52
+ − 1
\documentclass[dvipsnames,14pt,t]{beamer}
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 2
\usepackage{../slides}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 3
\usepackage{../graphics}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 4
\usepackage{../langs}
52
+ − 5
\usetikzlibrary{arrows}
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 6
\usetikzlibrary{shapes}
52
+ − 7
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 8
\setmonofont[Scale=.88]{Consolas}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 9
\newfontfamily{\consolas}{Consolas}
52
+ − 10
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 11
\hfuzz=220pt
52
+ − 12
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 13
% beamer stuff
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 14
\newcommand{\bl}[1]{\textcolor{blue}{#1}}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 15
\renewcommand{\slidecaption}{APP 05, King's College London}
124
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 16
52
+ − 17
+ − 18
\begin{document}
+ − 19
+ − 20
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 21
\begin{frame}[t]
52
+ − 22
\frametitle{%
+ − 23
\begin{tabular}{@ {}c@ {}}
+ − 24
\\
+ − 25
\LARGE Access Control and \\[-3mm]
+ − 26
\LARGE Privacy Policies (5)\\[-6mm]
+ − 27
\end{tabular}}\bigskip\bigskip\bigskip
+ − 28
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 29
\normalsize
52
+ − 30
\begin{center}
+ − 31
\begin{tabular}{ll}
+ − 32
Email: & christian.urban at kcl.ac.uk\\
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 33
Office: & S1.27 (1st floor Strand Building)\\
52
+ − 34
Slides: & KEATS (also homework is there)\\
+ − 35
\end{tabular}
+ − 36
\end{center}
+ − 37
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 38
\end{frame}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 39
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
52
+ − 40
+ − 41
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 42
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 43
\frametitle{Protocols}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 44
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 45
Some examples where ``over-the-air'' protocols are used:
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 46
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 47
\begin{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 48
\item wifi
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 49
\item card readers (you cannot trust the terminals)
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 50
\item RFID (passports)
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 51
\item car transponders
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 52
\end{itemize}\medskip\pause
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 53
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 54
The point is that we cannot control the network: An attacker
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 55
can install a packet sniffer, inject packets, modify packets,
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 56
replay messages\ldots{}fake pretty much everything.
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 57
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 58
\end{frame}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 59
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 60
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 61
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 62
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 63
\frametitle{Keyless Car Transponders}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 64
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 65
\begin{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 66
\includegraphics[scale=0.1]{../pics/keyfob.jpg}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 67
\quad
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 68
\includegraphics[scale=0.27]{../pics/startstop.jpg}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 69
\end{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 70
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 71
\begin{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 72
\item There are two security mechanisms: one remote central
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 73
locking system and one passive RFID tag (engine immobiliser).
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 74
\item How can I get in? How can thieves be kept out?
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 75
How to avoid MITM attacks?
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 76
\end{itemize}\medskip
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 77
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 78
\footnotesize
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 79
\hfill Papers: Gone in 360 Seconds: Hijacking with Hitag2,\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 80
\hfill Dismantling Megamos Crypto: Wirelessly Lockpicking\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 81
\hfill a Vehicle Immobilizer
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 82
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 83
\end{frame}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 84
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 85
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 86
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 87
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 88
\frametitle{HTTPS / GSM}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 89
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 90
\begin{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 91
\includegraphics[scale=0.25]{../pics/barclays.jpg}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 92
\quad
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 93
\includegraphics[scale=0.25]{../pics/phone-signal.jpg}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 94
\end{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 95
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 96
\begin{itemize}
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 97
\item I am sitting at Starbuck. How can I be sure I am really
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 98
visiting Barclays? I have no control of the access
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 99
point.
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 100
\item How can I achieve that a secret key is established in
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 101
order to encrypt my mobile conversation? I have no
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 102
control over the access points.
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 103
\end{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 104
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 105
\end{frame}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 106
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 107
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 108
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 109
\begin{frame}[c]
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 110
\frametitle{Handshakes}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 111
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 112
\begin{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 113
\item starting a TCP connection between a client and a server
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 114
initiates the following three-way handshake protocol:
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 115
\end{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 116
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 117
\begin{columns}[t]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 118
\begin{column}{5cm}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 119
\begin{minipage}[t]{4cm}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 120
\begin{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 121
\raisebox{-2cm}{\includegraphics[scale=0.5]{../pics/handshake.png}}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 122
\end{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 123
\end{minipage}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 124
\end{column}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 125
\begin{column}{5cm}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 126
\begin{tabular}[t]{rl}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 127
Alice: & Hello server!\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 128
Server: & I heard you\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 129
Alice: & Thanks
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 130
\end{tabular}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 131
\end{column}
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 132
\end{columns}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 133
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 134
\onslide<2->{
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 135
\begin{center}
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 136
\begin{tabular}{rl}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 137
\bl{$A \rightarrow S$}: & \bl{SYN}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 138
\bl{$S \rightarrow A$}: & \bl{SYN-ACK}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 139
\bl{$A \rightarrow S$}: & \bl{ACK}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 140
\end{tabular}
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 141
\end{center}}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 142
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 143
\only<3>{
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 144
\begin{textblock}{3}(11,5)
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 145
\begin{bubble}[3.2cm]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 146
SYNflood attacks:\medskip\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 147
\includegraphics[scale=0.4]{../pics/synflood.png}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 148
\end{bubble}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 149
\end{textblock}}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 150
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 151
\end{frame}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 152
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 153
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 154
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 155
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 156
\frametitle{Authentication}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 157
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 158
\begin{columns}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 159
\begin{column}{8cm}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 160
\begin{minipage}[t]{7.5cm}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 161
\begin{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 162
\raisebox{-2cm}{\includegraphics[scale=0.4]{../pics/dogs.jpg}}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 163
\end{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 164
\end{minipage}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 165
\end{column}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 166
\begin{column}{5cm}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 167
\begin{minipage}[t]{4.5cm}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 168
\begin{tabular}{l}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 169
Knock Knock!\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 170
Who's there?\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 171
Alice.\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 172
Alice who?
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 173
\end{tabular}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 174
\end{minipage}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 175
\end{column}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 176
\end{columns}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 177
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 178
\end{frame}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 179
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 180
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 181
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 182
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 183
\frametitle{Authentication Protocols}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 184
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 185
Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 186
\bl{$K_{AB}$}\bigskip
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 187
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 188
Password transmission:
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 189
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 190
\begin{center}
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 191
\bl{$A \rightarrow B: K_{AB}$}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 192
\end{center}\pause\bigskip
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 193
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 194
Problems: Eavesdropper can capture the secret and replay it;
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 195
\bl{$B$} cannot confirm the identity of \bl{$A$}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 196
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 197
\end{frame}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 198
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
52
+ − 199
+ − 200
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+ − 201
\begin{frame}[c]
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 202
\frametitle{Authentication Protocols}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 203
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 204
Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 205
\bl{$K_{AB}$}\bigskip
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 206
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 207
Simple Challenge Response (solving the replay problem):
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 208
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 209
\begin{center}
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 210
\begin{tabular}{lll}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 211
\bl{$A \rightarrow B:$} & \bl{Hi I am A}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 212
\bl{$B \rightarrow A:$} & \bl{$N$} & (challenge)\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 213
\bl{$A \rightarrow B:$} & \bl{$\{N\}_{K_{AB}}$}\\
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 214
\end{tabular}
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 215
\end{center}\pause
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 216
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 217
\begin{itemize}
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 218
\item cannot be replayed since next time will be another
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 219
challenge \bl{$N$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 220
\item \bl{$B$} authenticates \bl{$A$}, but \bl{$A$} does not
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 221
authenticate \bl{$B$} (Eve can intercept
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 222
messages from \bl{$A$}, send random challenge
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 223
and ignore last)
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 224
\end{itemize}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 225
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 226
\end{frame}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 227
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
52
+ − 228
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 229
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 230
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 231
\frametitle{Authentication Protocols}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 232
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 233
Alice (\bl{$A$}) and Bob (\bl{$B$}) share a secret key \bl{$K_{AB}$}\bigskip
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 234
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 235
Mutual Challenge Response:
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 236
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 237
\begin{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 238
\begin{tabular}{ll}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 239
\bl{$A \rightarrow B:$} & \bl{$N_A$}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 240
\bl{$B \rightarrow A:$} & \bl{$\{N_A, N_B\}_{K_{AB}}$}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 241
\bl{$A \rightarrow B:$} & \bl{$N_B$}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 242
\end{tabular}
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 243
\end{center}\pause
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 244
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 245
But requires shared secret key.
