sen-material: slides/slides05.tex@56bc53ba7c5b (annotated)

52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	1	\documentclass[dvipsnames,14pt,t]{beamer}
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	2	\usepackage{../slides}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	3	\usepackage{../graphics}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	4	\usepackage{../langs}
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	5	\usetikzlibrary{arrows}
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	6	\usetikzlibrary{shapes}
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	7
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	8	\setmonofont[Scale=.88]{Consolas}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	9	\newfontfamily{\consolas}{Consolas}
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	10
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	11	\hfuzz=220pt
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	12
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	13	% beamer stuff
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	14	\newcommand{\bl}[1]{\textcolor{blue}{#1}}
381 036a762b02cf updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 339 diff changeset	15	\renewcommand{\slidecaption}{SEN 05, King's College London}
124 382aad582d8b added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 123 diff changeset	16
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	17
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	18	\begin{document}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	19
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	20	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	21	\begin{frame}[t]
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	22	\frametitle{%
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	23	\begin{tabular}{@ {}c@ {}}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	24	\\
381 036a762b02cf updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 339 diff changeset	25	\LARGE Security Engineering (5)\\[-3mm]
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	26	\end{tabular}}\bigskip\bigskip\bigskip
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	27
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	28	\normalsize
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	29	\begin{center}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	30	\begin{tabular}{ll}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	31	Email: & christian.urban at kcl.ac.uk\\
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	32	Office: & S1.27 (1st floor Strand Building)\\
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	33	Slides: & KEATS (also homework is there)\\
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	34	\end{tabular}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	35	\end{center}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	36
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	37	\end{frame}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	38	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	39
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	40	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	41	\begin{frame}[c]
415 56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	42	\frametitle{Problems with Key Fobs}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	43
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	44	\begin{columns}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	45	\begin{column}[T]{4cm}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	46	\includegraphics[scale=0.4]{../pics/car-standard.jpg}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	47	\end{column}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	48
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	49	\begin{column}[T]{6cm}\small
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	50	Circumventing the ignition protection:
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	51
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	52	\begin{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	53	\item either dismantling Megamos crypto,
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	54	\item or use the diagnostic port to program
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	55	blank keys
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	56	\end{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	57
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	58	\hspace{14mm}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	59	\includegraphics[scale=0.16]{../pics/Dismantling_Megamos_Crypto.png}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	60	\end{column}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	61	\end{columns}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	62
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	63
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	64
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	65	\end{frame}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	66	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	67
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	68	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	69	\begin{frame}[c]
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	70	\frametitle{Protocols}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	71
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	72	\begin{center}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	73	\includegraphics[scale=0.11]{../pics/keyfob.jpg}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	74	\quad
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	75	\includegraphics[scale=0.232]{../pics/starbucks.jpg}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	76	\end{center}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	77
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	78	\begin{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	79	\item The point is that we have no control over the network
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	80
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	81	\item We want to avoid that a message exchange (a protocol) can
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	82	be attacked without detection
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	83	\end{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	84
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	85	\end{frame}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	86	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	87
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	88	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	89	\begin{frame}[c]
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	90	\frametitle{G20 Summit in 2009}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	91
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	92	\begin{center}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	93	\includegraphics[scale=0.1]{../pics/snowden.jpg}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	94	\end{center}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	95
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	96	\small
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	97	\begin{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	98	\item Snowden documents reveal ``that during G20
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	99	meetings\dots{}GCHQ used
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	100	`ground-breaking intelligence capabilities' to intercept
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	101	the communications of visiting delegations. This
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	102	included setting up internet cafes where they used an
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	103	email interception program and key-logging software to
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	104	spy on delegates' use of computers\ldots''
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	105
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	106	\item ``The G20 spying appears to have been organised for the
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	107	more mundane purpose of securing an advantage in
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	108	meetings.''
