sen-material: comparison slides/slides10.tex

equal deleted inserted replaced

-:54ec490a3042
+:f652d17db871
 \documentclass[dvipsnames,14pt,t]{beamer}
 \usepackage{../slides}
 \usepackage{../langs}
 \usepackage{../graphics}
+\usepackage{../data}
+\usepackage{../grammar}
 % beamer stuff
 \renewcommand{\slidecaption}{APP 10, King's College London}
 \newcommand{\bl}[1]{\textcolor{blue}{#1}}
 \begin{document}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
+\begin{frame}[t]
-\begin{frame}<1>[t]
 \frametitle{%
 \begin{tabular}{@ {}c@ {}}
 \\
 \LARGE Access Control and \\[-3mm]
 \LARGE Privacy Policies (10)\\[-6mm]
 \end{tabular}}\bigskip\bigskip\bigskip
-%\begin{center}
+\normalsize
-%\includegraphics[scale=1.3]{pics/barrier.jpg}
-%\end{center}
-\normalsize
 \begin{center}
 \begin{tabular}{ll}
 Email:  & christian.urban at kcl.ac.uk\\
 Office: & S1.27 (1st floor Strand Building)\\
 Slides: & KEATS (also homework is there)\\
 \end{tabular}
 \end{center}
-\end{frame}}
+\end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
+\begin{frame}[c]
-\begin{frame}[c]
+\frametitle{\mbox{}\\[20mm]\Huge Revision}
-\frametitle{\mbox{}\\[20mm]\huge Revision}
+\end{frame}
-\end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
+\begin{frame}[c]
+\frametitle{Security Engineering}
+\begin{center}
+\begin{tabular}{cc}
+\raisebox{-0.8mm}{\includegraphics[scale=0.28]{../pics/flight.jpg}} &
+\includegraphics[scale=0.31]{../pics/airbus.jpg}\\
+\small Wright brothers, 1901 & \small Airbus, 2005 \\
+\end{tabular}
+\end{center}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
 \frametitle{1st Lecture}
 \begin{itemize}
-\item hashes and salts to guaranty data integrity\bigskip
+\item chip-and-pin, banks vs.~customers
-\item storing passwords (brute force attacks and dictionary attacks)
+\begin{quote}\small\rm
-\end{itemize}
+the one who can improve security should also be
+liable for the losses
+\end{quote}\pause\bigskip
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\item hashes and salts to guarantee data integrity\medskip
+\item storing passwords (you should know the difference between
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+brute force attacks and dictionary attacks; how do salts help?)
-\begin{frame}[fragile,t]
+\end{itemize}
-\frametitle{\begin{tabular}{c}2nd Lecture:\\ E-Voting\end{tabular}}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{1st Lecture: Cookies}
+\begin{itemize}
+\item good uses of cookies?\medskip
+\item bad uses of cookies: snooping, tracking, profiling\ldots
+the ``disadvantage'' is that the user is in
+\alert{control}, because you can delete them
+\begin{center} ``Please track me using cookies.''
