feat: First version EACN slides

2024-09-20-eacn/00100_prelude.tex

@@ -0,0 +1,70 @@
+\section{Section: Prelude}
+
+\section{Section Intro}
+
+\begin{frame}]{Computational, Authenticated Key Distribution}
+  \small
+  \only<1>{
+    Software Encryption…
+
+    \begin{itemize}
+      \item …secures communication using modest computational resources.
+      \item …is deployed on a vast number of devices.
+      \item …is superior to QKD in most respects.
+      \item …can benefit from the inclusion of QKD.
+    \end{itemize}
+  }
+
+  \only<2>{
+    So you can build better QKD/Software Encryption setups, we will…
+
+    \begin{enumerate}
+      \item Introduce the methods used in cryptography
+      \item Contrast the security properties provided by QKD vs Software Encryption.
+      \item Explore the value integration QKD into software encryption systems can provide
+    \end{enumerate}
+  }
+
+	\vfill
+
+    \QRCode*{rosenpass.eu/docs/presentations/eacn-2024/}\begin{tabular}[c]{@{\space}l}
+    Follow the talk at:\\
+    \footnotesize\href{rosenpass.eu/docs/presentations/eacn-2024/}{rosenpass.eu/docs/ presentations/eacn-2024/}
+    \end{tabular}
+
+  % \vfill
+
+  %   \QRCode*{media.ccc.de/v/how-to-build-post-quantum-cryptographic-protocols-and-why-wall-clocks-are-not-to}\begin{tabular}[c]{@{\space}l}
+  %   Watch the presentation at:\\
+  %   \tiny\href{media.ccc.de/v/how-to-build-post-quantum-cryptographic-protocols-and-why-wall-clocks-are-not-to}{media.ccc.de/v/how-to-build-post-quantum-cryptographic-protocols-and-why-wall-clocks-are-not-to}
+  %   \end{tabular}
+
+  % \vfill
+\end{frame}
+
+
+
+\begin{frame}{Rosenpass}
+
+  I am the main author of Rosenpass. This brings me here. Rosenpass is:
+
+  \begin{columns}[fullwidth,c]
+
+    \begin{column}{.7\linewidth}
+      \begin{itemize}
+        \item A post-quantum secure key exchange \textbf{protocol}
+          {\small based on the paper Post-Quantum WireGuard~\citePqwg}
+        \item An open source Rust \textbf{implementation} of that protocol, already in use
+        \item A way to secure WireGuard VPN setups against quantum attacks
+        \item A \textbf{post-quantum secure VPN}
+        \item A governance \textbf{organization} to facilitate development, maintenance, and adoption of said protocol
+        %\item A translation research organization
+      \end{itemize}
+      \bigskip
+      \textbf{\url{rosenpass.eu}}
+    \end{column}%
+    \begin{column}{.3\linewidth}
+      \includegraphics[ width=.92\linewidth]{graphics/Illu-install.png}
+    \end{column}
+  \end{columns}
+\end{frame}

2024-09-20-eacn/00200_about_cryptography.tex

@@ -0,0 +1,123 @@
+\interlude[0]{About cryptology}
+\section{About cryptology}
+
+\begin{frame}{To build real-world cryptography solutions}
+  TODO
+\end{frame}
+
+\begin{frame}{Proofs of security are fundamental: Reduction proofs}
+  \small
+  Proof by reduction to a well-known mathematical problem or existing cryptographic construction.
+  \vfill
+  \textbf{If} an attack against my cryptosystem exists,
+  \\ \textbf{then} this other cryptosystem can be attacked or this math problem can be solved.
+  \vfill
+  Proof ad-absurdum:
+  \begin{itemize}
+    \item Assume an attacker against the new cryptosystem exists
+    \item Construct a solution to the underlying math problem using the assumed attacker
+  \end{itemize}
+\end{frame}
+
+\begin{frame}{Proofs are fundamental: Using information theory}
+  \small
+
+  Showing that each \emph{plain text} is plausible for each \emph{ciphertext}.
+
+  \vfill
+
+  Cryptosystem should be formulated as a function:
+
+  $$F : K \times D \to C$$
+
+  \begin{description}
+    \item[$K$] Key material; secret information held by all parties
+    \item[$D$] Protected information
+    \item[$C$] Leaked information; any information known to the attacker after protocol execution
+  \end{description}
+
+  Now it needs to be shown, that for every value of the leaked information,
+  every value of the protected information is equally plausible.
+
+
+  $$\forall c : C, d_1 : D, d_2 : D; |\{ k \in K | F(k, d_1) = c \}| = |\{ k \in K | F(k, d_1) = c \}|$$
+\end{frame}
+
+\begin{frame}{Proofs are fundamental: Implementation security}
+  \begin{columns}[t,fullwidth]
+
+    \begin{column}{.40\textwidth}
+      \begin{block}{Functional Correctness}
+        Using formal methods from computer science that a cryptographic implementation is equivalent to its specification.
+      \end{block}
+
+      \vfill
+
+      \begin{block}{Efficiency}
+        Using complexity theoretic analysis to ensure that the implementation can not be slowed down by an attacker.
+      \end{block}
+    \end{column}
+
+    \begin{column}{.55\textwidth}
+      \begin{block}{Implementation security}
+        Ensuring cryptographic implementation fulfill various extra security properties.
+        For example:
+        \vfill
+        \begin{itemize}
+          \item Timing side-channel resistance (certain assembly operations are forbidden)
+          \item Memory-safety (advanced programming languages such as Rust to avoid bugs such as buffer-overflows)
+        \end{itemize}
+      \end{block}
+    \end{column}
+  \end{columns}
+
+\end{frame}
+
+\begin{frame}{Practical security is essential}
+  \small
+
+  It is not enough to build a system that is secure in theory but vulnerable on real hardware.
+  Some dangers include:
+
+  \begin{itemize}
+    \item Timing side-channels
+    \item Power side-channels
+    \item Hardware bugs in the CPU (Rowhammer, Spectre, or Meltdown)
+    \item Lack of usability (Implementations that are easy to misuse)
+  \end{itemize}
+\end{frame}
+
+\begin{frame}{Open-Source \& Open-Science are mandatory}
+  \begin{itemize}
+    \item Cryptology is about creating trust
+    \item Incremental peer review of implementations and abstract constructions is part of the process
+  \end{itemize}
+\end{frame}
+
+\begin{frame}{More than encryption}
+  \small
+  Key-exchanges are a subfield in cryptography, not the whole thing!
+
+  \begin{description}
+    \item[Multi-Party Computation] Arbitrary computation on encrypted data without cheating by consortium
+    \item[Homomorphic Encryption] Arbitrary computation on asymmetrically encrypted data
+    \item[Robust Combiners] Redundancy in cryptographic systems
+    \item[Private Information Retrieval] Databases without leakage about user activity
+    \item[Censorship circumvention]
+  \end{description}
+\end{frame}
+
+\begin{frame}{To integrate QKD in cryptology}
+  \small
+  \begin{itemize}
+    \item Integrate with community of cryptography researchers
+    \item Adopt comprehensive approach of cryptology
+    \item Adopt open-source/open-science approach
+    \item Define security properties in cryptographic terms to be comparable
+    \item \textbf{Use QKD within cryptographic systems}, not as an alternative to!
+  \end{itemize}
+
+  The field we are looking at when building cryptographic systems including QKD is called:
+
+  \centering\large Secure Channels
+\end{frame}

2024-09-20-eacn/00300_security_properties.tex

@@ -0,0 +1,111 @@
+\interlude[1]{Secure Channels \vfill \Large and their Security Properties}
+
+\begin{frame}{Secure Channel Protocols}
+  \begin{columns}[T]
+    \begin{column}{.4\linewidth}
+      \small
+
+      Secure channel protocols like TLS, OpenSSH, or the Noise Protocol Framework \citeNoise are used everywhere on the internet. They are
+
+      \begin{itemize}
+        \item Cheap
+        \item Fast
+        \item Secure
+        \item Well analyzed
+        \item Authenticated
+        \item Usually not secure against quantum attacks
+      \end{itemize}
+    \end{column}
+    \begin{column}{.55\linewidth}
+     \includegraphics[width=\linewidth]{graphics/2024-09-13-rosenpass-tls-cert.png}
+    \end{column}
+  \end{columns}
+\end{frame}
+
+\begin{frame}{Security against quantum attacks}
+  \begin{columns}[fullwidth,c]
+    \begin{column}{.6\linewidth}
+      \includegraphics[height=\defaultframetextheight]{graphics/rosenpass-wp-key-exchange-protocol-rgb.pdf}
+    \end{column}
+
+    \begin{column}{.4\linewidth}
+    \stretchcolumn{
+    \vfill
+      \begin{itemize}
+        \item Migration to post-quantum security is definetly possible
+        \item Rosenpass (pictured) is an example
+        \item Alternatives such as KEM-TLS have also been proposed
+        \item Some high security protocols such as OpenSSH and the Signal protocol are already using hybrid PQC
+        \item Modest increase in resource usage
+      \end{itemize}
+      \vfill
+      }
+    \end{column}
+  \end{columns}
+\end{frame}
+
+\begin{frame}{Active \& Passive Security}
+  TODO
+\end{frame}
+
+\begin{frame}{Secrecy \& Authenticity}
+  TODO
+\end{frame}
+
+\begin{frame}{Identity hiding, deniability}
+  TODO
+\end{frame}
+
+\begin{frame}{Advanced properties}
+  Often provided by secure messaging protocols such as Signal or MLS
+
+  \begin{itemize}
+    \item Post-compromise security (recovering security after a compromise)
+    \item Group messaging
+    \item Metadata obfuscation
+    \item Asynchronous handshakes (one party offline)
+  \end{itemize}
+\end{frame}
+
+\begin{frame}{Forward secrecy}
+  TODO
+\end{frame}
+
+\begin{frame}{Everlasting secrecy}
+  TODO
+\end{frame}
+
+\begin{frame}{QKD Caveats}
+  \begin{columns}
+    \begin{column}{.4\textwidth}
+
+      % TODO(marei): Can we use proper checkmark/cross symbols here here?
+      % Can we use a light-green background for green, a light-red one for cross and a yellow one for impractical?
+      % Can we generally make this look nice and graphic-y?
+      \begin{tabular}{ l c c }
+        \textbf{Security property} & \textbf{QKD} & \textbf{Software encryption} \\
+
+        Post-Quantum        & Check           & Check           \\
+        Forward-secrecy     &                 & Check           \\
+        Everlasting-Secrecy & Impractical     & Cross           \\
+        End-2-End           & Impractical     & Check           \\
+        Active Attackers    & Cross           & Check           \\
+        Authenticity        & Cross           & Check           \\
+        Deniability         & Cross           & Check           \\
+        Non-repudiation     & Cross           & Check           \\
+        Identity hiding     & Cross           & Check           \\
+      \end{tabular}
+    \end{column}
+    \begin{column}{.6\textwidth}
+      QKD is…
+
+      \begin{itemize}
+        \item Expensive
+        \item Inefficient
+        \item Everlasting secrecy would be nice, but is impractical for real-world setups
+        \item Multi-hop security is impractical
+        \item End-2-end security is missing entirely (no QKD on my end-user device fiesable for now)
+      \end{itemize}
+    \end{column}
+  \end{columns}
+\end{frame}

