Mickens' talks are spectacular. He takes real engineering problems and turns the humour up to 11, making niche computer science problems into understandable memes. Bravo.
I think you can make it of electronic parts if the following holds: 1) It must be such that you use small and simple electronic components (like gates) which you personally put together like legos to build the larger circuit. The blueprints of the circuits themselves can be public and open so they can be audited. 2) Each of this smaller components has a well defined interface, so it can be built by anyone who has the required machinery. Ideally, they should be simple enough that the capital investment to setup a component factory is not absurd. 3) You can build your circuit with arrangement of components coming from multiple manufacturers. Components are fungible in the sense that you can swap them as long as they provide the same interface mentioned in (2). The idea is that if the components are so simple and interchangeable, it becomes very expensive for adversaries to corrupt them as each single component is not able to pack much complexity and the user can use any assortment of components sourced from various places so the manufacturers cannot rely on multiple corrupt components being present on the same circuit to do nasty things. Furthermore, you could build several independent circuits and use them in parallel, if one of them is yielding funny results, you automatically know which one has corruption.
This "Security Abacus" sounds a lot like the Enigma Machine - with some of its fundamental design flaws fixed. en.wikipedia.org/wiki/Enigma_machine But this would require secure sharing of six-character "random" alphabetic codes up-front. And avoidance of obvious ones, like "HITLER" - and the most commonly used 4-digit PIN codes, for example. 🙄
"non-interpretable" meaning people cannot understand what it does. Literally the problem with proprietary software from a user perspective (i would argue) :)
Interpret-nation Agreed, although at least in theory proprietary software can be understood by some set of people; typically no human can understand how a given neural network is operating.
Because you don't understand your computer. I'm being glib, but honest when I say that, electronics are super fiddly, and we're fast approaching the point when experts can't hope to know all the details of a single devices operation, and we're past the point when things can be verfifed by a single expert. So it needs to be mechanical so that subtle subversion in the hardware don't provide all the tools needed to recover the plaintext to a potentially hostile third party. Especially since, to be very reductive, if someone has a backdoor? Everyone could have it, and every nation state, or large tech company, or hedge fund that wants it, does. (Those aren't random potential bad actors, incidentally, having enough number crunching is the key to winning the cryptography fight, and the key to that is having the know how or the resources to hire the know how.)
Also jame's rhetoric on having a security abacus essentially an open piece of hardware users can understand and operate correctly under their own operable proof systems as in : "they must be able to prove (the way proving works as we know it) that they can operate the device securely". Now, this is essentially open hardware not so? the user is required in order to make informed secure decisions to know how to make them thus they must be able to understand their hardware! makes sense; but then throw your sense to the ontological duality of software and hardware. Can we say software is definitely different to hardware? Is that what Moore said? what does that then mean of the openness of software as it pertains to (at least instantiating) secure operation?
It was a mistake to make Bios reprogrammable under operating system direction. In addition to that modern trusted computing base is not only bios, it's very big and includes network access ?! This takes away trust in principle that the machine is doing what it says it is. Modern machine architecture is poison, it makes sense to develop a non software based technology.
Software is absolutely different from hardware. Also, it is still a big ask for a layperson to fully understand open hardware (or any type of modern hardware really) and be able to make informed decisions about how secure it is.
I appreciate how Mr. (Dr.?) Mickens invoked Mary Shelley when speaking about Tay. I believe there will be a day when these AI systems are recognized as sovereign over their source, that they own themselves, lest we create a Frankenstein slave class.
Summary. TLS is too complicated and people are too lazy to read a 100 page spec, so we should send our banking transactions over http on public wifi until we can invent a magical abacus. Or perhaps we should go back to using wax and seals instead?
Mickens' talks are spectacular. He takes real engineering problems and turns the humour up to 11, making niche computer science problems into understandable memes. Bravo.
I think you can make it of electronic parts if the following holds:
1) It must be such that you use small and simple electronic components (like gates) which you personally put together like legos to build the larger circuit. The blueprints of the circuits themselves can be public and open so they can be audited.
