Add lots of citations to introduction
This commit is contained in:
jaseg
parent
eb3e0b0c6b
commit
1edd5317fe
3 changed files with 272 additions and 20 deletions
|
|
@ -49,8 +49,8 @@ rejection of authorities~\cite{broussaisOriginesDeviseAnarchiste2022,guerinNoGod
|
|||
cryptography, it is generally seen as best practice to have the least amount of parties possible involved in any
|
||||
computation.
|
||||
Most cryptographic problems are easily solved by involving a trusted third party (TTP).
|
||||
% FIXME cite TTP examples
|
||||
Yet, cryptographers have time and again rejected attempts to involve third parties in cryptographic protocols~\cite{
|
||||
Yet, cryptographers have time and again vocally rejected attempts to involve third parties in cryptographic
|
||||
protocols~\cite{
|
||||
abelsonRisksKeyRecovery1997,
|
||||
abelsonKeysDoormats2015,
|
||||
andersonSecurityEngineeringGuide2020,
|
||||
|
|
@ -58,13 +58,20 @@ Yet, cryptographers have time and again rejected attempts to involve third parti
|
|||
}.
|
||||
|
||||
Considerable research has been focused on creating a versatile set of tools to perform tasks as diverse as secure
|
||||
communication,
|
||||
% FIXME cite: signal, noise, something metadata resistant
|
||||
private information retrieval,
|
||||
% FIXME PIR = ORAM?
|
||||
%FIXME cite ORAM papers, and oblivious transfer papers
|
||||
and even general computation in a decentralized way that avoids trusted authorities.
|
||||
% FIXME cite MPC papers
|
||||
communication~\cite{
|
||||
alwenDoubleRatchetSecurity2019,
|
||||
marlinspikeDoubleRatchetAlgorithm2025,
|
||||
dowlingFlexibleAuthenticatedConfidential2020,
|
||||
sasySoKMetadataProtectingCommunication2024},
|
||||
oblivious database access~\cite{
|
||||
chorPrivateInformationRetrieval,
|
||||
aguilar-melchorXPIRPrivateInformation2016,
|
||||
reichertMenhirObliviousDatabase2024},
|
||||
and even general computation~\cite{
|
||||
goosInformationTheoreticallySecure1999,
|
||||
aumannSecurityCovertAdversaries2010,
|
||||
chorPrivateInformationRetrieval}
|
||||
in a decentralized way that avoids trusted authorities.
|
||||
While politically, this blanket rejection of authority represents a fringe viewpoint, in cryptography it has a long
|
||||
tradition originating with the Cypherpunk and Hacker movements~\cite{
|
||||
andersonCypherpunkEthicsRadical2022,
|
||||
|
|
@ -74,18 +81,23 @@ tradition originating with the Cypherpunk and Hacker movements~\cite{
|
|||
and extending throughout mainstream academic cryptography.
|
||||
|
||||
While the aforementioned cryptographic tools enable a large gamut of use cases in theory, in practice cryptographic
|
||||
systems are still routinely compromised.
|
||||
% FIXME cite cellphone attacks
|
||||
The fundamental flaw of any practical cryptographic system is that secure algorithms have to run on hardware, and even
|
||||
today, average computing hardware provides little physical security.
|
||||
% FIXME cite TPM attacks
|
||||
% FIXME cite Intel TXE etc. attacks
|
||||
systems are still routinely compromised~\cite{
|
||||
gellmanNSAInfiltratesLinks2013,
|
||||
goldmanUnrestrainedChineseCyberattackers2025,
|
||||
scott-railtonWhoseAuthorityPegasus2024,
|
||||
quintinSomethingRememberUs2024,
|
||||
marczakGraphiteCaughtFirst2025}.
|
||||
A fundamental flaw of any practical cryptographic system is that secure algorithms have to run on hardware, and even
|
||||
today, average computing hardware provides little physical security~\cite{
|
||||
gotzfriedCacheAttacksIntel2017,
|
||||
Lipp2018meltdown,
|
||||
Kocher2018spectre,
|
||||
moghimiTPMFAILTPMMeets2020}.
|
||||
\emph{Hardware Security Modules} are a class of devices specifically designed to execute cryptographic algorithms while
|
||||
providing strict physical security guarantees, but these systems are expensive,
|
||||
% FIXME citation
|
||||
and their physical security is often questionable.
|
||||
% FIXME cite anderson, and immler et al in the early paper with the two HSMs taken apart
|
||||
% FIXME reference chapter hsm survey?
|
||||
and their physical security is often questionable (cf.~Chapter~\ref{chapter-survey})~\cite{
|
||||
obermaier2018,
|
||||
andersonSecurityEngineeringGuide2020}.
|
||||
As \textcite{andersonSecurityEngineeringGuide2020} writes on HSMs and their security standards:
|
||||
% FIXME page numbers
|
||||
|
||||
|
|
@ -96,7 +108,7 @@ As \textcite{andersonSecurityEngineeringGuide2020} writes on HSMs and their secu
|
|||
level 4, and understand that level 3 can sometimes be defeated with a Swiss army knife. The buying incentive
|
||||
there is compliance, and where real security clashes with operations it’s not surprising to see weaker standards
|
||||
designed to make compliance easier.
|
||||
\textit{\textcite{andersonSecurityEngineeringGuide2020} p. }
|
||||
\textit{\textcite{andersonSecurityEngineeringGuide2020} p. 629}
|
||||
\end{flushright}
|
||||
\end{quote}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue