SlideShare a Scribd company logo

Trustless slides dual-use R&D Proposal

TRUSTLESS.AI, profile picture
TRUSTLESS.AI

This document provides an overview of the TRUSTLESS project, which aims to develop a complete computing platform and ecosystem for critical dual-use communications that provides unprecedented privacy and security. It will be based on existing open-source components and utilize a new thin handheld device. Key aspects include extremely open and verified hardware and software, citizen oversight of critical processes, and certification by an independent body according to strict paradigms. The project involves several core partners that are leaders in fields like secure processors, microkernels, cryptography, and hardware assurance.

Internet
Related topics:
Information Security
1 of 29
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
TRUSTLESS Trustless socio-technical systems for trustworthy dual-use critical computing This slides: www.openmediacluster.com/EDA-11-2015 Proposal web page: (with exec. summary & 34-pager proposal draft): www.openmediacluster.com/trustless-extended-rd-proposal-to-ecsel-2016/ Contacts: Rufo Guerreschi, Exec. Dir. Open Media Cluster rg@openmediacluster.com +393357545620 Intro slides to a TRUSTLESS-based TRUSTLESS Extended & Dual-use R&D Proposal to ECSEL 2016, Italian PNRM, and H2020
About Us: Open Media Cluster ● What: A micro non-profit R&D/innovation center in Rome, Italy, pursuing leading-- edge R&D on dual-use privacy- and security--enhancing ICT technologies for civilian and dual-use markets. ● Single Focus: Together with uniquely-qualified global R&D partners and advisors, attract R&D funding on the TRUSTLESS R&D project, and promote a related certification body through a global event series, Free and Safe in Cyberspace. ● Expertise: Outcome of 15 years of expertise in e-voting, e-participation, free software, and bleeding-edge privacy-enhancing technologies and solutions, through NGO and SME work of exec. dir. and leading staff. World-class advisory boards. ● Mission: Enabling unprecedented and constitutionally-meaningful e-privacy for all, while increasing public safety. ● History: Established in May 2011, to provide the core innovation center and R&D project to provide industrial critical mass of the Open Media Park, a planned 47,000 sq.mts.140M€ ICT/media media/ICT park in Rome, Italy. 2
About Us: Open Media Cluster ● What. A micro non-profit R&D/innovation center in Rome, Italy, pursuing leading-- edge R&D on dual-use privacy- and security--enhancing ICT technologies for civilian and dual-use markets ● Mission. Enabling unprecedented and constitutionally-meaningful e-privacy for all, while increasing public safety. ● Expertise. 15 years of expertise in e-voting, e-participation, free software, and bleeding-edge privacy-enhancing technologies and solutions. ● Focus. Attract R&D funding and world-wide consensus on the TRUSTLESS R&D project and certification initiative, with uniquely-qualified global partners and advisors, as the epitome of over 15 years of research. ● History. Established in May 2011, as the core innovation center to provide industrial critical mass of the Open Media Park, a planned 47,000 sq.mts.140M€ ICT/media tech park in Rome, Italy. 3 Open Media Cluster Center A planned geolocated open media & IT security with 7.000sq.mts and 12 partners, slated for 2018-2020
● Aim: Develop, from existing open components, a complete computing platform, ecosystem & certification body for critical dual-use IT communications, that provide unprecedented and constitutionally-meaningful levels of information assurance, while overall substantially increasing public safety.(based on the TRUSTLESS) ● How: Kick-start an extremely open and resilient ecosystem, a certification body, and a complete critical SW/HW stack for an end-2-end computing platform, for basic voice & text communications, that is devoid of the need or assumption of trust in anyone or anything - except in the intrinsic resilience of all socio-technical organizational processes critically involved in the entire lifecycle (from standards setting to fabrication oversight) against decisive attacks of up to tens of M€s, as assessable by an informed and moderately educated citizen. ● Key & unique concepts: (1) Complete verifiability, extreme compartmentation and minimization and sufficiently extreme verification relative to complexity of all critical HW&SW; (2) Citizen/peer-witness oversight of all critical service components, including ICs fabrication, and server-room access, including for lawful access requests; (3) Expert and user-accountable certification governance. ● Target Military Uses: Initially targeted to the most critical defensive and targeted- offensive communications, it is extensible to high-availability dual-use IoT, M2M, and semi-autonomous systems, and wide-scale consumer roll out. ● Overcoming Privacy/Safety Dichotomy & Reaching Critical Mass: TRUSTLESS provides unique extreme safeguards for transparently reconciling lawful access and personal confidentiality, which is crucial for legal sustainability of a critical mass of dual-use investments for create a EU-domestic “trustworthy computing base”. 4 TRUSTLESS Extended & Dual Use
