sen-material: slides/slides05.tex@708b80c825af (annotated)

416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	1	\PassOptionsToPackage{bookmarks=false}{hyperref}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	2	\documentclass[dvipsnames,14pt,t,hyperref={bookmarks=false}]{beamer}
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	3	\usepackage{../slides}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	4	\usepackage{../graphics}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	5	\usepackage{../langs}
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	6	\usepackage{../style}
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	7	\usetikzlibrary{arrows}
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	8	\usetikzlibrary{shapes}
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	9
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	10	\setmonofont[Scale=.88]{Consolas}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	11	\newfontfamily{\consolas}{Consolas}
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	12
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	13	\hfuzz=220pt
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	14
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	15	% beamer stuff
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	16	\newcommand{\bl}[1]{\textcolor{blue}{#1}}
381 036a762b02cf updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 339 diff changeset	17	\renewcommand{\slidecaption}{SEN 05, King's College London}
124 382aad582d8b added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 123 diff changeset	18
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	19
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	20	\begin{document}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	21
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	22	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	23	\begin{frame}[t]
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	24	\frametitle{%
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	25	\begin{tabular}{@ {}c@ {}}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	26	\\
381 036a762b02cf updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 339 diff changeset	27	\LARGE Security Engineering (5)\\[-3mm]
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	28	\end{tabular}}\bigskip\bigskip\bigskip
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	29
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	30	\normalsize
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	31	\begin{center}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	32	\begin{tabular}{ll}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	33	Email: & christian.urban at kcl.ac.uk\\
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	34	Office: & S1.27 (1st floor Strand Building)\\
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	35	Slides: & KEATS (also homework is there)\\
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	36	\end{tabular}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	37	\end{center}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	38
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	39	\end{frame}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	40	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	41
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	42	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	43	\begin{frame}[c]
415 56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	44	\frametitle{Problems with Key Fobs}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	45
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	46	\begin{columns}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	47	\begin{column}[T]{4cm}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	48	\includegraphics[scale=0.4]{../pics/car-standard.jpg}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	49	\end{column}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	50
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	51	\begin{column}[T]{6cm}\small
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	52	Circumventing the ignition protection:
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	53
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	54	\begin{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	55	\item either dismantling Megamos crypto,
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	56	\item or use the diagnostic port to program
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	57	blank keys
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	58	\end{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	59
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	60	\hspace{14mm}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	61	\includegraphics[scale=0.16]{../pics/Dismantling_Megamos_Crypto.png}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	62	\end{column}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	63	\end{columns}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	64
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	65
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	66
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	67	\end{frame}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	68	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	69
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	70	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	71	\begin{frame}[c]
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	72	\frametitle{Protocols}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	73
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	74	\begin{center}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	75	\includegraphics[scale=0.11]{../pics/keyfob.jpg}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	76	\quad
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	77	\includegraphics[scale=0.232]{../pics/starbucks.jpg}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	78	\end{center}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	79
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	80	\begin{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	81	\item The point is that we have no control over the network
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	82
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	83	\item We want to avoid that a message exchange (a protocol) can
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	84	be attacked without detection
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	85	\end{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	86
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	87	\end{frame}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	88	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	89
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	90	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	91	\begin{frame}[c]
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	92	\frametitle{G20 Summit in 2009}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	93
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	94	\begin{center}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	95	\includegraphics[scale=0.1]{../pics/snowden.jpg}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	96	\end{center}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	97
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	98	\small
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	99	\begin{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	100	\item Snowden documents reveal ``that during G20
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	101	meetings\dots{}GCHQ used
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	102	`ground-breaking intelligence capabilities' to intercept
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	103	the communications of visiting delegations. This
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	104	included setting up internet cafes where they used an
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	105	email interception program and key-logging software to
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	106	spy on delegates' use of computers\ldots''
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	107
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	108	\item ``The G20 spying appears to have been organised for the
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	109	more mundane purpose of securing an advantage in
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	110	meetings.''