+\end{center}\bigskip\pause
+\item fingerprinting beyond browser cookies
+\begin{quote}\small\rm
+Pixel Perfect: Fingerprinting Canvas in HTML5\\
+(a research paper from 2012)\\
+\footnotesize
+\url{http://cseweb.ucsd.edu/~hovav/papers/ms12.html}
+\end{quote}
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{1st Lecture: Cookies}
+\begin{itemize}
+\item a bit of JavaScript and HTML5 + canvas\medskip
+\begin{center}
+\begin{tabular}{cc}
+Firefox & Safari\\
+\includegraphics[scale=0.31]{../pics/firefox1.png} &
+\includegraphics[scale=0.31]{../pics/safari1.png} \\
+\tiny
+\pcode{55b2257ad0f20ecbf927fb66a15c61981f7ed8fc} &
+\tiny
+\pcode{17bc79f8111e345f572a4f87d6cd780b445625d3}
+\end{tabular}
+\end{center}\bigskip
+\item\small no actual drawing needed\pause
+\item\small in May 2014 a crawl of 100,000 popular
+webpages revealed 5.5\% already use canvas
+fingerprinting\smallskip
+\begin{center}\scriptsize
+\url{https://securehomes.esat.kuleuven.be/~gacar/persistent/the_web_never_forgets.pdf}
+\end{center}
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{1st Lecture: Cookies}
+Remember the small web-app I showed where a cookie
+protected a counter\bigskip
+\begin{itemize}
+\item NYT, the cookie looks the ``resource'' - harm\medskip
+\item imaginary discount unlocked by cookie - no harm
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[t]
+\frametitle{2nd Lecture: E-Voting}
+Where are paper ballots better than voice voting?\bigskip
 \begin{itemize}
 \item Integrity
-\item Ballot Secrecy
+\item \alert{Ballot Secrecy}
 \item Voter Authentication
 \item Enfranchisement
 \item Availability
 \end{itemize}
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\begin{frame}[fragile,t]
+\begin{frame}[t]
-\frametitle{\begin{tabular}{c}2nd Lecture:\\ E-Voting\end{tabular}}
+\frametitle{2nd Lecture: E-Voting}
-Online Banking vs.~E-Voting
+\begin{itemize}
+\item (two weeks ago) an Australian parliamentary committee
-\begin{itemize}
+found: e-voting is highly vulnerable to hacking and Australia
-\item online banking: if fraud occurred you try to identify who did what (somebody's account got zero)\bigskip
+will not use it any time soon\bigskip\pause
-\item e-voting: some parts can be done electronically, but not the actual voting (final year project: online voting)
+\item Alex Halderman, Washington D.C.~hack
-\end{itemize}
+\begin{center}
+\scriptsize
+\url{https://jhalderm.com/pub/papers/dcvoting-fc12.pdf}
+\end{center}\medskip
+\item PDF-ballot tampering at the wireless router (the modification
+is nearly undetectable and leaves no traces; MITM attack with firmware
+updating)
+\begin{center}
+\scriptsize
+\url{http://galois.com/wp-content/uploads/2014/11/technical-hack-a-pdf.pdf}
+\end{center}
+\end{itemize}
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \tikzset{alt/.code args={<#1>#2#3#4}{%
 \alt<#1>{\pgfkeysalso{#2}}{\pgfkeysalso{#3}} % \pgfkeysalso doesn't change the path
 }}
-\mode<presentation>{
 \begin{frame}[t]
 \frametitle{\begin{tabular}{c}3rd Lecture:\\ Buffer Overflow Attacks\end{tabular}}
 \begin{itemize}
 \item the problem arises from the way C/C++ organises its function calls\\[-8mm]\mbox{}
 \node at (7.75,3.9) {\small\begin{tabular}{l}stack\end{tabular}};
 \draw[line width=1mm] (7,3.5) -- (7,0.5) -- (8.5,0.5) -- (8.5,3.5);
 \onslide<3,4,7,8>{
-\node at (7.75, 0.8) {ret};
+\node at (7.75, 1.4) {ret};
 \draw[line width=1mm] (7,1.1) -- (8.5,1.1);
+\node at (7.75, 2.0) {sp};
+\draw[line width=1mm] (7,2.3) -- (8.5,2.3);
 }
-\onslide<3>{
+\onslide<3,4>{
-\node at (7.75, 1.4) {4};
+\node at (7.75, 0.8) {4};
 \draw[line width=1mm] (7,1.7) -- (8.5,1.7);
 }
-\onslide<7>{
+\onslide<7,8>{
-\node at (7.75, 1.4) {3};
+\node at (7.75, 0.8) {3};
 \draw[line width=1mm] (7,1.7) -- (8.5,1.7);
 }
 \end{tikzpicture}
 \end{center}
-\end{frame}}
+\end{frame}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[t]
 \begin{center}
 \begin{tikzpicture}[scale=1]
 %\draw[black!10,step=2mm] (0,0) grid (9,4);