5 TRUSTLESS
High-assurance IT Security Today ● While unbreakable encryption is everywhere, nearly everything is scalably broken, mostly at birth ○ All or nearly all endpoints, both ordinary commercial systems and high- trustworthiness IT systems, are broken beyond point of encryption, and scalably exploitable by powerful nations and an undefined by relatively large number of other mid- or high-level threat actors. ○ TOR is broken - except for very expert and selective uses - because of attacks through traffic analysis, endpoints and/or other techniques by APTs. ○ If so broken, Why no news military hack?! Often because that’s a state secret or because the whole point of advanced APTs is to stay undetected for years to snoop and alter data at leisure. ● State-mandated and state-sanctioned backdoors are nearly everywhere ○ Critical vulnerabilities, that make nearly everything broken, are nearly always either state-mandated or state-sanctioned backdoors, because a few states have either created, acquired or discovered them, while keeping that knowledge hidden, legally or illegally. ○ A few states have all the tools they need to pursue criminals with due legal process, except very few the most skilled and well-financed actors with access to top techs and/ir top OpSec (digital and non-digital) such as top criminals, billionaires, or highest state security officials. A huge asymmetry of power and information superiority, that is self-reinforcing with incalculable consequences. 6
Military Cyber-Offence - Gaps Needs: In an era of asymmetric and hybrid threats, and increasingly vulnerable critical IT systems, information superiority is nearly everything. Gaps: 1. Information sharing is hampered by lack of trust among among EU states, and NATO members, in turn due to lack of inadequate socio-technical standards and safeguards, against abuse of national or international laws and treaties. (Safe Harbor) 2. Reconnaissance and situational awareness systems are increasingly ineffective, as more and more threats are: asymmetric; within our borders; or, outside borders, but without troops on the ground or access to airspace. (Siria) 3. Bulk surveillance systems are increasingly proven ineffective; hard to turn into leads; and increasingly prone to internal and external abuse (OPM hack, Snowden) 4. Endpoint surveillance systems have the side effect of: a. increasing the vulnerability of our critical civilian and military assets, by the spreading critical 0-days and management infrastructure (see Hacking Team); b. being increasingly vulnerable to external and internal actors, because of the insufficient audit relative to complexity of underlying low-level SW/HW and lifecycle of the management infrastructure (see Inslaw’s Promis); c. (and, therefore) are gravely increasing risks of privacy abuse and legal and constitutional challenges, to their use abroad & at home. (Snowden, Safe Harbor) Solution: Re-center Information superiority on high complementarity of human intelligence and a new generation of targeted surveillance socio-technical systems with intrinsic democratic accountability, user-trustworthiness and effectiveness. 7
Military Cyber-Defense Gaps ● Nearly everything is broken. Nearly all highest-assurance military command IT systems and standards can be rendered remotely and undetectably compromisable by a large number actors, through the hacking, bribing or threatening of just one person (or 2 rarely) in a critical role in its lifecycle or operation. No public or “trustworthy independent” audit of “trusted” parts and/or are vulnerable to malware in SW&HW stacks between the user’s interaction and the “trusted” components. ● Risks are increasingly beyond point of encryption and network nodes, through endpoint lifecycle compromisation, via “memory-resident or fileless malware” sasy Kaspersky ● Lack of trustworthy low-level computing base & life-cycle. EU MoDs and critical civilian institutions lack access to end-2-end IT services and systems that are independently and publicly verifiable and/or with critical HW components and fabrication processes that are sufficiently verified relative to complexity, as well as comprehensive and user-trustworthy high-assurance IT standards and certifications. Such lack is most crucial in dual-use strategic communications where complete compromisation can go undetected for years. US Defense Science Board: “Trust cannot be added to integrated circuits after fabrications”. ● Consequences: Use of inadequate Intelligence and command IT systems exposes EU and EU Member States military, institutions, citizens and assets to undetected abuse by hostile or competing nations, and an increasing number of private actors. ● Root Causes: (a) Competitive pressures for increased performance in civilian IT markets, (b) Protection of intellectual property and against vulnerability disclosure; 8
Some recent news on these Gaps ● Reuters said "A [US] presidential review committee concluded the [bulk] surveillance regime did not lead to a single clear counter terrorism breakthrough that could be directly attributed to the program” ● EU counter-terrorism coordinator said (min21.10): “Shared privacy safeguards is a precondition to share terrorism intelligence data” ● On Nov 17th, the NATO Secretary General said: “It is essential that we work together in several areas: improving our situational awareness, civil preparedness and resilience, cyber defence, strategic communications, and joint training and exercises”.** ● On the same day, Head of EDA and EEAS, Ms Mogherini, said “Military research has reduced by over ⅓ over last few years. R&D is crucial … EDA allows MS to acquire together what is out of reach individually”. “EDA support dual-use technologies and the preparatory actions for CSDP-related research. The preparatory actions will be a game changer, the 1st time that the EU budget is used to fund defence research”. ● Italian Prime Minister Renzi recently said: “In respect of privacy, We’ll invest additional 150M€ in cybersecurity”, outside EU spending caps. Many MS will follow. ● Italian Justice Minister Orlando recently said: “We need new, more advanced endpoint surveillance” 9
TRUSTLESS Binding Paradigms Certified TRUSTLESS computing services, devices, lifecycles and the certification body would comply with the TRUSTLESS Binding Paradigms (here in full version) 1. assumes that extremely-skilled attackers are willing to devote even tens of millions of Euros to compromise the supply chain or lifecycle, through legal and illegal subversion of all kinds, including economic pressures. 2. provides extremely user-accountable and technically-proficient oversight of all hardware, software and organizational processes critically involved in the entire lifecycle and supply chains; 3. provides extreme levels of auditing intensity relative to system complexity, for all critical components; and includes only publicly verifiable components, and strongly minimizes use of non-Free/Open-source software and firmware. 4. includes only open innovations with clear and low long-term royalties (<15% of end-user cost) from patent and licensing fees, to prevent undue intellectual property right holders’ pressures, lock-ins, patent vetoes and ensure low-cost; 5. includes only highly-redundant hardware and/or software cryptosystems, whose protocols, algorithms and implementations are open, long-standing, extensively- verified and endorsed, and with significant and scalable post-quantum resistance levels. 6. Is continuously certified by an extremely technically-proficient and user- accountable independent standard/certification body. 10
Enabling Arch. & Client form-factor ● The technical architecture, from existing open components, is based on a 300Mhz CPU-based hardware platform which will have power- consumption and form-factor that make it suitable for a new 2.0-2.5mm-- thin handheld end--user device class (or CivicPod) - integrated in or “attached” to any user's ordinary smartphone, and interfaceable a user’s desktop monitor - as well as for server, onion routing mid-points and M2M/IoT devices,- albeit initially with minimal feature and performance. ● In a single highly-portable device, it integrates the features of a display smart-card, a simple handheld device, a smart-card reader, and a barebones desktop PC. Smartphones, now often 4.75-6.5mm thin, are getting too thin to handle, creating a radical portability opportunity. 11
Service Architecture Diagram 12
Service Architecture (1/2) ● CivicPod. A dedicated 2.0-2.5mm-thin touch-screen handheld device, which used attached to the back of any user's mobile phone via a smartphone hard case. Its backface exposes an external smart-card reader, which can be used an alternative hard case that adds a 0.7mm slot for non-RF CivicCards (or smartcards) to use for in EU border points, multiple users, CivicKiosks at public offices; downward-compatibility and interoperability eIDAS and EU/NATO SECRET. ● CivicDongle. Each CivicPod user will optionally receive, at cost, a paired cheap TV-connected Wifi-enabled HDMI-Dongle (or CivicDongle) with capability to act as secure onion routing node in order to create a network of thousands (exit, relay, directory) to ensure metadata privacy, most likely as a “private extension” of the Tor network. 13