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	111	\end{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	112
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	113	\end{frame}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	114	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	115
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	116	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	117	\begin{frame}[c]
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	118	\frametitle{A Simple PK Protocol}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	119
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	120
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	121	\begin{center}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	122	\begin{tabular}{ll@{\hspace{2mm}}l}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	123	1. & \bl{$A \to B :$} & \bl{$K^{pub}_A$}\smallskip\\
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	124	2. & \bl{$B \to A :$} & \bl{$K^{pub}_B$}\smallskip\\
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	125	3. & \bl{$A \to B :$} & \bl{$\{A,m\}_{K^{pub}_B}$}\smallskip\\
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	126	4. & \bl{$B \to A :$} & \bl{$\{B,m'\}_{K^{pub}_A}$}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	127	\end{tabular}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	128	\end{center}\pause\bigskip
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	129
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	130	unfortunately there is a simple man-in-the- middle-attack
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	131	\end{frame}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	132	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	133
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	134	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	135	\begin{frame}[c]
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	136	\frametitle{A MITM Attack}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	137
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	138
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	139	\begin{center}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	140	\begin{tabular}{ll@{\hspace{2mm}}l}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	141	1. & \bl{$A \to E :$} & \bl{$K^{pub}_A$}\smallskip\\
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	142	2. & \bl{$E \to B :$} & \bl{$K^{pub}_E$}\smallskip\\
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	143	3. & \bl{$B \to E :$} & \bl{$K^{pub}_B$}\smallskip\\
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	144	4. & \bl{$E \to A :$} & \bl{$K^{pub}_E$}\smallskip\\
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	145	5. & \bl{$A \to E :$} & \bl{$\{A,m\}_{K^{pub}_E}$}\smallskip\\
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	146	6. & \bl{$E \to B :$} & \bl{$\{E,m\}_{K^{pub}_B}$}\smallskip\\
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	147	7. & \bl{$B \to E :$} & \bl{$\{B,m'\}_{K^{pub}_E}$}\smallskip\\
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	148	8. & \bl{$E \to A :$} & \bl{$\{E,m'\}_{K^{pub}_A}$}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	149	\end{tabular}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	150	\end{center}\pause\medskip
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	151
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	152	and \bl{$A$} and \bl{$B$} have no chance to detect it
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	153	\end{frame}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	154	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	155
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	156	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	157	\begin{frame}[c]
415 56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	158	\frametitle{Interlock Protocol}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	159
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	160	The interlock protocol (``best bet'' against MITM):
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	161
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	162	\begin{center}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	163	\begin{tabular}{ll@{\hspace{2mm}}l}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	164	1. & \bl{$A \to B :$} & \bl{$K^{pub}_A$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	165	2. & \bl{$B \to A :$} & \bl{$K^{pub}_B$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	166	3. & & \bl{$\{A,m\}_{K^{pub}_B} \;\mapsto\; H_1,H_2$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	167	& & \bl{$\{B,m'\}_{K^{pub}_A} \;\mapsto\; M_1,M_2$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	168	4. & \bl{$A \to B :$} & \bl{$H_1$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	169	5. & \bl{$B \to A :$} & \bl{$\{H_1, M_1\}_{K^{pub}_A}$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	170	6. & \bl{$A \to B :$} & \bl{$\{H_2, M_1\}_{K^{pub}_B}$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	171	7. & \bl{$B \to A :$} & \bl{$M_2$}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	172	\end{tabular}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	173	\end{center}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	174
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	175	\end{frame}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	176	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	177
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	178	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	179	\begin{frame}[c]
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	180	\frametitle{Splitting Messages}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	181
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	182	\begin{center}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	183	$\underbrace{\texttt{\Grid{0X1peUVTGJK+H70mMjAM8p}}}_{\{A,m\}_{K^{pub}_B}}$
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	184	\end{center}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	185
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	186	\begin{center}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	187	$\underbrace{\texttt{\Grid{0X1peUVTGJK}}}_{H_1}$\quad
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	188	$\underbrace{\texttt{\Grid{+H70mMjAM8p}}}_{H_2}$
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	189	\end{center}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	190
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	191	\begin{itemize}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	192	\item you can also use the even and odd bytes
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	193	\item the point is you cannot decrypt the halves
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	194	\end{itemize}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	195
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	196
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	197	\end{frame}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	198	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	199
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	200	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	201	\begin{frame}[c]
415 56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	202
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	203	\begin{center}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	204	\begin{tabular}{l@{\hspace{9mm}}l}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	205	\begin{tabular}[t]{@{}l@{}}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	206	\bl{$A \to C : K^{pub}_A$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	207	\bl{$C \to B : K^{pub}_C$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	208	\bl{$B \to C : K^{pub}_B$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	209	\bl{$C \to A : K^{pub}_C$}\medskip\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	210	\bl{$\{A,m\}_{K^{pub}_C} \;\mapsto\; H_1,H_2$}\\
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	211	\bl{$\{B,m'\}_{K^{pub}_C} \;\mapsto\; M_1,M_2$}\bigskip\\
415 56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	212	\bl{$\{C,a\}_{K^{pub}_B} \;\mapsto\; C_1,C_2$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	213	\bl{$\{C,b\}_{K^{pub}_A} \;\mapsto\; D_1,D_2$}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	214	\end{tabular} &
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	215	\begin{tabular}[t]{@{}l@{}}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	216	\bl{$A \to C : H_1$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	217	\bl{$C \to B : C_1$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	218	\bl{$B \to C : \{C_1, M_1\}_{K^{pub}_C}$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	219	\bl{$C \to A : \{H_1, D_1\}_{K^{pub}_A}$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	220	\bl{$A \to C : \{H_2, D_1\}_{K^{pub}_C}$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	221	\bl{$C \to B : \{C_2, M_1\}_{K^{pub}_B}$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	222	\bl{$B \to C : M_2$}\\
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	223	\bl{$C \to A : D_2$}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	224	\end{tabular}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	225	\end{tabular}
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	226	\end{center}\pause
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	227
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	228	\footnotesize
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	229	\bl{$m$} = How is your grandmother? \bl{$m'$} = How is the
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	230	weather today in London?
415 56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	231
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	232	\end{frame}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	233	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	234
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	235	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	236	\begin{frame}[c]
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	237
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	238	\begin{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	239	\item you have to ask something that cannot imitated
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	240	(requires \bl{$A$} and \bl{$B$} know each other)
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	241	\item what happens if \bl{$m$} and \bl{$m'$} are voice
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	242	messages?\bigskip\pause
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	243
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	244	\item So \bl{$C$} can either leave the communication unchanged
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	245	(Hellamn-Diffie), or invent a complete new conversation
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	246
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	247	\end{itemize}
415 56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	248
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	249	\end{frame}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	250	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	251
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	252	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	253	\begin{frame}[c]
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	254
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	255	\begin{itemize}
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	256	\item the moral: establishing a secure connection from
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	257	``zero'' is almost impossible---you need to rely on some
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	258	established trust\medskip
415 56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	259
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	260	\item that is why we rely on certificates, which however are
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	261	badly, badly realised
415 56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	262
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	263	\end{itemize}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	264
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	265	\end{frame}
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	266	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
56bc53ba7c5b updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 381 diff changeset	267
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	268	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	269	\begin{frame}[c]
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	270	\frametitle{Trusted Third Parties}
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	271
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	272	Simple protocol for establishing a secure connection via a
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	273	mutually trusted 3rd party (server):
254 0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	274
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	275	\begin{center}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	276	\begin{tabular}{r@ {\hspace{1mm}}l}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	277	\bl{$A \rightarrow S :$} & \bl{$A, B$}\\
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	278	\bl{$S \rightarrow A :$} & \bl{$\{K_{AB}, \{K_{AB}\}_{K_{BS}} \}_{K_{AS}}$}\\
254 0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	279	\bl{$A \rightarrow B :$} & \bl{$\{K_{AB}\}_{K_{BS}} $}\\
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	280	\bl{$A \rightarrow B :$} & \bl{$\{m\}_{K_{AB}}$}\\
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	281	\end{tabular}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	282	\end{center}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	283
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	284	\end{frame}
254 0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	285	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	286
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	287	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	288	\begin{frame}[c]
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	289	\frametitle{PKI: The Main Idea}
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	290
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	291	\begin{itemize}
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	292	\item the idea is to have a certificate authority (CA)
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	293	\item you go to the CA to identify yourself
254 0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	294	\item CA: ``I, the CA, have verified that public key
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	295	\bl{$P^{pub}_{Bob}$} belongs to Bob''\bigskip
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	296	\item CA must be trusted by everybody\medskip
708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	297
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	298	\item What happens if CA issues a false certificate? Who pays in case of loss? (VeriSign
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	299	explicitly limits liability to \$100.)
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	300	\end{itemize}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	301
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	302	\end{frame}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	303	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	304
255 9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	305
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	306	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
9cf486aea756 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 254 diff changeset	307	\begin{frame}[c]
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	308	\frametitle{Best Practices}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	309
256 e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	310	{\bf Principle 1:} Every message should say what it means: the
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	311	interpretation of a message should not depend on the
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	312	context.\bigskip\pause
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	313
256 e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	314	{\bf Principle 2:} If the identity of a principal is essential
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	315	to the meaning of a message, it is prudent to mention the
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	316	principal’s name explicitly in the message (though
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	317	difficult).\bigskip
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	318
256 e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	319	\end{frame}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	320	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	321
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	322	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	323	\begin{frame}[c]
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	324	\frametitle{Best Practices}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	325
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	326	{\bf Principle 3:} Be clear about why encryption is being
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	327	done. Encryption is not wholly cheap, and not asking precisely
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	328	why it is being done can lead to redundancy. Encryption is not
fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	329	synonymous with security.
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	330
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	331	\small
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	332	\begin{center}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	333	Possible Uses of Encryption
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	334
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	335	\begin{itemize}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	336	\item Preservation of confidentiality: \bl{$\{X\}_K$} only those that have \bl{$K$} may recover \bl{$X$}. \item Guarantee authenticity: The partner is indeed some particular principal. \item Guarantee confidentiality and authenticity: binds two parts of a message ---
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	337	\bl{$\{X,Y\}_K$} is not the same as \bl{$\{X\}_K$} and \bl{$\{Y\}_K$}.
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	338	\end{itemize}
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	339	\end{center}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	340
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	341	\end{frame}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	342	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	343
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	344	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	345	\begin{frame}[c]
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	346	\frametitle{Best Practices}
2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	347
256 e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	348	{\bf Principle 4:} The protocol designers should know which
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	349	trust relations their protocol depends on, and why the
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	350	dependence is necessary. The reasons for particular trust
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	351	relations being acceptable should be explicit though they will
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	352	be founded on judgment and policy rather than on
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	353	logic.\bigskip
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	354
256 e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	355	Example Certification Authorities: CAs are trusted to certify
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	356	a key only after proper steps have been taken to identify the
e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	357	principal that owns it.
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	358
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	359	\end{frame}
123 2185acdb43bb added slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 90 diff changeset	360	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	361
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	362	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	363	\begin{frame}[c]
252 fa151c0a3cf4 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 243 diff changeset	364	\frametitle{Formal Methods}
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	365
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	366	Ross Anderson about the use of Logic:\bigskip
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	367
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	368	\begin{quote}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	369	Formal methods can be an excellent way of finding
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	370	bugs in security protocol designs as they force the designer
256 e272713e34ff updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 255 diff changeset	371	to make everything explicit and thus confront difficult design
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	372	choices that might otherwise be fudged.
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	373	\end{quote}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	374
416 708b80c825af updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 415 diff changeset	375	\end{frame}
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	376	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	377
254 0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	378	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	379	\begin{frame}[c]
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	380	\frametitle{Mid-Term}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	381
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	382	\begin{itemize}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	383	\item homework, handouts, programs\ldots
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	384	\end{itemize}\bigskip\bigskip\bigskip
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	385
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	386	\begin{center}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	387	{\huge\bf\alert{Any Questions?}}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	388	\end{center}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	389
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	390	\end{frame}
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	391	%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0d491b5654f9 updated slides Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 253 diff changeset	392
52 be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	393	\end{document}
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	394
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	395	%%% Local Variables:
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	396	%%% mode: latex
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	397	%%% TeX-master: t
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	398	%%% End:
be19f8a1fcf0 added slides 5 Christian Urban <urbanc@in.tum.de> parents: diff changeset	399

author	Christian Urban <christian dot urban at kcl dot ac dot uk>
	Wed, 21 Oct 2015 22:07:46 +0100
changeset 416	708b80c825af
parent 415	56bc53ba7c5b
child 417	ca9295851eb6
permissions	-rw-r--r--