\documentclass[14pt,aspectratio=169]{beamer}
%\usetheme{Boadilla}
\usetheme{Minimalist}
\usepackage{tikz}
\usetikzlibrary{calc,shapes}
\usepackage{ulem}
\title{Network Security}
\subtitle{with Netsim}
\author{Vecna\thanks{building on work by Erinn Atwater, Cecylia Bocovich, Miti Mazmudar, Sajin Sasy, Parjanya Vyas, and Bailey Kacsmar}\thanks{with visuals from Simon Oya and Ian Goldberg}}
\institute{University of Waterloo}
\date{2024 May 13}
\newcommand\srccolor{blue}
\newcommand\dstcolor{purple}
\newcommand\protocolor{cyan}
\newcommand\msgcolor{orange}
% All our images
\pgfdeclareimage[width=1cm]{router}{router}
\pgfdeclareimage[width=1cm]{basestation}{basestation}
\pgfdeclareimage[width=1cm]{mobile}{mobile}
\pgfdeclareimage[width=1cm]{server}{server}
\pgfdeclareimage[width=1cm]{desktop}{desktop}
\pgfdeclareimage[width=1cm]{scroll}{scroll}
\pgfdeclareimage[width=1cm]{evilscroll}{evilscroll}
\pgfdeclareimage[width=8cm]{postcard}{postcard}
\pgfdeclareimage[width=8cm]{envelope}{envelope}
\pgfdeclareimage[width=2cm]{cat}{cat-instructor}
\pgfdeclareimage[width=1cm]{alice}{alice}
\pgfdeclareimage[width=1cm]{bob}{bob}
\pgfdeclareimage[width=1cm]{carol}{carol}
\pgfdeclareimage[width=1cm]{dave}{dave}
\pgfdeclareimage[width=1cm]{eve}{eve}
\pgfdeclareimage[width=1.25cm]{mallory}{mallory}
\pgfdeclareimage[width=4cm]{bubble}{bubble1}
\pgfdeclareimage[width=0.5cm]{lock}{lock}
\pgfdeclareimage[width=2cm]{key}{key-sec}
\pgfdeclareimage[width=1.25cm]{apri}{alice-pri}
\pgfdeclareimage[width=1.25cm]{bpri}{bob-pri}
\pgfdeclareimage[width=1.25cm]{mpri}{mallory-pri}
\pgfdeclareimage[width=1.25cm]{apub}{alice-pub}
\pgfdeclareimage[width=1.25cm]{bpub}{bob-pub}
\pgfdeclareimage[width=1.25cm]{mpub}{mallory-pub}
\pgfdeclareimage[width=1cm]{ciphertext}{ciphertext}
\pgfdeclareimage[height=0.5cm]{x}{x}
\pgfdeclareimage[height=2.5cm]{crysp}{crysp}
\newcommand\onenetwork{
\filldraw [fill=orange!20, draw=black, thick] (-7,1) -- (-3.5,.5) -- (-4,-2) -- (-7,-2) -- cycle;
\node [inner sep=0pt] (mobile) at (-5,-1.25) {\pgfuseimage{mobile}};
\node [inner sep=0pt] (desktop) at (-6.5,-1.25) {\pgfuseimage{desktop}};
\node [inner sep=0pt] (basestation) at (-4.25,-.25) {\pgfuseimage{basestation}};
\node [inner sep=0pt] (AS1r1) at (-6,0.25) {\pgfuseimage{router}};
\draw [draw=black,thick] (desktop) -- (basestation);
\draw [draw=black,thick] (basestation) -- (AS1r1);
}
\newcommand\theinternet{
\filldraw [fill=green!20, draw=black, thick] (-5,4) -- (5,4) -- (3,1) -- (-3,1) -- cycle;
\filldraw [fill=blue!20, draw=black, thick] (-3,.5) -- (3,.5) -- (3.5,-2) -- (-3.5,-2) -- cycle;
\filldraw [fill=red!20, draw=black, thick] (-7,4) --(-5.5,4) -- (-3.5,1) -- (-7,1.5);
\filldraw [fill=purple!20, draw=black, thick] (7,4) --(5.5,4) -- (3.5,1) -- (7,0);
\filldraw [fill=orange!20, draw=black, thick] (-7,1) -- (-3.5,.5) -- (-4,-2) -- (-7,-2);
\filldraw [fill=yellow!20, draw=black, thick] (7,-.5) -- (3.5,.5) -- (4,-2) -- (7,-2);
\node [inner sep=0pt] (mobile) at (-5,-1.25) {\pgfuseimage{mobile}};
\node [inner sep=0pt] (desktop) at (-6.5,-1.25) {\pgfuseimage{desktop}};
\node [inner sep=0pt] (basestation) at (-4.25,-.25) {\pgfuseimage{basestation}};
\node [inner sep=0pt] (AS1r1) at (-6,0.25) {\pgfuseimage{router}};
\draw [draw=black,thick] (desktop) -- (basestation);
\draw [draw=black,thick] (basestation) -- (AS1r1);
\node [inner sep=0pt] (AS2r1) at (-6.25,2) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS2r3) at (-6.25,3.5) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS2r2) at (-4.6,1.6) {\pgfuseimage{router}};
\draw [draw=black,thick] (AS2r1) -- (AS1r1);
\draw [draw=black,thick] (AS2r2) -- (AS2r1);
\draw [draw=black,thick] (AS2r2) -- (AS2r3);
\draw [draw=black,thick] (AS2r1) -- (AS2r3);
\draw [draw=black,thick] (AS2r1) -- ($(-7,1)!(AS2r1)!(-7,0)$);
\draw [draw=black,thick] (AS2r3) -- ($(-7,1)!(AS2r3)!(-7,0)$);
\node [inner sep=0pt] (AS3r1) at (-3.5,3.5) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS3r2) at (-2.5,1.5) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS3r3) at (-1,2.5) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS3r4) at (2,1.5) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS3r5) at (3,3) {\pgfuseimage{router}};
\draw [draw=black,thick] (AS2r3) -- (AS3r1);
\draw [draw=black,thick] (AS2r2) -- (AS3r2);
\draw [draw=black,thick] (AS3r1) -- (AS3r3);
\draw [draw=black,thick] (AS3r2) -- (AS3r3);
\draw [draw=black,thick] (AS3r4) -- (AS3r3);
\draw [draw=black,thick] (AS3r5) -- (AS3r3);
\draw [draw=black,thick] (AS3r2) -- (AS3r4);
\node [inner sep=0pt] (AS4r1) at (6.25,3.5) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS4r2) at (4.75,1.25) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS4basestation) at (6.25,1.2) {\pgfuseimage{basestation}};
\draw [draw=black,thick] (AS4r1) -- (AS4r2);
\draw [draw=black,thick] (AS4basestation) -- (AS4r2);
\draw [draw=black,thick] (AS3r5) -- (AS4r1);
\node [inner sep=0pt] (AS5r1) at (-2.5,0) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS5r2) at (2,0) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS5server) at (-1,-1) {\pgfuseimage{server}};
\draw [draw=black,thick] (AS2r2) -- (AS5r1);
\draw [draw=black,thick] (AS3r2) -- (AS5r1);
\draw [draw=black,thick] (AS3r4) -- (AS5r2);
\draw [draw=black,thick] (AS5r1) -- (AS5r2);
\draw [draw=black,thick] (AS5r1) -- (AS5server);
\node [inner sep=0pt] (AS6r1) at (4.3,-.3) {\pgfuseimage{router}};
\node [inner sep=0pt] (server) at (6,-1.2) {\pgfuseimage{server}};
\draw [draw=black,thick] (AS6r1) -- (AS4r2);
\draw [draw=black,thick] (AS6r1) -- (server);
}
\begin{document}
\frame[plain]{\titlepage}
\begin{frame}
\frametitle{Introductions}
\begin{itemize}
\item My name is Vecna
\item My pronouns are they/them
\item I'm part of the Cryptography, Security, and Privacy (CrySP)\footnote{\url{https://crysp.org}} group
\item My research focuses on privacy and censorship circumvention
\item \textbf{Please interrupt me if you have questions}
\end{itemize}
\centerline{
\begin{tikzpicture}
\node (crysp) {\pgfuseimage{crysp}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Introductions}
\begin{itemize}
\item Introduce yourself
\item Examples of what to say (if you want)
\begin{itemize}
\item Name
\item Pronouns
\item Something you're passionate about/interested in
\item Why you wanted to come to SPARCS
\item If you prefer to work in groups or alone
\begin{itemize}
\item We'll be playing a puzzle game
\item You're welcome to work together or alone
\item If you want a teammate/group, this may be a time to find one
\end{itemize}
\end{itemize}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Introductions}
\begin{itemize}
\item Finally, let's introduce our characters...
\vspace{1em}
\begin{columns}
\column{0.5\textwidth}
\large Our friends
\vspace{1em}
\begin{columns}
\column{0.5\textwidth}
\pgfuseimage{alice} \large Alice
\pgfuseimage{carol} \large Carol
\column{0.5\textwidth}
\pgfuseimage{bob} \large Bob
\pgfuseimage{dave} \large Dave
\end{columns}
\column{0.5\textwidth}
\large Our enemies
\vspace{1em}
\pgfuseimage{eve} \large Eve \small (an eavesdropper)
\pgfuseimage{mallory} \large Mallory \small (a malicious attacker)
\end{columns}
\vspace{1em}
\item These characters are common in cryptography/security
\item These drawings are by Simon Oya\footnote{\url{https://simonoya.com/}}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Goals}
\begin{itemize}
\item \textit{\textbf{Define}} the foundations of computer networks
\item \textit{\textbf{Define}} security goals
\item \textit{\textbf{Explore}} whether these security goals are accomplished on the Internet
\item \textit{\textbf{Execute}} attacks against a (simulated) network
\item \textit{\textbf{Identify}} real-world implications and defenses
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Outline}
\begin{itemize}
\item Networking background
\begin{itemize}
\item Introduction to networking/the Internet: \textbf{2 levels}
\item ICMP (ping): \textbf{3 levels}
\end{itemize}
\item Security goals (and how the Internet fails to accomplish them)
\begin{itemize}
\item What are our security goals?
\item Encryption: \textbf{1 level}
\item Attacks: \textbf{6 levels}
\end{itemize}
\item Real-world implications
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{What is a Network?}
\begin{itemize}
\item Computers connected to each other
\end{itemize}
\centerline{
\begin{tikzpicture}
\onenetwork
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{What is the Internet?}
\begin{itemize}
\item A network of networks that connects computers across the world
\end{itemize}
\centerline{
\begin{tikzpicture}
\theinternet
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Packets}
\begin{columns}
\column{0.4\textwidth}
\begin{itemize}
\item Computers talk to each other using packets
\item Think of a postcard with
\begin{itemize}
\item \color{\srccolor} Source address
\item \color{\dstcolor} Destination address
\item \color{\msgcolor} Message
\end{itemize}
\end{itemize}
\column{0.6\textwidth}
\centerline{
\begin{tikzpicture}
\node (postcard) {\pgfuseimage{postcard}};
\node at (-2.25,1.5) {\color{\srccolor}\large Alice's PC};
\node at (2.35,0.55) {\color{\dstcolor}\large catpics.com};
\node[text width=4cm] at (-1.85,-.5) {\color{\msgcolor}\large please send cat pics thx};
\end{tikzpicture}
}
\end{columns}
\end{frame}
\begin{frame}
\frametitle{Sending a Packet}
\begin{itemize}
\item Alice sends this packet to catpics.com and gets a response
\end{itemize}
\centerline{
\begin{tikzpicture}
\theinternet
\node [inner sep=0pt] (alice) at (-7.65,-1.25) {\pgfuseimage{alice}};
\draw [draw=red,line width=3pt] (desktop) -- (basestation);
\draw [draw=red,line width=3pt] (basestation) -- (AS1r1);
\draw [draw=red,line width=3pt] (AS1r1) -- (AS2r1);
\draw [draw=red,line width=3pt] (AS2r2) -- (AS2r1);
\draw [draw=red,line width=3pt] (AS2r2) -- (AS3r2);
\draw [draw=red,line width=3pt] (AS3r3) -- (AS3r2);
\draw [draw=red,line width=3pt] (AS3r3) -- (AS3r5);
\draw [draw=red,line width=3pt] (AS4r1) -- (AS3r5);
\draw [draw=red,line width=3pt] (AS4r1) -- (AS4r2);
\draw [draw=red,line width=3pt] (AS6r1) -- (AS4r2);
\draw [draw=red,line width=3pt] (AS6r1) -- (server);
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Response Packet}
\begin{columns}
\column{0.4\textwidth}
\begin{itemize}
\item Again, think of a postcard with
\begin{itemize}
\item \color{\srccolor} Source address
\item \color{\dstcolor} Destination address
\item \color{\msgcolor} Message
\end{itemize}
\end{itemize}
\column{0.6\textwidth}
\centerline{
\begin{tikzpicture}
\node (postcard) {\pgfuseimage{postcard}};
\node at (-2.25,1.5) {\color{\srccolor}\large catpics.com};
\node at (2.35,0.55) {\color{\dstcolor}\large Alice's PC};
\draw [draw=\msgcolor, line width=3pt] (-3.5,0.5) -- (0,0.5) -- (0,-2) -- (-3.5,-2) -- cycle;
\node at (-1.75,-.75) {\pgfuseimage{cat}};
\end{tikzpicture}
}
\end{columns}
\end{frame}
\begin{frame}
\frametitle{Takeaways}
\begin{itemize}
\item The Internet is just computers across the world talking to each other
\item Computers send information back and forth in the form of packets
\item Packets are like postcards
\begin{itemize}
\item Source address
\item Destination address
\item Message
\item (all visible)
\end{itemize}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Netsim}
\begin{itemize}
\item In this session, we will be playing a game called netsim
\item This game provides a (simplified) simulation of a network to help you learn about networking and security
% \item \textbf{Your task: Register and complete levels 1 and 2}
\item \textbf{Your task: Register and complete levels 1 -- 5}
\begin{itemize}
\item Register at \footnotesize\url{https://vvecna.cs.uwaterloo.ca/netsim/}\normalsize
\item (Backup link: \footnotesize\url{https://netsim.erinn.io/}\normalsize)
\item Accounts are not saved long-term (sorry)
\item Feel free to work together or alone
\item Ask if you need help
\end{itemize}
\end{itemize}
\end{frame}
%\begin{frame}
% \frametitle{More About Packets}
% \begin{columns}
% \column{0.4\textwidth}
% \begin{itemize}
% \item Packets actually have multiple layers
% \begin{itemize}
% \item Network layer (IP):
% \begin{itemize}
% \item \color{\srccolor}{Source address}
% \item \color{\dstcolor}{Destination address}
% \end{itemize}
% \item Transport layer: \color{\protocolor}{Type of message}\normalcolor
% \item Application layer: \color{\msgcolor}{Message}
% \end{itemize}
% \end{itemize}
% \column{0.6\textwidth}
% \centerline{
% \begin{tikzpicture}
% \node (postcard) {\pgfuseimage{postcard}};
% \node at (-2.25,1.5) {\color{\srccolor}\large Alice's PC};
% \node at (3.15,1.7) {\color{\protocolor}\footnotesize ICMP};
% \node at (2.35,0.55) {\color{\dstcolor}\large catpics.com};
% \node[text width=4cm] at (-.5,-.5) {\color{\msgcolor}\large PING};
% \end{tikzpicture}
% }
% \end{columns}
%\end{frame}
%
%\begin{frame}
% \frametitle{More About Packets}
% \begin{columns}
% \column{0.4\textwidth}
% \begin{itemize}
% \item Packets actually have multiple layers
% \begin{itemize}
% \item Network layer (IP):
% \begin{itemize}
% \item \color{\srccolor}{Source address}
% \item \color{\dstcolor}{Destination address}
% \end{itemize}
% \item Transport layer: \color{\protocolor}{Type of message}\normalcolor
% \item Application layer: \color{\msgcolor}{Message}
% \end{itemize}
% \end{itemize}
% \column{0.6\textwidth}
% \centerline{
% \begin{tikzpicture}
% \node (postcard) {\pgfuseimage{postcard}};
% \node at (-2.25,1.5) {\color{\srccolor}\large catpics.com};
% \node at (3.15,1.7) {\color{\protocolor}\footnotesize ICMP};
% \node at (2.35,0.55) {\color{\dstcolor}\large Alice's PC};
% \node[text width=4cm] at (-.5,-.5) {\color{\msgcolor}\large PONG};
% \end{tikzpicture}
% }
% \end{columns}
%\end{frame}
%
%\begin{frame}
% \frametitle{Technical Note}
% \begin{itemize}
% \item Internet Control Message Protocol (ICMP) is actually a network-layer protocol, but it's sort of transport-like
% \item The netsim game treats it as a transport-layer protocol
% \item Let's not worry about it too much
% \end{itemize}
%\end{frame}
%
%\begin{frame}
% \frametitle{Let's Do Some More Exercises}
% \begin{itemize}
% \item \textbf{Your task: Complete levels 3, 4, and 5}
% \end{itemize}
%\end{frame}
\begin{frame}
\frametitle{Goals}
\begin{itemize}
\item \sout{\textit{\textbf{Define}} the foundations of computer networks}
\item \textit{\textbf{Define}} security goals
\item \textit{\textbf{Explore}} whether these security goals are accomplished on the Internet
\item \textit{\textbf{Execute}} attacks against a (simulated) network
\item \textit{\textbf{Identify}} real-world implications and defenses
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Security Goals}
\begin{itemize}
\item Confidentiality
\item Integrity
\item Availability
\item Authentication
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Failing to Meet Our Security Goals}
\begin{itemize}
\item Suppose Alice sends a message to Bob
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\draw [-stealth] (alice) -- (bob);
\node [inner sep=0pt] (msg) at (0,0) {\pgfuseimage{scroll}};
\end{tikzpicture}
}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Failing to Meet Our Security Goals}
\begin{itemize}
\item Suppose Alice sends a message to Bob
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\draw [-stealth] (alice) -- (bob);
