--- a/slides/slides05.tex Thu Oct 22 02:11:23 2015 +0100
+++ b/slides/slides05.tex Thu Oct 22 09:58:45 2015 +0100
@@ -70,6 +70,29 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
+\frametitle{Nonces}
+
+\begin{enumerate}
+\item I generate a nonce (random number) and send it to you encrypted with a key we share
+\item you increase it by one, encrypt it under a key I know and send
+it back to me
+\end{enumerate}
+
+
+I can infer:
+
+\begin{itemize}
+\item you must have received my message
+\item you could only have generated your answer after I have
+ sent you my initial message
+\item if only you and me know the key, the message must have come from you
+\end{itemize}
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
\frametitle{Protocols}
\begin{center}
@@ -98,7 +121,7 @@
\small
\begin{itemize}
-\item Snowden documents reveal ``that during G20
+\item Snowden documents reveal ``that during the G20
meetings\dots{}GCHQ used
`ground-breaking intelligence capabilities' to intercept
the communications of visiting delegations. This
@@ -181,17 +204,18 @@
\frametitle{Splitting Messages}
\begin{center}
-$\underbrace{\texttt{\Grid{0X1peUVTGJK+H70mMjAM8p}}}_{\{A,m\}_{K^{pub}_B}}$
+$\underbrace{\texttt{\Grid{0X1peUVTGJK+H70mMjAM8p}}}_{\bl{\{A,m\}_{K^{pub}_B}}}$
\end{center}
\begin{center}
-$\underbrace{\texttt{\Grid{0X1peUVTGJK}}}_{H_1}$\quad
-$\underbrace{\texttt{\Grid{+H70mMjAM8p}}}_{H_2}$
+$\underbrace{\texttt{\Grid{0X1peUVTGJK}}}_{\bl{H_1}}$\quad
+$\underbrace{\texttt{\Grid{+H70mMjAM8p}}}_{\bl{H_2}}$
\end{center}
\begin{itemize}
\item you can also use the even and odd bytes
-\item the point is you cannot decrypt the halves
+\item the point is you cannot decrypt the halves, even if you
+ have the key
\end{itemize}
@@ -237,13 +261,13 @@
\begin{frame}[c]
\begin{itemize}
-\item you have to ask something that cannot imitated
+\item you have to ask something that cannot be imitated
(requires \bl{$A$} and \bl{$B$} know each other)
\item what happens if \bl{$m$} and \bl{$m'$} are voice
messages?\bigskip\pause
\item So \bl{$C$} can either leave the communication unchanged
- (Hellamn-Diffie), or invent a complete new conversation
+ (Hellman-Diffie), or invent a complete new conversation
\end{itemize}
@@ -258,7 +282,7 @@
``zero'' is almost impossible---you need to rely on some
established trust\medskip
-\item that is why we rely on certificates, which however are
+\item that is why PKI relies on certificates, which however are
badly, badly realised
\end{itemize}
@@ -337,16 +361,17 @@
\node (E) at (2,-3) [node] {};
\node [below right] at (E.north west)
- {\small\begin{tabular}{@{}l}Browser\\ Company\end{tabular}};
+ {\small\begin{tabular}{@{}l}Browser\\ Vendor\end{tabular}};
\draw [->,line width=4mm] (E) -- (D);
\end{tikzpicture}
\end{center}
\begin{itemize}
-\item CAs make almost no money anymore, because of competition
-\item browser companies are not really interested in security,
-rather than market share
+\item CAs make almost no money anymore, because of stiff
+ competition
+\item browser companies are not really interested in security;
+ only in market share
\end{itemize}
\end{frame}
@@ -359,18 +384,20 @@
CAs just cannot win (make any profit):\medskip
\begin{itemize}
-\item there are hundreds of CAs, which issue million of
+\item there are hundreds of CAs, which issue millions of
certificates and the error rate is small
\item users (servers) do not want to pay or pay as little as
possible\bigskip
\item a CA can issue a certificate for any domain not needing
- any permission (CAs are meant to be undergo audits,
- but\ldots DigiNotar); if they have issued many
- certificates, they ``become too big to fail''
+ any permission (CAs are meant to undergo audits,
+ but\ldots DigiNotar)
+
+\item if a CA has issued many certificates, it ``becomes too
+ big to fail''
-\item Can we be sure CAs are not just front-ends of some
+\item Can we be sure CAs are not just frontends of some
government organisation?