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	109	\end{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	110
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	111	\end{frame}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	112	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	113
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	114	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	115	\begin{frame}[c]
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	116	\frametitle{Interlock Protocol}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	117
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	118	The interlock protocol (``best bet'' against MITM):
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	119
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	120	\begin{center}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	121	\begin{tabular}{ll@{\hspace{2mm}}l}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	122	1. & \bl{$A \to B :$} & \bl{$K^{pub}_A$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	123	2. & \bl{$B \to A :$} & \bl{$K^{pub}_B$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	124	3. & & \bl{$\{A,m\}_{K^{pub}_B} \;\mapsto\; H_1,H_2$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	125	& & \bl{$\{B,m'\}_{K^{pub}_A} \;\mapsto\; M_1,M_2$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	126	4. & \bl{$A \to B :$} & \bl{$H_1$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	127	5. & \bl{$B \to A :$} & \bl{$\{H_1, M_1\}_{K^{pub}_A}$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	128	6. & \bl{$A \to B :$} & \bl{$\{H_2, M_1\}_{K^{pub}_B}$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	129	7. & \bl{$B \to A :$} & \bl{$M_2$}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	130	\end{tabular}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	131	\end{center}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	132
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	133	\end{frame}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	134	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	135
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	136	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	137	\begin{frame}[c]
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	138
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	139	\begin{center}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	140	\begin{tabular}{l@{\hspace{9mm}}l}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	141	\begin{tabular}[t]{@{}l@{}}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	142	\bl{$A \to C : K^{pub}_A$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	143	\bl{$C \to B : K^{pub}_C$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	144	\bl{$B \to C : K^{pub}_B$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	145	\bl{$C \to A : K^{pub}_C$}\medskip\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	146	\bl{$\{A,m\}_{K^{pub}_C} \;\mapsto\; H_1,H_2$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	147	\bl{$\{B,n\}_{K^{pub}_C} \;\mapsto\; M_1,M_2$}\bigskip\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	148	\bl{$\{C,a\}_{K^{pub}_B} \;\mapsto\; C_1,C_2$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	149	\bl{$\{C,b\}_{K^{pub}_A} \;\mapsto\; D_1,D_2$}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	150	\end{tabular} &
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	151	\begin{tabular}[t]{@{}l@{}}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	152	\bl{$A \to C : H_1$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	153	\bl{$C \to B : C_1$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	154	\bl{$B \to C : \{C_1, M_1\}_{K^{pub}_C}$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	155	\bl{$C \to A : \{H_1, D_1\}_{K^{pub}_A}$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	156	\bl{$A \to C : \{H_2, D_1\}_{K^{pub}_C}$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	157	\bl{$C \to B : \{C_2, M_1\}_{K^{pub}_B}$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	158	\bl{$B \to C : M_2$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	159	\bl{$C \to A : D_2$}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	160	\end{tabular}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	161	\end{tabular}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	162	\end{center}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	163
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	164	\end{frame}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	165	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	166
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	167	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	168	\begin{frame}[c]
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	169
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	170	\begin{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	171	\item you have to ask something that cannot imitated
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	172	(requires \bl{$A$} and \bl{$B$} know each other)
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	173	\item what happens if \bl{$m$} and \bl{$n$} are voice
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	174	messages?\bigskip
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	175
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	176	\item the moral: establishing a secure connection from ``zero'' is
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	177	almost impossible---you need to rely on some established
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	178	trust\medskip
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	179
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	180	\item that is why we rely on certificates, which however are
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	181	badly, badly realised (just today a POODLE attack against SSL)
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	182
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	183	\end{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	184
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	185	\end{frame}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	186	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	187
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	188
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	189	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	190	\begin{frame}[c]
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	191	\frametitle{Protocols}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	192
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	193	Some examples where ``over-the-air'' protocols are used:
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	194
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	195	\begin{itemize}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	196	\item wifi
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	197	\item card readers (you cannot trust the terminals)
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	198	\item RFID (passports)
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	199	\item car transponders
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	200	\end{itemize}\medskip\pause
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	201
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	202	The point is that we cannot control the network: An attacker
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	203	can install a packet sniffer, inject packets, modify packets,
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	204	replay messages\ldots{}fake pretty much everything.