Service Architecture (2/2) ● CivicLab & CivicRoom. CivicDevices are all assembled, verified, flashed, and transferred to their users in dedicated custom--built street--facing lab (or CivicLab), that contains a server room (or CivicRoom), where all privacy--sensitive services, if offered, must be hosted, whose access requires 5 randomly-selected peer--witnesses and dedicated servers (or CivicServers). ● CivicFab. Fabrication and design of all critical hardware components will be subject to citizen-witness-based oversight processes (or CivicFab) that will substantially exceed in end--user- trustworthiness those of NSA Trusted Foundry Program, at substantially lower costs. After a short initial exclusivity for a post--R&D TRUSTLESS Consortium, TRUSTLESS services can be extended and commercialized by any willing service provider (or CivicProviders). ● TRUSTLESS Certification Body. Providers are continuously verified by a to--be--established dedicated certification organization, according to TRUSTLESS Paradigms and TRUSTLESS Specifications, updated by the same. 14
Service Architecture - Diagram 15
TRUSTLESS Core Partners (1/2) • Lfoundry. (Italy) Leading EU-located and EU-owned foundry with a 200mm plant, with over 1700 staff, 110nm-capable, and with capacity of 40,000 wafers per month. The only independent and economically-viable EU foundry with in the 60nm and 160nm capabilities, suitable for high-assurance low-performance general-purpose end-user computing. Historical expertise in high-assurance critical hardware components production. EAL5+ certification for smart cards production is in progress. • Kryptus (Brazil) Developed the first secure general-purpose CPU microprocessor in the southern hemisphere, the SCuP, which uniquely provides open and verifiable designs and FLOSS microcode; at the core of TRUSTLESS HW architecture. Designed the 400.000 voting machines of Brazil, fighter-to-fighter communications systems, and the HSM of core Root CA of the main Brazilian PKI. • KernKonzept (Germany). Developers of the World’s most mature Free/Open Source microkernel and runtime environment for high-assurance ICT, the L4Re. Deployed globally by major Telcos and publicly audited for over 8 years. • KU Leuven COSIC. (Belgium) Research group COSIC (Computer Security and Industrial Cryptography) World leading expertise in digital security and strives for innovative security solutions, in a broad range of application domains. It is lead by Prof. Bart Preneel, President of the International Association for Cryptologic Research, arguably EU foremost IT security expert 16
TRUSTLESS Core Partners (2/2) ● GSMK Cryptophone. (Germany) For over a decade the only publicly available cryptophone maker with the full software stack publicly verifiable. Used by diplomats, top executives and investigative journalists, including Laura Poitras and Glenn Greenwald, the filmmaker and journalist primarily delegated by Edward Snowden with the publishing of his revelations. Their CTO is spokesperson of Chaos Computer Club, main EU hacker NGO. ● SCYTL Secure Electronic Voting S.A. (Spain) Global leader in e--voting and high-- assurance remote deliberation technologies. Present in over 20 countries. Has pioneered innovative cryptographic techniques and socio-technical processes. ● Center for Cyber Intelligence and Information Security (Italy) The leading state cyber-security academic research center in Italy, with ties with state security agencies. ● American Mini Foundry. (USA) US leader in highest_assurance IC foundry oversight). World-class competencies in hardware fabrication assurance processes. Among the team members that will be involved is their President Scadden, and Gerry Etzold, Former Technical Director of NSA Trusted Access Program (2008-2009). ● Goethe University – DT Chair for Mobile Business and Multilateral Security (Germany). Leads in research on privacy and security in mobile networks, and related social and economical aspects. Lead: ABC4trsut, TresPass, PrivacyOS. Chair is Prof. Rannenberg, member of NIS Platform for individual rights. ● ROtechnology. High-availability dual-use IoT systems. ● Security Brokers. Targeted lawful access and state-grade 0-days. ● ReaQta. Targeted lawful access and deep endpoint defence. 17
