Upgrade to Pro — share decks privately, control downloads, hide ads and more …

End-to-End Encryption in Elixir with Ockam

Mrinal Wadhwa
October 15, 2021
Programming
0
180

End-to-End Encryption in Elixir with Ockam

Machines, within distributed applications, operate by exchanging messages with cloud services and other remote machines. Secure, private, and trustworthy connected applications must protect these messages from eavesdropping, tampering, and forgery.

Ockam is a suite of open source programming libraries and infrastructure that make it simple for applications to dynamically create end-to-end encrypted, mutually authenticated, granularly authorized, lightweight secure channels that protect messages, end-to-end — from their source to their destination.

This enables secure communication between application layer entities that are not directly connected by simple point-to-point transport connections. En-route encrypted messages can travel over multiple transport layer connections and can be stored in message queues, databases or caches for asynchronous, end-to-end protected communication between entities that may not be online at the same time.

In this talk, we’ll dive into the design of Ockam’s Elixir libraries and the protocols they implement to provide end-to-end secure and private communication.

Mrinal Wadhwa

October 15, 2021
Tweet

More Decks by Mrinal Wadhwa

See All by Mrinal Wadhwa
End-to-End Encryption
mrinalwadhwa
0
100
Identiverse 2021 - Cryptographic Protocols for Machine Identities and Credentials
mrinalwadhwa
0
10
End-to-end encryption with BEAM and Elixir
mrinalwadhwa
1
52
Cryptographic Protocols for a Secure and Private IoT
mrinalwadhwa
0
24
Trust Architectures in IoT
mrinalwadhwa
0
110
Privacy, a competitive advantage.
mrinalwadhwa
0
37
Fighting Complexity in Elixir
mrinalwadhwa
0
150
IoT needs Secure Messaging and How Rust Can Help
mrinalwadhwa
1
160
Just Enough Math to Understand Elliptic Curve Cryptography
mrinalwadhwa
1
320

Other Decks in Programming

See All in Programming
kotlin-resultを用いて鉄道志向なエラーハンドリングを試みる
blackbracken
1
180
面倒なのは嫌なのでコンテナのマネージドサービスの極振りしたいと思います。
n1215
PRO
1
200
名付けできない画面を作ってはならない - 名前を付けるとは何か
chatii
0
630
本当に 0 からの 関数型プログラミングの歩き始め方 / How to Walk into Functional Programming from Scratch
guvalif
1
450
Lightweight Architectures With Angular's Latest Innovations
manfredsteyer
PRO
0
420
Run Your Firebase for Web App Locally Using Firebase Emulator Suite
dicoding
0
630
Spring Modulithで始めるモジュラモノリス開発
yutootsuka
2
320
Cloudflare 概論 Cloudflare Meetup Kick Off! #CloudflareUG
maroon1st
0
640
軽率にBabylon.jsへ WebXR Featureを実装して OSSコミットした
drumath2237
0
210
フレームワークが存在しない時代からのレガシープロダクトを、 Laravelに”載せる”実装戦略
hirobe1999
0
350
デプロイ今昔物語 〜CGIからサーバーレスまで〜 / The deployment technics
mackee
9
4.3k
10Xにおけるdbtの事例紹介
10xinc
0
1k

Featured

See All Featured
The Invisible Side of Design
smashingmag
292
49k
A Philosophy of Restraint
colly
194
15k
Teambox: Starting and Learning
jrom
124
8k
Build The Right Thing And Hit Your Dates
maggiecrowley
23
1.5k
Designing Experiences People Love
moore
130
22k
Into the Great Unknown - MozCon
thekraken
5
400
From Idea to $5000 a Month in 5 Months
shpigford
374
44k
The World Runs on Bad Software
bkeepers
PRO
59
5.8k
Designing for humans not robots
tammielis
245
24k
What's new in Ruby 2.0
geeforr
336
30k
Keith and Marios Guide to Fast Websites
keithpitt
407
21k
Thoughts on Productivity
jonyablonski
51
2.8k

Transcript

  1. End-to-End Encryption


    in Elixir with Ockam
    Mrinal Wadhwa
    CTO, Ockam
    mrinal

    View Slide

  2. Verb
    Subject Object
    Allow / Deny

    View Slide

  3. Action
    Subject Resource
    Allow / Deny

    View Slide

  4. View Slide

  5. The operating environment of a typical application looks like this.
    Internet
    Infra
    Network
    Machine
    Application

    View Slide

  6. The operating environment of a typical application looks like this.
    Internet
    Application
    Cloud / Data Center / Home / Hospital / Factory …
    VPC / Kubernetes / NAT / Edge / No-IP wireless / Industrial
    VM / Container / K8s Pod / Rack Server / IoT

    Industrial / Embedded / Edge Device

    View Slide

  7. Distributed applications work by sending each other messages across networks, over the Internet.
    Internet
    Infra
    Network
    Machine
    Application
    Internet
    Infra
    Network
    Machine
    Application
    Data, Commands,
    Acknowledgments, Configuration
    & Software Updates

    View Slide

  8. To be secure both sides must check incoming messages for integrity and authenticity.
    Internet
    Infra
    Network
    Machine
    Application
    Internet
    Infra
    Network
    Machine
    Application
    Message Integrity & Authenticity
    Sender Identi
    fi
    cation & Authentication
    Authorization
    There is a complex set of cryptographic protocol guarantees that go into delivering those checkmarks.