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	205
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	206	\end{frame}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	207	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	208
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	209	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	210	\begin{frame}[c]
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	211	\frametitle{Keyless Car Transponders}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	212
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	213	\begin{center}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	214	\includegraphics[scale=0.1]{../pics/keyfob.jpg}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	215	\quad
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	216	\includegraphics[scale=0.27]{../pics/startstop.jpg}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	217	\end{center}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	218
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	219	\begin{itemize}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	220	\item There are two security mechanisms: one remote central
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	221	locking system and one passive RFID tag (engine immobiliser).
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	222	\item How can I get in? How can thieves be kept out?
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	223	How to avoid MITM attacks?
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	224	\end{itemize}\medskip
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	225
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	226	\footnotesize
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	227	\hfill Papers: Gone in 360 Seconds: Hijacking with Hitag2,\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	228	\hfill Dismantling Megamos Crypto: Wirelessly Lockpicking\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	229	\hfill a Vehicle Immobilizer
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	230
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	231	\end{frame}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	232	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	233
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	234	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	235	\begin{frame}[c]
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	236	\frametitle{HTTPS / GSM}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	237
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	238	\begin{center}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	239	\includegraphics[scale=0.25]{../pics/barclays.jpg}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	240	\quad
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	241	\includegraphics[scale=0.25]{../pics/phone-signal.jpg}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	242	\end{center}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	243
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	244	\begin{itemize}
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	245	\item I am sitting at Starbuck. How can I be sure I am really
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	246	visiting Barclays? I have no control of the access
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	247	point.
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	248	\item How can I achieve that a secret key is established in
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	249	order to encrypt my mobile conversation? I have no
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	250	control over the access points.
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	251	\end{itemize}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	252
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	253	\end{frame}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	254	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	255
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	256	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	257	\begin{frame}[c]
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	258	\frametitle{Handshakes}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	259
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	260	\begin{itemize}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	261	\item starting a TCP connection between a client and a server
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	262	initiates the following three-way handshake protocol:
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	263	\end{itemize}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	264
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	265	\begin{columns}[t]
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	266	\begin{column}{5cm}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	267	\begin{minipage}[t]{4cm}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	268	\begin{center}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	269	\raisebox{-2cm}{\includegraphics[scale=0.5]{../pics/handshake.png}}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	270	\end{center}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	271	\end{minipage}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	272	\end{column}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	273	\begin{column}{5cm}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	274	\begin{tabular}[t]{rl}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	275	Alice: & Hello server!\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	276	Server: & I heard you\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	277	Alice: & Thanks
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	278	\end{tabular}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	279	\end{column}
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	280	\end{columns}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	281
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	282	\onslide<2->{
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	283	\begin{center}
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	284	\begin{tabular}{rl}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	285	\bl{$A \rightarrow S$}: & \bl{SYN}\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	286	\bl{$S \rightarrow A$}: & \bl{SYN-ACK}\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	287	\bl{$A \rightarrow S$}: & \bl{ACK}\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	288	\end{tabular}
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	289	\end{center}}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	290
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	291	\only<3>{
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	292	\begin{textblock}{3}(11,5)
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	293	\begin{bubble}[3.2cm]
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	294	SYNflood attacks:\medskip\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	295	\includegraphics[scale=0.4]{../pics/synflood.png}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	296	\end{bubble}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	297	\end{textblock}}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	298
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	299	\end{frame}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	300	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	301
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	302	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	303	\begin{frame}[c]
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	304	\frametitle{Authentication}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	305
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	306	\begin{columns}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	307	\begin{column}{8cm}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	308	\begin{minipage}[t]{7.5cm}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	309	\begin{center}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	310	\raisebox{-2cm}{\includegraphics[scale=0.4]{../pics/dogs.jpg}}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	311	\end{center}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	312	\end{minipage}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	313	\end{column}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	314	\begin{column}{5cm}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	315	\begin{minipage}[t]{4.5cm}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	316	\begin{tabular}{l}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	317	Knock Knock!\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	318	Who's there?\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	319	Alice.\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	320	Alice who?
