130 \mode<presentation>{ |
130 \mode<presentation>{ |
131 \begin{frame}[c] |
131 \begin{frame}[c] |
132 \frametitle{Last Week} |
132 \frametitle{Last Week} |
133 |
133 |
134 Andrew Secure RPC Protocol: |
134 Andrew Secure RPC Protocol: |
135 \bl{$A$} and \bl{$B$} share a key \bl{$K_{AB}$} and want to identify |
135 \bl{$A$} and \bl{$B$} share a key private \bl{$K_{AB}$} and want to identify |
136 each other\bigskip |
136 each other\bigskip |
137 |
137 |
138 \begin{itemize} |
138 \begin{itemize} |
139 \item \bl{$A \,\text{sends}\, B : A, N_A$} |
139 \item \bl{$A \,\text{sends}\, B : A, N_A$} |
140 \item \bl{$B\,\text{sends}\, A : \{N_A, K'_{AB}\}_{K_{AB}}$} |
140 \item \bl{$B\,\text{sends}\, A : \{N_A, K'_{AB}\}_{K_{AB}}$} |
209 \end{tabular} |
209 \end{tabular} |
210 \end{center}\bigskip |
210 \end{center}\bigskip |
211 |
211 |
212 \onslide<7->{Sounds stupid: ``\ldots answering a question with a counter question''\medskip\\ |
212 \onslide<7->{Sounds stupid: ``\ldots answering a question with a counter question''\medskip\\ |
213 was originally developed at CMU for terminals to connect to |
213 was originally developed at CMU for terminals to connect to |
214 workstations (e.g.~file servers)} |
214 workstations (e.g., file servers)} |
215 |
215 |
216 \end{frame}} |
216 \end{frame}} |
217 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
217 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
218 |
218 |
219 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
219 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
220 \mode<presentation>{ |
220 \mode<presentation>{ |
221 \begin{frame}[c] |
221 \begin{frame}[c] |
222 \frametitle{Identify Friend or Foe} |
222 \frametitle{Identify Friend or Foe} |
223 |
223 |
224 \begin{center} |
224 \begin{center} |
225 \onslide<2->{\mbox{}\hspace{3.4cm}\includegraphics[scale=0.55]{pics/MigInMiddle.jpg}} |
225 \onslide<3->{\mbox{}\hspace{3.4cm}\includegraphics[scale=0.55]{pics/MigInMiddle.jpg}} |
226 \end{center} |
226 \end{center} |
227 |
227 |
228 \begin{textblock}{6}(0.3,2) |
228 \begin{textblock}{6}(0.3,2) |
|
229 \onslide<2->{ |
229 198?: war between Angola (supported by Cuba) |
230 198?: war between Angola (supported by Cuba) |
230 and Namibia (supported by SA) |
231 and Namibia (supported by SA)} |
231 \end{textblock} |
232 \end{textblock} |
232 |
233 |
233 \begin{textblock}{3}(12.5,4.6) |
234 \begin{textblock}{3}(12.5,4.6) |
234 \onslide<2->{ |
235 \onslide<3->{ |
235 \begin{tikzpicture} |
236 \begin{tikzpicture} |
236 \node at (0,0) [single arrow, fill=red,text=white, rotate=-50, shape border rotate=180]{``bystander''}; |
237 \node at (0,0) [single arrow, fill=red,text=white, rotate=-50, shape border rotate=180]{``bystander''}; |
237 \end{tikzpicture}} |
238 \end{tikzpicture}} |
238 \end{textblock} |
239 \end{textblock} |
239 |
240 |
240 \begin{textblock}{3}(10.9,10) |
241 \begin{textblock}{3}(10.9,10) |
241 \onslide<2->{ |
242 \onslide<3->{ |
242 \begin{tikzpicture} |
243 \begin{tikzpicture} |
243 \node at (0,0) [single arrow, fill=red,text=white, rotate=-40, shape border rotate=180]{attacker}; |
244 \node at (0,0) [single arrow, fill=red,text=white, rotate=-40, shape border rotate=180]{attacker}; |
244 \end{tikzpicture}} |
245 \end{tikzpicture}} |
245 \end{textblock} |
246 \end{textblock} |
246 |
247 |
247 \only<3->{ |
248 \only<4->{ |
248 \begin{textblock}{6}(0.3,9) |
249 \begin{textblock}{6}(0.3,9) |
249 being outsmarted by Angola/Cuba |
250 being outsmarted by Angola/Cuba |
250 ended SA involvement |
251 ended SA involvement |
251 \end{textblock}} |
252 \end{textblock}} |
252 \only<4->{ |
253 \only<5->{ |
253 \begin{textblock}{6}(0.3,13) |
254 \begin{textblock}{6}(0.3,13) |
254 IFF opened up a nice side-channel attack |
255 IFF opened up a nice side-channel attack |
255 \end{textblock}} |
256 \end{textblock}} |
256 \end{frame}} |
257 \end{frame}} |
257 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
258 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
266 \item \bl{$A \,\text{sends}\, B : \{A, N_A\}_{K_{AB}}$}\hspace{1cm} encrypted\bigskip |
267 \item \bl{$A \,\text{sends}\, B : \{A, N_A\}_{K_{AB}}$}\hspace{1cm} encrypted\bigskip |
267 \item \bl{$B\,\text{sends}\, A : \{N_A, K'_{AB}\}_{K_{AB}}$}\bigskip |
268 \item \bl{$B\,\text{sends}\, A : \{N_A, K'_{AB}\}_{K_{AB}}$}\bigskip |
268 \item \bl{$A \,\text{sends}\, B : \{N_A\}_{K'_{AB}}$}\bigskip |
269 \item \bl{$A \,\text{sends}\, B : \{N_A\}_{K'_{AB}}$}\bigskip |
269 \end{itemize}\pause |
270 \end{itemize}\pause |
270 |
271 |
271 means you need to send a separate ``Hello'' signal (bad), or worse |
272 means you need to send separate ``Hello'' signals (bad), or worse |
272 share a single key between many entities |
273 share a single key between many entities |
273 \end{frame}} |
274 \end{frame}} |
274 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
275 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
275 |
276 |
276 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
277 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
305 \bl{$B \rightarrow A :$} & \bl{$\{N_B\}_{K_{AB}}$}\\ |
306 \bl{$B \rightarrow A :$} & \bl{$\{N_B\}_{K_{AB}}$}\\ |
306 \bl{$A \rightarrow B :$} & \bl{$\{N_B-1\}_{K_{AB}}$}\\ |
307 \bl{$A \rightarrow B :$} & \bl{$\{N_B-1\}_{K_{AB}}$}\\ |
307 \end{tabular} |
308 \end{tabular} |
308 \end{center}\bigskip\pause |
309 \end{center}\bigskip\pause |
309 |
310 |
310 at the end both \bl{$A$} and \bl{$B$} should be in the possession of the secret key |
311 at the end of the protocol both \bl{$A$} and \bl{$B$} should be in the possession of the secret key |
311 \bl{$K_{AB}$} and know that the other principal has the key |
312 \bl{$K_{AB}$} and know that the other principal has the key |
|
313 |
|
314 \end{frame}} |
|
315 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
316 |
|
317 |
|
318 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
319 \mode<presentation>{ |
|
320 \begin{frame}[c] |
|
321 \frametitle{Nonces} |
|
322 |
|
323 \begin{enumerate} |
|
324 \item I generate a nonce (random number) and send it to you encrypted with a key we share |
|
325 \item you increase it by one, encrypt it under a key I know and send |
|
326 it back to me |
|
327 \end{enumerate} |
|
328 |
|
329 |
|
330 I can infer: |
|
331 |
|
332 \begin{itemize} |
|
333 \item you must have received my message |
|
334 \item you could only have generated your answer after I send you my initial |
|
335 message |
|
336 \item if only you and me know the key, the message must have come from you |
|
337 \end{itemize} |
312 |
338 |
313 \end{frame}} |
339 \end{frame}} |
314 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
340 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
315 |
341 |
316 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
342 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
333 \end{tabular} |
359 \end{tabular} |
334 \end{center}\pause |
360 \end{center}\pause |
335 |
361 |
336 \bl{$B$} believes it is following the correct protocol, |
362 \bl{$B$} believes it is following the correct protocol, |
337 intruder \bl{$I$} can form the correct response because it knows \bl{$K_{AB}$} and |
363 intruder \bl{$I$} can form the correct response because it knows \bl{$K_{AB}$} and |
338 talk to \bl{$B$} masquerading as \bl{$A$} |
364 talks to \bl{$B$} masquerading as \bl{$A$} |
339 \end{frame}} |
365 \end{frame}} |
340 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
366 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
367 |
|
368 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
369 \mode<presentation>{ |
|
370 \begin{frame}[c] |
|
371 |
|
372 \begin{center} |
|
373 \includegraphics[scale=0.5]{pics/dogs.jpg} |
|
374 \end{center} |
|
375 |
|
376 \end{frame}} |
|
377 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
378 |
|
379 |
341 |
380 |
342 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
381 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
343 \mode<presentation>{ |
382 \mode<presentation>{ |
344 \begin{frame}[c] |
383 \begin{frame}[c] |
345 \frametitle{Replay Attacks} |
384 \frametitle{Replay Attacks} |
586 \end{itemize} |
625 \end{itemize} |
587 |
626 |
588 \end{frame}} |
627 \end{frame}} |
589 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
628 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
590 |
629 |
|
630 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
631 \mode<presentation>{ |
|
632 \begin{frame}[t] |
|
633 \frametitle{Privacy vs Anonymity} |
|
634 |
|
635 \begin{itemize} |
|
636 \item anonymity has its uses (e.g., voting, whistleblowers, peer-review) |
|
637 \end{itemize}\bigskip\bigskip\pause |
|
638 |
|
639 |
|
640 But privacy?\bigskip\bigskip |
|
641 |
|
642 ``You have zero privacy anyway. Get over it.''\\ |
|
643 \hfill{}Scott Mcnealy (CEO of Sun)\bigskip\\ |
|
644 |
|
645 |
|
646 If you have nothing to hide, you have nothing to fear. |
|
647 |
|
648 \end{frame}} |
|
649 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
650 |
|
651 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
652 \mode<presentation>{ |
|
653 \begin{frame}[t] |
|
654 \frametitle{Privacy} |
|
655 |
|
656 private data can be often used against me |
|
657 |
|
658 \begin{itemize} |
|
659 \item if my location data becomes public, thieves will switch off their phones and help themselves in my home |
|
660 \item if supermarkets can build a profile of what I buy, they can use it to their advantage (banks - mortgages) |
|
661 \item my employer might not like my opinions\bigskip\pause |
|
662 |
|
663 \item one the other hand, Freedom-of-Information Act |
|
664 \item medical data should be private, but medical research needs data |
|
665 \end{itemize} |
|
666 |
|
667 \end{frame}} |
|
668 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
669 |
|
670 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
671 \mode<presentation>{ |
|
672 \begin{frame}[t] |
|
673 \frametitle{Privacy} |
|
674 |
|
675 \begin{itemize} |
|
676 \item Apple takes note of |
|
677 \item if supermarkets can build a profile of what I buy, they can use it to their advantage (banks - mortgages) |
|
678 \item my employer might not like my opinions\bigskip\pause |
|
679 |
|
680 \item one the other hand, Freedom-of-Information Act |
|
681 \item medical data should be private, but medical research needs data |
|
682 \end{itemize} |
|
683 |
|
684 \end{frame}} |
|
685 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
686 |
591 |
687 |
592 \end{document} |
688 \end{document} |
593 |
689 |
594 %%% Local Variables: |
690 %%% Local Variables: |
595 %%% mode: latex |
691 %%% mode: latex |