Applications postbox tutorial

applications/Makefile

@@ -0,0 +1,5 @@
+SUBDIR+=	signal
+SUBDIR+=	digital-postbox-tutorial
+
+INCLUDE_MAKEFILES=../makefiles
+include ${INCLUDE_MAKEFILES}/subdir.mk

applications/digital-postbox-tutorial/.gitignore

@@ -0,0 +1,3 @@
+ltxobj/
+notes.pdf
+slides.pdf

applications/digital-postbox-tutorial/Makefile

@@ -0,0 +1,31 @@
+.PHONY: all
+all: notes.pdf slides.pdf
+
+LATEXFLAGS+=	-shell-escape
+
+SRC+=		preamble.tex
+SRC+=		abstract.tex contents.tex
+
+DEPENDS+=	lex-eidas.pdf
+
+notes.pdf: notes.tex
+notes.pdf: ${SRC}
+
+slides.pdf: slides.tex
+slides.pdf: ${SRC}
+
+lex-eidas.pdf:
+	curl -o $@ https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32014R0910&from=EN
+
+
+.PHONY: clean
+clean:
+	${RM} notes.pdf slides.pdf
+
+.PHONY: distclean
+distclean:
+	${RM} lex-eidas.pdf
+
+
+INCLUDE_MAKEFILES=../../makefiles
+include ${INCLUDE_MAKEFILES}/tex.mk

applications/digital-postbox-tutorial/abstract.tex

@@ -0,0 +1,22 @@
+% What's the problem?
+% Why is it a problem? Research gap left by other approaches?
+% Why is it important? Why care?
+% What's the approach? How to solve the problem?
+% What's the findings? How was it evaluated, what are the results, limitations, 
+% what remains to be done?
+
+% XXX Summary
+\emph{Summary:}
+\dots
+
+% XXX Motivation and intended learning outcomes
+\emph{Intended learning outcomes:}
+\dots
+
+% XXX Prerequisites
+\emph{Prerequisites:}
+\dots
+
+% XXX Reading material
+\emph{Reading:}
+\dots

applications/digital-postbox-tutorial/contents.tex

@@ -0,0 +1,218 @@
+\mode*
+
+\section{Digital Postbox}
+
+Traditionally we send paper mail by addressing a letter to a physical address 
+(including the recipient's name).
+We write the address on an envelope and send it.
+We want a digital transformation.
+You should design a digital postbox and delivery service.
+
+\mode<presentation>{%
+\begin{frame}
+  \begin{idea}[Digital mail]
+    \begin{itemize}
+      \item We send paper mail by writing an address on an envelope.
+      \item We want to have a digital version.
+    \end{itemize}
+  \end{idea}
+
+  \begin{remark}
+    \begin{itemize}
+      \item We have a few already: Kivra, eBoks, Digimail, Min myndighetspost.
+      \item Managed by DIGG\footnote{%
+          See \url{https://www.digg.se/digital-post}.
+        }
+    \end{itemize}
+  \end{remark}
+\end{frame}
+}
+
+\begin{frame}
+\begin{exercise}[Functionality]
+  What functionality do we need? (High level)
+\end{exercise}
+
+\begin{onlyenv}<2>
+  \begin{solution}
+    We'd need at least the following:
+    \begin{itemize}
+      \item Registration
+      \item Sending mail
+      \item Reading mail
+    \end{itemize}
+  \end{solution}
+\end{onlyenv}
+\end{frame}
+
+\begin{frame}
+\begin{exercise}[Requirements]
+  What are the requirements on the service?
+\end{exercise}
+\end{frame}
+
+We have the following requirements on the service:
+\begin{frame}
+\begin{description}
+  \item[Registration]
+    A user can register for a post box.
+    As this post service will replace physical mail, it must be tied to a real 
+    identity with a physical address.
+
+    \pause
+
+  \item[Sending mail]
+    A sender should be able to send mail to a recipient.
+    This mail should not be readable by any intermediary.
+
+  \item[Reading mail]
+    The owner can read the mail.
+    Only the owner should be able to do this --- no one else, not even service 
+    staff!
+    Recipient must be able to verify the authenticity of mail.
+%
+%  \item[Anonymous mail] (Extra feature)
+%    A sender can send a letter to a recipient, but neither the recipient nor 
+%    the service will learn the identity of the sender.
+%    The service will not learn the recipient either.
+\end{description}
+\end{frame}
+
+\begin{frame}
+  \begin{remark}
+    DIGG\footnote{Myndigheten för digital förvaltning} sets the official 
+    requirements, see
+    \url{https://www.digg.se/digitala-tjanster/digital-post/digital-post-for-dig-som-leverantor/allmanna-villkor/allmanna-villkor-fr.o.m.-16-januari-2023/bilaga-1-krav-pa-sakerhet-for-brevladeoperatorer}.
+  \end{remark}
+\end{frame}
+
+Solving this assignment will touch upon almost every topic in the course.
+Make sure to base your designs on the theory of the course, add references 
+(that will help you).
+\enquote{This feels secure} is not a convincing argument.
+Likewise, \enquote{all connections should use TLS} will not cut it either; why 
+do you want TLS, what properties do you need and which of those will TLS 
+provide and why?
+
+\mode<presentation>{%
+  \begin{frame}
+    \begin{exercise}[Design the digital mail service]
+      \begin{description}
+        \item[Registration]
+          Alice can register for a post box.
+
+        \item[Sending mail]
+          Alice should be able to send mail to a recipient Bob.
+          Mail should not be readable by any intermediary.
+
+        \item[Reading mail]
+          Bob can read all his received mail.
+          Service staff should not be able to read mail!
+          Bob must be able to verify the authenticity of mail, \eg that it's 
+          from Alice.
+      \end{description}
+    \end{exercise}
+
+    \pause
+
+    \begin{block}{Organization}
+      \begin{itemize}
+        \item Groups of around three--four people.
+        \item Pick one of the three tasks functionalities.
+        \item Work for 15 minutes.
+        \item Group presentations and discussions.
+      \end{itemize}
+    \end{block}
+  \end{frame}
+
+  \begin{frame}
+    \begin{solution}
+      \begin{itemize}
+        \item Presentation from groups.
+        \item Comments from everyone else.
+      \end{itemize}
+    \end{solution}
+
+    \begin{question}
+      \begin{itemize}
+        \item Obstacles?
+        \item Limitations?
+        \item Recovery from failure?
+        \item In whom do we trust?
+      \end{itemize}
+    \end{question}
+  \end{frame}
+}
+
+Notes from the session:
+\begin{itemize}
+  \item Same as Signal protocol.
+  \item Just tie in BankID to get real identities.
+  \item The problem of end-to-end encryption: lost keys doesn't work. But it 
+    still works with the existing digital mail services.
+\end{itemize}
+
+\begin{frame}
+  \begin{exercise}[Data and metadata]
+    What data and metadata are revealed to whom?
+    How does this compare to the physical mail service?
+  \end{exercise}
+\end{frame}
+
+\mode<presentation>{%
+  \begin{frame}
+    \begin{exercise}[Adapt for anonymity]
+      \begin{description}
+        \item[Weak sender anonymity]
+          Alice can send a letter to Bob, but the service will not learn the 
+          identity of the sender.
+
+        \item[Sender anonymity]
+          Alice can send a letter to Bob, but neither Bob nor the service will 
+          learn the identity of the sender.
+
+        \item[Sender--receiver anonymity]
+          Same, but the service will not learn that Bob is the recipient 
+          either.
+      \end{description}
+    \end{exercise}
+
+    \pause
+
+    \begin{block}{Organization}
+      \begin{itemize}
+        \item Groups of around three--four people.
+        \item Work for 20 minutes.
+        \item Group presentations and discussions.
+      \end{itemize}
+    \end{block}
+  \end{frame}
+
+  \begin{frame}
+    \begin{solution}
+      \begin{itemize}
+        \item Presentation from groups.
+        \item Comments from everyone else.
+      \end{itemize}
+    \end{solution}
+
+    \begin{question}
+      \begin{itemize}
+        \item Obstacles?
+        \item Limitations?
+        \item Recovery from failure?
+        \item In whom do we trust?
+      \end{itemize}
+    \end{question}
+  \end{frame}
+}
+
+
+\section{Digital identity}
+
+\begin{frame}
+  \begin{exercise}
+    What requirements do we have on digital identity for our postbox system?
+    How can we achieve those requirements?
+  \end{exercise}
+\end{frame}