\node [inner sep=0pt] (msg) at (0,0) {\pgfuseimage{scroll}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\end{tikzpicture}
}
\item \textbf{Confidentiality: Protecting data from unauthorized access}
\item Compromise of confidentiality: Eve reads the message
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Failing to Meet Our Security Goals}
\begin{itemize}
\item Suppose Alice sends a message to Bob
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (mallory) at (0,0) {\pgfuseimage{mallory}};
\draw [-stealth] (alice) -- (mallory);
\draw [-stealth] (mallory) -- (bob);
\node [inner sep=0pt] (msg) at (-2,0) {\pgfuseimage{scroll}};
\node [inner sep=0pt] (badmsg) at (2,0) {\pgfuseimage{evilscroll}};
\end{tikzpicture}
}
\item \textbf{Integrity: Ensuring data is correct/unchanged}
\item Compromise of integrity: Mallory modifies the message
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Failing to Meet Our Security Goals}
\begin{itemize}
\item Suppose Alice sends a message to Bob
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (mallory) at (0,1) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (block) at (0,0) {\pgfuseimage{x}};
\draw [-stealth] (alice) -- (block);
\node [inner sep=0pt] (msg) at (-2,0) {\pgfuseimage{scroll}};
\end{tikzpicture}
}
\item \textbf{Availability: Ensuring data/system can be used correctly}
\item Compromise of availability: Mallory prevents Alice from sending the message to Bob
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Failing to Meet Our Security Goals}
\begin{itemize}
\item Suppose Mallory sends a message to Bob
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (mallory) at (-4,0) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\draw [-stealth] (mallory) -- (bob);
\node [inner sep=0pt] (msg) at (0,0) {\pgfuseimage{evilscroll}};
\filldraw [fill=red, draw=black, thick] (-4,-0.65) -- (-4.75,-0.65) -- (-4.75,-0.25) -- (-4,-0.25) -- cycle;
\node[text width=2.5cm,color=white] at (-3.425,-0.35) {\tiny \textbf{HELLO}};
\node[text width=1.5cm,color=white] at (-4.12,-0.55) {\fontsize{3}{1} \textbf{MY\hspace{2px}NAME\hspace{2px}IS}};
\filldraw [fill=white, draw=black, thick] (-4,-0.65) -- (-4.75,-0.65) -- (-4.75,-1) -- (-4,-1) -- cycle;
\node[text width=2.5cm,color=black] at (-3.35,-0.85) {\tiny \textit{Alice}};
\end{tikzpicture}
}
\item \textbf{Authentication: Ensuring data \textit{source} is correct}
\item Compromise of authentication: Mallory forges a message from Alice
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Goals}
\begin{itemize}
\item \sout{\textit{\textbf{Define}} the foundations of computer networks}
\item \sout{\textit{\textbf{Define}} security goals}
\item \textit{\textbf{Explore}} whether these security goals are accomplished on the Internet
\item \textit{\textbf{Execute}} attacks against a (simulated) network
\item \textit{\textbf{Identify}} real-world implications and defenses
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Security Goals}
\begin{itemize}
\item Confidentiality: Protecting data from unauthorized access
\item Integrity: Ensuring data is correct/unchanged
\item Availability: Ensuring data/system is available
\item Authentication: Ensuring data \textit{source} is correct
\item \textbf{The Internet was not designed with security in mind}
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (eve-bubble) at (-4.75,1) {\pgfuseimage{bubble}};
\node[text width=2.75cm] at (-5,1) {\small I can break confidentiality.};
\node [inner sep=0pt] (eve) at (-2,0) {\pgfuseimage{eve}};
\node [inner sep=0pt] (mallory-bubble) at (1.25,1) {\pgfuseimage{bubble}};
\node[text width=2.5cm] at (1.25,1) {\small I can break all of these.};
\node [inner sep=0pt] (mallory) at (4,0) {\pgfuseimage{mallory}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Attacking Confidentiality}
\begin{itemize}
\item Who can \textbf{read} the message?
\end{itemize}
\centerline{
\begin{tikzpicture}
\theinternet
\node [inner sep=0pt] (alice) at (-7.65,-1.25) {\pgfuseimage{alice}};
\draw [draw=red,line width=3pt] (desktop) -- (basestation);
\draw [draw=red,line width=3pt] (basestation) -- (AS1r1);
\draw [draw=red,line width=3pt] (AS1r1) -- (AS2r1);
\draw [draw=red,line width=3pt] (AS2r2) -- (AS2r1);
\draw [draw=red,line width=3pt] (AS2r2) -- (AS3r2);
\draw [draw=red,line width=3pt] (AS3r3) -- (AS3r2);
\draw [draw=red,line width=3pt] (AS3r3) -- (AS3r5);
\draw [draw=red,line width=3pt] (AS4r1) -- (AS3r5);
\draw [draw=red,line width=3pt] (AS4r1) -- (AS4r2);
\draw [draw=red,line width=3pt] (AS6r1) -- (AS4r2);
\draw [draw=red,line width=3pt] (AS6r1) -- (server);
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Attacking Confidentiality}
\begin{itemize}
\item Who can \textbf{read} the message?
\end{itemize}
\centerline{
\begin{tikzpicture}
\filldraw [fill=green!20, draw=black, thick] (-5,4) -- (5,4) -- (3,1) -- (-3,1) -- cycle;
\filldraw [fill=blue!20, draw=black, thick] (-3,.5) -- (3,.5) -- (3.5,-2) -- (-3.5,-2) -- cycle;
\filldraw [fill=red!20, draw=black, thick] (-7,4) --(-5.5,4) -- (-3.5,1) -- (-7,1.5);
\filldraw [fill=purple!20, draw=black, thick] (7,4) --(5.5,4) -- (3.5,1) -- (7,0);
\filldraw [fill=orange!20, draw=black, thick] (-7,1) -- (-3.5,.5) -- (-4,-2) -- (-7,-2);
\filldraw [fill=yellow!20, draw=black, thick] (7,-.5) -- (3.5,.5) -- (4,-2) -- (7,-2);
\node [inner sep=0pt] (mobile) at (-5,-1.25) {\pgfuseimage{mobile}};
\node [inner sep=0pt] (desktop) at (-6.5,-1.25) {\pgfuseimage{desktop}};
\node [inner sep=0pt] (basestation) at (-4.25,-.25) {\pgfuseimage{eve}};
\node [inner sep=0pt] (AS1r1) at (-6,0.25) {\pgfuseimage{eve}};
\draw [draw=black,thick] (desktop) -- (basestation);
\draw [draw=black,thick] (basestation) -- (AS1r1);
\node [inner sep=0pt] (AS2r1) at (-6.25,2) {\pgfuseimage{eve}};
\node [inner sep=0pt] (AS2r3) at (-6.25,3.5) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS2r2) at (-4.6,1.6) {\pgfuseimage{eve}};
\draw [draw=black,thick] (AS2r1) -- (AS1r1);
\draw [draw=black,thick] (AS2r2) -- (AS2r1);
\draw [draw=black,thick] (AS2r2) -- (AS2r3);
\draw [draw=black,thick] (AS2r1) -- (AS2r3);
\draw [draw=black,thick] (AS2r1) -- ($(-7,1)!(AS2r1)!(-7,0)$);
\draw [draw=black,thick] (AS2r3) -- ($(-7,1)!(AS2r3)!(-7,0)$);
\node [inner sep=0pt] (AS3r1) at (-3.5,3.5) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS3r2) at (-2.5,1.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (AS3r3) at (-1,2.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (AS3r4) at (2,1.5) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS3r5) at (3,3) {\pgfuseimage{eve}};
\draw [draw=black,thick] (AS2r3) -- (AS3r1);
\draw [draw=black,thick] (AS2r2) -- (AS3r2);
\draw [draw=black,thick] (AS3r1) -- (AS3r3);
\draw [draw=black,thick] (AS3r2) -- (AS3r3);
\draw [draw=black,thick] (AS3r4) -- (AS3r3);
\draw [draw=black,thick] (AS3r5) -- (AS3r3);
\draw [draw=black,thick] (AS3r2) -- (AS3r4);
\node [inner sep=0pt] (AS4r1) at (6.25,3.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (AS4r2) at (4.75,1.25) {\pgfuseimage{eve}};
\node [inner sep=0pt] (AS4basestation) at (6.25,1.2) {\pgfuseimage{basestation}};
\draw [draw=black,thick] (AS4r1) -- (AS4r2);
\draw [draw=black,thick] (AS4basestation) -- (AS4r2);
\draw [draw=black,thick] (AS3r5) -- (AS4r1);
\node [inner sep=0pt] (AS5r1) at (-2.5,0) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS5r2) at (2,0) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS5server) at (-1,-1) {\pgfuseimage{server}};
\draw [draw=black,thick] (AS2r2) -- (AS5r1);
\draw [draw=black,thick] (AS3r2) -- (AS5r1);
\draw [draw=black,thick] (AS3r4) -- (AS5r2);
\draw [draw=black,thick] (AS5r1) -- (AS5r2);
\draw [draw=black,thick] (AS5r1) -- (AS5server);
\node [inner sep=0pt] (AS6r1) at (4.3,-.3) {\pgfuseimage{eve}};
% \node [inner sep=0pt] at (6,-1.7) {\pgfuseimage{server}};
% \node [inner sep=0pt] at (6,-1.45) {\pgfuseimage{server}};
\node [inner sep=0pt] (server) at (6,-1.2) {\pgfuseimage{server}};
\draw [draw=black,thick] (AS6r1) -- (AS4r2);
\draw [draw=black,thick] (AS6r1) -- (server);
\node [inner sep=0pt] (alice) at (-7.65,-1.25) {\pgfuseimage{alice}};
\draw [draw=red,line width=3pt] (desktop) -- (basestation);
\draw [draw=red,line width=3pt] (basestation) -- (AS1r1);
\draw [draw=red,line width=3pt] (AS1r1) -- (AS2r1);
\draw [draw=red,line width=3pt] (AS2r2) -- (AS2r1);
\draw [draw=red,line width=3pt] (AS2r2) -- (AS3r2);
\draw [draw=red,line width=3pt] (AS3r3) -- (AS3r2);
\draw [draw=red,line width=3pt] (AS3r3) -- (AS3r5);
\draw [draw=red,line width=3pt] (AS4r1) -- (AS3r5);
\draw [draw=red,line width=3pt] (AS4r1) -- (AS4r2);
\draw [draw=red,line width=3pt] (AS6r1) -- (AS4r2);
\draw [draw=red,line width=3pt] (AS6r1) -- (server);
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Cryptography}
\begin{itemize}
\item How can we defend against this?
\item Cryptography!
\begin{itemize}
\item crypto = hidden, secret
\item graphy = field of study
\item Encryption = using math to hide things
\item Cryptography = encryption and related things
\end{itemize}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Recall Packets...}
\begin{columns}
\column{0.4\textwidth}
\begin{itemize}
\item Like a \textbf{postcard} with...
\begin{itemize}
\item \color{\srccolor}{Source address}
\item \color{\dstcolor}{Destination address}
% \item \color{\protocolor}{Type of message}
\item \color{\msgcolor}{Message}
\end{itemize}
\end{itemize}
\column{0.6\textwidth}
\centerline{
\begin{tikzpicture}
\node (postcard) {\pgfuseimage{postcard}};
\node at (-2.25,1.5) {\color{\srccolor}\large Alice's PC};
% \node at (3.15,1.7) {\color{\protocolor}\footnotesize TCP};
\node at (2.35,0.55) {\color{\dstcolor}\large Bob's PC};
\node[text width=4cm] at (-.5,-.5) {\color{\msgcolor}\large HI BOB};
\end{tikzpicture}
}
\end{columns}
\end{frame}
\begin{frame}
\frametitle{We Can Encrypt the Message}
\begin{columns}
\column{0.4\textwidth}
\begin{itemize}
\item \color{\srccolor}{Source address}
\item \color{\dstcolor}{Destination address}
% \item \color{\protocolor}{Type of message}
\item \color{\msgcolor}{Encrypted message}
\end{itemize}
\column{0.6\textwidth}
\centerline{
\begin{tikzpicture}
\node (postcard) {\pgfuseimage{postcard}};
\node at (-2.25,1.5) {\color{\srccolor}\large Alice's PC};
% \node at (3.15,1.7) {\color{\protocolor}\footnotesize TCP};
\node at (2.35,0.55) {\color{\dstcolor}\large Bob's PC};
\node[text width=4cm] at (-.5,-.5) {\color{\msgcolor}\large IJCPC};
\end{tikzpicture}
}
\end{columns}
\end{frame}
\begin{frame}
\frametitle{More Like a Letter than a Postcard}
\begin{columns}
\column{0.4\textwidth}
\begin{itemize}
\item \color{\srccolor}{Source address}
\item \color{\dstcolor}{Destination address}
% \item \color{\protocolor}{Type of message}
\item \color{\msgcolor}{Message} \normalcolor (hidden in the sealed envelope)
\end{itemize}
\column{0.6\textwidth}
\centerline{
\hspace{2em}
\begin{tikzpicture}
\node at (0,0) (envelope) {\pgfuseimage{envelope}};
\node at (-2.5,0.25) {\color{\srccolor}\large Alice's PC};
% \node at (2.9,-0.1) {\color{\protocolor}\footnotesize TCP};
\node at (-0.1,-0.5) {\color{\dstcolor}\large Bob's PC};
\node[text width=1cm,rotate=15,align=right] at (2.7,2.5) {\color{\msgcolor} HI BOB};
\end{tikzpicture}
}
\end{columns}
\end{frame}
\begin{frame}
\frametitle{Confidentiality without Encryption}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\draw [-stealth] (alice) -- (bob);
\node [inner sep=0pt] (msg) at (0,0) {\pgfuseimage{scroll}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (eve-bubble) at (-2.5,3) {\pgfuseimage{bubble}};
\node[text width=2.5cm] at (-2.5,3) {I can read this!};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Ensuring Confidentiality with Encryption}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
% \node [inner sep=0pt] (alice-lock) at (-3,0) {\pgfuseimage{lock}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
% \node [inner sep=0pt] (bob-lock) at (3,0) {\pgfuseimage{lock}};
\draw [-stealth] (alice) -- (bob);
\node [inner sep=0pt] (ct) at (0,0) {\pgfuseimage{ciphertext}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
% \node [inner sep=0pt] (alice-key) at (-6,0) {\pgfuseimage{key}};
% \node [inner sep=0pt] (bob-key) at (6,0) {\pgfuseimage{key}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Ensuring Confidentiality with Encryption}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
% \node [inner sep=0pt] (alice-lock) at (-3,0) {\pgfuseimage{lock}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
% \node [inner sep=0pt] (bob-lock) at (3,0) {\pgfuseimage{lock}};
\draw [-stealth] (alice) -- (bob);
\node [inner sep=0pt] (ct) at (0,0) {\pgfuseimage{ciphertext}};
\node [inner sep=0pt] (eve) at (0,2) {\pgfuseimage{eve}};
\node [inner sep=0pt] (eve-bubble) at (-2.5,3) {\pgfuseimage{bubble}};
\node[text width=2.5cm] at (-2.5,3) {\LARGE \textbf{?????}};
% \node [inner sep=0pt] (alice-key) at (-5,-2) {\pgfuseimage{key}};
% \node [inner sep=0pt] (bob-key) at (5,-2) {\pgfuseimage{key}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{How Does Encryption Work?}
\begin{itemize}
\item We need a \textbf{key}
\begin{itemize}
\item This is just a random number
\end{itemize}
\item If the key is secure, the encryption should be secure
\begin{itemize}
\item Kerckhoffs's principle: The system should be secure if everything about the system except the key is public knowledge
\item (Or Shannon's maxim: ``The enemy knows the system")
\end{itemize}
\end{itemize}
\end{frame}
% Write the alphabet on the board ahead of time, plan to draw a map based on the key we decide
\begin{frame}
\frametitle{Example: Caesar Cipher}
\begin{itemize}
\item What should our \textbf{key $k$} be?
\item Take the message, and replace each letter with the $k$th next letter in the alphabet
\item For example, if $k = 5$, then NETSIM $\rightarrow$ SJYXNR
\item Let's encrypt the word ``CRYPTOGRAPHY"
\item How do we decrypt?
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Example: Caesar Cipher}
\begin{itemize}
\item What should our \textbf{key $k$} be? (0--25)
\item Take the message, and replace each letter with the $k$th next letter in the alphabet
\item For example, if $k = 5$, then NETSIM $\rightarrow$ SJYXNR
\item Let's encrypt the word ``CRYPTOGRAPHY"
\item How do we decrypt?
\begin{itemize}
\item \textbf{Also using the key}
\end{itemize}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Example: Caesar Cipher}
\begin{itemize}
\item What should our \textbf{key $k$} be? (0--25)
\item Take the message, and replace each letter with the $k$th next letter in the alphabet
\item For example, if $k = 5$, then \texttt{NETSIM} $\rightarrow$ \texttt{SJYXNR}
\item Let's encrypt the word \texttt{CRYPTOGRAPHY}
\item How do we decrypt?
\begin{itemize}
\item \textbf{Also using the key}
\end{itemize}
\item Why isn't this secure?
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Example: One-Time Pad}
\begin{itemize}
\item What if we used a separate Caesar cipher for each letter?
\item Let's encrypt the word \texttt{NETSIM} with
\begin{itemize}
\item $k_1 = 20$
\item $k_2 = 21$
\item $k_3 = 18$
\item $k_4 = 1$
\item $k_5 = 15$
\item $k_6 = 6$
\end{itemize}
\item \texttt{NETSIM} $\rightarrow$ \texttt{HZLTXS}
\item Is this secure?
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Example: One-Time Pad}
\begin{itemize}
\item What if we used a separate Caesar cipher for each letter?
\item Let's encrypt the word \texttt{NETSIM} with
\begin{itemize}
\item $k_1 = 20$
\item $k_2 = 21$
\item $k_3 = 18$
\item $k_4 = 1$
\item $k_5 = 15$
\item $k_6 = 6$
\end{itemize}
\item \texttt{NETSIM} $\rightarrow$ \texttt{HZLTXS}
\item Is this secure?
\begin{itemize}
\item \textbf{Only if the key is NEVER reused}
\end{itemize}
\item Is this usable?
