Secure communication with an Insecure Internet Infrastructure
Secure Communication with an Insecure Internet Infrastructure
Internet Design Decisions and Securit Origin as a small and cooperative network ( largely trusted infrastructure) Global Addressing ( every sociopath is your next-door neighbor) Connection-less datagram service ( cant verify source, hard to protect bandwidth) Dan geer
Internet Design Decisions and Security ◼ Origin as a small and cooperative network (=> largely trusted infrastructure) ◼ Global Addressing (=> every sociopath is your next-door neighbor*) ◼ Connection-less datagram service (=> can’t verify source, hard to protect bandwidth) * Dan Geer
Internet Design Decisions and Securit anyone can connect (> ANYONE can connect) Millions of hosts run nearly identical software ( single exploit can create epidemic Most internet users know about as much as Senator Stevens aka the tubes guy (> God help us all.)
Internet Design Decisions and Security ◼ Anyone can connect (=> ANYONE can connect) ◼ Millions of hosts run nearly identical software (=> single exploit can create epidemic) ◼ Most Internet users know about as much as Senator Stevens aka “the tubes guy” (=> God help us all…)
Our Narrow focus YO es a Protecting network resources and limiting connectivity(Last time) a Creating a secure channel for communication (today) a Preventing software vulnerabilities& malware,or soclal engineering
Our “Narrow” Focus ◼ Yes: ❑ Protecting network resources and limiting connectivity (Last time) ❑ Creating a “secure channel” for communication (today) ◼ No: ❑ Preventing software vulnerabilities & malware, or “social engineering
Secure communication with an Untrusted Infrastructure Bob ISP D ISP B ISP C ISP A Alice
Secure Communication with an Untrusted Infrastructure ISP A ISP D ISP C ISP B Alice Bob
Secure communication with an Untrusted Infrastructure Mallory Bob ISP B ISP C ISP A Alice
Secure Communication with an Untrusted Infrastructure ISP A ISP D ISP C ISP B Alice Bob Mallory
Secure communication with an Untrusted Infrastructure ISP D ISP B ISP C ISP A Alice Hello. 'm “Bob
Secure Communication with an Untrusted Infrastructure ISP A ISP D ISP C ISP B Alice Hello, I’m “Bob
What do we need for a secure communication channel? Authentication(Who am I talking to? Confidentiality(Is my data hidden?) Integrity(Has my data been modified? Availability(Can I reach the destination?
What do we need for a secure communication channel? ◼ Authentication (Who am I talking to?) ◼ Confidentiality (Is my data hidden?) ◼ Integrity (Has my data been modified?) ◼ Availability (Can I reach the destination?)
What is cryptography? cryptography is about communication in the presence of adversaries Ron rivest tricks to approximate mag/c"other crazy cryptography is using math and Unknown 441 TA
What is cryptography? "cryptography is about communication in the presence of adversaries." - Ron Rivest “cryptography is using math and other crazy tricks to approximate magic” - Unknown 441 TA