    View Slide

  9. To ensure user privacy and to protect business data both sides must have control of data con
    fi
    dentiality and access.
    Internet
    Infra
    Network
    Machine
    Application
    Internet
    Infra
    Network
    Machine
    Application
    Message Integrity & Authenticity
    Sender Identi
    fi
    cation & Authentication
    Authorization
    Con
    fi
    dentiality
    There is a complex set of cryptographic protocol guarantees that go into delivering those checkmarks.

    View Slide

  10. Internet
    Infra
    Firewalls / VPN / TLS termination
    Machine
    Application
    Internet
    Infra
    Machine
    Application
    Traditional approach is to check our message guarantees at network boundaries.
    Firewalls / VPN / TLS termination

    View Slide

  11. Internet
    Infra
    VPN
    Internet
    Infra
    VPN
    But network boundaries typically have hundreds of machines and thousands of applications within them.

    View Slide

  12. Internet
    Infra
    VPN
    Internet
    Infra
    VPN
    All code in both networks must have no weaknesses for an application developer’s work to be secure.

    View Slide

  13. Lab 1
    Lab 2
    Lab 500
    Cloud AZ 1
    Cloud AZ 2
    Data Center 1
    Data Center 2
    All code in all deployment networks must have no weaknesses for an application developer’s work to be secure.

    View Slide

  14. Lab 1
    Lab 2
    Lab 500
    Cloud AZ 1
    Cloud AZ 2
    Data Center 1
    Data Center 2
    Gateways
    Event Streams
    Pub/Sub Queues
    All code in all deployment networks and all service provider networks must have no weaknesses for an application developer’s work to be secure.
    This also violates the principle of least privilege

    View Slide

  15. Goal: Dependable, Trustworthy, Reliable applications
    To build a secure and private application that can be trusted by users and customers - we need to minimize the chances
    (vulnerability surface) of someone tricking our application into doing something undesirable.
    Big vulnerability surface is bad. Tiny vulnerability surface is good.

    View Slide

  16. End-to-End Encrypted, Mutually Authenticated, Secure Channels


    enable granular authorization decisions at the application layer.

    View Slide

  17. View Slide

  18. View Slide

  19. View Slide

  20. Sender:


    • Needs to know the route to a destination, makes that route the onward_route of a new message


    • Makes its own address the the return_route of the new message
    Replier:


    • Makes return_route of incoming message, onward_route of outgoing message


    • Makes its own address the the return_route of the new message

    View Slide

  21. View Slide

  22. View Slide

  23. View Slide

  24. View Slide

  25. View Slide

  26. Sender:


    • Needs to know the route to a destination, makes that route the onward_route of a new message


    • Makes its own address the the return_route of the new message
    Hop:


    • Removes its own address from beginning of onward_route


    • Adds its own address to beginning of return_route
    Replier:


    • Makes return_route of incoming message, onward_route of outgoing message


    • Makes its own address the the return_route of the new message

    View Slide

  27. View Slide

  28. View Slide

  29. View Slide

  30. View Slide

  31. View Slide

  32. View Slide

  33. View Slide

  34. View Slide

  35. Initiator
    Responder
    app echoer
    4000

    View Slide

  36. View Slide

  37. View Slide

  38. View Slide

  39. Initiator
    Responder
    app echoer
    4000

    View Slide

  40. Middle
    Responder
    h1 echoer
    4000
    Initiator
    app
    3000

    View Slide

  41. View Slide

  42. View Slide

  43. View Slide

  44. View Slide

  45. Middle
    Responder
    h1 echoer
    4000
    Initiator
    app
    3000

    View Slide

  46. Initiator Responder
    Shared Secret Shared Secret
    M1
    M2
    M3
    M4
    M5
    The shared secret is then used as a key in Symmetric Key Cryptography to
    maintain con
    fi
    dentiality and integrity of application data.
    Application Data - Authenticated Encryption
    The entities involved use Public Key Cryptography to authenticate
    each other and agree on a shared secret.
    Authenticated Key Exchange

    View Slide

  47. Middle
    Responder
    h1 echoer
    4000
    Initiator
    app
    3000

    View Slide

  48. View Slide

  49. View Slide

  50. View Slide

  51. View Slide

  52. Middle
    Responder
    h1 echoer
    4000
    Initiator
    app
    3000

    View Slide

  53. Middle
    Responder
    h1 echoer
    4000
    Initiator
    app
    3000

    View Slide

  54. Middle
    Responder
    Forwarder
    echoer
    4000
    Initiator
    app
    3000

    View Slide

  55. View Slide

  56. View Slide

  57. View Slide

  58. View Slide

  59. Middle
    Responder
    Forwarder
    echoer
    4000
    Initiator
    app
    3000

    View Slide

  60. View Slide

  61. View Slide

  62. View Slide

  63. View Slide

  64. View Slide

  65. Mrinal Wadhwa
    CTO, Ockam
    mrinal
    github.com/ockam-network/ockam
    github.com/ockam-network/ockam/tree/develop/examples/elixir/get_started
    All code examples from this talk:

    View Slide