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Key Exchange}
\begin{itemize}
\item We have other (more complicated) cryptography that works if Alice and Bob reuse their key
\begin{itemize}
\item We won't be talking about how it works today
\item Sorry
\end{itemize}
\item How does Alice get the key to Bob?
\item Proposal:
\begin{enumerate}
\item Alice sends the key to Bob
\item Alice and Bob use the key to encrypt future messages
\end{enumerate}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Key Exchange Proposal}
\begin{enumerate}
\item Alice sends the key to Bob
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\draw [-stealth] (alice) -- (bob);
\node [inner sep=0pt] (alice-shares-key) at (0,0) {\pgfuseimage{key}};
% \node [inner sep=0pt] (eve) at (0,1) {\pgfuseimage{eve}};
\end{tikzpicture}
}
\item Alice and Bob use the key to encrypt future messages
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
% \node [inner sep=0pt] (alice-lock) at (-3,0) {\pgfuseimage{lock}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
% \node [inner sep=0pt] (bob-lock) at (3,0) {\pgfuseimage{lock}};
\draw [-stealth] (alice) -- (bob);
\node [inner sep=0pt] (ct) at (0,0) {\pgfuseimage{ciphertext}};
% \node [inner sep=0pt] (eve) at (0,1) {\pgfuseimage{eve}};
\node [inner sep=0pt] (alice-key) at (-6,0) {\pgfuseimage{key}};
\node [inner sep=0pt] (bob-key) at (6,0) {\pgfuseimage{key}};
% \node [inner sep=0pt] (eve-key) at (1.5,1) {\pgfuseimage{key}};
\end{tikzpicture}
\item Why doesn't this work?
\end{enumerate}
\end{frame}
\begin{frame}
\frametitle{Key Exchange Proposal}
\begin{enumerate}
\item Alice sends the key to Bob
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\draw [-stealth] (alice) -- (bob);
\node [inner sep=0pt] (alice-shares-key) at (0,0) {\pgfuseimage{key}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\end{tikzpicture}
}
\item Alice and Bob use the key to encrypt future messages
% \centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
% \node [inner sep=0pt] (alice-lock) at (-3,0) {\pgfuseimage{lock}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
% \node [inner sep=0pt] (bob-lock) at (3,0) {\pgfuseimage{lock}};
\draw [-stealth] (alice) -- (bob);
\node [inner sep=0pt] (ct) at (0,0) {\pgfuseimage{ciphertext}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (alice-key) at (-6,0) {\pgfuseimage{key}};
\node [inner sep=0pt] (bob-key) at (6,0) {\pgfuseimage{key}};
\node [inner sep=0pt] (eve-key) at (1.5,1) {\pgfuseimage{key}};
\end{tikzpicture}
% }
% \item Why doesn't this work?
\end{enumerate}
\end{frame}
\begin{frame}
\frametitle{Public-Key Cryptography}
\begin{itemize}
\item Instead, we have more cryptography!
\item With more keys
\item Alice has...
\begin{itemize}
\item Alice's public key
\item Alice's secret key
\end{itemize}
\item Bob has...
\begin{itemize}
\item Bob's public key
\item Bob's secret key
\end{itemize}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Public-Key Cryptography}
\begin{itemize}
\item Instead, we have more cryptography!
\item With more keys
\item Alice has...
\begin{itemize}
\item Alice's public key (for \textbf{encrypting} messages \textbf{for Alice})
\item Alice's secret key (for \textbf{decrypting} messages \textbf{for Alice})
\end{itemize}
\item Bob has...
\begin{itemize}
\item Bob's public key (for \textbf{encrypting} messages \textbf{for Bob})
\item Bob's secret key (for \textbf{decrypting} messages \textbf{for Bob})
\end{itemize}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Public-Key Cryptography}
\begin{itemize}
\item Let's see it visually...
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Public-Key Cryptography}
\begin{itemize}
\item Let's see it visually...
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\draw [-stealth] (alice) -- (bob);
\node [inner sep=0pt] (alice-share-pub) at (0,0) {\pgfuseimage{apub}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Public-Key Cryptography}
\begin{itemize}
\item Let's see it visually...
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-alice-pub) at (5.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (eve-alice-pub) at (-1.5,1.5) {\pgfuseimage{apub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Public-Key Cryptography}
\begin{itemize}
\item Let's see it visually...
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-alice-pub) at (5.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\draw [-stealth] (bob) -- (alice);
\node [inner sep=0pt] (bob-share-pub) at (0,0) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (eve-alice-pub) at (-1.5,1.5) {\pgfuseimage{apub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Public-Key Cryptography}
\begin{itemize}
\item Let's see it visually...
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-bob-pub) at (-5.5,1.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-alice-pub) at (5.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (eve-alice-pub) at (-1.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (eve-bob-pub) at (1.5,1.5) {\pgfuseimage{bpub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Public-Key Cryptography}
\begin{itemize}
\item Let's see it visually...
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-bob-pub) at (-5.5,1.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-alice-pub) at (5.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\draw [-stealth] (alice) -- (bob);
\node [inner sep=0pt] (alice-bob-ct) at (0,0) {\pgfuseimage{ciphertext}};
\node [inner sep=0pt] (alice-bob-ct-bob-key) at (0.95,0.25) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (eve-alice-pub) at (-1.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (eve-bob-pub) at (1.5,1.5) {\pgfuseimage{bpub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Public-Key Cryptography}
\begin{itemize}
\item Let's see it visually...
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-bob-pub) at (-5.5,1.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-alice-pub) at (5.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\draw [-stealth] (alice) -- (bob);
\node [inner sep=0pt] (alice-bob-ct) at (0,0) {\pgfuseimage{ciphertext}};
\node [inner sep=0pt] (alice-bob-ct-bob-key) at (0.95,0.25) {\pgfuseimage{bpub}};
\draw [color=red] (0.5,0) ellipse (1.5cm and 1cm);
\draw [color=red] (bob-pri) ellipse (1cm and 0.5cm);
\node[text width=4cm] at (5,-1.5) {\footnotesize need this key to decrypt};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (eve-alice-pub) at (-1.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (eve-bob-pub) at (1.5,1.5) {\pgfuseimage{bpub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Public-Key Cryptography}
\begin{itemize}
\item Let's see it visually...
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-bob-pub) at (-5.5,1.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-alice-pub) at (5.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\draw [-stealth] (bob) -- (alice);
\node [inner sep=0pt] (bob-alice-ct) at (0,0) {\pgfuseimage{ciphertext}};
\node [inner sep=0pt] (bob-alice-ct-alice-key) at (0.95,0.25) {\pgfuseimage{apub}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (eve-alice-pub) at (-1.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (eve-bob-pub) at (1.5,1.5) {\pgfuseimage{bpub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Public-Key Cryptography}
\begin{itemize}
\item Let's see it visually...
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-bob-pub) at (-5.5,1.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-alice-pub) at (5.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\draw [-stealth] (bob) -- (alice);
\node [inner sep=0pt] (bob-alice-ct) at (0,0) {\pgfuseimage{ciphertext}};
\node [inner sep=0pt] (bob-alice-ct-alice-key) at (0.95,0.25) {\pgfuseimage{apub}};
\draw [color=red] (0.5,0) ellipse (1.5cm and 1cm);
\draw [color=red] (alice-pri) ellipse (1cm and 0.5cm);
\node[text width=4cm] at (-5,-1.5) {\footnotesize need this key to decrypt};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (eve-alice-pub) at (-1.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (eve-bob-pub) at (1.5,1.5) {\pgfuseimage{bpub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Public-Key Cryptography Exercise}
\begin{itemize}
\item \textbf{Your task: Complete level 6}
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-bob-pub) at (-5.5,1.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-alice-pub) at (5.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\draw [-stealth] (alice) -- (bob);
\node [inner sep=0pt] (alice-bob-ct) at (0,0) {\pgfuseimage{ciphertext}};
\node [inner sep=0pt] (alice-bob-ct-bob-key) at (0.95,0.25) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (eve-alice-pub) at (-1.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (eve-bob-pub) at (1.5,1.5) {\pgfuseimage{bpub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Security Goals}
\begin{itemize}
\item Confidentiality
\begin{itemize}
\item \textbf{Not default, can be accomplished with encryption}
\end{itemize}
\item Integrity
\item Availability
\item Authentication
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{No Authentication}
\begin{itemize}
\item No check that source is correct
\end{itemize}
\vspace{1em}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (mallory) at (-5,0) {\pgfuseimage{mallory}};
\node (postcard) {\pgfuseimage{postcard}};
\node at (-2.25,1.5) {\color{\srccolor}\large Alice's PC};
\node at (3.15,1.7) {\color{\protocolor}\footnotesize ICMP};
\node at (2.35,0.55) {\color{\dstcolor}\large catpics.com};
\node[text width=4cm] at (-.5,-.5) {\color{\msgcolor}\large PING};
\end{tikzpicture}
}
\begin{itemize}
\item \textbf{Your task: Complete levels 7 and 8}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Security Goals}
\begin{itemize}
\item Confidentiality
\begin{itemize}
\item Not default, can be accomplished with encryption
\end{itemize}
\item Integrity
\item Availability
\item Authentication
\begin{itemize}
\item \textbf{Not default, can be accomplished with cryptography}
\end{itemize}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Attacking Integrity}
\begin{itemize}
\item Who can \textbf{modify} the message?