EU Institutions support to date ● On last Dec 2nd, we presented a 30 minute keynote at the “Cyber Defense Industry Day”, organized by the EDA Project Team Cyber Defence (draft agenda .doc). ● On Oct 1st, we’ve met for 4 hours the head of the 2° Office of the Technological Innovation Department of the Secretariat General of the Italian MoD C.V. Cappelletti, and 2 of his team (C.V. Galasso and Ten.Col. Roggi), which handles R&D projects from TRL2-6 and EDA. ● On Sept 30th, we have submitted a 4M€ R&D proposal to H2020 FET-Open RIA with our core technical partners. ● On Sept 24-25th in Brussels, we held the first event of the global event series Free and Safe in Cyberspace, with world-class speakers including EDPS, ECSEL, DG Connect Trust and Security Unit, EIT Digital Privacy Security and Trust Action Line, Richard Stallman, Bruce Schneier, Bart Preneel, and EDA Head of Information Superiority, Michael Sieber. A LatAm Edition was held in Oct 2015 in Iguazu, Brazil. A North American version is planned for 6/7 2016. ● On Sept 16th, we met for 3 hrs with Capo Reparto (Head) of VI Reparto Sistemi C4I e Trasformazione of the Italian MoD Adm. Di Biase, and 12 senior officers team, who manages the entire IT procurement and R&D (TRL7-9) of the Italian MoD. ● On July 3rd, we met extensively Ciocca the Deputy Director of the Italian DIS (Dipartimento Informazioni per la Sicurezza) to discuss the public safety. ● On June 3rd, EDA Head of Microelectronics, Scheidler invited us to present our project in a one hour keynote to 22 MoDs at the annual EDA CapTech meeting. ● We’ve been invited to a meeting at Italian Ministry of Economic Development (MISE) with 18
Alignment to EU strategies (1/2) EU Cybersecurity Strategy says: ● “The same laws and norms that apply in other areas of our day-to-day lives apply also in the cyber domain.Cybersecurity can only be sound and effective if it is based on fundamental rights and freedoms as enshrined in the Charter of Fundamental Rights of the European Union and EU core values. Reciprocally, individuals' rights cannot be secured without safe networks and systems”. ● “.... promote cyberspace as an area of freedom and fundamental rights. Expanding access to the Internet should advance democratic reform and its promotion worldwide. Increased global connectivity should not be accompanied by censorship or mass surveillance.” ● “The need for requirements for transparency, accountability and security is becoming more and more prominent”. ● “..., as well as possibly establish voluntary EU-wide certification schemes building on existing schemes in the EU and internationally.” ● “The EU will place a renewed emphasis on dialogue with third countries, with a special focus on like-minded partners that share EU values.”. ● “There is a risk that Europe not only becomes excessively dependent on ICT produced elsewhere, but also on security solutions developed outside its frontiers. It is key to ensure that hardware and software components produced in the EU and in third countries that are used in critical services and infrastructure and increasingly in mobile devices are trustworthy, secure and guarantee the protection of personal data.” 19
Alignment to EU strategies (2/2) ● EDA Head of Information Superiority, Michael Sieber, stated (m3.37) at our Free and Safe in Cyberspace: “Among EU member states, it’s hilarious: they claim digital sovereignty but they rely mostly on Chinese hardware, on US American software, and they need a famous Russian to reveal the vulnerabilities" ● EU Cyber Defence Policy Framework states: “The development of strong technological capacities in Europe to mitigate threats and vulnerabilities is essential. Industry will remain the primary driver for cyber defence related technology and innovation. So it will be crucial to maintain close cooperation with the private sector, .... It is also important to foster an assured and competitive European industrial cyber security supply chain by supporting the development of a robust European cybersecurity sector including through involvement with SMEs”. “Contribute to develop further and adapt public sector cyber security and defence organisational and technical standards for use in the defence and security sector. Where necessary, build on the ongoing work of ENISA and EDA”. ● The EU Digital Agenda Commissioner Oettinger recently stated “The debate about technological sovereignty has arisen out of a realization that freedoms and values that we cherish in Europe are at risk. There are some who do not respect privacy of our citizens. Some do not want to play on fair terms with our businesses. We need to safeguard our values and interests. It is in the interest of all citizens that we ensure a prosperous and a secure European digital future. That means that we have to be leaders in these technologies and support international standardization efforts that ensure high levels of security, proven by certification where necessary.” 20
