From 22820fca270a4a3d076f43ac9721604a79a6fe809775e32a8b2957acc8cb50bb Mon Sep 17 00:00:00 2001 From: Nadim Kobeissi Date: Fri, 27 Jun 2025 15:46:58 +0200 Subject: [PATCH] Some important additions --- slides/2-1.tex | 69 ++++++++++++++++++++++++++++++ slides/images/cas_comparison.png | 3 ++ website/index.html | 9 +++- website/papers/diffie-hellman.pdf | 3 ++ website/papers/moral-character.pdf | 3 ++ 5 files changed, 85 insertions(+), 2 deletions(-) create mode 100644 slides/images/cas_comparison.png create mode 100644 website/papers/diffie-hellman.pdf create mode 100644 website/papers/moral-character.pdf diff --git a/slides/2-1.tex b/slides/2-1.tex index b95d1af..93661d3 100644 --- a/slides/2-1.tex +++ b/slides/2-1.tex @@ -1769,6 +1769,75 @@ \end{columns} \end{frame} +\begin{frame}{The Cypherpunk Manifesto (1993)} + \begin{columns}[c] + \begin{column}{1\textwidth} + \begin{itemize}[<+->] + \item \textbf{Key principles}:\footnote{\url{https://www.activism.net/cypherpunk/manifesto.html}} + \begin{itemize} + \item Cryptography essential for privacy + \item Cannot trust governments/corporations + \item ``We must defend our own privacy'' + \end{itemize} + \item \textbf{``Cypherpunks write code''}: + \begin{itemize} + \item Software defends privacy + \item Code is free for all to use + \item ``Software can't be destroyed'' + \end{itemize} + \item \textbf{Vision}: Cryptography will spread globally, enabling anonymous transactions + \end{itemize} + \end{column} + \end{columns} +\end{frame} + +\begin{frame}{The Moral Character of Cryptographic Work}{Rogaway, 2015} + \begin{itemize}[<+->] + \item \textbf{Core thesis}: Cryptography is inherently political - it configures power + \begin{itemize} + \item Not just puzzles and math, but tools that shape society + \item Confers intrinsic moral dimension on the field + \end{itemize} + \item \textbf{The Snowden wake-up call}: + \begin{itemize} + \item Ordinary people lack basic communication privacy + \item Mass surveillance threatens democracy and human dignity + \item Cryptography's failure: focused on theory, not protecting people + \end{itemize} + \item \textbf{Academic cryptography's problems}: + \begin{itemize} + \item Divorced from real-world privacy concerns + \item Serves governments and corporations, not ordinary people + \item Marginalized secure messaging and anti-surveillance work + \end{itemize} + \item \textbf{Distinction}: Crypto-for-security (commercial) vs. crypto-for-privacy (social/political) + \end{itemize} +\end{frame} + +\begin{frame}{Rogaway's call to action} + \begin{itemize}[<+->] + \item \textbf{Cryptographers' moral obligations}: + \begin{itemize} + \item Remember responsibility to humanity + \item Consider societal implications of work + \item Use academic freedom to resist mass surveillance + \end{itemize} + \item \textbf{Concrete recommendations}: + \begin{itemize} + \item Develop anti-surveillance technologies + \item Think twice about military funding + \item Work on secure messaging and privacy tools + \item Apply practice-oriented provable security to privacy + \end{itemize} + \item \textbf{Vision for the field}: + \begin{itemize} + \item Build cryptographic commons beyond corporate/government reach + \item Make surveillance more expensive + \item Create ``boring crypto'' that just works for people + \end{itemize} + \end{itemize} +\end{frame} + \begin{frame}{FREAK} \bigimagewithcaption{tls_freak.png}{} \end{frame} diff --git a/slides/images/cas_comparison.png b/slides/images/cas_comparison.png new file mode 100644 index 0000000..4c03f25 --- /dev/null +++ b/slides/images/cas_comparison.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d326db29723cd90e9794d176dcf30fb3b8e5c54eefad3dc6d88af739561594b4 +size 509135 diff --git a/website/index.html b/website/index.html index ed3e973..2e3ad93 100755 --- a/website/index.html +++ b/website/index.html @@ -215,6 +215,7 @@
  • Chris Alexander and Ian Goldberg, Improved User Authentication in Off-The-Record Messaging, Workshop on Privacy in the Electronic Society, 2007.
  • Henry de Valence, It's 255:19AM. Do you know what your validation criteria are?, hdevalence.ca, 2020.
  • Nadhem J. Alfardan and Kenneth G. Paterson, Lucky Thirteen: Breaking the TLS and DTLS Record Protocols, IEEE Symposium on Security and Privacy, 2013.
    • +
  • Whitfield Diffie and Martin E. Hellman, New Directions in Cryptography, IEEE Transactions on Information Theory, 1976.
