157 \onslide<2->{\Large \;\;\;\;\;\bl{$:$}}\bigskip |
157 \onslide<2->{\Large \;\;\;\;\;\bl{$:$}}\bigskip |
158 \end{tabular} |
158 \end{tabular} |
159 |
159 |
160 \begin{itemize} |
160 \begin{itemize} |
161 \item by convention \bl{$A$}, \bl{$B$} are named principals \bl{Alice\ldots}\\ |
161 \item by convention \bl{$A$}, \bl{$B$} are named principals \bl{Alice\ldots}\\ |
162 but most likely they are programs, which just follow some instructions\bigskip |
162 but most likely they are programs, which just follow some instructions (they are more like roles)\bigskip |
163 \item<2-> indicates one ``protocol run'', or session, which specifies some |
163 \item<2-> indicates one ``protocol run'', or session, which specifies some |
164 order in the communication |
164 order in the communication |
165 \item<2-> there can be several sessions in parallel (think of wifi routers) |
165 \item<2-> there can be several sessions in parallel (think of wifi routers) |
166 \end{itemize} |
166 \end{itemize} |
167 |
167 |
246 \end{textblock} |
246 \end{textblock} |
247 |
247 |
248 \only<4->{ |
248 \only<4->{ |
249 \begin{textblock}{6}(0.3,9) |
249 \begin{textblock}{6}(0.3,9) |
250 being outsmarted by Angola/Cuba |
250 being outsmarted by Angola/Cuba |
251 ended SA involvement |
251 ended SA involvement (?) |
252 \end{textblock}} |
252 \end{textblock}} |
253 \only<5->{ |
253 \only<5->{ |
254 \begin{textblock}{6}(0.3,13) |
254 \begin{textblock}{6}(0.3,13) |
255 IFF opened up a nice side-channel attack |
255 IFF opened up a nice side-channel attack |
256 \end{textblock}} |
256 \end{textblock}} |
620 |
620 |
621 \begin{itemize} |
621 \begin{itemize} |
622 \item even the systems designed by experts regularly fail\medskip |
622 \item even the systems designed by experts regularly fail\medskip |
623 \item try to make everything explicit (you need to authenticate all data you might rely on)\medskip |
623 \item try to make everything explicit (you need to authenticate all data you might rely on)\medskip |
624 \item the one who can fix a system should also be liable for the losses\medskip |
624 \item the one who can fix a system should also be liable for the losses\medskip |
625 \item cryptography is not {\bf the} answer\bigskip\bigskip |
625 \item cryptography is often not {\bf the} answer\bigskip\bigskip |
626 \end{itemize} |
626 \end{itemize} |
627 |
627 |
628 Logic is one way protocols are studied in academia |
628 logic is one way protocols are studied in academia |
629 |
629 (you can use computers to search for attacks) |
630 \end{frame}} |
630 |
631 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
631 \end{frame}} |
632 |
632 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
633 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
633 |
634 \mode<presentation>{ |
634 |
635 \begin{frame}[c] |
635 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
636 \frametitle{Privacy et al} |
636 \mode<presentation>{ |
|
637 \begin{frame}[c] |
|
638 \frametitle{Public-Key Infrastructure} |
|
639 |
|
640 \begin{itemize} |
|
641 \item the idea is to have a certificate authority (CA) |
|
642 \item you go to the CA to identify yourself |
|
643 \item CA: ``I, the CA, have verified that public key \bl{$P^{pub}_{Bob}$} belongs to Bob''\bigskip |
|
644 \item CA must be trusted by everybody |
|
645 \item What happens if CA issues a false certificate? Who pays in case of loss? (VeriSign |
|
646 explicitly limits liability to \$100.) |
|
647 \end{itemize} |
|
648 |
|
649 \end{frame}} |
|
650 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
651 |
|
652 |
|
653 |
|
654 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
655 \mode<presentation>{ |
|
656 \begin{frame}[c] |
|
657 \frametitle{Privacy, Anonymity et al} |
637 |
658 |
638 Some terminology: |
659 Some terminology: |
639 |
660 |
640 \begin{itemize} |
661 \begin{itemize} |
641 \item \alert{secrecy} is the mechanism used to limit the number of |
662 \item \alert{secrecy} is the mechanism used to limit the number of |
698 \mode<presentation>{ |
719 \mode<presentation>{ |
699 \begin{frame}[t] |
720 \begin{frame}[t] |
700 \frametitle{Privacy} |
721 \frametitle{Privacy} |
701 |
722 |
702 \begin{itemize} |
723 \begin{itemize} |
703 \item Apple takes note of |
724 \item Apple takes note of very dictation (send over the Internet to Apple) |
704 \item if supermarkets can build a profile of what I buy, they can use it to their advantage (banks - mortgages) |
725 \item if supermarkets can build a profile of what I buy, they can use it to their advantage (banks too - mortgages) |
705 \item my employer might not like my opinions\bigskip\pause |
726 \item my employer might not like my opinions\bigskip\pause |
706 |
727 |
707 \item one the other hand, Freedom-of-Information Act |
728 \item one the other hand, Freedom-of-Information Act |
708 \item medical data should be private, but medical research needs data |
729 \item medical data should be private, but medical research needs data |
709 \end{itemize} |
730 \end{itemize} |