 \onslide<5->{\draw[<-, line width=2mm,red] (4,2) to node [above,sloped,midway]
 {\begin{tabular}{l}user\\[-1mm] input\end{tabular}} (6,2);}
 \onslide<8->{\draw[<-, line width=1mm,red] (1,-2) to (3,1);}
 \node at (7.75,3.9) {\small\begin{tabular}{l}stack\end{tabular}};
-\draw[line width=1mm] (7,3.5) -- (7,0.5) -- (8.5,0.5) -- (8.5,3.5);
+\draw[line width=1mm] (7,3.5) -- (7,-0.1) -- (8.5,-0.1) -- (8.5,3.5);
 \onslide<3->{
+\node at (7.75, 0.2) {4};
 \draw[line width=1mm,alt=<6->{fill=red}{fill=white}] (7,0.5) rectangle (8.5,1.1);
 \node at (7.75, 0.8) {\alt<6->{@a\#}{ret}};
 \draw[line width=1mm,alt=<6->{fill=red}{fill=white}] (7,1.1) rectangle (8.5,1.7);
-\node at (7.75, 1.4) {\alt<6->{!?w;}4};
+\node at (7.75, 1.4) {\alt<6->{!?w;}sp};
 }
 \onslide<4->{
 \draw[line width=1mm,fill=red] (7,1.7) rectangle (8.5,3.0);
 \node[white] at (7.75, 2.4) {buffer};
 }
 \end{tikzpicture}
 \end{center}
-\end{frame}}
+\end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
 \begin{frame}[t]
-\frametitle{\begin{tabular}{c}3rd Lecture:\\ Unix Access Control\end{tabular}}
+\frametitle{\begin{tabular}{c}3rd Lecture:\\[-3mm]
+Buffer Overflow Attacks\end{tabular}}
+US National Vulnerability Database\\
+\small(636 out of 6675 in 2014)
+\begin{center}
+\begin{tikzpicture}
+\begin{axis}[
+xlabel={year},
+ylabel={\% of total attacks},
+ylabel style={yshift=0em},
+enlargelimits=false,
+xtick={1997,1998,2000,...,2014},
+xmin=1996.5,
+xmax=2015,
+ymax=21,
+ytick={0,5,...,20},
+scaled ticks=false,
+axis lines=left,
+width=11cm,
+height=5cm,
+ybar,
+nodes near coords=
+{\footnotesize
+$\pgfmathprintnumber[fixed,fixed zerofill,precision=1,use comma]{\pgfkeysvalueof{/data point/y}}$},
+x tick label style={font=\scriptsize,/pgf/number format/1000 sep={}}]
+\addplot
+table [x=Year,y=Percentage] {bufferoverflows.data};
+\end{axis}
+\end{tikzpicture}
+\end{center}
+\scriptsize
+\url{http://web.nvd.nist.gov/view/vuln/statistics}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[t]
+\frametitle{\begin{tabular}{c}4rd Lecture:\\ Unix Access Control\end{tabular}}
 \begin{itemize}
 \item privileges are specified by file access permissions (``everything is a file'')
 \end{itemize}\medskip
 \draw[red, <->, line width = 1mm] (-0.6,1) -- (-1.6,1);
 \end{tikzpicture}
 \end{center}
 \begin{itemize}
-\item the idea is make the attack surface smaller and
+\item the idea is to make the attack surface smaller and
 mitigate the consequences of an attack
 \end{itemize}
-\end{frame}}
+\end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[fragile,t]
-\frametitle{\begin{tabular}{c}3rd Lecture:\\ Unix Access Control\end{tabular}}
+\frametitle{\begin{tabular}{c}4rd Lecture:\\ Unix Access Control\end{tabular}}
 \begin{itemize}
 \item when a file with setuid is executed, the resulting process will assume the
 UID given to the owner of the file
 \end{itemize}
-\small\tt
+\footnotesize\tt
 \begin{center}
 \begin{verbatim}
 $ ls -ld . * */*
 drwxr-xr-x 1 ping staff  32768 Apr  2 2010 .
 -rw----r-- 1 ping students  31359 Jul 24 2011 manual.txt
--r--rw--w- 1 bob students   4359 Jul 24 2011 report.txt
+-r--rw--w- 1 bob students    4359 Jul 24 2011 report.txt
--rwsr--r-x 1 bob students 141359 Jun  1 2013 microedit
+-rwsr--r-x 1 bob students  141359 Jun  1 2013 microedit
-dr--r-xr-x 1 bob staff  32768 Jul 23 2011 src
+dr--r-xr-x 1 bob staff      32768 Jul 23 2011 src
--rw-r--r-- 1 bob staff  81359 Feb 28 2012 src/code.c
+-rw-r--r-- 1 bob staff      81359 Feb 28 2012 src/code.c
 -r--rw---- 1 emma students    959 Jan 23 2012 src/code.h
 \end{verbatim}
 \end{center}
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
+\begin{frame}[t]
-\begin{frame}[c]
+\frametitle{\begin{tabular}{c}4rd Lecture:\\ Unix Access Control\end{tabular}}
-\frametitle{\begin{tabular}{c}8th Lecture: Privacy\end{tabular}}
+\begin{itemize}
-\begin{itemize}
+\item Alice wants to have her files readable,
-\item differential privacy for annonymizing research data
+\alert{except} for her office mates.
