7:56PM Jul 28, 2020
The purpose of end to end security is to reduce the number of parties the users are required to trust proprietary messaging products, make use of end to end cryptography, but fail to achieve that purpose, and to end means nothing if users are required to trust the sole source provider to identify those ends. Our next talk is about the mathematical mesh, a personal Pikia TK addressing their trust cap. We present Philip Helen Baker with beyond end to end.
So here we
are, can't attend a hacker convention, because of the plague. Hello, I'm Philip Pam Baker. And I want the beginning of this presentation I want to explain why this end to end security we've been hearing so much about for the past three decades, isn't actually what we need. And at the end of the presentation I'm going to be announcing the mathematical mesh, a free open source infrastructure that makes end to end security practical and usable. So, in between. I'm going to be explaining what we really need. How end to end isn't quite enough, and how PK public key infrastructure isn't quite enough. We now need to go a bit further and start applying a type of cryptography called threshold, and to apply it, we're going to need a threshold key infrastructure, which is what the mesh is. So this is the condensed version of what is a 20 part architectural series of podcasts, so don't worry if you miss any of it. There's also a separate course on threshold cryptography that I'm currently working on that will go into the techniques then glossing over very quickly here that you can go back to and find out what's going on so don't worry if you miss it. In the condensed version. So, here we are all in our homes, living life by zoom conference call. And of course, zoom, it isn't end to end secure the server. It could be in China. China or us.
of course, the most important thing to do for security right now is to make zoom end to end secure isn't it, and to let people choose whether media conferencing server is. That's important. Right. Well no, three main reasons. First, security doesn't depend upon geography, China, China isn't your only security threat, they're not the only country that spy, they're not the only country that spy using computers, Russia, also spies using computer, Iran, also spies using computers and they all have hacked servers in the US, in the, in recent months. That's just a fact of life. And you know what there's even rumors that at some point, the United States might start doing the same thing. The second reason is that money is the motive. Yes, if you're a dissident a hostile authoritarian government and hey there are a lot of those around now is a significant threat actor. But for most people, most of the time, the threat actor of concern is attackers, that are looking to steal money. And that's even the case with most Chinese espionage. Most of it is commercial espionage, and most of it is actually targeting other Chinese companies. The reason they have difficulty understanding our complaint says that's just the way they do business over that everybody's spying on everybody else sales data trade secrets, any knowledge that can give an insider trader an edge. That's the target. And that brings us to reason three information is the target, not your zoom call the attackers don't care whether they get your data from a zoom call, or from an Excel spreadsheet. But, you know, if they're attacking somewhere, it's a lot easier to pick up. Interesting valuable data from a directory with 1000 Excel spreadsheets, the one with 1000 saved zoom conference calls and intercepting that zoom conference call. Harder still. So, and the reason I talk about Amazon cloud services being the Fort Knox of information security. Isn't that terrific He impressed by the security. It's because they create a fort knox sized breaching it to Amazon cloud services, is where the data is, and in our economy. Information is worth more than gold. It's hard to secure, you don't know when somebody's still in it. So, all this fuss about zoom, they're just the latest home defense. And that's the reason that people are worried about it because they hadn't noticed there was a hole there. But yeah, how many zoom conference calls you have in a day, how many of those have confidential information. How many emails do you send and receive every day, how many of those have confidential information. And do you encrypt your sensitive documents. Well, maybe you might but if you do, chances are you encrypt them under a password, and then send the password, along with the file that was encrypted
and the VCR.
And, Well, that's probably true even though this is a hacker conference as any other conference, everybody would be nodding and saying yeah yeah we do that, and of course that's exactly how the zoo, and to end secure conference credentials are going to be passed out in email, along with the conference call number and the VC. So zoom isn't really our biggest problem. But if we're going to secure anything. We've got to have a plan to secure everything. If we just go after things piecemeal, we're just going to be stuck in the same situation in 10 years time, we're in today which is nothing is really particularly secure, and everybody just gets used to that fact like we have with email. So, we don't have to solve every problem, immediately. Zoom Inc top of my priority list, but we need an infrastructure that can provide security to any application that we need to apply to, and especially new applications that people haven't yet got become complacent about. And one of the reason for that of course is that security only works when it's being used. I mean, PGP and s mime now have been around for over 29 years. I was just looking it up yeah SMTP email is about 40 years old PGP about 30 years old. So, you know, secure end to end mail has been in existence for 75% of the life of SMTP, but nobody uses it. There are about, you know, there are a few million PGP keys on the public service. Well, there are a few billion uses of email. If PGP and s mime haven't gone to critical mass yet, then never going to do that. And the reason is simple. It's too much effort for the users. And for most users, any effort is too much you too much effort. This is why you know security usability testing stuff in labs no you don't need to do any of that. If you require your users to do anything different, you're doing it wrong, but trying to configure PGP or s mime is like having some of these, you know, pull your toenails out. It really is a painful experience and especially if you're trying to use it across multiple devices. And the reason for that is that we don't have an infrastructure for managing private keys. And this is one of the problems with end to end security, because in every case. The end points in an cryptographic end to end secure system are cryptographic keys. Not devices, not people, keys, so if you don't have a way of being able to securely transfer those keys between the users devices, you've not got a system that's going to work.
Okay, so it's not working today. What does work. Well, one thing that does work is reducing the number of trusted parties. If you have to trust five people, you're a lot better off than if you have to trust 500. And this is what end to end security is about on the internet. It's a means not an end. The, the end of end to end, is to reduce the number of trusted parties, so that you only need to trust the endpoints of the communication and not every ISP that the data happened to pass through. Same thing with login screens if you think about it, if you have a machine without a login screen, anybody who passes by can go. Get up to that computer and mess with it. And we used to see a lot of that in the MS DOS days, and the original Mac OS days. Once you have account based security on that machine, even if it's not perfect, perfect, you're limiting the number of people you can trust to the people with a username and password, and the people who know how to get around them. But, reducing the number of people you trust, it's been the obsession of many people for the past 20 ideas. That's not enough. What is even more important is reducing the extent to which you must trust a particular party. And this is actually what industrial scale PK is all about. It's all about separation of roles separation of duties, so that there isn't a single employee who can get hold of that root of root keys and do terrible things with it. And so, reducing the separation of roles is the principle of high security, but that's not where the corporate vision is right now, the corporate vision is very clear. And anybody who remembers David chems keynote. At the first world wide web conference will be getting a set sense of deja vu at this point because what David Cham said about interactive TV is exactly the same as what's currently happening with secure end to end secure messaging, the corporate vision is very clear, Microsoft wants you just trust, Microsoft Skype running under Microsoft Windows on a Microsoft Surface tablet, it's all going to be protected by Microsoft Windows Defender Apple's got a completely different vision. Their vision is, you're going to trust Apple FaceTime running under iOS on an iPad. But that's not the case for Google. Their vision. Well, they've not quite got to a vision yet, but just you wait. Google is going to buy either signal or zoom. And then you can run that on your Chromebook. So what they're looking for is this corporate monoculture of trust me absolutely and that should be something that gives everybody cause to run for the hills, not just the people who are being asked to be customers. The corporations that are proposing this preposterous see. Yeah, just think of the steaming piles of liability, you are storing up there, because if you make people absolutely rely on you. Then, if there is a problem. They're going to come to you as the only person who could have caused it. And maybe if there wasn't even a problem. Maybe if just somebody said there was a problem. You don't need to be breached to be blamed. Just ask Hillary Clinton and the effect of a possible breach these days is pretty much the same as an actual one. There are many companies that have spent millions resolving data breaches where they weren't sure they were breached, all that happened was that that information was exposed so it might have be, but they still have to spend that $30 a time sending out all those letters to tell people, they may have been breached etc. So what we need here is to take separation of roles, seriously, and this is what we did at VeriSign nobody had access to all the key shares required to enable one of the routes, or any one of the service keys separate roles separation of duties between hardware and key
shareholders, and everything. It was all that in the CPS.
So, we what we need to do is to apply this to the emergent end to end messaging so that we have separation of roles. At the hardware level on the platform level, it means being able to choose your vendor, so that you're not locked into just the messaging or chat that your particular hardware vendor has provided at the application level, you absolutely need to have the ability to run a different plant. If signal are the only people who are providing the client for the signal messaging service. Well, the FBI can go to them with a warrant, and say, either you put this backdoor into Bongo film Baker, or you go to jail. And you know what, I like Moxie, but given the choice between go to jail and put the backdoor in. How do I know which he will do. And you know what else they don't just need to go to the CEO they can go to anybody in the management chain and tell them not to tell the superiors. And we also need to have separation of roles at the service level, we need to be able to mix and match service providers, you're never going to have real security in somebody's walled garden, no matter how much you think you can trust them. you've got to be able to choose your service provider. You've got to be able to communicate with the users of other security service providers, and you also got to be able to change your service provider. If you're not happy with them. If you've not got that you're stuck into this single stovepipe, that is a walking hazard for being lawfully intercepted. So in short, everything that we said in the 1990s when we were building the web about interactive TV is true today of the so called secure end to end messaging. What we need is systems that have separation of roles separation of functions. And we have a system in which the user is in control. Not, whoever is running the service, and creating the user base. Okay, so this is about a cryptographer or cryptographic protocol designer. So what does this mean for cryptography. How do we get separation of roles at the cryptographic level, how do we go beyond s mind beyond PGP beyond even signal. Okay, well let's just recap, and look and see why public key cryptography was such a revolution symmetric key cryptography, use the same key to encrypt and decrypt, which meant that anybody who has given the encryption raw also have the decryption row. That's why this thing didn't
Every Nazi cipher Clark, who had the
Enigma cipher wheel settings of the particular day could encrypt or decrypt any message. Had the side effect of course that anybody who'd broken those cycle wheels also had all those messages. So, public key recovery was important because it allowed us to introduce two keys separate keys to encrypt and decrypt means that we can have separate roles for encryption and decryption and granting one role does not necessarily grab the other. So for signature and verification touring two keys means we can have two roles, three keys means we can have three rows, four keys four rows and so on. So, when we're looking to apply our separation of duties at the cryptographic level, we need to introduce more keys and public key cryptography, only gives us to the public key and the private key. If we want to be able to have more control. We've got to be able to start splitting up keys. Okay, how do we do that, well, there's a simple answer. Math. Okay, well, and here it's going to get really hairy. Okay, so the industry standard that we use for public key cryptography today is elliptic curve diffie Hellman
and like to curve is a mathematical construct called a group. And what we do is that first of all we define an operation we call point addition, it looks nothing like addition, it's drawing numb drawing a line between points on the curve. But we call it addition. And it turns out that that operation has a property called the group property, which I won't go into here, and having defined this operation point addition allows us to define a second operation scalar multiplication, in such a way that it's easy to calculate the scalar multiplication of a scalar value by a point on the curve that is easy, but going the other way. Point division. That is not easy. That is an infeasible. So, if we have a 448 bit curve cuff, the scalar multiplication, will cost us 40 448 operations. The, the inverse, the division will cost us two to the power 224 operations. So it's, it's got that cryptographic property of easy to calculate in one way, and difficult to go the other way. Okay so elliptic curves over finite field are also a group, and thereby, they obey the associative and distributive law, the associative law is what allows elliptic curve diffie Hellman to work, what the associative law says is that if we take a, if A and B are scalars and P as a point. Well, we can multiply A times B, and then apply that to the point, and we will get the exact same result as we will get by multiplying B by the point, and applying a to it, or apply multiplying applying a to the point and then applying B to that result. So what it says is that we can do these operations in any order and get to the same result. And that's exactly how diffie Hellman key agreement is working, the private key in diffie Hellman key agreement is a scalar, the public key is simply that scalar, multiplied by what we call the base point. Now one consequence of this system is that we can actually do math on public key pass. If we have a private key, which we know which by definition is x plus y. So the private key is Zed equals x plus y, the corresponding public key Zed dot the base point is going to be the same as x plus y times the base