\end{itemize}
\centerline{
\begin{tikzpicture}
\theinternet
\node [inner sep=0pt] (alice) at (-7.65,-1.25) {\pgfuseimage{alice}};
\draw [draw=red,line width=3pt] (desktop) -- (basestation);
\draw [draw=red,line width=3pt] (basestation) -- (AS1r1);
\draw [draw=red,line width=3pt] (AS1r1) -- (AS2r1);
\draw [draw=red,line width=3pt] (AS2r2) -- (AS2r1);
\draw [draw=red,line width=3pt] (AS2r2) -- (AS3r2);
\draw [draw=red,line width=3pt] (AS3r3) -- (AS3r2);
\draw [draw=red,line width=3pt] (AS3r3) -- (AS3r5);
\draw [draw=red,line width=3pt] (AS4r1) -- (AS3r5);
\draw [draw=red,line width=3pt] (AS4r1) -- (AS4r2);
\draw [draw=red,line width=3pt] (AS6r1) -- (AS4r2);
\draw [draw=red,line width=3pt] (AS6r1) -- (server);
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Attacking Integrity}
\begin{itemize}
\item Who can \textbf{modify} the message?
\end{itemize}
\centerline{
\begin{tikzpicture}
\filldraw [fill=green!20, draw=black, thick] (-5,4) -- (5,4) -- (3,1) -- (-3,1) -- cycle;
\filldraw [fill=blue!20, draw=black, thick] (-3,.5) -- (3,.5) -- (3.5,-2) -- (-3.5,-2) -- cycle;
\filldraw [fill=red!20, draw=black, thick] (-7,4) --(-5.5,4) -- (-3.5,1) -- (-7,1.5);
\filldraw [fill=purple!20, draw=black, thick] (7,4) --(5.5,4) -- (3.5,1) -- (7,0);
\filldraw [fill=orange!20, draw=black, thick] (-7,1) -- (-3.5,.5) -- (-4,-2) -- (-7,-2);
\filldraw [fill=yellow!20, draw=black, thick] (7,-.5) -- (3.5,.5) -- (4,-2) -- (7,-2);
\node [inner sep=0pt] (mobile) at (-5,-1.25) {\pgfuseimage{mobile}};
\node [inner sep=0pt] (desktop) at (-6.5,-1.25) {\pgfuseimage{desktop}};
\node [inner sep=0pt] (basestation) at (-4.25,-.25) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (AS1r1) at (-6,0.25) {\pgfuseimage{mallory}};
\draw [draw=black,thick] (desktop) -- (basestation);
\draw [draw=black,thick] (basestation) -- (AS1r1);
\node [inner sep=0pt] (AS2r1) at (-6.25,2) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (AS2r3) at (-6.25,3.5) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS2r2) at (-4.6,1.6) {\pgfuseimage{mallory}};
\draw [draw=black,thick] (AS2r1) -- (AS1r1);
\draw [draw=black,thick] (AS2r2) -- (AS2r1);
\draw [draw=black,thick] (AS2r2) -- (AS2r3);
\draw [draw=black,thick] (AS2r1) -- (AS2r3);
\draw [draw=black,thick] (AS2r1) -- ($(-7,1)!(AS2r1)!(-7,0)$);
\draw [draw=black,thick] (AS2r3) -- ($(-7,1)!(AS2r3)!(-7,0)$);
\node [inner sep=0pt] (AS3r1) at (-3.5,3.5) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS3r2) at (-2.5,1.5) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (AS3r3) at (-1,2.5) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (AS3r4) at (2,1.5) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS3r5) at (3,3) {\pgfuseimage{mallory}};
\draw [draw=black,thick] (AS2r3) -- (AS3r1);
\draw [draw=black,thick] (AS2r2) -- (AS3r2);
\draw [draw=black,thick] (AS3r1) -- (AS3r3);
\draw [draw=black,thick] (AS3r2) -- (AS3r3);
\draw [draw=black,thick] (AS3r4) -- (AS3r3);
\draw [draw=black,thick] (AS3r5) -- (AS3r3);
\draw [draw=black,thick] (AS3r2) -- (AS3r4);
\node [inner sep=0pt] (AS4r1) at (6.25,3.5) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (AS4r2) at (4.75,1.25) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (AS4basestation) at (6.25,1.2) {\pgfuseimage{basestation}};
\draw [draw=black,thick] (AS4r1) -- (AS4r2);
\draw [draw=black,thick] (AS4basestation) -- (AS4r2);
\draw [draw=black,thick] (AS3r5) -- (AS4r1);
\node [inner sep=0pt] (AS5r1) at (-2.5,0) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS5r2) at (2,0) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS5server) at (-1,-1) {\pgfuseimage{server}};
\draw [draw=black,thick] (AS2r2) -- (AS5r1);
\draw [draw=black,thick] (AS3r2) -- (AS5r1);
\draw [draw=black,thick] (AS3r4) -- (AS5r2);
\draw [draw=black,thick] (AS5r1) -- (AS5r2);
\draw [draw=black,thick] (AS5r1) -- (AS5server);
\node [inner sep=0pt] (AS6r1) at (4.3,-.3) {\pgfuseimage{mallory}};
% \node [inner sep=0pt] at (6,-1.7) {\pgfuseimage{server}};
% \node [inner sep=0pt] at (6,-1.45) {\pgfuseimage{server}};
\node [inner sep=0pt] (server) at (6,-1.2) {\pgfuseimage{server}};
\draw [draw=black,thick] (AS6r1) -- (AS4r2);
\draw [draw=black,thick] (AS6r1) -- (server);
\node [inner sep=0pt] (alice) at (-7.65,-1.25) {\pgfuseimage{alice}};
\draw [draw=red,line width=3pt] (desktop) -- (basestation);
\draw [draw=red,line width=3pt] (basestation) -- (AS1r1);
\draw [draw=red,line width=3pt] (AS1r1) -- (AS2r1);
\draw [draw=red,line width=3pt] (AS2r2) -- (AS2r1);
\draw [draw=red,line width=3pt] (AS2r2) -- (AS3r2);
\draw [draw=red,line width=3pt] (AS3r3) -- (AS3r2);
\draw [draw=red,line width=3pt] (AS3r3) -- (AS3r5);
\draw [draw=red,line width=3pt] (AS4r1) -- (AS3r5);
\draw [draw=red,line width=3pt] (AS4r1) -- (AS4r2);
\draw [draw=red,line width=3pt] (AS6r1) -- (AS4r2);
\draw [draw=red,line width=3pt] (AS6r1) -- (server);
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Security Goals}
\begin{itemize}
\item Confidentiality
\begin{itemize}
\item Not default, can be accomplished with encryption
\end{itemize}
\item Integrity
\begin{itemize}
\item \textbf{Not default, can be accomplished with cryptography}
\end{itemize}
\item Availability
\item Authentication
\begin{itemize}
\item Not default, can be accomplished with cryptography
\end{itemize}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Attacking Availability}
\begin{itemize}
\item Who can \textbf{block} (or drop) the message?
\end{itemize}
\centerline{
\begin{tikzpicture}
\theinternet
\node [inner sep=0pt] (alice) at (-7.65,-1.25) {\pgfuseimage{alice}};
\draw [draw=red,line width=3pt] (desktop) -- (basestation);
\draw [draw=red,line width=3pt] (basestation) -- (AS1r1);
\draw [draw=red,line width=3pt] (AS1r1) -- (AS2r1);
\draw [draw=red,line width=3pt] (AS2r2) -- (AS2r1);
\draw [draw=red,line width=3pt] (AS2r2) -- (AS3r2);
\draw [draw=red,line width=3pt] (AS3r3) -- (AS3r2);
\draw [draw=red,line width=3pt] (AS3r3) -- (AS3r5);
\draw [draw=red,line width=3pt] (AS4r1) -- (AS3r5);
\draw [draw=red,line width=3pt] (AS4r1) -- (AS4r2);
\draw [draw=red,line width=3pt] (AS6r1) -- (AS4r2);
\draw [draw=red,line width=3pt] (AS6r1) -- (server);
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Attacking Availability}
\begin{itemize}
\item Who can \textbf{block} (or drop) the message?
