HandyCon 2024 | Day 2 - Stateless DANE (SANE) - YouTube
https://www.youtube.com/watch?v=klTFwQRtemQ

Transcript:
(00:03) [Music] hello hello hello all right uh we just had an amazing uh session and we're leading right into a new one with Alexander we're going to be going over stateless stain I'm very excited to learn more about this I think I hear the term a lot but um sometimes it can be it could be tough to understand so thank you so much for the time Alexander I'm gonna go ahead and and shut up now and let you take the stage okay hi everyone hi Alex uh I'm Alexander SHI I'm an independent developer who sometimes uh
(00:52) contributes to the handshake project and this evening I would like to say some words about stateless Dane uh project and uh it might be a bit technical might be a bit boring I didn't really know who would be the audience so uh I prepared some background maybe some things that you have already heard for thousand of times but still uh so let's go um let me share my [Music] screen the entire screen I guess okay I have a tiny a tiny presentation so I will be talking about stateless D my plan is to uh have a small showcase what what is
(01:44) that how it works uh from the user perspective and then I will speak about its background and why it has uh its background its design patterns so uh with some with some Theory and uh uh some technical details okay so um if to speak shortly stess Dan is an application which allows to browse handshake websites in a secure way so over TLS without a need to have a constant connection to an hnsd instance uh to show you how it works I have uh I have my Firefox that currently um that currently shows nothing when I'm trying to browse
(02:29) handshake website I have a SC which has some weird parameters added I run it and uh if I don't catch a bug that is usually happens when you try to present something the website should open and I have a certificate that is provided by this stateless D and I don't need to have a blockchain node and I don't need to have a running hsd instance and I need only to retrieve uh three Roots one once in a day and I will speak about it a bit later so uh this more or less is the Showcase of how it works so it's
(03:09) simple simple running application uh which behind the scenes uh runs a local process server and uh substitutes substitutes substitutes a certificate for some handshake website if it complies to the protocol uh let's start with of theory so we we browse websites we have applications we have computers and these computers they uh they they ask other computers to get some information there they send this information and uh well computers are located in different parts of the world and they need to somehow to address
(03:52) other computers and to do this they utiliz the protocol which suddenly is called the Internet Protocol and that was developed very very long ago and which allows to uh which allows one computer to address the other one and to root the message to that other computer and the internet is not pvse connected so you don't really have a connection to the destination computer and you so you should have some kind of routin system that uh by passing some intermediaries sends your message to the needed computer and it is done by assigning the
(04:33) IP addresses to those computers and uh so uh behind the sces uh computers they just have addresses that are just numbers and they communicate with each other while these numbers and uh we humans we are not particularly good on remembering numbers entering them especially when they are constantly changing so in order to effectively Bros uh websites uh people have developed uh the DNS name system which uh effectively uh translates uh human readable names into IP addresses that can be further utilized by computers and to retrieve
(05:16) the needed information and to send it so DNS was uh devised uh like 30 years ago and uh it uses Ser client model it's hierarchical that means that there is distinction into domains of responsibility there is a some parent U parent responsible computer a parent Zone that delegates uh the translation of the of its child zones to other computers and so it's distributed and hierarchical when uh DNS was constructed it was more about uh uh usability and operability and not about security because at the time the internet was a far more
(06:04) friendlier place than right now so uh effectively when you uh when you try to brow some website you you ask a d server uh a question like what what is the AP address that corresponds for example to to my domain and the DNS server asks other DNS servers and until uh the responsible for this domain server response uh so there is a chain of messages and at some point those messages can be corrupted or can be maliciously altered so uh there is no underlying layer of security there and uh um that's why people have constructed
(06:46) an extension of it that is literally called uh DS SE so domain name security domain name system security extension uh so more or less it's just uh uh the idea of signing all the messages of DNS servers by some public keys and providing this data so when you ask when you ask S what is the IP address the response would be sent and uh uh the parent response also would be signed and so on until you have a uh a chain of signatures that goes until to the root Zone the private keys for the root Zone that also is needed to verify
(07:31) the the chain of messages has a special ceremony to to generate it to regenerate it and it's more or less stored securely by some internet uh organization not sure what what is its name and so uh by using this DNS SEC protocol uh it's possible to be sure that an IP address that we want to open really corresponds to the website that we want to brow so there is no way to um there is no way to fake this IP address and you will not go to uh fake computer uh however it's not enough for for a secure communication between
(08:14) computers because uh on the underlying level there is no inherent encryption of packets uh so when you browse website uh using H HTTP connection your message can be seen by everyone and uh can be out however of course we can use the same the same idea of just to have some public private key pair and to sign all messages that are going from a client to a server so for example if you open google.
(08:48) com uh you uh somehow know it's uh public key you encrypt your information Vis it public key sent to them and so it decrypts and gives you a response uh and this response for example is signed by your public key the problem with that is someone in the middle can uh can provide his own public key in place of the Google one and uh you have no uh no way to identify it without any additional extensions uh so uh basically uh we want to have some tool to be able to identify a public key with some party with some entity and one of the solutions to this problem is to
(09:28) have a certificate authorities certificate authorities are some some entities that create certificates for some parties that literally certify that a given party has a given public key and when you open a website you can verify that the public key is really from the party uh the problem with the certificate authorities that they are centralized that uh they might behave badly and uh so they are so for example your browser has uh has supplied certificate authorities and it's and there are public Keys um that
(10:08) come with your browser with your operating system and U that uh that is not very decentralized way to uh to solve this problem um okay and the other problem is that they have Universal domain of responsibility that means that any certific certificate Authority can issue certificates for any party so they don't have kind any kind of bounds that I give certificates only to these websites or those and so if a badly behaving Authority can issue a certificate for any website and it might cause a lot a lot of damage another approach to this
(10:51) problem of middleman is actually to okay so it's an issue of certificate which is not that interesting another approach to the problem of the middleman is actually to store uh public information in the DNS data so uh it is called DNS based authentication of named entities and it literally allows to store information about websites public directly into in the DNS records uh however it's not widely adopted by browsers because there they say that it adds some latency and uh that Dan authorities and Dan authorities that
(11:33) they use to weak keys and that's why they don't adopt it as long as like uh they have other option namely just certificate authorities so in order for D to work uh they're needed two things uh well it's just information of information about the D chain from the record that stores the public key of some domain up to the root Zone and some kind of proof that this information is up to date Um this can be applied directly to handshake and in this case both of this information both of these pieces of information they come from a
(12:12) handshake resol which validates uh which which extracts DC chain data and validates that this data corresponds to the current state of the blockchain uh however the problem with that is you need to have a handshake resolver that has a connection to blockchain and can uh take can take data from it and verify that it's really the current state same uh so same short for stateless Dane it uh is an extension of Dane uh which does not require this connection instead of this it expects the certificate itself to have this uh
(13:00) two pieces of information uh to have DNS SE data and to have some uh information about blockchain stor in in the certificate and it does not require an instance of hnsd and uh it has to synchronize with the blockchain once a day uh to pull some data which takes uh how how we saw not not here okay uh so it takes about I don't know 5 Seconds like so um so um the uh the stateless D it expects the certificate to have DNS chain which is just um messages from DNS servers and about the corresponding child and parent zones and also an
(13:52) oracle proof uh Oracle proof is a tiny piece of information that stores Uh current uh data about the blockchain state and it can be stored in certificate it's it's like several hundred of bytes and it's very easy to verify uh to have some kind of reference points it uses the three root that is one of the block headers from the uh from the blockchain and it is up it is updated like every six hours so we have around 4 blocks every uh uh uh you have 43 new three Roots every week and um uh so there are three parts to be uh
(14:43) compliant foran it's the server part so uh the server part which generates the certificate that can be used by S it uh it has to be updated once uh from from time to from time to time and there is a tool to do it automatically and uh I've been working for the client site namely the clients that intercept the connections to uh to website and substitutes uh substitutes it with the certificate that um after the with known certificate after the validation of the data from s there is also an extension of this idea because uh as we don't
(15:27) really need to trust anyone because we have our own three Roots we can use some external proof services that provide information about uh about blockchain and about NS SEC data and as long as we uh can verify again the proof against a given a given tree root we can trust uh these websites so there is the handshake uh uh there is the um there is a sera for this proof Service uh which is uh done by hsh community and uh um from one of the plans is to to make it more um more reliable to have some um to have some um management to it sorry I'm
(16:19) uh yeah uh to have some load balance to it and to to make it more more reliable um from there stuff there is also a fingertip it's a bit more user friendly uh way to use the SC actually is just uh plug-and Play application with all the details set to default ones and you just R fingertip you have a tiny uh icon here and you you can look that uh current state that um my resolver is ready and brows is US fingertip and the same way I can access any website that uh that has correctly set up tlsa record so namely it just complies to to the D
(17:09) protocol well uh current state of uh of the implementation is that we have a running Linux build we have Windows build and I think we are waiting for uh for Signature of uh for signature for my C build and so uh after that there will be I hope uh merge from the pull request and it will be available to public I want this more or less everything I wanted to say and to present and of course I would like to answer the questions and I want to say thanks to Rik to Eric and hen and to anotherus so for incentivizing this
(17:57) project to have some technical help and to have a goal implementation of verifying Oracle tree proofs and so some additional details are there is a blog post uh on hs.org and there is a GitHub repository with this uh with s and my contact details can be accessed on this website 5y. let me see if okay okay I'm I'm seeing the chat all right that was uh that was awesome uh I don't think so no I think I think people are excited I think I think we're we're all kind of getting it but one one one way it was phrased by Paul
(18:48) web right maybe so this is like fingertip but lighter is that a fair yeah exactly exactly is that it can be uh it it can be added to some brows so just I'm just I don't know mobile devices so yeah it's even lighter than fingertip okay okay fantastic um all right any I know we have a lot of enthusiasm but we're you know we have Alex right here who's got any other burning questions we wanna want to get out in front of them Paul's excited uh yeah we have we have about nine minutes so we should um I guess
(19:30) when when Ric um yeah who does who does Alex work for for myself I guess yeah Alex worked for Alex good um all right release date Okay I uh this is a good reminder for me to run fingertip I guess for for those of us who are maybe lacking on the tech teal side or a little bit behind or just trying to mentally catch up here uh you know if you want to resolve handshake names on your on your computer U fingertip is available you can install it and use kind of the browser of you're choosing so um what uh what would be the best way
(20:15) for the community to be supportive Alex how can we how can we help you uh I think it's it would be good to host some those external services that provide those proofs and uh maybe to have I don't know some testing and to have comments and code review it would not harm for sure because for example myself I would not I don't know bet all my life belongings to the current implementation so it's it's high experimental but it runs more or less fine okay okay fantastic um okay looks like Paul Paul Webb is volunteering here
(20:58) uh through um who running these Services fantastic so he he would like to help contribute there and I think you had shared you had shared on the screen um the links what is the best way to connect with you where what are you actually on are you on on Twitter I guess uh you can connect on my telegram um I should I write my handle I hope Okay so it would be just random lugin for for a naming Community I think I think it's fair to say that's a pretty cool name all right and let me just in in case post link to the
(21:55) repository and some other link it was about about blog post actually I think there will be another blog post about setting everything up more detailed we did we did have a a question in the QA here uh from BJ so so as this becomes available for different browsers will be up to users to download the patch to be able to resolve if so maybe a good tagline uh would be good like when when Hotmail came out uh with the messages [Music] um sure I understand the message um yeah so I think so as this becomes available for different browsers
(22:36) so this I'm going to dumb it down here um for for me at least uh this this is going to be installed on on the device itself whether it be a mobile device or oh this runs in the background it it's not integrated as part of a brow of any specific browser no no not yet but I think the talks about integrating it uh will be more active after we have a release after we have a public release and it's still a lot of work to implement it inside a browser so yeah it certainly can be done but not that fast um okay and and again again paron
(23:15) my ignorance on this but the what certificate authorities give us the lock icon on the top left is there anything that's going to be telling a user that they are using that this is their security mechanism well actually you will have have your own sence certificate so you will be acting as your own certificate Authority and so once you run for the first time you you have generated your own certificate and you add it to your browser and so any website that is compliant to this protocol will will have just ordinary log icon and you will
(23:49) see that it's secure and uh when you will when you will use the browser that has in internal uh internally this uh this stuff you will you will just brow as is you will not have to add anything okay okay um all right and uh and I mean riic asked for for a date but I think I think we just need to stay tuned that to be determined um that's that's the date for now but this is uh this is very exciting um make sure we copy these links we'll get them out and reshare them I'll uh I'll I'll post them
(24:25) since apparently we don't tweet anymore um fantastic all right what else do we got here couple just a couple minutes left any final final questions any other thoughts maybe your thoughts what what do you what do you how do you feel about handshake you've been very close to it up close and personal what what are your what are your general thoughts on the space or I don't know actually I'm quite sporadically active in a handshake community and it's development like base so not have that much to say but I
(25:01) generally think that it's a very nice thing to to have an alternative uh so yeah that is okay and do you think that uh do you think that the value propositions of handshake have evolved have changed since launch do you think that most of the infrastructure is still still there and doing what it's supposed to be doing or or has your opinion of it changed since since um not quite sure no fair enough fair enough maybe uh maybe I'm the one thinking about it 237 um all right uh fantastic well everyone if you need a quick break
(25:39) before the next session this might be the time to to hop away from our from our computers I'll be posting um those links so we have them uh we got the telegram that's a pretty good name I don't think anyone's going to forget it um and we're looking forward thank you very much for the time Alex we're looking forward to the next next session thank thank you guys thank you everyone [Music] hey