point. Well, that will also be the same as adding the two public keys for x and y. And this is because of a second law that elliptic curves and obey called the distributive law. We can add the two scalars together and apply them to the point. Or we can apply each of the scalars separately to the points and add the two points, we will get to the same result. We can do math on public key pass, and the operation to find out the new private key. All we need is the private key values to find out what happens to the public key, or we need other to public key values, and that allows us to do some really really interesting things with what's called threshold key generation. Okay, what does this mean in practice. Well let's say that we ship a machine with a prop today with a private key that's installed during manufacturing it's gonna be welded to the machine right we do it with a smart card. It's never going to leave this machine well not unless somebody persuades it with some liquid nitrogen electron microscope and all that stuff. So, the machine has little promise that given a point on the curve returns the private key, multiplied by the point. And this would allow us to do
traditional diffie Hellman elliptic curve diffie Hellman operations with that CPU, that were completely welded to that machine well, could we use it. Well, I don't think I'm going to want to choose x that machine installed in the machine, as my PGP key. I mean, you know, go on I mean like, Yes, I might trust the Intel CEO, but there's a whole supply chain below him that might have been compromised. Everybody in Intel might be completely trustworthy, but you know the person who programmed the machine that installs these private key values x might have created a backdoor and all that sort of stuff. And so, yes, I can trust a manufacturer to provide a private key that ain't going to leave that machine. Well, I cannot trust them to do, is to produce a prime machine with a private key in it that absolutely nobody else knows. So what I want to be able to do with my threshold key generation is to generate a second key for my application, and then join the two keys together, and use that composite key with a composite of the two security properties, the application key that I generated in my application provides me with the security property of secure from Intel or AMD or whoever
The key that is provided by the manufacturer provides the pot property welded to this particular CPU. And so, threshold regeneration allows us to combine private keys and public keys from separate sources and create a composite key, which has multiple security properties that are desirable. And yes we can apply can perform public key, the diffie Hellman operations because the diffie Hellman results. Also, a blade the distributive law. Second thing we can do is we can do cloud encryption. And here what we're going to do is we're going to start with a key. That is a single private key for the group. I'm going to split it between a user, and a cloud server and we're going to be multiple users, and we can create the splits as users are joined or leave the groups, as many different splits as there are members in the group. And what this allows us to do is to create a cloud service that can control the use of decryption, but cannot decrypt. Why is that valuable. Well, read snowdens book. If you look into how the Snowden breach occurred. It wasn't because the NSA didn't understand. Cryptography they do. The problem is they don't know how to apply cryptography, in a way that makes the data that they've encrypted usable in that organization. And now this isn't in the book but I've talked to some folk who know, and they tell me, my theories that were wrong, which has led me to a 90% confidence, and since I've not got a security clearance I can talk about this, that yes the documents that Snowden breached were encrypted. And they were secured using the Microsoft CRM server, which is based on the old Ford Wiener
key release scheme. And the reason that they were breached
was that Snowden, had access to the admin keys for the servers in question. So, this is the reason why threshold. Cryptography threshold encryption and decryption are so interesting, because we give one half of the decryption key to the user. But they've not got absolute ability to decrypt anything they like. We want to have accountability. we want to have a true attribution. We want to be able to take away their ability to decrypt, if we need to. And that's the job of the cloud service, which has the other half of the key, and has to be involved. Each time a document is going to be decrypted, so the user can decrypt but only with permissions the service, the service cannot decrypt a call. And there's actually an information theoretic proof that we can again 40 minutes I know the time for it here. So what does this give us, it gives us flexibility. We can grant or remove access to any user. At any time. And they've got access to anything that was encrypted under the group key. It gives us accountability, because every access has to go through that server interaction. Well, we can design an authentication scheme with non repudiation so now we've got attribution attribution plus consequences equals accountability. And we can also apply usage based access control which gets us on to the other famous NSA responsibility breach, which is of course the Manning breach. Why did Manning have access to 400,000 diplomatic cables. Well, she didn't need all of them, but she needed access to some of them, and the computer system that was controlling them didn't have