From 6100488550c18535ed150ef3d708e04d22775724 Mon Sep 17 00:00:00 2001 From: jaseg Date: Fri, 13 Jun 2025 19:19:54 +0200 Subject: [PATCH] Add introduction notes --- chapter-introduction/chapter.tex | 71 +++++++++++++++++++++++++++++++- 1 file changed, 70 insertions(+), 1 deletion(-) diff --git a/chapter-introduction/chapter.tex b/chapter-introduction/chapter.tex index cebb40c..d6532b8 100644 --- a/chapter-introduction/chapter.tex +++ b/chapter-introduction/chapter.tex @@ -6,4 +6,73 @@ } \chaptertitle{Introduction} -\section{Test} +\section{Centralized Authority} +% ACAB is a anti-authoritarian sentiment +% In anarchist discourse, "cops" are not just policemen and -women, but also other means of centralized control. +% Anarchism rejects centralized authority in favor of the freedom of individuals because it recognizes the dangers +% inherent in centralized authority + +% While anarchism is one extreme of the spectrum, the dangers of centralized control are well-established. +% The constitutions of all modern democracies recognize these dangers, and contain elaborate provisions such as a +% separation of powers, and extensive protections for civil society and journalism +% While modern democratic policy rejects anarchism, it embraces it's criticism of power in some vital niches. +% Examples: Whistleblower protection, attorney-client privilege, doctor-patient confidentiality and protections on state +% agents such as judges or politicians + +% Centralized authority promises efficiency, but it has a tendency to go awry. +% These sanctuaries carved out from the state's authority in democracies are vital to the functioning of the system +% In today's computing environment, we observe some parallels to this limitation of centralized authority +% In classical computing, centralized control was used abundantly to create order +% Like absolute political authority becomes dangerous when subverted, centralized control in computing becomes dangerous +% when systems are compromised through hacking. +% Allocating control can be done using cryptography +% Cryptography provides near-perfect mathematical solutions to almost any control problem +% However, as anyone who has taken an introductory crypto course knows, encrypting things isn't the hard part. The hard +% part is managing keys. + +% computing solutions to these problems include: Air-gapping, separation of concerns, extreme case: HSMs and TEEs +% provide security even during compromise +% interesting parallel to state control / anarchy discourse above: +% they are secure even against the state/police if implemented correctly +% observation: competent hackers are about as competent as competent police +% observation: cannot digitally encode ethics or legal stuff, so no "good guys only" backdoors + +% other applications of this principle of distrusting systems are (perfect) forward secrecy +% see signal +% however, system such as TEEs and HSMs are largely a niche solution +% while some are widely deployed, e.g. TEEs for DRM and as secure boot root of trust in phones, desktops +% they are not usually democratic. despite wide deployment authority is with their manufacturer. +% To ordinary users, these capabilities are distant +% EU regulation was necessary to force apple to open up some APIs cf. nfc payment +% normal users are shit out of luck + +% Thus, we need new tools. Tools that enable normal people / small orgs to assume control of their data/keys/etc. +% we need to open up the power of TEEs to everybody +% right now, open source is often less secure than closed-source +% trusted boot rarely implemented (right) in open source +% no TEE security at all because of lack of access +% we want to create democratic, open source HSMs + +% open source HSMs enable many use cases to the public and small orgs that up to now only large corps or states could do +% email encryption +% secure group messaging +% signing key servers +% secure video / audio calls +% private data storage +% things like that twitter/x protocol for pin-based key recovery +% timestamping / attestation services +% base for distributed consensus protocols +% might have applications in cryptocurrencies when operated as heterogenous cluster + +% but beyond that, they enable entirely new use cases. +% conventional hsms limited in computing power, crippled for the purpose of market segmentation +% ours are much more powerful, enable much higher computation crypto such as generic smpc +% generic smpc can do things like key management, pin-based security, secret statistics etc. +% furthermore, above we noted parallel between anarchist distrust of authority and core cryptographic principles +% our hsms not only protect against classical attackers, but also against states +% can be used as democratic check and balance +% example: secure comms that cannot be accessed by the state / police +% example: secure, authenticated photo and video capture +% that's especially relevant in the age of ai + +%\section{The Trust Perspective}