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 246
\end{frame}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 247
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 248
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 249
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 250
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 251
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 252
\frametitle{Nonces}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 253
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 254
\begin{enumerate}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 255
\item I generate a nonce (random number) and send it to you encrypted with a key we share
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 256
\item you increase it by one, encrypt it under a key I know and send
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 257
it back to me
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 258
\end{enumerate}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 259
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 260
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 261
I can infer:
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 262
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 263
\begin{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 264
\item you must have received my message
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 265
\item you could only have generated your answer after I send you my initial
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 266
message
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 267
\item if only you and me know the key, the message must have come from you
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 268
\end{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 269
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 270
\end{frame}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 271
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 272
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 273
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 274
\mode<presentation>{
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 275
\begin{frame}[c]
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 276
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 277
\begin{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 278
\begin{tabular}{ll}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 279
\bl{$A \rightarrow B$:} & \bl{$N_A$}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 280
\bl{$B \rightarrow A$:} & \bl{$\{N_A, N_B\}_{K_{ab}}$}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 281
\bl{$A \rightarrow B$:} & \bl{$N_B$}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 282
\end{tabular}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 283
\end{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 284
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 285
The attack (let $A$ decrypt her own messages):
52
+ − 286
+ − 287
\begin{center}
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 288
\begin{tabular}{ll}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 289
\bl{$A \rightarrow E$:} & \bl{$N_A$}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 290
\textcolor{gray}{$E \rightarrow A$:} & \textcolor{gray}{$N_A$}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 291
\textcolor{gray}{$A \rightarrow E$:} & \textcolor{gray}{$\{N_A, N_A'\}_{K_{AB}}$}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 292
\bl{$E \rightarrow A$:} & \bl{$\{N_A, N_A'\}_{K_{AB}}$}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 293
\bl{$A \rightarrow E$:} & \bl{$N_A' \;\;(= N_B)$}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 294
\end{tabular}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 295
\end{center}\pause
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 296
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 297
\small Solutions: \bl{$K_{AB} \not= K_{BA}$} or include an id in the second message
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 298
\end{frame}}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 299
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 300
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 301
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 302
\mode<presentation>{
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 303
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 304
\frametitle{Encryption to the Rescue?}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 305
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 306
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 307
\begin{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 308
\item \bl{$A \,\rightarrow\, B : \{A, N_A\}_{K_{AB}}$}\hspace{1cm} encrypted\bigskip
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 309
\item \bl{$B\,\rightarrow\, A : \{N_A, K'_{AB}\}_{K_{AB}}$}\bigskip
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 310
\item \bl{$A \,\rightarrow\, B : \{N_A\}_{K'_{AB}}$}\bigskip
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 311
\end{itemize}\pause
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 312
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 313
means you need to send separate ``Hello'' signals (bad), or worse
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 314
share a single key between many entities
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 315
\end{frame}}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 316
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 317
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 318
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 319
\mode<presentation>{
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 320
\begin{frame}[c]
254
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 321
\frametitle{Trusted Third Party}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 322
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 323
Simple protocol for establishing a secure connection via a mutually
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 324
trusted 3rd party (server):
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 325
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 326
\begin{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 327
\begin{tabular}{r@ {\hspace{1mm}}l}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 328
\bl{$A \rightarrow S :$} & \bl{$A, B$}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 329
\bl{$S \rightarrow A :$} & \bl{$\{K_{AB}\}_{K_{AS}}$} and \bl{$\{\{K_{AB}\}_{K_{BS}} \}_{K_{AS}}$}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 330
\bl{$A \rightarrow B :$} & \bl{$\{K_{AB}\}_{K_{BS}} $}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 331
\bl{$A \rightarrow B :$} & \bl{$\{m\}_{K_{AB}}$}\\
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 332
\end{tabular}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 333
\end{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 334
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 335
\end{frame}}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 336
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 337
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 338
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 339
\mode<presentation>{
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 340
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 341
\frametitle{Public-Key Infrastructure}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 342
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 343
\begin{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 344
\item the idea is to have a certificate authority (CA)
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 345
\item you go to the CA to identify yourself
254
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 346
\item CA: ``I, the CA, have verified that public key
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 347
\bl{$P^{pub}_{Bob}$} belongs to Bob''\bigskip
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 348
\item CA must be trusted by everybody
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 349
\item What happens if CA issues a false certificate? Who pays in case of loss? (VeriSign
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 350
explicitly limits liability to \$100.)
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 351
\end{itemize}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 352
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 353
\end{frame}}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 354
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 355
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 356
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 357
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 358
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 359
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 360
\frametitle{Person-in-the-Middle}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 361
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 362
``Normal'' protocol run:\bigskip
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 363
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 364
\begin{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 365
\item \bl{$A$} sends public key to \bl{$B$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 366
\item \bl{$B$} sends public key to \bl{$A$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 367
\item \bl{$A$} sends message encrypted with \bl{$B$}'s public key, \bl{$B$} decrypts it
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 368
with its private key
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 369
\item \bl{$B$} sends message encrypted with \bl{$A$}'s public key, \bl{$A$} decrypts it
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 370
with its private key
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 371
\end{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 372
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 373
\end{frame}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 374
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 375
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 376
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 377
\mode<presentation>{
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 378
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 379
\frametitle{Person-in-the-Middle}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 380
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 381
Attack:
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 382
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 383
\begin{itemize}
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 384
\item \bl{$A$} sends public key to \bl{$B$} --- \bl{$C$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 385
intercepts this message and send his own public key to
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 386
\bl{$B$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 387
\item \bl{$B$} sends public key to \bl{$A$} --- \bl{$C$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 388
intercepts this message and send his own public key
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 389
\bl{$A$}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 390
\item \bl{$A$} sends message encrypted with \bl{$C$}'s public key, \bl{$C$} decrypts it
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 391
with its private key, re-encrypts with \bl{$B$}'s public key
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 392
\item similar the other way
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 393
\end{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 394
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 395
\end{frame}}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 396
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 397
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 398
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 399
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 400
\frametitle{Person-in-the-Middle}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 401
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 402
Prevention:
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 403
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 404
\begin{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 405
\item \bl{$A$} sends public key to \bl{$B$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 406
\item \bl{$B$} sends public key to \bl{$A$}
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 407
\item \bl{$A$} encrypts message with \bl{$B$}'s public key,
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 408
send's {\bf half} of the message to \bl{$B$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 409
\item \bl{$B$} encrypts message with \bl{$A$}'s public key,
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 410
send's {\bf half} of the message back to \bl{$A$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 411
\item \bl{$A$} sends other half, \bl{$B$} can now decrypt
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 412
entire message
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 413
\item \bl{$B$} sends other half, \bl{$A$} can now decrypt
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 414
entire message
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 415
\end{itemize}\pause
52
+ − 416
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 417
\bl{$C$} would have to invent a totally new message
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 418
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 419
\end{frame}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 420
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 421
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 422
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 423
\begin{frame}[c]
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 424
\frametitle{Car Transponder (HiTag2)}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 425
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 426
\begin{enumerate}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 427
\item \bl{$C$} generates a random number \bl{$r$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 428
\item \bl{$C$} calculates \bl{$(F,G) = \{r\}_K$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 429
\item \bl{$C \to T$}: \bl{$r, F$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 430
\item \bl{$T$} calculates \bl{$(F',G') = \{r\}_K$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 431
\item \bl{$T$} checks that \bl{$F = F'$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 432
\item \bl{$T \to C$}: \bl{$r, G'$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 433
\item \bl{$C$} checks that \bl{$G = G'$}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 434
\end{enumerate}\pause
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 435
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 436
\small
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 437
This process means that the transponder believes the car knows
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 438
the key \bl{$K$}, and the car believes the transponder knows
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 439
the key \bl{$K$}. They have authenticated themselves
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 440
to each other.
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 441
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 442
\end{frame}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 443
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 444
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 445
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
254
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 446
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 447
\frametitle{Person-in-the-Middle}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 448
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 449
\begin{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 450
\item Border Gateway Protocol (BGP) --- routers believe
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 451
their neighbours
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 452
\item it is possible to advertise bad routes
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 453
\item can be done over continents\bigskip
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 454
\end{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 455
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 456
\hfill\footnotesize\url{http://www.renesys.com/2013/11/mitm-internet-hijacking/}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 457
\end{frame}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 458
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 459
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 460
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 461
\mode<presentation>{
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 462
\begin{frame}[c]
255
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 463
\frametitle{Protocol Attacks}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 464
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 465
\begin{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 466
\item replay attacks
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 467
\item reflection attacks
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 468
\item man-in-the-middle attacks
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 469
\item timing attacks
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 470
\item parallel session attacks
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 471
\item binding attacks (public key protocols)
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 472
\item changing environment / changing assumptions\bigskip
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 473
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 474
\item (social engineering attacks)
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 475
\end{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 476
\end{frame}}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 477
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 478
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 479
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 480
\begin{frame}[c]
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 481
\frametitle{Best Practices}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 482
256
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 483
{\bf Principle 1:} Every message should say what it means: the
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 484
interpretation of a message should not depend on the
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 485
context.\bigskip\pause
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 486
256
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 487
{\bf Principle 2:} If the identity of a principal is essential
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 488
to the meaning of a message, it is prudent to mention the
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 489
principal’s name explicitly in the message (though
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 490
difficult).\bigskip
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 491
256
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 492
\end{frame}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 493
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 494
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 495
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 496
\mode<presentation>{
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 497
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 498
\frametitle{Best Practices}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 499
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 500
{\bf Principle 3:} Be clear about why encryption is being
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 501
done. Encryption is not wholly cheap, and not asking precisely
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 502
why it is being done can lead to redundancy. Encryption is not
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 503
synonymous with security.
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 504
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 505
\small
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 506
\begin{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 507
Possible Uses of Encryption
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 508
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 509
\begin{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 510
\item Preservation of confidentiality: \bl{$\{X\}_K$} only those that have \bl{$K$} may recover \bl{$X$}.
\item Guarantee authenticity: The partner is indeed some particular principal.
\item Guarantee confidentiality and authenticity: binds two parts of a message ---
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 511
\bl{$\{X,Y\}_K$} is not the same as \bl{$\{X\}_K$} and \bl{$\{Y\}_K$}.
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 512
\end{itemize}
52
+ − 513
\end{center}
+ − 514
+ − 515
\end{frame}}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 516
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 517
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 518
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 519
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 520
\frametitle{Best Practices}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 521
256
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 522
{\bf Principle 4:} The protocol designers should know which
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 523
trust relations their protocol depends on, and why the
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 524
dependence is necessary. The reasons for particular trust
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 525
relations being acceptable should be explicit though they will
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 526
be founded on judgment and policy rather than on
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 527
logic.\bigskip
52
+ − 528
256
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 529
Example Certification Authorities: CAs are trusted to certify
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 530
a key only after proper steps have been taken to identify the
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 531
principal that owns it.
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 532
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 533
\end{frame}
123
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 534
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
52
+ − 535
+ − 536
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+ − 537
\mode<presentation>{
+ − 538
\begin{frame}[c]
252
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 539
\frametitle{Formal Methods}
52
+ − 540
+ − 541
Ross Anderson about the use of Logic:\bigskip
+ − 542
+ − 543
\begin{quote}
+ − 544
Formal methods can be an excellent way of finding
+ − 545
bugs in security protocol designs as they force the designer
256
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 546
to make everything explicit and thus confront difficult design
52
+ − 547
choices that might otherwise be fudged.
+ − 548
\end{quote}
+ − 549
+ − 550
\end{frame}}
+ − 551
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+ − 552
254
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 553
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 554
\begin{frame}[c]
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 555
\frametitle{Mid-Term}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 556
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 557
\begin{itemize}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 558
\item homework, handouts, programs\ldots
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 559
\end{itemize}\bigskip\bigskip\bigskip
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 560
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 561
\begin{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 562
{\huge\bf\alert{Any Questions?}}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 563
\end{center}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 564
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 565
\end{frame}
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 566
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 567
Christian Urban <christian dot urban at kcl dot ac dot uk>
diff
changeset
+ − 568
52
+ − 569
\end{document}
+ − 570
+ − 571
%%% Local Variables:
+ − 572
%%% mode: latex
+ − 573
%%% TeX-master: t
+ − 574
%%% End:
+ − 575