diff -r 807393d1efff -r fa20645ffd25 slides08.tex --- a/slides08.tex Tue Nov 20 14:06:09 2012 +0000 +++ b/slides08.tex Tue Nov 20 14:24:27 2012 +0000 @@ -159,7 +159,7 @@ \begin{itemize} \item by convention \bl{$A$}, \bl{$B$} are named principals \bl{Alice\ldots}\\ - but most likely they are programs, which just follow some instructions\bigskip + but most likely they are programs, which just follow some instructions (they are more like roles)\bigskip \item<2-> indicates one ``protocol run'', or session, which specifies some order in the communication \item<2-> there can be several sessions in parallel (think of wifi routers) @@ -248,7 +248,7 @@ \only<4->{ \begin{textblock}{6}(0.3,9) being outsmarted by Angola/Cuba -ended SA involvement +ended SA involvement (?) \end{textblock}} \only<5->{ \begin{textblock}{6}(0.3,13) @@ -622,18 +622,39 @@ \item even the systems designed by experts regularly fail\medskip \item try to make everything explicit (you need to authenticate all data you might rely on)\medskip \item the one who can fix a system should also be liable for the losses\medskip -\item cryptography is not {\bf the} answer\bigskip\bigskip +\item cryptography is often not {\bf the} answer\bigskip\bigskip \end{itemize} -Logic is one way protocols are studied in academia +logic is one way protocols are studied in academia +(you can use computers to search for attacks) \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c] -\frametitle{Privacy et al} +\frametitle{Public-Key Infrastructure} + +\begin{itemize} +\item the idea is to have a certificate authority (CA) +\item you go to the CA to identify yourself +\item CA: ``I, the CA, have verified that public key \bl{$P^{pub}_{Bob}$} belongs to Bob''\bigskip +\item CA must be trusted by everybody +\item What happens if CA issues a false certificate? Who pays in case of loss? (VeriSign +explicitly limits liability to \$100.) +\end{itemize} + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + + + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] +\frametitle{Privacy, Anonymity et al} Some terminology: @@ -700,8 +721,8 @@ \frametitle{Privacy} \begin{itemize} -\item Apple takes note of -\item if supermarkets can build a profile of what I buy, they can use it to their advantage (banks - mortgages) +\item Apple takes note of very dictation (send over the Internet to Apple) +\item if supermarkets can build a profile of what I buy, they can use it to their advantage (banks too - mortgages) \item my employer might not like my opinions\bigskip\pause \item one the other hand, Freedom-of-Information Act