## Principles Seminar v0 **Session 3 - Security** Oskar, 2018-10-10 --- ## III. Security > We don't compromise on security when building features. We use state-of-the-art technologies, and research new security methods and technologies to make strong security guarantees. --- ## Information security *practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information.* (Wikipedia) --- ## Examples - Private keys and transactions - End to end encrypted chat - Darkness (see who is talking to who) - Cluster uptime --- ## Compromised security? - Trivial: Can't restore your account (private keys) - Subtle: Forward secrecy, either you have or don't - We are responsible for secure defaults --- ## State-of-the-art technologies - 'Obvious' choices for experts in field - Chat: Double Ratchet and PFS - Hardware wallet - Reproducible builds --- ## Basic security hygiene - Ex: no password re-use - Ex: 2FA (without phone recovery) - Security and privacy week after Prague --- ## Tool: Threat modeling 101 - Pretend to be attacker and follow logic - Example: House with jewelry (high reward) and open back door (vulnerable) and thief (relevant attack). --- ## Research new security methods - Magic and crazy - Be top 1-10% of tech orgs for attention - Might seem unusual or crazy to some of you --- ## Example research - Zero knowledge proofs for private transactions - Darkness, quantum secure, multiparty computation, formal methods... --- ## Tool: Security guarantees - This might seem hard (it is) - But you can ask questions and learn! - Explicit about guarantees - Simple user stories --- ## Example: E2EE chat - As a user, I don't want anyone but the person I'm talking to to see my conversations. - Forward secrecy: If my private key gets compromised another person can't read my historical conversations. --- ## Example: Private transactions and darkness - As a user, I don't want someone to know who I am talking to except the person I'm talking to. - As a user, I don't want anyone but recipient to know that I transferred money to them. --- ## (security, inclusivity) - How do we ensure a secure user experience while being user friendly? - How do we ensure we provide utility for people and aren't paralyzed by extreme threat models? E.g. lack of private tx !=> only focus on chat. - How can we work iteratively on security and communicate clearly what guarantees we make and can't make right now? --- ## Pairing and wall of shame Up to you. - Idea Generator 1: List pairings and think about positive and negative interactions. - Idea Generator 2: Think like adversary - how can Status be attacked? --- ## Thanks