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{5rd Lecture: Protocols}
+Simple Challenge Response\\
+(solving the replay problem):
+\begin{center}
+\begin{tabular}{lll}
+\bl{$A \rightarrow B:$} & \bl{Hi I am A}\\
+\bl{$B \rightarrow A:$} & \bl{$N$} & (challenge)\\
+\bl{$A \rightarrow B:$} & \bl{$\{N\}_{K_{AB}}$}\\
+\end{tabular}
+\end{center}\pause
+Mutual Challenge Response:
+\begin{center}
+\begin{tabular}{ll}
+\bl{$A \rightarrow B:$} & \bl{$N_A$}\\
+\bl{$B \rightarrow A:$} & \bl{$\{N_A, N_B\}_{K_{AB}}$}\\
+\bl{$A \rightarrow B:$} & \bl{$N_B$}\\
+\end{tabular}
+\end{center}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{5rd Lecture: Protocols}
+A car-transponder protocol:
+\begin{enumerate}
+\item \bl{$C$} generates a random number \bl{$N$}
+\item \bl{$C$} calculates \bl{$(F,G) = \{N\}_K$}
+\item \bl{$C \to T$}: \bl{$N, F$}
+\item \bl{$T$} calculates \bl{$(F',G') = \{N\}_K$}
+\item \bl{$T$} checks that \bl{$F = F'$}
+\item \bl{$T \to C$}: \bl{$N, G'$}
+\item \bl{$C$} checks that \bl{$G = G'$}
+\end{enumerate}
+Authentication: \bl{$T \to C$}, \bl{$C \to T$}?
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{5rd Lecture: Protocols}
+The interlock protocol (``best bet'' against MITM):
+\begin{center}
+\begin{tabular}{ll@{\hspace{2mm}}l}
+1. & \bl{$A \to B :$} & \bl{$K^{pub}_A$}\\
+2. & \bl{$B \to A :$} & \bl{$K^{pub}_B$}\\
+3. & & \bl{$\{A,m\}_{K^{pub}_B} \;\mapsto\; H_1,H_2$}\\
+& & \bl{$\{B,m'\}_{K^{pub}_A} \;\mapsto\; M_1,M_2$}\\
+4. & \bl{$A \to B :$} & \bl{$H_1$}\\
+5. & \bl{$B \to A :$} & \bl{$\{H_1, M_1\}_{K^{pub}_A}$}\\
+6. & \bl{$A \to B :$} & \bl{$\{H_2, M_1\}_{K^{pub}_B}$}\\
+7. & \bl{$B \to A :$} & \bl{$M_2$}
+\end{tabular}
+\end{center}\pause
+\footnotesize
+\bl{$m$} = How is your grandmother? \bl{$m'$} = How is the
+weather today in London?
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{Access Control Logic}
+Ross Anderson about the use of Logic:\bigskip
+\begin{quote}\rm
+``Formal methods can be an excellent way of finding
+bugs in security protocol designs as they force the designer
+to make everything explicit and thus confront difficult design
+choices that might otherwise be fudged.''
+\end{quote}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[t]
+\frametitle{Access Control Logic}
+\begin{center}
+\begin{tabular}[t]{rcl@ {\hspace{10mm}}l}
+\bl{$F$} & \bl{$::=$} & \bl{$\textit{true}$}\\
+& \bl{$|$} & \bl{$\textit{false}$}\\
+& \bl{$|$} & \bl{$a(t_1,\ldots,t_n)$}\\
+& \bl{$|$} & \bl{$F_1 \wedge F_2$}\\
+& \bl{$|$} & \bl{$F_1 \vee F_2$}\\
+& \bl{$|$} & \bl{$F_1 \Rightarrow F_2$}\\
+& \bl{$|$} & \alert{$P\;\textit{says}\; F$}\\
+\end{tabular}
+\end{center}
+where \bl{$P = Alice, Bob, Christian$}
+\begin{itemize}
+\item \bl{$HoD\;\textit{says}\;\textit{is\_staff}(Christian)$}
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[t]
+\frametitle{Access Control Logic}
+\ldots can be used for answering the following questions:
+\begin{itemize}
+\item To what conclusions does this protocol come?
