Crypto: a key ingredient in building respectful products - - PowerPoint PPT Presentation

crypto a key ingredient in building respectful products
SMART_READER_LITE
LIVE PREVIEW

Crypto: a key ingredient in building respectful products - - PowerPoint PPT Presentation

Apr 07, 2024 278 likes •815 views

Crypto: a key ingredient in building respectful products @LeaKissner HI! Im lea kissner Philosophy 1. Build products that respect users. 2. Understand what that means. 3. Make it easy. Build products that respect users. IDE

slide-1
SLIDE 1

Crypto: a key ingredient in building respectful products

@LeaKissner

slide-2
SLIDE 2

HI! I’m lea kissner

slide-3
SLIDE 3

Philosophy

slide-4
SLIDE 4
  • 1. Build products that respect users.
  • 2. Understand what that means.
  • 3. Make it easy.
slide-5
SLIDE 5

Build products that respect users.

slide-6
SLIDE 6
slide-7
SLIDE 7
slide-8
SLIDE 8
slide-9
SLIDE 9

IDE integration

slide-10
SLIDE 10

Understand what that means.

slide-11
SLIDE 11
slide-12
SLIDE 12

Purely Technical

slide-13
SLIDE 13

Purely Technical Purely User Focused

slide-14
SLIDE 14
slide-15
SLIDE 15

Make it easy.

slide-16
SLIDE 16
slide-17
SLIDE 17

Crypto time

slide-18
SLIDE 18

Rolling one’s own crypto

slide-19
SLIDE 19
  • 1. They think they’re smart.
  • 2. They think it’s cool.
  • 3. It’s not obvious.
  • 4. It’s too expensive.
slide-20
SLIDE 20
slide-21
SLIDE 21
  • 1. They think they’re smart.
  • 2. They think it’s cool.
  • 3. It’s not obvious.
  • 4. It’s too expensive.
slide-22
SLIDE 22

Moral of the story: Don’t give people excuses to roll their own crypto.

slide-23
SLIDE 23

Privacy-preserving computation

slide-24
SLIDE 24

Phone number UserID for phone#

slide-25
SLIDE 25

Moral of the story: Please make privacy-preserving computation faster.

slide-26
SLIDE 26

Encryption at rest

slide-27
SLIDE 27

Hardware breaks

slide-28
SLIDE 28
slide-29
SLIDE 29

Software breaks

slide-30
SLIDE 30

Encryption!

slide-31
SLIDE 31

Storage

Gmail

Photos

Docs

Storage

Storage

Key Management Server (KMS)

slide-32
SLIDE 32

Keys

slide-33
SLIDE 33
slide-34
SLIDE 34

Keys

slide-35
SLIDE 35

System issues

slide-36
SLIDE 36
slide-37
SLIDE 37
slide-38
SLIDE 38

System issues

slide-39
SLIDE 39

Key rotation

slide-40
SLIDE 40

Restaurant ID Review ID Number of stars 333 123456789 5 90224 987654321 3 Group ID Msg ID Message text 55632 10 “Never gonna give you up” 92132 22 “Never gonna let you down”

Object ID: 123456789 Object ID: 55632 | 10

slide-41
SLIDE 41

Storage

Gmail

Photos

Docs

Storage

Storage

Key Management Server (KMS)

slide-42
SLIDE 42
slide-43
SLIDE 43

Storage

Gmail

Photos

Docs

Storage

Storage

Key Management Server (KMS)

slide-44
SLIDE 44

Moral of the story: Crypto is a tool for turning things into key management problems.

slide-45
SLIDE 45

Morals of this story

slide-46
SLIDE 46

Don’t give people excuses to roll their own crypto.

slide-47
SLIDE 47

Please make privacy-preserving computation faster.

slide-48
SLIDE 48

Crypto is a tool for turning things into key management problems.

slide-49
SLIDE 49

Success must be evaluated in the full stack, including the humans

slide-50
SLIDE 50

... and the squirrels

slide-51
SLIDE 51

Thank you

lkissner@google.com @LeaKissner

slide-52
SLIDE 52

Questions you might want to ask:

  • 1. What’s are those squirrels thinking?
  • 2. Why wasn’t the crypto-based access control sufficient

to remove the need for storage system ACLs?

  • 3. What else makes key management hard?
  • 4. Why aren’t there magical privacy experiences?

lkissner@google.com @LeaKissner