Think first two paragraphs in design.md
%
\mktitle{Our starting point}
\begin{columns}
\begin{column}{0.5\textwidth}
\begin{itemize}
\item Data publisher
\item End-user
\item Assumptions
\begin{itemize}
\item Public key can be located
\item Signed data can be located
\item End-user can install extra tooling
\end{itemize}
\end{itemize}
\end{column}
\begin{column}{0.5\textwidth}
\centering
\input{img/before}
\end{column}
\end{columns}
\vfill
\pause
\alert{The attacker can compromise the data publisher}\\
\pause
\alert{The goal is to detect unwanted key-usage}
\end{frame}
\begin{frame}
%
% 1. Our design is about transparency logs. So, I need to explain briefly
% what a transparency log is.
% 2. Append-only Merkle tree. You can think of the data as being stored in
% the leaves. Each leaf is hashed. Parents concatenate their children
% hashes to produces their own hash values. Repeat until single root hash.
% 3. The root hash is usually called a tree head.
% 4. Tree head interesting because it fixes the structure and the content of
% the tree. Add/remove/modify -> new tree head.
% 5. If the log signs the tree head, you can hold it accountable for its
% structure and content.
% 6. This is important because the attacker can control the log.
% 7. So we cannot trust that the log is append-only. We will need to verify
% that. To this end we have consistency proofs. The intuition is that you
% can force the log to reveal a number of cryptographic hashes. These
% hashes will prove that the tree head you see today is consistent with the
% tree head you saw yesterday.
% 8. You can also prove that something is in the log efficiently. This is
% called an inclusion proof. The intuition is that you reveal a number of
% hashes. If you can use them to reconstruct the root of a globally
% consistent tree head you can be sure that some data is in the log.
% 8. Global consistency (as opposed to just consistency) is what prevents
% the log from creating forks. I will return to this later on because it is
% an important part of our design.
% (9. Not having global consistency would be like having a blockchain
% without a consensus mechanism.)
%
\mktitle{A quick step back---Transparency log crash course}
\input{img/mt}
\vfill
\begin{columns}
\begin{column}{0.33\textwidth}
\begin{itemize}
\item Tree head
\end{itemize}
\end{column}
\begin{column}{0.33\textwidth}
\begin{itemize}
\item Consistency proof
\end{itemize}
\end{column}
\begin{column}{0.33\textwidth}
\begin{itemize}
\item Inclusion proof
\end{itemize}
\end{column}
\end{columns}
\vfill
\pause
\alert{The attacker can control the log}
\end{frame}
\begin{frame}
\mktitle{Preparing a logging request}
\begin{columns}
\begin{column}{0.5\textwidth}
\begin{itemize}
\item Select a shard hint and checksum
\item Sign using your private key
\end{itemize}
\end{column}
\begin{column}{0.5\textwidth}
\lstinputlisting[style=CStyle]{img/tree-leaf.trunnel}
\end{column}
\end{columns}
\end{frame}
\begin{frame}
\mktitle{Submitting a logging request}
\begin{columns}
\begin{column}{0.2\textwidth}
\underline{Key-value pairs:}
\begin{itemize}
\item Shard hint
\item Checksum
\item Signature
\item Public key
\item Domain hint
\end{itemize}
\end{column}
\begin{column}{0.8\textwidth}
\centering
\input{img/log-request}
\end{column}
\end{columns}
\end{frame}
\begin{frame}
\mktitle{Distributing proofs of public logging}
\begin{columns}
\begin{column}{0.5\textwidth}
\begin{itemize}
\item End-user will not talk to the log
\item Proofs of logging
\begin{itemize}
\item Inclusion proof
\item Tree head
\end{itemize}
\item Witness cosigning
\end{itemize}
\end{column}
\begin{column}{0.5\textwidth}
\centering
\input{img/after}
\end{column}
\end{columns}
\pause
\alert{The attacker can control a threshold of witnesses}
\end{frame}
\begin{frame}
\mktitle{Summary and additional details}
\begin{columns}
\begin{column}{0.5\textwidth}
\begin{itemize}
\item Signed checksums
\item Sharding
\item Preserved data flows
\item Anti-spam
\item Global consistency
\item Few simple parsers
\item No cryptographic agility
\end{itemize}
\end{column}
\begin{column}{0.5\textwidth}
\includegraphics[width=\columnwidth]{img/clean}
\end{column}
\end{columns}
\end{frame}
\begin{frame}
\vfill
\begin{columns}
\begin{column}{0.7\textwidth}
\mktitle{Get involved}
\begin{itemize}
\item Feedback on our v0 design\footnotemark and API\footnotemark?
\item Is this a service that you would use? Why (not)?
\item Want to run an experimental log or witness?
\item Implementation and tooling is still early-days
\item Reach out via slack\footnotemark, IRC\footnotemark, GitHub, or DM
\end{itemize}
\end{column}
\begin{column}{0.3\textwidth}
\centering
\includegraphics[width=\columnwidth]{img/thanks}
\end{column}
\end{columns}
\footnotetext[1]{\burl{https://github.com/system-transparency/stfe/blob/design/doc/design.md}}
\footnotetext[2]{\burl{https://github.com/system-transparency/stfe/blob/design/doc/api.md}}
\footnotetext[3]{\burl{https://communityinviter.com/apps/system-transparency/join}}
\footnotetext[4]{\tiny{\texttt{irc/oftc \#siglog}}}
\end{frame}
|