2024-09-20-eacn/00400_redefining_qkd_goals.tex

@@ -0,0 +1,20 @@
+\interlude[2]{Redefining QKD Success}
+\section{Redefining QKD Success}
+
+\begin{frame}{QKD as a form of hardware security?}
+  TODO
+
+  …
+
+  TODO Second frame when QKD attacked
+\end{frame}
+
+\begin{frame}{Hybrid setups using QKD and end to end connections}
+  \centering
+  \includegraphics[height=.9\textheight]{graphics/qkd-pqc-network.png}
+\end{frame}
+
+\begin{frame}{Three Pillars of Security}
+  \centering
+  \includegraphics[height=.9\textheight]{graphics/Three pillars of hybrid qkd.png}
+\end{frame}

2024-09-20-eacn/00700_appendix.tex

@@ -0,0 +1,35 @@
+% reset backgorund canvas
+\setbeamertemplate{background canvas}{}
+\interlude[7]{
+  Appendix --- Here Be Dragons
+}
+
+\begin{frame}{Bibliography}
+  \begin{description}
+    \item[\citePqwg:] \url{\citePqwgUrl}
+    \item[\citeGhp:] \url{\citeGhpUrl}
+    \item[\citeHpke:] \url{\citeHpkeUrl} (analysis) \& \url{https://www.rfc-editor.org/rfc/rfc9180.html} (RFC)
+    \item[\citeXwing:] \url{\citeXwingUrl}
+    \item[\citeNoise:] \url{\citeNoiseUrl}
+    \item[\citeBellareRogaway:] \url{\citeBellareRogawayUrl}
+    \item[\citeHalevi:]  \url{\citeHaleviUrl}
+    \item[\citeMlkem:]  \url{\citeMlkemUrl}
+  \end{description}
+\end{frame}
+
+\begin{frame}{Graphics attribution}
+  \tiny
+  \begin{itemize}
+    \item \url{https://unsplash.com/photos/brown-rabbit-Efj0HGPdPKs}
+    \item \url{https://unsplash.com/photos/barista-in-apron-with-hands-in-the-pockets-standing-near-the-roaster-machine-Y5qjv6Dj4w4}
+    \item \url{https://unsplash.com/photos/a-small-rabbit-is-sitting-in-the-grass-1_YMm4pVeSg}
+    \item \url{https://unsplash.com/photos/yellow-blue-and-black-coated-wires-iOLHAIaxpDA}
+    \item \url{https://foto.wuestenigel.com/gray-hamster-eating-sunflower-seed/}
+    \item \url{https://unsplash.com/photos/gray-rabbit-XG06d9Hd2YA}
+    \item \url{https://unsplash.com/photos/big-ben-london-MdJq0zFUwrw}
+    \item \url{https://unsplash.com/photos/white-rabbit-on-green-grass-u_kMWN-BWyU}
+    \item \url{https://unsplash.com/photos/3-brown-bread-on-white-and-black-textile-WJDsVFwPjRk}
+    \item \url{https://unsplash.com/photos/a-pretzel-on-a-bun-with-a-blue-ribbon-ymr0s7z6Ykk}
+    \item \url{https://unsplash.com/photos/white-and-brown-rabbit-on-white-ceramic-bowl-rcfp7YEnJrA}
+  \end{itemize}
+\end{frame}