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	321	\end{tabular}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	322	\end{minipage}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	323	\end{column}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	324	\end{columns}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	325
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	326	\end{frame}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	327	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	328
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	329	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	330	\begin{frame}[c]
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	331	\frametitle{Authentication Protocols}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	332
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	333	Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	334	\bl{$K_{AB}$}\bigskip
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	335
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	336	Password transmission:
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	337
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	338	\begin{center}
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	339	\bl{$A \rightarrow B: K_{AB}$}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	340	\end{center}\pause\bigskip
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	341
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	342	Problems: Eavesdropper can capture the secret and replay it;
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	343	\bl{$B$} cannot confirm the identity of \bl{$A$}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	344
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	345	\end{frame}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	346	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	347
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	348	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	349	\begin{frame}[c]
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	350	\frametitle{Authentication Protocols}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	351
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	352	Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	353	\bl{$K_{AB}$}\bigskip
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	354
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	355	Simple Challenge Response (solving the replay problem):
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	356
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	357	\begin{center}
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	358	\begin{tabular}{lll}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	359	\bl{$A \rightarrow B:$} & \bl{Hi I am A}\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	360	\bl{$B \rightarrow A:$} & \bl{$N$} & (challenge)\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	361	\bl{$A \rightarrow B:$} & \bl{$\{N\}_{K_{AB}}$}\\
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	362	\end{tabular}
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	363	\end{center}\pause
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	364
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	365	\begin{itemize}
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	366	\item cannot be replayed since next time will be another
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	367	challenge \bl{$N$}
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	368	\item \bl{$B$} authenticates \bl{$A$}, but \bl{$A$} does not
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	369	authenticate \bl{$B$} (Eve can intercept
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	370	messages from \bl{$A$}, send random challenge
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	371	and ignore last)
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	372	\end{itemize}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	373
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	374	\end{frame}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	375	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	376
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	377	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	378	\begin{frame}[c]
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	379	\frametitle{Authentication Protocols}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	380
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	381	Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key \bl{$K_{AB}$}\bigskip
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	382
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	383	Mutual Challenge Response:
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	384
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	385	\begin{center}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	386	\begin{tabular}{ll}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	387	\bl{$A \rightarrow B:$} & \bl{$N_A$}\\
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	388	\bl{$B \rightarrow A:$} & \bl{$\{N_A, N_B\}_{K_{AB}}$}\\
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	389	\bl{$A \rightarrow B:$} & \bl{$N_B$}\\
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	390	\end{tabular}
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	391	\end{center}\pause
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	392
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	393	But requires shared secret key.
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	394	\end{frame}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	395	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	396
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	397
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	398	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	399	\begin{frame}[c]
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	400	\frametitle{Nonces}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	401
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	402	\begin{enumerate}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	403	\item I generate a nonce (random number) and send it to you encrypted with a key we share
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	404	\item you increase it by one, encrypt it under a key I know and send
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	405	it back to me
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	406	\end{enumerate}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	407
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	408
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	409	I can infer:
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	410
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	411	\begin{itemize}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	412	\item you must have received my message
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	413	\item you could only have generated your answer after I send you my initial
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	414	message
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	415	\item if only you and me know the key, the message must have come from you
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	416	\end{itemize}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	417
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	418	\end{frame}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	419	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	420
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	421	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	422	\mode<presentation>{
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	423	\begin{frame}[c]
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	424
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	425	\begin{center}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	426	\begin{tabular}{ll}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	427	\bl{$A \rightarrow B$:} & \bl{$N_A$}\\
267 37821a377c4a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 257 diff changeset	428	\bl{$B \rightarrow A$:} & \bl{$\{N_A, N_B\}_{K_{AB}}$}\\
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	429	\bl{$A \rightarrow B$:} & \bl{$N_B$}\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	430	\end{tabular}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	431	\end{center}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	432
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	433	The attack (let $A$ decrypt her own messages):
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	434
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	435	\begin{center}
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	436	\begin{tabular}{ll}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	437	\bl{$A \rightarrow E$:} & \bl{$N_A$}\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	438	\textcolor{gray}{$E \rightarrow A$:} & \textcolor{gray}{$N_A$}\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	439	\textcolor{gray}{$A \rightarrow E$:} & \textcolor{gray}{$\{N_A, N_A'\}_{K_{AB}}$}\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	440	\bl{$E \rightarrow A$:} & \bl{$\{N_A, N_A'\}_{K_{AB}}$}\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	441	\bl{$A \rightarrow E$:} & \bl{$N_A' \;\;(= N_B)$}\\
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	442	\end{tabular}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	443	\end{center}\pause
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	444
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	445	\small Solutions: \bl{$K_{AB} \not= K_{BA}$} or include an id in the second message
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	446	\end{frame}}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	447	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	448
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	449	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	450	\mode<presentation>{
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	451	\begin{frame}[c]
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	452	\frametitle{Encryption to the Rescue?}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	453
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	454
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	455	\begin{itemize}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	456	\item \bl{$A \,\rightarrow\, B : \{A, N_A\}_{K_{AB}}$}\hspace{1cm} encrypted\bigskip
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	457	\item \bl{$B\,\rightarrow\, A : \{N_A, K'_{AB}\}_{K_{AB}}$}\bigskip
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	458	\item \bl{$A \,\rightarrow\, B : \{N_A\}_{K'_{AB}}$}\bigskip
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	459	\end{itemize}\pause
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	460
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	461	means you need to send separate ``Hello'' signals (bad), or worse
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	462	share a single key between many entities
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	463	\end{frame}}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	464	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	465
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	466	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	467	\mode<presentation>{
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	468	\begin{frame}[c]
254 0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	469	\frametitle{Trusted Third Party}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	470
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	471	Simple protocol for establishing a secure connection via a mutually
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	472	trusted 3rd party (server):
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	473
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	474	\begin{center}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	475	\begin{tabular}{r@ {\hspace{1mm}}l}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	476	\bl{$A \rightarrow S :$} & \bl{$A, B$}\\
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	477	\bl{$S \rightarrow A :$} & \bl{$\{K_{AB}\}_{K_{AS}}$} and \bl{$\{\{K_{AB}\}_{K_{BS}} \}_{K_{AS}}$}\\
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	478	\bl{$A \rightarrow B :$} & \bl{$\{K_{AB}\}_{K_{BS}} $}\\
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	479	\bl{$A \rightarrow B :$} & \bl{$\{m\}_{K_{AB}}$}\\
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	480	\end{tabular}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	481	\end{center}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	482
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	483	\end{frame}}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	484	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	485
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	486	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	487	\mode<presentation>{
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	488	\begin{frame}[c]
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	489	\frametitle{Public-Key Infrastructure}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	490
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	491	\begin{itemize}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	492	\item the idea is to have a certificate authority (CA)
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	493	\item you go to the CA to identify yourself
254 0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	494	\item CA: ``I, the CA, have verified that public key
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	495	\bl{$P^{pub}_{Bob}$} belongs to Bob''\bigskip
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	496	\item CA must be trusted by everybody
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	497	\item What happens if CA issues a false certificate? Who pays in case of loss? (VeriSign
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	498	explicitly limits liability to \$100.)
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	499	\end{itemize}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	500
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	501	\end{frame}}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	502	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	503
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	504
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	505
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	506	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	507	\begin{frame}[c]
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	508	\frametitle{Person-in-the-Middle}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	509
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	510	``Normal'' protocol run:\bigskip
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	511
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	512	\begin{itemize}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	513	\item \bl{$A$} sends public key to \bl{$B$}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	514	\item \bl{$B$} sends public key to \bl{$A$}
271 4796f424cf12 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 267 diff changeset	515	\item \bl{$A$} sends a message encrypted with \bl{$B$}'s public key, \bl{$B$} decrypts it
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	516	with its private key
271 4796f424cf12 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 267 diff changeset	517	\item \bl{$B$} sends a message encrypted with \bl{$A$}'s public key, \bl{$A$} decrypts it
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	518	with its private key
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	519	\end{itemize}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	520
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	521	\end{frame}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	522	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	523
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	524	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	525	\mode<presentation>{
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	526	\begin{frame}[c]
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	527	\frametitle{Person-in-the-Middle}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	528
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	529	Attack:
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	530
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	531	\begin{itemize}
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	532	\item \bl{$A$} sends public key to \bl{$B$} --- \bl{$C$}
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	533	intercepts this message and send his own public key to
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	534	\bl{$B$}
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	535	\item \bl{$B$} sends public key to \bl{$A$} --- \bl{$C$}
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	536	intercepts this message and send his own public key
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	537	\bl{$A$}
271 4796f424cf12 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 267 diff changeset	538	\item \bl{$A$} sends a message encrypted with \bl{$C$}'s public key, \bl{$C$} decrypts it
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	539	with its private key, re-encrypts with \bl{$B$}'s public key
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	540	\item similar the other way
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	541	\end{itemize}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	542
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	543	\end{frame}}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	544	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	545
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	546	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	547	\begin{frame}[c]
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	548	\frametitle{Person-in-the-Middle}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	549
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	550	Prevention:
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	551
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	552	\begin{itemize}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	553	\item \bl{$A$} sends public key to \bl{$B$}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	554	\item \bl{$B$} sends public key to \bl{$A$}
272 4f4612d5f670 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 271 diff changeset	555	\item \bl{$A$} encrypts a message with \bl{$B$}'s public key,
4f4612d5f670 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 271 diff changeset	556	sends {\bf half} of the message to \bl{$B$}
4f4612d5f670 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 271 diff changeset	557	\item \bl{$B$} encrypts a message with \bl{$A$}'s public key,
4f4612d5f670 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 271 diff changeset	558	sends {\bf half} of the message back to \bl{$A$}
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	559	\item \bl{$A$} sends other half, \bl{$B$} can now decrypt
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	560	entire message
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	561	\item \bl{$B$} sends other half, \bl{$A$} can now decrypt
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	562	entire message
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	563	\end{itemize}\pause
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	564
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	565	\bl{$C$} would have to invent a totally new message
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	566
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	567	\end{frame}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	568	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	569
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	570	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	571	\begin{frame}[c]
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	572	\frametitle{Car Transponder (HiTag2)}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	573
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	574	\begin{enumerate}
339 0e78c809b17f updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 272 diff changeset	575	\item \bl{$C$} generates a random number \bl{$N$}
0e78c809b17f updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 272 diff changeset	576	\item \bl{$C$} calculates \bl{$(F,G) = \{N\}_K$}
0e78c809b17f updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 272 diff changeset	577	\item \bl{$C \to T$}: \bl{$N, F$}
0e78c809b17f updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 272 diff changeset	578	\item \bl{$T$} calculates \bl{$(F',G') = \{N\}_K$}
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	579	\item \bl{$T$} checks that \bl{$F = F'$}
339 0e78c809b17f updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 272 diff changeset	580	\item \bl{$T \to C$}: \bl{$N, G'$}
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	581	\item \bl{$C$} checks that \bl{$G = G'$}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	582	\end{enumerate}\pause
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	583
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	584	\small
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	585	This process means that the transponder believes the car knows
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	586	the key \bl{$K$}, and the car believes the transponder knows
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	587	the key \bl{$K$}. They have authenticated themselves
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	588	to each other.
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	589
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	590	\end{frame}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	591	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	592
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	593	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
254 0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	594	\begin{frame}[c]
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	595	\frametitle{Person-in-the-Middle}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	596
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	597	\begin{itemize}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	598	\item Border Gateway Protocol (BGP) --- routers believe
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	599	their neighbours
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	600	\item it is possible to advertise bad routes
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	601	\item can be done over continents\bigskip
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	602	\end{itemize}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	603
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	604	\hfill\footnotesize\url{http://www.renesys.com/2013/11/mitm-internet-hijacking/}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	605	\end{frame}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	606	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	607
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	608	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	609	\mode<presentation>{
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	610	\begin{frame}[c]
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	611	\frametitle{Protocol Attacks}
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	612
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	613	\begin{itemize}
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	614	\item replay attacks
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	615	\item reflection attacks
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	616	\item man-in-the-middle attacks
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	617	\item timing attacks
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	618	\item parallel session attacks
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	619	\item binding attacks (public key protocols)
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	620	\item changing environment / changing assumptions\bigskip
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	621
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	622	\item (social engineering attacks)
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	623	\end{itemize}
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	624	\end{frame}}
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	625	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	626
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	627	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	628	\begin{frame}[c]
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	629	\frametitle{Best Practices}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	630
256 e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	631	{\bf Principle 1:} Every message should say what it means: the
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	632	interpretation of a message should not depend on the
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	633	context.\bigskip\pause
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	634
256 e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	635	{\bf Principle 2:} If the identity of a principal is essential
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	636	to the meaning of a message, it is prudent to mention the
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	637	principal’s name explicitly in the message (though
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	638	difficult).\bigskip
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	639
256 e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	640	\end{frame}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	641	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	642
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	643	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	644	\mode<presentation>{
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	645	\begin{frame}[c]
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	646	\frametitle{Best Practices}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	647
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	648	{\bf Principle 3:} Be clear about why encryption is being
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	649	done. Encryption is not wholly cheap, and not asking precisely
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	650	why it is being done can lead to redundancy. Encryption is not
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	651	synonymous with security.