applications/digital-postbox-tutorial/discussions-20240226.md

@@ -0,0 +1,61 @@
+# Functionality
+
+ - Server/client system? Peer to peer system?
+ - UI (but that's out of scope for now)
+
+ - Addressing (registration)
+ - Payment for the service. (registration)
+ - To be able to send mail.
+ - To be able to receive mail.
+ - Some type infrastructure for storing mail.
+
+# Requirement
+ - Send/Receive: Mail is supposed to arrive in some timely fashion.
+ - Send/Receive: Mailman can't open mail.
+ - Send/Receive: Format for what can be sent. Size? Type?
+ - Send?/Receive/Addressing: Authentication? No authentication for the physical 
+   mail. Must have authentication to read one's own mail.
+ - Send: Handle heavy load. (How heavy?)
+
+## Registration:
+- Unique address
+- Authentication that the user is indeed themselves and want to register for 
+  the service. (Authorization to do this.)  
+- Where to store the addresses? How do senders find the addresses?
+
+## Send:
+- How to find the address of somebody?
+- Data handover? What data? Encrypted? With what key?
+
+## Receive:
+- Decryption, with what key? How is that stored?
+- Authentication to access the mail.
+- Authentication so we know that the message integrity is fine.
+- Where to find the data?
+
+
+# Solutions
+
+## Registration:
+- Auth using BankID
+- Derive a public key from the BankID
+- Use personnummer as address
+- Saves us from a lot of problems with addresses
+- BankID is a trusted source
+
+## Send:
+- Use the Signal protocol to handle the encryption and authentication
+- Clear text for addresses (compatible with personnummer)
+- Someone observing the network can learn who is sending to whom, but not the 
+  content of the message.
+- What can be sent? Not just PDF and text, can even include movies. Depends on 
+  the recipient's client. Allows for bad stuff to be sent.
+- Infrastructure: server/client or p2p? Peers always online.
+
+## Receive:
+- Asymetric encryption to protect the mail.
+- Trust the service, keys stored at the service.
+- Signing mails, what keys to encrypt with? If attacker breaks, we don't want 
+  to ruin it for all mails. Key renewal. But must store all keys to access old 
+  keys.
+

applications/digital-postbox-tutorial/notes.tex

@@ -0,0 +1,45 @@
+\documentclass{article}
+
+\usepackage[hyphens]{url}
+\usepackage[hidelinks]{hyperref}
+
+\input{preamble.tex}
+
+\usepackage[noamsthm,notheorems]{beamerarticle}
+\setjobnamebeamerversion{slides}
+
+%\usepackage{authblk}
+%\let\institute\affil
+
+\declaretheorem[numbered=unless unique,style=theorem]{theorem}
+\declaretheorem[numbered=unless unique,style=definition]{definition}
+\declaretheorem[numbered=unless unique,style=definition]{assumption}
+\declaretheorem[numbered=unless unique,style=definition]{protocol}
+\declaretheorem[numbered=unless unique,style=example]{example}
+%\declaretheorem[style=definition,numbered=unless unique,
+%  name=Example,refname={example,examples}]{example}
+\declaretheorem[numbered=unless unique,style=remark]{remark}
+\declaretheorem[numbered=unless unique,style=remark]{idea}
+\declaretheorem[numbered=unless unique,style=exercise]{exercise}
+\declaretheorem[numbered=unless unique,style=exercise]{question}
+\declaretheorem[numbered=unless unique,style=solution]{solution}
+
+\begin{document}
+\title{%
+  Tutorial: Digital Postbox and Identity
+}
+\author{Daniel Bosk}
+\institute{%
+  KTH EECS
+}
+
+\maketitle
+
+\begin{abstract}
+  \input{abstract.tex}
+\end{abstract}
+
+\input{contents.tex}
+
+\printbibliography
+\end{document}