\end{itemize}
\centerline{
\begin{tikzpicture}
\filldraw [fill=green!20, draw=black, thick] (-5,4) -- (5,4) -- (3,1) -- (-3,1) -- cycle;
\filldraw [fill=blue!20, draw=black, thick] (-3,.5) -- (3,.5) -- (3.5,-2) -- (-3.5,-2) -- cycle;
\filldraw [fill=red!20, draw=black, thick] (-7,4) --(-5.5,4) -- (-3.5,1) -- (-7,1.5);
\filldraw [fill=purple!20, draw=black, thick] (7,4) --(5.5,4) -- (3.5,1) -- (7,0);
\filldraw [fill=orange!20, draw=black, thick] (-7,1) -- (-3.5,.5) -- (-4,-2) -- (-7,-2);
\filldraw [fill=yellow!20, draw=black, thick] (7,-.5) -- (3.5,.5) -- (4,-2) -- (7,-2);
\node [inner sep=0pt] (mobile) at (-5,-1.25) {\pgfuseimage{mobile}};
\node [inner sep=0pt] (desktop) at (-6.5,-1.25) {\pgfuseimage{desktop}};
\node [inner sep=0pt] (basestation) at (-4.25,-.25) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (AS1r1) at (-6,0.25) {\pgfuseimage{mallory}};
\draw [draw=black,thick] (desktop) -- (basestation);
\draw [draw=black,thick] (basestation) -- (AS1r1);
\node [inner sep=0pt] (AS2r1) at (-6.25,2) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (AS2r3) at (-6.25,3.5) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS2r2) at (-4.6,1.6) {\pgfuseimage{mallory}};
\draw [draw=black,thick] (AS2r1) -- (AS1r1);
\draw [draw=black,thick] (AS2r2) -- (AS2r1);
\draw [draw=black,thick] (AS2r2) -- (AS2r3);
\draw [draw=black,thick] (AS2r1) -- (AS2r3);
\draw [draw=black,thick] (AS2r1) -- ($(-7,1)!(AS2r1)!(-7,0)$);
\draw [draw=black,thick] (AS2r3) -- ($(-7,1)!(AS2r3)!(-7,0)$);
\node [inner sep=0pt] (AS3r1) at (-3.5,3.5) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS3r2) at (-2.5,1.5) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (AS3r3) at (-1,2.5) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (AS3r4) at (2,1.5) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS3r5) at (3,3) {\pgfuseimage{mallory}};
\draw [draw=black,thick] (AS2r3) -- (AS3r1);
\draw [draw=black,thick] (AS2r2) -- (AS3r2);
\draw [draw=black,thick] (AS3r1) -- (AS3r3);
\draw [draw=black,thick] (AS3r2) -- (AS3r3);
\draw [draw=black,thick] (AS3r4) -- (AS3r3);
\draw [draw=black,thick] (AS3r5) -- (AS3r3);
\draw [draw=black,thick] (AS3r2) -- (AS3r4);
\node [inner sep=0pt] (AS4r1) at (6.25,3.5) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (AS4r2) at (4.75,1.25) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (AS4basestation) at (6.25,1.2) {\pgfuseimage{basestation}};
\draw [draw=black,thick] (AS4r1) -- (AS4r2);
\draw [draw=black,thick] (AS4basestation) -- (AS4r2);
\draw [draw=black,thick] (AS3r5) -- (AS4r1);
\node [inner sep=0pt] (AS5r1) at (-2.5,0) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS5r2) at (2,0) {\pgfuseimage{router}};
\node [inner sep=0pt] (AS5server) at (-1,-1) {\pgfuseimage{server}};
\draw [draw=black,thick] (AS2r2) -- (AS5r1);
\draw [draw=black,thick] (AS3r2) -- (AS5r1);
\draw [draw=black,thick] (AS3r4) -- (AS5r2);
\draw [draw=black,thick] (AS5r1) -- (AS5r2);
\draw [draw=black,thick] (AS5r1) -- (AS5server);
\node [inner sep=0pt] (AS6r1) at (4.3,-.3) {\pgfuseimage{mallory}};
% \node [inner sep=0pt] at (6,-1.7) {\pgfuseimage{server}};
% \node [inner sep=0pt] at (6,-1.45) {\pgfuseimage{server}};
\node [inner sep=0pt] (server) at (6,-1.2) {\pgfuseimage{server}};
\draw [draw=black,thick] (AS6r1) -- (AS4r2);
\draw [draw=black,thick] (AS6r1) -- (server);
\node [inner sep=0pt] (alice) at (-7.65,-1.25) {\pgfuseimage{alice}};
\draw [draw=red,line width=3pt] (desktop) -- (basestation);
\draw [draw=red,line width=3pt] (basestation) -- (AS1r1);
\draw [draw=red,line width=3pt] (AS1r1) -- (AS2r1);
\draw [draw=red,line width=3pt] (AS2r2) -- (AS2r1);
\draw [draw=red,line width=3pt] (AS2r2) -- (AS3r2);
\draw [draw=red,line width=3pt] (AS3r3) -- (AS3r2);
\draw [draw=red,line width=3pt] (AS3r3) -- (AS3r5);
\draw [draw=red,line width=3pt] (AS4r1) -- (AS3r5);
\draw [draw=red,line width=3pt] (AS4r1) -- (AS4r2);
\draw [draw=red,line width=3pt] (AS6r1) -- (AS4r2);
\draw [draw=red,line width=3pt] (AS6r1) -- (server);
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Another Attack on Availability}
\begin{itemize}
\item Denial of Service (DoS)
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (mallory) at (-5,0) {\pgfuseimage{mallory}};
\node (postcard) {\pgfuseimage{postcard}};
\node at (-2.25,1.5) {\color{\srccolor}\large Mallory's PC};
\node at (3.15,1.7) {\color{\protocolor}\footnotesize ICMP};
\node at (2.35,0.55) {\color{\dstcolor}\large catpics.com};
\node[text width=4cm] at (-.5,-.5) {\color{\msgcolor}\large PING};
\node[text width=2.5cm] at (5.5,-2) {\LARGE x1000};
\end{tikzpicture}
}
\begin{itemize}
\item \textbf{Your task: Complete levels 9, 10, and 11}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Security Goals}
\begin{itemize}
\item Confidentiality
\begin{itemize}
\item Not default, can be accomplished with encryption
\end{itemize}
\item Integrity
\begin{itemize}
\item Not default, can be accomplished with cryptography
\end{itemize}
\item Availability
\begin{itemize}
\item \textbf{Not default, can be partially accomplished with firewalls}
\end{itemize}
\item Authentication
\begin{itemize}
\item Not default, can be accomplished with cryptography
\end{itemize}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Takeaways}
\begin{itemize}
\item The Internet was not designed with security in mind
\item We accomplish \textbf{none} of our security goals by default
\item We can hack on security sometimes, usually through cryptography
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Mallory-in-the-Middle}
\begin{itemize}
\item Recall public-key encryption...
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Mallory-in-the-Middle}
\begin{itemize}
\item Recall public-key encryption...
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-alice-pub) at (5.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\draw [-stealth] (alice) -- (bob);
\node [inner sep=0pt] (alice-share-pub) at (0,0) {\pgfuseimage{apub}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (eve-alice-pub) at (-1.5,1.5) {\pgfuseimage{apub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Mallory-in-the-Middle}
\begin{itemize}
\item Recall public-key encryption...
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-bob-pub) at (-5.5,1.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-alice-pub) at (5.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\draw [-stealth] (bob) -- (alice);
\node [inner sep=0pt] (bob-share-pub) at (0,0) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (eve-alice-pub) at (-1.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (eve-bob-pub) at (1.5,1.5) {\pgfuseimage{bpub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Mallory-in-the-Middle}
\begin{itemize}
\item Recall public-key encryption...
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-bob-pub) at (-5.5,1.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-alice-pub) at (5.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\draw [-stealth] (alice) -- (bob);
\node [inner sep=0pt] (alice-bob-ct) at (0,0) {\pgfuseimage{ciphertext}};
\node [inner sep=0pt] (alice-bob-ct-bob-key) at (0.95,0.25) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (eve-alice-pub) at (-1.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (eve-bob-pub) at (1.5,1.5) {\pgfuseimage{bpub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Mallory-in-the-Middle}
\begin{itemize}
\item Recall public-key encryption...
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-bob-pub) at (-5.5,1.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-alice-pub) at (5.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\draw [-stealth] (bob) -- (alice);
\node [inner sep=0pt] (bob-alice-ct) at (0,0) {\pgfuseimage{ciphertext}};
\node [inner sep=0pt] (bob-alice-ct-alice-key) at (0.95,0.25) {\pgfuseimage{apub}};
\node [inner sep=0pt] (eve) at (0,1.5) {\pgfuseimage{eve}};
\node [inner sep=0pt] (eve-alice-pub) at (-1.5,1.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (eve-bob-pub) at (1.5,1.5) {\pgfuseimage{bpub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Mallory-in-the-Middle}
\begin{itemize}
\item What if our enemy does more than just eavesdrop?
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\node [inner sep=0pt] (mallory) at (0,0) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (mallory-pri) at (-0.75,1) {\pgfuseimage{mpri}};
\node [inner sep=0pt] (mallory-pub) at (0.75,1) {\pgfuseimage{mpub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Mallory-in-the-Middle}
\begin{itemize}
\item What if our enemy does more than just eavesdrop?
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\node [inner sep=0pt] (mallory) at (0,0) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (mallory-pri) at (-0.75,1) {\pgfuseimage{mpri}};
\node [inner sep=0pt] (mallory-pub) at (0.75,1) {\pgfuseimage{mpub}};
\draw [-stealth] (alice) -- (mallory);
\node [inner sep=0pt] (alice-share-pub) at (-2,0) {\pgfuseimage{apub}};
\node [inner sep=0pt] (mallory-alice-pub) at (-0.75,2) {\pgfuseimage{apub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Mallory-in-the-Middle}
\begin{itemize}
\item What if our enemy does more than just eavesdrop?
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\node [inner sep=0pt] (mallory) at (0,0) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (mallory-pri) at (-0.75,1) {\pgfuseimage{mpri}};
\node [inner sep=0pt] (mallory-pub) at (0.75,1) {\pgfuseimage{mpub}};
\draw [-stealth] (alice) -- (mallory);
\node [inner sep=0pt] (alice-share-pub) at (-2,0) {\pgfuseimage{apub}};
\node [inner sep=0pt] (mallory-alice-pub) at (-0.75,2) {\pgfuseimage{apub}};
\draw [-stealth] (mallory) -- (bob);
\node [inner sep=0pt] (mallory-share-pub) at (2,0) {\pgfuseimage{mpub}};
\node [text width=4cm] at (2.75,-1) {``from Alice"};
\node [inner sep=0pt] (bob-mallory-pub) at (5.5,1.5) {\pgfuseimage{mpub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Mallory-in-the-Middle}
\begin{itemize}
\item What if our enemy does more than just eavesdrop?
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\node [inner sep=0pt] (mallory) at (0,0) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (mallory-pri) at (-0.75,1) {\pgfuseimage{mpri}};
\node [inner sep=0pt] (mallory-pub) at (0.75,1) {\pgfuseimage{mpub}};
\draw [-stealth] (bob) -- (mallory);
\node [inner sep=0pt] (bob-share-pub) at (2,0) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (mallory-alice-pub) at (-0.75,2) {\pgfuseimage{apub}};
\node [inner sep=0pt] (mallory-bob-pub) at (0.75,2) {\pgfuseimage{bpub}};
\draw [-stealth] (mallory) -- (alice);
\node [inner sep=0pt] (mallory-share-pub) at (-2,0) {\pgfuseimage{mpub}};
\node [text width=4cm] at (-1.25,-1) {``from Bob"};
\node [inner sep=0pt] (bob-mallory-pub) at (5.5,1.5) {\pgfuseimage{mpub}};
\node [inner sep=0pt] (alice-mallory-pub) at (-5.5,1.5) {\pgfuseimage{mpub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Mallory-in-the-Middle}
\begin{itemize}
\item What if our enemy does more than just eavesdrop?
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\node [inner sep=0pt] (mallory) at (0,0) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (mallory-pri) at (-0.75,1) {\pgfuseimage{mpri}};
\node [inner sep=0pt] (mallory-pub) at (0.75,1) {\pgfuseimage{mpub}};
\draw [-stealth] (alice) -- (mallory);
\node [inner sep=0pt] (alice-mallory-ct) at (-2.5,0) {\pgfuseimage{ciphertext}};
\node [inner sep=0pt] (alice-mallory-ct-mallory-key) at (-1.55,0.25) {\pgfuseimage{mpub}};
\node [inner sep=0pt] (mallory-alice-pub) at (-0.75,2) {\pgfuseimage{apub}};
\node [inner sep=0pt] (mallory-bob-pub) at (0.75,2) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-mallory-pub) at (5.5,1.5) {\pgfuseimage{mpub}};
\node [inner sep=0pt] (alice-mallory-pub) at (-5.5,1.5) {\pgfuseimage{mpub}};
\draw [-stealth] (mallory) -- (bob);
\node [inner sep=0pt] (mallory-bob-ct) at (1.5,0) {\pgfuseimage{ciphertext}};
\node [inner sep=0pt] (mallory-bob-ct-mallory-key) at (2.45,0.25) {\pgfuseimage{bpub}};
\end{tikzpicture}
}
\end{frame}
\begin{frame}
\frametitle{Mallory-in-the-Middle}
\begin{itemize}
\item What if our enemy does more than just eavesdrop?
\end{itemize}
\centerline{
\begin{tikzpicture}
\node [inner sep=0pt] (alice) at (-4,0) {\pgfuseimage{alice}};
\node [inner sep=0pt] (alice-pub) at (-5.5,0.5) {\pgfuseimage{apub}};
\node [inner sep=0pt] (alice-pri) at (-5.5,-0.5) {\pgfuseimage{apri}};
\node [inner sep=0pt] (bob) at (4,0) {\pgfuseimage{bob}};
\node [inner sep=0pt] (bob-pub) at (5.5,0.5) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-pri) at (5.5,-0.5) {\pgfuseimage{bpri}};
\node [inner sep=0pt] (mallory) at (0,0) {\pgfuseimage{mallory}};
\node [inner sep=0pt] (mallory-pri) at (-0.75,1) {\pgfuseimage{mpri}};
\node [inner sep=0pt] (mallory-pub) at (0.75,1) {\pgfuseimage{mpub}};
\draw [-stealth] (alice) -- (mallory);
\node [inner sep=0pt] (alice-mallory-ct) at (-2.5,0) {\pgfuseimage{ciphertext}};
\node [inner sep=0pt] (alice-mallory-ct-mallory-key) at (-1.55,0.25) {\pgfuseimage{mpub}};
\node [inner sep=0pt] (mallory-alice-pub) at (-0.75,2) {\pgfuseimage{apub}};
\node [inner sep=0pt] (mallory-bob-pub) at (0.75,2) {\pgfuseimage{bpub}};
\node [inner sep=0pt] (bob-mallory-pub) at (5.5,1.5) {\pgfuseimage{mpub}};
\node [inner sep=0pt] (alice-mallory-pub) at (-5.5,1.5) {\pgfuseimage{mpub}};
\draw [-stealth] (mallory) -- (bob);
\node [inner sep=0pt] (mallory-bob-ct) at (1.5,0) {\pgfuseimage{ciphertext}};
\node [inner sep=0pt] (mallory-bob-ct-mallory-key) at (2.45,0.25) {\pgfuseimage{bpub}};
\end{tikzpicture}
}
\begin{itemize}
\item \textbf{Your task: Complete level 12}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Wrapping Up Cryptography}
\begin{itemize}
\item Cryptography lets us do more than just hide things
\begin{itemize}
\item We can ensure integrity of data (has it changed?)
\item We can ensure authenticity of data (who wrote it?)
\end{itemize}
\item We won't talk about it more than that right now
\item But it's very cool!
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Goals}
\begin{itemize}
\item \sout{\textit{\textbf{Define}} the foundations of computer networks}
\item \sout{\textit{\textbf{Define}} security goals}
\item \sout{\textit{\textbf{Explore}} whether these security goals are accomplished on the Internet}
\item \sout{\textit{\textbf{Execute}} attacks against a (simulated) network}
\item \textit{\textbf{Identify}} real-world implications and defenses
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Real-World Implications}
\begin{itemize}
\item These simulated attacks have real-world implications
\begin{itemize}
\item The Internet was not designed with security in mind
\item Security had to be hacked on later
\item Many parts of the Internet are still insecure by default
\item Considering security during design can help you later
\end{itemize}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Real-World Implications}
\begin{itemize}
\item But things are getting better!
\begin{itemize}
\item Most web traffic is encrypted now with HTTPS
\begin{itemize}
\item (and integrity and authentication are guaranteed)
\end{itemize}
\item More instant messengers are using encryption
\end{itemize}
\item There's still room for improvement
\begin{itemize}
\item Protecting metadata:
\begin{itemize}
\item Which sites you visit
\item Which people you talk to
\end{itemize}
\item Censorship
\end{itemize}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Real-World Things You Can Do}
\begin{itemize}
\item Encrypt your web traffic
\begin{itemize}
\item You can set your web browser settings to use HTTPS everywhere\footnote{\url{https://www.eff.org/deeplinks/2021/09/https-actually-everywhere}}
\end{itemize}
\item Encrypt your private messages
\begin{itemize}
\item Signal\footnote{\url{https://signal.org/}} is easy to use and offers strong encryption
\end{itemize}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Real-World Things You Can Do}
\begin{itemize}
\item Hide which sites you visit and circumvent censorship
\begin{itemize}
\item Tor\footnote{\url{https://torproject.org/}} is better for privacy and anonymity for VPNs
\item Run the Snowflake\footnote{\url{https://snowflake.torproject.org/}} browser extension to help other people use Tor
\end{itemize}
\item Study cryptography, security, and/or privacy and help fix things
\begin{itemize}
\item Check out CrySP\footnote{\url{https://crysp.org/}} for the work we do here at UW
\end{itemize}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Goals}
\begin{itemize}
\item \sout{\textit{\textbf{Define}} the foundations of computer networks}
\item \sout{\textit{\textbf{Define}} security goals}
\item \sout{\textit{\textbf{Explore}} whether these security goals are accomplished on the Internet}
\item \sout{\textit{\textbf{Execute}} attacks against a (simulated) network}
\item \sout{\textit{\textbf{Identify}} real-world implications and defenses}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Closing}
\begin{itemize}
\item Congratulations! You have learned some things about networking, the insecurity of the Internet, and hacking
\item General advice:
\begin{itemize}
\item Privacy matters
\item Don't trust corporations
\item Please work on making the world better, not worse
\end{itemize}
% \item Hacking is about understanding how things work and accomplishing goals in unconventional ways
% \item By studying cryptography, security, and/or privacy, you can help make things better
\item This talk is available at \footnotesize \url{https://vvecna.cs.uwaterloo.ca/2024-uw-sparcs-netsim.pdf}
\end{itemize}
\end{frame}
\end{document}