Add introduction notes
This commit is contained in:
jaseg
parent
150e87548d
commit
6100488550
1 changed files with 70 additions and 1 deletions
|
|
@ -6,4 +6,73 @@
|
|||
}
|
||||
\chaptertitle{Introduction}
|
||||
|
||||
\section{Test}
|
||||
\section{Centralized Authority}
|
||||
% ACAB is a anti-authoritarian sentiment
|
||||
% In anarchist discourse, "cops" are not just policemen and -women, but also other means of centralized control.
|
||||
% Anarchism rejects centralized authority in favor of the freedom of individuals because it recognizes the dangers
|
||||
% inherent in centralized authority
|
||||
|
||||
% While anarchism is one extreme of the spectrum, the dangers of centralized control are well-established.
|
||||
% The constitutions of all modern democracies recognize these dangers, and contain elaborate provisions such as a
|
||||
% separation of powers, and extensive protections for civil society and journalism
|
||||
% While modern democratic policy rejects anarchism, it embraces it's criticism of power in some vital niches.
|
||||
% Examples: Whistleblower protection, attorney-client privilege, doctor-patient confidentiality and protections on state
|
||||
% agents such as judges or politicians
|
||||
|
||||
% Centralized authority promises efficiency, but it has a tendency to go awry.
|
||||
% These sanctuaries carved out from the state's authority in democracies are vital to the functioning of the system
|
||||
% In today's computing environment, we observe some parallels to this limitation of centralized authority
|
||||
% In classical computing, centralized control was used abundantly to create order
|
||||
% Like absolute political authority becomes dangerous when subverted, centralized control in computing becomes dangerous
|
||||
% when systems are compromised through hacking.
|
||||
% Allocating control can be done using cryptography
|
||||
% Cryptography provides near-perfect mathematical solutions to almost any control problem
|
||||
% However, as anyone who has taken an introductory crypto course knows, encrypting things isn't the hard part. The hard
|
||||
% part is managing keys.
|
||||
|
||||
% computing solutions to these problems include: Air-gapping, separation of concerns, extreme case: HSMs and TEEs
|
||||
% provide security even during compromise
|
||||
% interesting parallel to state control / anarchy discourse above:
|
||||
% they are secure even against the state/police if implemented correctly
|
||||
% observation: competent hackers are about as competent as competent police
|
||||
% observation: cannot digitally encode ethics or legal stuff, so no "good guys only" backdoors
|
||||
|
||||
% other applications of this principle of distrusting systems are (perfect) forward secrecy
|
||||
% see signal
|
||||
% however, system such as TEEs and HSMs are largely a niche solution
|
||||
% while some are widely deployed, e.g. TEEs for DRM and as secure boot root of trust in phones, desktops
|
||||
% they are not usually democratic. despite wide deployment authority is with their manufacturer.
|
||||
% To ordinary users, these capabilities are distant
|
||||
% EU regulation was necessary to force apple to open up some APIs cf. nfc payment
|
||||
% normal users are shit out of luck
|
||||
|
||||
% Thus, we need new tools. Tools that enable normal people / small orgs to assume control of their data/keys/etc.
|
||||
% we need to open up the power of TEEs to everybody
|
||||
% right now, open source is often less secure than closed-source
|
||||
% trusted boot rarely implemented (right) in open source
|
||||
% no TEE security at all because of lack of access
|
||||
% we want to create democratic, open source HSMs
|
||||
|
||||
% open source HSMs enable many use cases to the public and small orgs that up to now only large corps or states could do
|
||||
% email encryption
|
||||
% secure group messaging
|
||||
% signing key servers
|
||||
% secure video / audio calls
|
||||
% private data storage
|
||||
% things like that twitter/x protocol for pin-based key recovery
|
||||
% timestamping / attestation services
|
||||
% base for distributed consensus protocols
|
||||
% might have applications in cryptocurrencies when operated as heterogenous cluster
|
||||
|
||||
% but beyond that, they enable entirely new use cases.
|
||||
% conventional hsms limited in computing power, crippled for the purpose of market segmentation
|
||||
% ours are much more powerful, enable much higher computation crypto such as generic smpc
|
||||
% generic smpc can do things like key management, pin-based security, secret statistics etc.
|
||||
% furthermore, above we noted parallel between anarchist distrust of authority and core cryptographic principles
|
||||
% our hsms not only protect against classical attackers, but also against states
|
||||
% can be used as democratic check and balance
|
||||
% example: secure comms that cannot be accessed by the state / police
|
||||
% example: secure, authenticated photo and video capture
|
||||
% that's especially relevant in the age of ai
|
||||
|
||||
%\section{The Trust Perspective}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue