--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/slides/slides11.tex Fri Dec 12 15:41:37 2014 +0000
@@ -0,0 +1,138 @@
+\documentclass[dvipsnames,14pt,t]{beamer}
+\usepackage{../slides}
+\usepackage{../langs}
+\usepackage{../graphics}
+\usepackage{../data}
+\usepackage{../grammar}
+
+% beamer stuff
+\renewcommand{\slidecaption}{APP 11, King's College London}
+\newcommand{\bl}[1]{\textcolor{blue}{#1}}
+
+\begin{document}
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[t]
+\frametitle{%
+ \begin{tabular}{@ {}c@ {}}
+ \\
+ \LARGE Access Control and \\[-3mm]
+ \LARGE Privacy Policies (11)\\[-6mm]
+ \end{tabular}}\bigskip\bigskip\bigskip
+
+ \normalsize
+ \begin{center}
+ \begin{tabular}{ll}
+ Email: & christian.urban at kcl.ac.uk\\
+ Office: & S1.27 (1st floor Strand Building)\\
+ Slides: & KEATS (also homework is there)\\
+ \end{tabular}
+ \end{center}
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+
+\begin{itemize}
+\item you can still send me your homework\bigskip
+\item Unix AC question: use a terminal-based editor (vm,
+ vim)\bigskip
+\item exams: 2 out of 3 questions, 5 or so subquestions
+ each, you can fill in your answers on the question sheet
+\end{itemize}
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{Interlock Protocol}
+
+The interlock protocol (``best bet'' against MITM):
+
+\begin{center}
+\begin{tabular}{ll@{\hspace{2mm}}l}
+1. & \bl{$A \to B :$} & \bl{$K^{pub}_A$}\\
+2. & \bl{$B \to A :$} & \bl{$K^{pub}_B$}\\
+3. & & \bl{$\{A,m\}_{K^{pub}_B} \;\mapsto\; H_1,H_2$}\\
+ & & \bl{$\{B,m'\}_{K^{pub}_A} \;\mapsto\; M_1,M_2$}\\
+4. & \bl{$A \to B :$} & \bl{$H_1$}\\
+5. & \bl{$B \to A :$} & \bl{$\{H_1, M_1\}_{K^{pub}_A}$}\\
+6. & \bl{$A \to B :$} & \bl{$\{H_2, M_1\}_{K^{pub}_B}$}\\
+7. & \bl{$B \to A :$} & \bl{$M_2$}
+\end{tabular}
+\end{center}\pause
+
+\footnotesize
+\bl{$m$} = How is your grandmother? \bl{$m'$} = How is the
+weather today in London?
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+
+\begin{center}
+\begin{tabular}{l@{\hspace{9mm}}l}
+\begin{tabular}[t]{@{}l@{}}
+\bl{$A \to C : K^{pub}_A$}\\
+\bl{$C \to B : K^{pub}_C$}\\
+\bl{$B \to C : K^{pub}_B$}\\
+\bl{$C \to A : K^{pub}_C$}\medskip\\
+\bl{$\{A,m\}_{K^{pub}_C} \;\mapsto\; H_1,H_2$}\\
+\bl{$\{B,n\}_{K^{pub}_C} \;\mapsto\; M_1,M_2$}\bigskip\\
+\bl{$\{C,a\}_{K^{pub}_B} \;\mapsto\; C_1,C_2$}\\
+\bl{$\{C,b\}_{K^{pub}_A} \;\mapsto\; D_1,D_2$}
+\end{tabular} &
+\begin{tabular}[t]{@{}l@{}}
+\bl{$A \to C : H_1$}\\
+\bl{$C \to B : C_1$}\\
+\bl{$B \to C : \{C_1, M_1\}_{K^{pub}_C}$}\\
+\bl{$C \to A : \{H_1, D_1\}_{K^{pub}_A}$}\\
+\bl{$A \to C : \{H_2, D_1\}_{K^{pub}_C}$}\\
+\bl{$C \to B : \{C_2, M_1\}_{K^{pub}_B}$}\\
+\bl{$B \to C : M_2$}\\
+\bl{$C \to A : D_2$}
+\end{tabular}
+\end{tabular}
+\end{center}
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+
+\begin{itemize}
+\item you have to ask something that cannot imitated
+ (requires \bl{$A$} and \bl{$B$} know each other)
+\item what happens if \bl{$m$} and \bl{$n$} are voice
+ messages?\bigskip
+
+\item the moral: establishing a secure connection from ``zero'' is
+almost impossible---you need to rely on some established
+trust\medskip
+
+\item that is why we rely on certificates, which however are
+badly, badly realised (just today a POODLE attack against SSL)
+
+\end{itemize}
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+
+
+
+\end{document}
+
+
+%%% Local Variables:
+%%% mode: latex
+%%% TeX-master: t
+%%% End:
+