\end{itemize}
@@ -384,18 +411,18 @@
\begin{itemize}
-\item many certificates are issued via whois\ldots if you
+\item many certificates are issued via Whois\ldots if you
hijacked a domain, it is easy to obtain
certificates\medskip
-\item revocation does not work (Chrome has given up on
- revocation lists)\medskip
+\item the revocation mechanism does not work (Chrome has given
+ up on general revocation lists)\medskip
\item lax approach to validation of certificates
- (Have you bypassed certification warnings?)\medskip
+ (Have you ever bypassed certification warnings?)\medskip
-\item sometimes you want to install invalid certificates
- (self-signed)
+\item sometimes you want to actually install invalid
+ certificates (self-signed)
\end{itemize}
@@ -411,9 +438,10 @@
\item Go directly after root certificates
\begin{itemize}
\item governments can demand private keys\smallskip
- \item 10 years ago it was estimated to break a 1024 bit key
- in one year using 10 -30 Mio \$; this is now reduced to 1 Mio \$
- \end{itemize}
+ \item 10 years ago it was estimated that breaking a 1024 bit
+ key takes one year and costs 10 - 30 Mio \$; this is now
+ reduced to 1 Mio \$
+ \end{itemize}
\item Go after buggy implementations of certificate
validation\smallskip
@@ -427,7 +455,7 @@
\end{itemize}
\small The eco-system is completely broken (it relies on
-thousands of entities doing the right thing). Maybe DNSSEC
+thousands of entities to do the right thing). Maybe DNSSEC
where keys can be attached to domain names is a way out.
\end{frame}
@@ -439,12 +467,12 @@
\begin{itemize}
-\item In 2011, DigiNotar (Dutch) was the first CA which got
- compromised completely, and where many fraudulent
- certificates were issued. It included approximately
- 300,000 IP addresses, mostly located in Iran. The
- attackers (in Iran?) were likely interested only in
- collecting gmail passwords.\medskip
+\item In 2011, DigiNotar (Dutch company) was the first CA that
+ got compromised comprehensively, and where many
+ fraudulent certificates were issued to the wild. It
+ included approximately 300,000 IP addresses, mostly
+ located in Iran. The attackers (in Iran?) were likely
+ interested ``only'' in collecting gmail passwords.\medskip
\item The Flame malware piggy-bagged on this attack by
advertising malicious Windows updates to some targeted
@@ -683,8 +711,8 @@
\begin{frame}[c]
\frametitle{1st Lecture: Cookies}
-Remember the small web-app I showed where a cookie
-protected a counter\bigskip
+Remember the small web-app I showed you where a cookie
+protected a counter?\bigskip
\begin{itemize}
\item NYT, the cookie looks the ``resource'' - harm\medskip
@@ -717,7 +745,7 @@
\frametitle{2nd Lecture: E-Voting}
\begin{itemize}
-\item (two weeks ago) an Australian parliamentary committee
+\item recently an Australian parliamentary committee
found: e-voting is highly vulnerable to hacking and Australia
will not use it any time soon\bigskip\pause
\item Alex Halderman, Washington D.C.~hack
@@ -863,9 +891,9 @@
ylabel={\% of total attacks},
ylabel style={yshift=0em},
enlargelimits=false,
- xtick={1997,1998,2000,...,2014},
+ xtick={1997,1999,...,2015},
xmin=1996.5,
- xmax=2015,
+ xmax=2016,
ymax=21,
ytick={0,5,...,20},
scaled ticks=false,
@@ -878,7 +906,7 @@
$\pgfmathprintnumber[fixed,fixed zerofill,precision=1,use comma]{\pgfkeysvalueof{/data point/y}}$},
x tick label style={font=\scriptsize,/pgf/number format/1000 sep={}}]
\addplot
- table [x=Year,y=Percentage] {bufferoverflows.data};
+ table [x=Year,y=Percentage] {../handouts/bufferoverflows.data};
\end{axis}
\end{tikzpicture}
\end{center}
@@ -959,7 +987,10 @@
\begin{itemize}
\item Alice wants to have her files readable,
-\alert{except} for her office mates.
+\alert{except} for her office mates.\bigskip
+
+\item make sure you understand the setuid and setgid bits;
+ why are they necessary for login and passwd
\end{itemize}