the capability of working out how much usage, a particular user was making use of, so we can use this key serve as a control point and put a meter on decryption. Okay, so that's the vision, how do we get there. Well, in order to make effective use of encryption decryption in Project Athena, MIT had to invent or implement symmetric key infrastructure Kerberos to make use of a public key cryptography. In order to send and receive encrypted mail in order to enable secure web transactions. We needed a public key infrastructure, very similar under the covers to the symmetric key infrastructure, but added a few additional functions. If we're going to make effective use of threshold cryptography. we're going to need a threshold key infrastructure. And that is what the job of the mathematical mesh has had we've been working on for the past few years is all about. But the, the mesh is a TK threshold key infrastructure, but it's a TK that puts you the user in control. You decide who to trust you decide how much to trust them. And you decide when to stop trusting them. No lock ins no proprietary technology that I'm aware of, at any stage, I have no patents on it, all the code is MIT license, and there is a pre alpha release now available on GitHub, getting very close to be able to make a beta release. Obviously with crypto software. I'm a little nervous about releasing this before. A lot of people have examined it because well, you know you guys hack stuff. So, I want some folk kicking the tires on this and telling me what's wrong. Before I tell other folks to start using it. Okay, so the mash is a TK AI that, in theory can support can provide end to end encryption and lots of other stuff for any applications, but it also lives with any infrastructure. It's a network effect construct. And the problem with network effect is that until you reach critical mass, what we call viral marketing from network effect becomes chicken and egg. And so what I'm focused on at the moment is looking at applications of the mesh that provide early adopter users with real value, even if nobody else ever uses it. So one example of that is an end to end secure password vault, that's using the threshold cryptography to secure the data in the cloud, rather than the dopey Let's Encrypt the passwords under another
password that dominate today.
So we're going to use the cloud to control the encryption of the passwords, but the cloud cannot decrypt. And this, in, and the very first version of that is to address particular point gap in the market which is a password Vault for web service keys that are used inside enterprises where you have that script that has to get to that web server somewhere else in the enterprise and use a username and password to authenticate and those username and passwords, get written into the scripts and then the scripts get loaded up to GitHub. Oh yes, it happens, if you want to an after a bit for this talk, load some passwords and some private key files up to up to a GitHub repo and see just how fast it is before somebody uses them. But the long term, of course, is to be able to secure, any type of end to end secure messaging, and also social media. Wouldn't it be nice if we had the ability to do end to end secure Twitter and Facebook type groups in small groups in private. So that's the mathematical mesh. That's why we need a threshold key infrastructure. Here are some additional resources, you can get more from the website which is math mesh.com, but yeah there's a GitHub repo, all the specifications are out there as Internet draft. And there's a mailing list math firstname.lastname@example.org, and videos explaining it all. So please join me. I need help. This is a call for help. Here, call for participation. I think that we can do something that could be really special. Let's do it. Thank you, and questions. You're watching
Beyond end to end with Philip Helen Baker Philip thank you very much for joining us today.
Thank you very much for having me here. It's really great being at home and, you know, we're not there in person but you getting some of the vibe.
Absolutely, and to continue that fight but we do invite those of you attending hope 2020 to ask Philip your questions. Please post your questions to the livestream q&a channel on our matrix server, and they will be relayed here. We've had a lot of good discussion going on during during your pre recorded segment and some some interesting questions. When one member of the audience asks, How do you ensure that the key generator itself is not compromised. I remember there was a NIS t standard for a key generator which turned out to likely be intentionally flood.
Okay. Yeah. Um, I think it was an NSA. Yeah, the July AC RNG thing.
There's a lot to answer that question well well I am actually planning a mini course on five parts on side channel attacks, what you've got there is malicious cryptography, where you're deliberately trying to leak the random number. And so that is a very important consideration. It's not something I can really give you the reason why, but it is something that's been informing the design from the start. And one of the nice things about using threshold is, if you've got your private key has come from two separate machines, and you join the two together. Both of those machines have to be compromised. In order for your private key that you end up using to be compromised. So it does actually provide you with a layer of protection against precisely that class of attack.
We have a fairly straightforward question here from the audience what if the cloud server gets destroyed.
It's a straightforward question it's not a straightforward answer. Um, I have been giving a lot of thought. Throughout the design of the mesh to questions of backup and recovery, while still wanting to avoid government. You know warrantless recovery. So, or even lawful access whatever. So, the key thing that well the first thing is, how can you guarantee that you've got access to your data, even if your cloud service provider goes out of business. I got two and a half thousand dollars worth of IoT stuff embedded in the walls of the house. I couldn't use it for two years, because it was all hooked up to revolve hub and revolve was bought by Google, and they just took them out of business immediately. So, yeah, they gave me the money back for the hub but not for the stuff in the walls, make sense. So yeah, you've got to be able to reclaim your data. And so what you can do is any if you've got one device that has your mesh loaded onto it, you can go to any other metric provider and just move your mesh service. And I've got the logic worked out how that works from a, a cryptographic point of view. That will also have to be some sort of service that allows you to advertise the chain, because one of the things we've got to achieve here is to make sure that the switching cost is low, you know, you've got to be able to move from your, you know, mesco cloud server to, you know, some other cloud service provider without it impacting you. You also want to make it so that you can run your own mesh server. And then maybe you decide well it's getting too much for me I'll use an outsourced one or go the other way. So yes, it is being thought off throughout but it's not a simple answer, because there's not one answer it's a whole series of things. You've just got to do right.
And remember if the audience asks, is the background on ecdh any issue with math mesh for visa v week d h. org.
Uh, this is the log jam attack and what was going on. Um,
that that particular attack isn't relevant. And actually, one of the things that pissed me off immensely is the reason that basically this was an attack about against TLS. And what if you use perfect forward secrecy in TLS. You do it in two stages. First of all you do an RSA exchange. and then you do a diffie Hellman exchange on a repeating basis. So that you're always using a fresh key. And when we were discussing that I said, Well, why isn't the key that we're going to use to encrypt the channel Why isn't it a key derivation function of both those sources of keying material, rather than than just the ephemeral key and I was shouted down, and then I discovered why when Snowden law, you know, one of the things that we discovered was the Bull Run program and 200 and $50 million a year being spent to sabotage crypto so
that particular attack doesn't affect the mash. And we using elliptic curve diffie Hellman not just playing diffie Hellman. But, yes, you have to be careful for that type of issue. And one of the issues with all all diffie Hellman schemes, is if somebody breaks the modulus of the system the using, everything will fall apart.
A member of the audience asks about the stovepipe analogy. Aren't you summing up what happened once capitalist scaffolds with the internet, everything was RFC protocols before that, I think the last universal protocol to be specified with RSS, it's against the interests of Silicon Valley to allow walled gardens to break down how do we solve that
he's against some people's interest in Silicon Valley.
When David Chang was giving his keynote address at the first web conference, we should really, I would hope it's recorded so I was really powerful address, and what he was railing against was interactive TV because interactive TV was a big walled garden plot. And there was nothing interactive about it except that if you watch the film that you could buy the T shirt. That was the limit of their vision of interactivity. And so I'm very conscious of that but when we built the web. We actually went out to Microsoft, and the rest and begged them to adopt it. You know, we, we sold Microsoft on the idea of using the web, why they didn't steal our stuff we. And the thing is that, if you've capitalism yes if you've got a monopoly. You've got a really bad situation. But the other thing is that although the monopolist who's doing really well out of the situation. Well, there's all the other capitalists who aren't doing so well. And so the game that you've got to get to is to play one side against the other and define the coalition, whose interests align with yours. And so, I mean like we've done how many trillion dollars worth of commerce over the web, that was possible because the web was open the mesh, does the same sorts of things but instead of it being a transactional ephemeral communication with securing or securing data in the cloud. We're securing messaging and doing it in a way that enables strong end to end, join the electronic commerce what's that worth to you. So, yes, it probably will put some technology company knows that. But the key is to, let's find some technology companies who can be on our side.
Ready to help a lot of like the early web era and you had the big online services at the time like compuserve America Online prodigy who were all very resistant it seemed to connecting on to the greater internet and allowing, you know, even even allowing email addresses that worked outside their own walled gardens.
Oh, absolutely. Yeah, I mean like
the focus of the ogres now they were the little guys. You know I remember when Google was the underdog. I remember when Microsoft was the underdog to IBM.
Okay. Another question from the audience so why would TK reach critical mass in terms of usage given current use of PGP knowing these are very different things.
Well, one of the things is that, yeah.
I have a whole
a whole talk about the deployment, that I'd be thinking if you're going to get some to change something as big as the internet with a billion users. You've absolutely got to design for deployment. Okay, so the first thing you want to look at is okay you've got a user base with PGP, How do we help the PGP community sold its problems and solve the usability problems of BGP in that wouldn't it be nice if I've got PG a PGP key. But it's only on my desktop, wouldn't it be nice to have that on my phone really easily wouldn't be nice to be able to join together all my devices, certain I can receive my PGP mail on all of them. So the mesh can give you that it can give you the way to join up all your SSH pieces. And so the idea is you solve a lot of little problems for people, and eventually you get to a critical mass, and this is how we deployed the web. The reason that the web took off at CERN was that all the information at CERN was being hoarded on CERN VM which was the central IBM mainframe. And, but. So it was created, I was told by somebody fairly high up in one of the intelligence agencies, he just looked at me and said well you know that CERN was created to spy on the nuclear physicists, put them all in one place to make it easy. Well, when you think thinking in those terms some VM tries, all the information channel through them so if you wanted to telephones and the strike of the campus, you have to go through some VM to get to the phone book. And all the meeting minutes, all the schedules were up. And it was a pig to use. So, once the web started, you could just go to the web, it was all on your workstation now that's got critical mass at CERN, and so on. So, it's all bootstrapping. You've got to have a deployment strategy, you've got to design into that strategy. But yes, we, I am thinking about that and that's probably, that's probably what's taken most of the thought in the mesh actually designing the actual thing itself is the easy part. Deployment that's the hard. The devil is in the deployment.
Always. We've got a, we've got just a few minutes left, I see one more question from the audience. Someone asks Are there any theories on how quantum computing will affect key distribution.
I'll just put my introduction to crypto costs you can go to map mag. COMM and get a link there that's an introduction to modern cryptography. I've just finished doing a threshold course, and the follow on to the threshold course will be either a course on side channel or a course on quantum cryptography. Now, quantum machines exists. Yeah, I've programmed them, but they're not anywhere near close, they're nowhere close to breaking. Modern crypto systems in my view, my perspective here is you know I, I've got a degree in nuclear physics, I did experimental particle physics so I know the difference between a machine you can run reliably for a year without stopping, which is what you need to do to break some, you know, use Grover's algorithm or whatever. All of these keys and a system that will work. You know, for a few milliseconds for a demo. And in particular, all those machines, where they have to get to the super, super cool machines that are simulated.
That's not a scalable approach.
So yeah, so I think there were two three decades of having a practical quantum computer. But having said that, I've given a lot of thought into how we can make the mesh quantum resistant. I've not written a lot of that down or done much design work but, you know, I'm not being paid for 18 months doing this stuff if some research government research lab wants to pay me, I will write a report that will tell you how to do it. Quantum resistant. But, you know, right now I'm just focused on getting it working with traditional public key cryptography, and the threshold techniques that work on public traditional ppi.
I'll do quantum at some point in the future.
And then, and as we wrap up one more time where should people go who are interested in this work and getting in touch with you.
Okay, you can go to math mesh.com. And that's got links to, if you go to the documentation tab, that's got links to all the other things there's a GitHub repo, all the code is MIT license. So, you know, you can stick this in your own product if you like. I mean, I'm not gonna write a web browser. But my password manager, gives you end to end threshold secured security, so you know, grab my password manager and your users passwords are secure, even if the cloud is compromised. So yeah, it's got links to all my talks on YouTube, and all the specs are submitted to as Internet drafts, so you can pick those up and you can see details of how it all works.
Excellent. Philip Alan Baker thank you very much for joining us.
Thank you very much for inviting me