+\item What assumptions are needed for this protocol?
+\item Does the protocol uses unnecessary actions, which can be left out?
+\item Does the protocol encrypt anything which could be sent in plain, without
+weakening the security?
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{5th Lecture: Protocols}
+An article in The Guardian from 2013 reveals how GCHQ and the
+NSA at a G20 Summit in 2009 sniffed emails from Internet
+cafes, monitored phone calls from delegates and attempted to
+listen on phone calls which were made by Russians and which
+were transmitted via satellite links:
+\begin{center}
+\small
+\url{http://www.theguardian.com/uk/2013/jun/16/gchq-intercepted-communications-g20-summits}
+\end{center}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[fragile,c]
+\frametitle{6th Lecture:\\[-2mm] Zero-Knowledge Proofs}
+\begin{center}
+%\addtolength{\fboxsep}{4mm}
+%\fbox{\includegraphics[scale=0.3]
+%{../pics/Dismantling_Megamos_Crypto.png}}
+\end{center}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{7th Lecture: Privacy}
+\begin{itemize}
+\item de-anonymisation attacks\\ (Netflix, DNA databases, \ldots)
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{7th Lecture: Privacy}
+\begin{itemize}
+\item differential privacy for anonymising research data
 \begin{center}
 User\;\;\;\;
 \begin{tabular}{c}
 tell me \bl{$f(x)$} $\Rightarrow$\\
 \item \bl{$f(x)$} can be released, if \bl{$f$} is insensitive to
 individual entries  \bl{$x_1, \ldots, x_n$}\\
 \item The intuition: whatever is learned from the dataset would be learned regardless of whether
 \bl{$x_i$} participates\bigskip\pause
-\item Tor webservice
+\end{itemize}
-\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
+\begin{frame}[c]
-\begin{frame}[c]
+\frametitle{8th Lecture: Bitcoins}
-\frametitle{\begin{tabular}{c}9th Lecture:\\ Privacy\end{tabular}}
 \begin{itemize}
-\item zero-knowledge proofs
+\item conclusion: not anonymous, not free from (potential) government
-\item requires NP problems, for example graph isomorphisms\bigskip\pause
+interference\bigskip\bigskip
-\item random number generators
-\end{itemize}
+\item The department has large labs full
+of computers that are pretty much idle over night. Why
+is it a bad idea to let them mine for Bitcoins?\bigskip\pause
-\end{frame}}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\item other cryptocurrencies (Litecoins,\ldots)
+\begin{center}\small
+\url{http://en.wikipedia.org/wiki/Cryptocurrency}
+\end{center}
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{9th Lecture: Static Analysis}
+\begin{itemize}
+\item more principled way of writing software
+\item testing can show the presence of bugs, but not their
+absence\bigskip
+\item ``A good attack is one that the engineers never even thought
+about.'' ---Bruce Schneier
+\end{itemize}
+\begin{center}
+\includegraphics[scale=1]{../pics/barrier.jpg}
+\end{center}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{9th Lecture}
+\begin{itemize}
+\item model checking\medskip
+\item program logics (Hoare logics, separation logic)\medskip
+\item specifications / correctness proofs
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{Further Reading}
+\begin{itemize}
+\item Risks mailing list
+\begin{center}\small
+\url{http://catless.ncl.ac.uk/Risks}
+\end{center}
+\item Crypto-Gram
+\begin{center}\small
+\url{https://www.schneier.com/crypto-gram.html}
+\end{center}
+\item Light blue touchpaper
+\begin{center}\small
+\url{https://www.lightbluetouchpaper.org}
+\end{center}
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\begin{itemize}
+\item you can still send me your hws\bigskip
+\item projects
+\end{itemize}
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \end{document}
 %%% Local Variables:
 %%% mode: latex
 %%% TeX-master: t
 %%% End:

changeset 341	f652d17db871
parent 339	0e78c809b17f
child 343	9a27fa14c17c