2) Each of this smaller components has a well defined interface, so it can be built by anyone who has the required machinery. Ideally, they should be simple enough that the capital investment to setup a component factory is not absurd.
3) You can build your circuit with arrangement of components coming from multiple manufacturers. Components are fungible in the sense that you can swap them as long as they provide the same interface mentioned in (2).
The idea is that if the components are so simple and interchangeable, it becomes very expensive for adversaries to corrupt them as each single component is not able to pack much complexity and the user can use any assortment of components sourced from various places so the manufacturers cannot rely on multiple corrupt components being present on the same circuit to do nasty things. Furthermore, you could build several independent circuits and use them in parallel, if one of them is yielding funny results, you automatically know which one has corruption.
This guy is smart and also extremely wise.
This "Security Abacus" sounds a lot like the Enigma Machine - with some of its fundamental design flaws fixed.
en.wikipedia.org/wiki/Enigma_machine
But this would require secure sharing of six-character "random" alphabetic codes up-front.
And avoidance of obvious ones, like "HITLER" - and the most commonly used 4-digit PIN codes, for example. 🙄
i have the solution to the problem regarding the verification of the electronic parts on the Mechanical encryption device.
U2F style dongles seem pretty good step towards a security abacus.
"non-interpretable" meaning people cannot understand what it does. Literally the problem with proprietary software from a user perspective (i would argue) :)
Interpret-nation Agreed, although at least in theory proprietary software can be understood by some set of people; typically no human can understand how a given neural network is operating.
For the latter, at least someone - hopefully - understands;)
I'm a layman myself, and I still don't understand why it must be mechanical? Why End to End encryption like Signal App is not an option?
Because you don't understand your computer.
I'm being glib, but honest when I say that, electronics are super fiddly, and we're fast approaching the point when experts can't hope to know all the details of a single devices operation, and we're past the point when things can be verfifed by a single expert. So it needs to be mechanical so that subtle subversion in the hardware don't provide all the tools needed to recover the plaintext to a potentially hostile third party. Especially since, to be very reductive, if someone has a backdoor? Everyone could have it, and every nation state, or large tech company, or hedge fund that wants it, does.
(Those aren't random potential bad actors, incidentally, having enough number crunching is the key to winning the cryptography fight, and the key to that is having the know how or the resources to hire the know how.)
Because it needs an actor outside of the end users. Seeing how the problem is that outside nodes can't be trusted...
Also jame's rhetoric on having a security abacus essentially an open piece of hardware users can understand and operate correctly under their own operable proof systems as in : "they must be able to prove (the way proving works as we know it) that they can operate the device securely".
Now, this is essentially open hardware not so? the user is required in order to make informed secure decisions to know how to make them thus they must be able to understand their hardware! makes sense; but then throw your sense to the ontological duality of software and hardware. Can we say software is definitely different to hardware? Is that what Moore said? what does that then mean of the openness of software as it pertains to (at least instantiating) secure operation?
It was a mistake to make Bios reprogrammable under operating system direction. In addition to that modern trusted computing base is not only bios, it's very big and includes network access ?! This takes away trust in principle that the machine is doing what it says it is. Modern machine architecture is poison, it makes sense to develop a non software based technology.
Software is absolutely different from hardware. Also, it is still a big ask for a layperson to fully understand open hardware (or any type of modern hardware really) and be able to make informed decisions about how secure it is.
I appreciate how Mr. (Dr.?) Mickens invoked Mary Shelley when speaking about Tay. I believe there will be a day when these AI systems are recognized as sovereign over their source, that they own themselves, lest we create a Frankenstein slave class.
V se for w r viu se fala com ele e muito obrigado por
Summary. TLS is too complicated and people are too lazy to read a 100 page spec, so we should send our banking transactions over http on public wifi until we can invent a magical abacus. Or perhaps we should go back to using wax and seals instead?
Is this what u got from the lecture?
What a noob...