  • Paul Rösler, Christian Mainka and Jörg Schwenk, More is Less: On the End-to-End Security of Group Chats in Signal, WhatsApp, and Threema, IEEE European Symposium on Security and Privacy, 2018.
  • Nikita Borisov, Ian Goldberg and Eric Brewer, Off-the-Record Communication, or, Why Not To Use PGP, Workshop on Privacy in the Electronic Society, 2004.
  • Karthikeyan Bhargavan and Gaëtan Leurent, On the Practical (In-)Security of 64-bit Block Ciphers, ACM CCS, 2016.
    • @@ -231,9 +232,10 @@
  • Tarek Galal, The Curves of ZoKrates, tgalal.com, 2025.
  • Marc Stevens, Elie Bursztein, Pierre Karpman, Ange Albertini and Yarik Markov, The First Collision for Full SHA-1, IACR Crypto, 2017.
  • Zakir Durumeric, James Kasten, David Adrian, J. Alex Halderman, Michael Bailey, Frank Li, Nicholas Weaver, Johanna Amann, Jethro Beekman, Mathias Payer and Vern Paxson, The Matter of Heartbleed, ACM IMC, 2014.
    • +
  • Philip Rogaway, The Moral Character of Cryptographic Work, IACR Cryptology ePrint Archive, 2016.
  • Ran Canetti, Oded Goldreich and Shai Halevi, The Random Oracle Model Methodology, Revisited, Journal of the ACM, 2004.
  • Bodo Möller, Thai Duong and Krzysztof Kotowicz, This POODLE Bites: Exploiting the SSL 3.0 Fallback, Google, 2014.
    • -
  • Nicolas Gailly, Kelsey Melissaris and Yolan Romailler, tlock: Practical Timelock Encryption from Threshold BLS, IACR ePrint Archive, 2023.
    • +
  • Nicolas Gailly, Kelsey Melissaris and Yolan Romailler, tlock: Practical Timelock Encryption from Threshold BLS, IACR Cryptology ePrint Archive, 2023.
  • Mark Russinovich, Manuel Costa, Cédric Fournet, David Chisnall, Antoine Delignat-Lavaud, Sylvan Clebsch, Kapil Vaswani and Vikas Bhatia, Toward Confidential Cloud Computing, Communications of the ACM, 2021.
  • Karthikeyan Bhargavan and Gaëtan Leurent, Transcript Collision Attacks: Breaking Authentication in TLS, IKE and SSH, Network and Distributed Systems Security Symposium, 2016.
  • Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Alfredo Pironti and Pierre-Yves Strub, Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS, IEEE Symposium on Security and Privacy, 2014.
    • @@ -408,6 +410,7 @@
    Optional Readings
    @@ -460,6 +463,7 @@
  • Matthew McPherrin, Reflections on a Year of Sunlight, Let's Encrypt Blog, 2025.
  • Bodo Möller, Thai Duong and Krzysztof Kotowicz, This POODLE Bites: Exploiting the SSL 3.0 Fallback, Google, 2014.
  • Nadhem J. Alfardan and Kenneth G. Paterson, Lucky Thirteen: Breaking the TLS and DTLS Record Protocols, IEEE Symposium on Security and Privacy, 2013.
    • +
  • Philip Rogaway, The Moral Character of Cryptographic Work, IACR Cryptology ePrint Archive, 2016.
  • David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé, Luke Valenta, Benjamin VanderSloot, Eric Wustrow, Santiago Zanella-Béguelin and Paul Zimmermann, Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice, ACM CCS, 2015.
  • Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Alfredo Pironti and Pierre-Yves Strub, Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS, IEEE Symposium on Security and Privacy, 2014.
  • Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Markulf Kohlweiss, Alfredo Pironti, Pierre-Yves Strub and Jean-Karim Zinzindohoué, A Messy State of the Union: Taming the Composite State Machines of TLS, IEEE Symposium on Security and Privacy, 2015.
    • @@ -556,6 +560,7 @@ @@ -630,7 +635,7 @@
    Required Readings
    diff --git a/website/papers/diffie-hellman.pdf b/website/papers/diffie-hellman.pdf new file mode 100644 index 0000000..9c84cc8 --- /dev/null +++ b/website/papers/diffie-hellman.pdf @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:03fa2f493a1448a309586b9cf9e5c3a4dfd14735e0786cc94674519570b890ff +size 2216632 diff --git a/website/papers/moral-character.pdf b/website/papers/moral-character.pdf new file mode 100644 index 0000000..9ee1573 --- /dev/null +++ b/website/papers/moral-character.pdf @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:53965bc288a6afc747e5133205710ccdd1919f7d58592302cddb795a189ae2ee +size 462480