--- a/slides08.tex Tue Nov 20 06:45:37 2012 +0000
+++ b/slides08.tex Tue Nov 20 11:58:23 2012 +0000
@@ -132,7 +132,7 @@
\frametitle{Last Week}
Andrew Secure RPC Protocol:
-\bl{$A$} and \bl{$B$} share a key \bl{$K_{AB}$} and want to identify
+\bl{$A$} and \bl{$B$} share a key private \bl{$K_{AB}$} and want to identify
each other\bigskip
\begin{itemize}
@@ -211,7 +211,7 @@
\onslide<7->{Sounds stupid: ``\ldots answering a question with a counter question''\medskip\\
was originally developed at CMU for terminals to connect to
-workstations (e.g.~file servers)}
+workstations (e.g., file servers)}
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -222,34 +222,35 @@
\frametitle{Identify Friend or Foe}
\begin{center}
-\onslide<2->{\mbox{}\hspace{3.4cm}\includegraphics[scale=0.55]{pics/MigInMiddle.jpg}}
+\onslide<3->{\mbox{}\hspace{3.4cm}\includegraphics[scale=0.55]{pics/MigInMiddle.jpg}}
\end{center}
\begin{textblock}{6}(0.3,2)
+\onslide<2->{
198?: war between Angola (supported by Cuba)
-and Namibia (supported by SA)
+and Namibia (supported by SA)}
\end{textblock}
\begin{textblock}{3}(12.5,4.6)
- \onslide<2->{
+ \onslide<3->{
\begin{tikzpicture}
\node at (0,0) [single arrow, fill=red,text=white, rotate=-50, shape border rotate=180]{``bystander''};
\end{tikzpicture}}
\end{textblock}
\begin{textblock}{3}(10.9,10)
- \onslide<2->{
+ \onslide<3->{
\begin{tikzpicture}
\node at (0,0) [single arrow, fill=red,text=white, rotate=-40, shape border rotate=180]{attacker};
\end{tikzpicture}}
\end{textblock}
-\only<3->{
+\only<4->{
\begin{textblock}{6}(0.3,9)
being outsmarted by Angola/Cuba
ended SA involvement
\end{textblock}}
-\only<4->{
+\only<5->{
\begin{textblock}{6}(0.3,13)
IFF opened up a nice side-channel attack
\end{textblock}}
@@ -268,7 +269,7 @@
\item \bl{$A \,\text{sends}\, B : \{N_A\}_{K'_{AB}}$}\bigskip
\end{itemize}\pause
-means you need to send a separate ``Hello'' signal (bad), or worse
+means you need to send separate ``Hello'' signals (bad), or worse
share a single key between many entities
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -307,12 +308,37 @@
\end{tabular}
\end{center}\bigskip\pause
-at the end both \bl{$A$} and \bl{$B$} should be in the possession of the secret key
+at the end of the protocol both \bl{$A$} and \bl{$B$} should be in the possession of the secret key
\bl{$K_{AB}$} and know that the other principal has the key
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{Nonces}
+
+\begin{enumerate}
+\item I generate a nonce (random number) and send it to you encrypted with a key we share
+\item you increase it by one, encrypt it under a key I know and send
+it back to me
+\end{enumerate}
+
+
+I can infer:
+
+\begin{itemize}
+\item you must have received my message
+\item you could only have generated your answer after I send you my initial
+message
+\item if only you and me know the key, the message must have come from you
+\end{itemize}
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
@@ -335,13 +361,26 @@
\bl{$B$} believes it is following the correct protocol,
intruder \bl{$I$} can form the correct response because it knows \bl{$K_{AB}$} and
-talk to \bl{$B$} masquerading as \bl{$A$}
+talks to \bl{$B$} masquerading as \bl{$A$}
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
+
+\begin{center}
+\includegraphics[scale=0.5]{pics/dogs.jpg}
+\end{center}
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
\frametitle{Replay Attacks}
Andrew Secure RPC protocol: exchanging a new key
@@ -588,6 +627,63 @@
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[t]
+\frametitle{Privacy vs Anonymity}
+
+\begin{itemize}
+\item anonymity has its uses (e.g., voting, whistleblowers, peer-review)
+\end{itemize}\bigskip\bigskip\pause
+
+
+But privacy?\bigskip\bigskip
+
+``You have zero privacy anyway. Get over it.''\\
+\hfill{}Scott Mcnealy (CEO of Sun)\bigskip\\
+
+
+If you have nothing to hide, you have nothing to fear.
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[t]
+\frametitle{Privacy}
+
+private data can be often used against me
+
+\begin{itemize}
+\item if my location data becomes public, thieves will switch off their phones and help themselves in my home
+\item if supermarkets can build a profile of what I buy, they can use it to their advantage (banks - mortgages)
+\item my employer might not like my opinions\bigskip\pause
+
+\item one the other hand, Freedom-of-Information Act
+\item medical data should be private, but medical research needs data
+\end{itemize}
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[t]
+\frametitle{Privacy}
+
+\begin{itemize}
+\item Apple takes note of
+\item if supermarkets can build a profile of what I buy, they can use it to their advantage (banks - mortgages)
+\item my employer might not like my opinions\bigskip\pause
+
+\item one the other hand, Freedom-of-Information Act
+\item medical data should be private, but medical research needs data
+\end{itemize}
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
\end{document}