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	652
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	653	\small
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	654	\begin{center}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	655	Possible Uses of Encryption
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	656
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	657	\begin{itemize}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	658	\item Preservation of confidentiality: \bl{$\{X\}_K$} only those that have \bl{$K$} may recover \bl{$X$}. \item Guarantee authenticity: The partner is indeed some particular principal. \item Guarantee confidentiality and authenticity: binds two parts of a message ---
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	659	\bl{$\{X,Y\}_K$} is not the same as \bl{$\{X\}_K$} and \bl{$\{Y\}_K$}.
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	660	\end{itemize}
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	661	\end{center}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	662
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	663	\end{frame}}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	664	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	665
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	666	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	667	\begin{frame}[c]
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	668	\frametitle{Best Practices}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	669
256 e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	670	{\bf Principle 4:} The protocol designers should know which
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	671	trust relations their protocol depends on, and why the
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	672	dependence is necessary. The reasons for particular trust
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	673	relations being acceptable should be explicit though they will
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	674	be founded on judgment and policy rather than on
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	675	logic.\bigskip
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	676
256 e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	677	Example Certification Authorities: CAs are trusted to certify
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	678	a key only after proper steps have been taken to identify the
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	679	principal that owns it.
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	680
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	681	\end{frame}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	682	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	683
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	684	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	685	\mode<presentation>{
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	686	\begin{frame}[c]
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	687	\frametitle{Formal Methods}
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	688
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	689	Ross Anderson about the use of Logic:\bigskip
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	690
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	691	\begin{quote}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	692	Formal methods can be an excellent way of finding
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	693	bugs in security protocol designs as they force the designer
256 e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	694	to make everything explicit and thus confront difficult design
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	695	choices that might otherwise be fudged.
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	696	\end{quote}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	697
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	698	\end{frame}}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	699	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	700
254 0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	701	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	702	\begin{frame}[c]
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	703	\frametitle{Mid-Term}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	704
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	705	\begin{itemize}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	706	\item homework, handouts, programs\ldots
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	707	\end{itemize}\bigskip\bigskip\bigskip
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	708
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	709	\begin{center}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	710	{\huge\bf\alert{Any Questions?}}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	711	\end{center}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	712
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	713	\end{frame}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	714	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	715
257 9bc912fcedb6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 256 diff changeset	716	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
9bc912fcedb6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 256 diff changeset	717	\begin{frame}[c]
9bc912fcedb6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 256 diff changeset	718
9bc912fcedb6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 256 diff changeset	719
9bc912fcedb6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 256 diff changeset	720	\end{frame}
9bc912fcedb6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 256 diff changeset	721	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
9bc912fcedb6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 256 diff changeset	722
254 0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	723
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	724	\end{document}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	725
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	726	%%% Local Variables:
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	727	%%% mode: latex
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	728	%%% TeX-master: t
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	729	%%% End:
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	730

author	Christian Urban <christian dot urban at kcl dot ac dot uk>
	Wed, 21 Oct 2015 13:31:56 +0100
changeset 415	56bc53ba7c5b
parent 381	036a762b02cf
child 416	708b80c825af
permissions	-rw-r--r--