21 US Defense Science Board preaches ...
NATO AEP-67 preaches ... 22
TRUSTLESS & EDA-SoC TRUSTLESS pursues similar scope and ambitions as EDA SoC project, except it: (1) Aims initially at communications; (2) Does not rely on parts, providers or fabrication processes upfront trusted; (3) Aims at much higher ecosystem resiliency and IP openness; (4) Has a solid 12-months 3M€ post-R&D go to market strategy A TRUSTLESS binding MOU (pdf) signed among its core technical participants ensures, sustainably in time, the radical openness of the resulting platform in relation to both the public verifiability of critical components, low and crystal-clear and low overall IP royalties, an open competitive ecosystem. 23
A. Proposal to ECSEL 2016 (due in May) a. 50% from ECSEL funds, allocated by the EU Commission b. 25% from cumulative funding from Ministries of EU Member States where core TRUSTLESS proposal technical partners are based, i.e. Italy, Germany or Spain: i. One or 2 ECSEL-participating Ministries (see above) ii. One to 2 other Ministries, such as Ministry of Defense or Ministry of Economic Development, that enter in a “participation agreement” with the ECSEL program. There have been 2 precedents already. (The Italian MIUR may need to be renounced upfront, because of past delays of 5 years.) c. 25% from private R&D partners, in terms of resources. Current TRUSTLESS partners, which cover all the core technological and socio-technical areas. (optional) additional leading dual-use IT system developer and integrator with a global presence, from Italy, Germany or Spain. B. EDA Cat-B proposal, coordinated with ECSEL 2016: Gather 2 EU Ministries of Defense - among Italy, Germany and/or Spain, related national defense contractors, TRUSTLESS partners an EDA Cat-B project, same as above. Unlike a typical EDA Cat-B project (funded typically 50% by at least 2 MoDs and 50% in resources by private), it will be “jointed” to a ECSEL proposal so that 50% of the costs would be born by ECSEL EU funds. C. Horizon 2020 proposals in 2016 and 201017 as per our roadmap. See details on our funding section on the 34-pager draft proposal, and on our roadmap webpage. 24 Funding Strategy
Prevention of Malevolent Use ● Mitigations at service level. As per binding agreement among TRUSTLESS R&D participants, all certified TRUSTLESS services must include a voluntary compliance - in addition of what’s required by law - to lawful access requests. These request will be evaluated by a citizen-witness process, that is overseen by an independent certification body,the TRUSTLESS Certification Body, so as to guarantee the rights of users and the legit needs of the public security agency. ● Mitigations at the fabrication level. The public availability of all TRUSTLESS critical SW & HW source designs could enable malevolent users to produce their own CivicPods for malevolent use. Such threat can be reduced extremely by the current inability of malevolent states or groups to fully control a suitable semiconductor foundry. In the rare case in which they may attempt to enter in suitable agreements with suitable foundries, intelligence work can make sure to either prevent it or, better, insert vulnerabilities in their fabrication processes to acquire in the future extremely valuable intelligence. See details at the Malevolent Use section of the 34-pager Draft Proposal 25
Commercial Exploitation ● Short Term (1 yr): Our conceptual business plan predicts the need for only 3-4M€ to enable participants consortium to go-to-market with 13.000 unit sets, catering to the most critical civilian and military strategic communication, downward compatible to mainstream military (EU/NATO SECRET) and civilian (eIDAS “high”) standards. ● Short-Medium (2-3 yrs): ○ Civilian: The guaranteed low royalty fees, open ecosystem, and highly-portable client-side form factor will support deployment in the tens of millions in the corporate, e-banking, government. The addition of substantial non-security features (see civicdevices details), and reduction of unit cost at scale to tens of euros, will support wide scale consumer roll out in the tens of millions. ○ Military: Added support for high-availability scenarios will enable to cater to such as: critical infrastructure, cyber-physical systems, autonomous and semi- autonomous IT systems, fixed and moveable, command & control systems for military missions. Help EU/EDA lead within NATO in the development of a strategic and emerging niche of foundational IT capabilities. ● Medium-Long term: Derivative of the results will spur ever more trustworthy IT systems in numerous domains and wide market applications. The platform and ecosystem will evolve to constitute a sufficiently trustworthy low-level computing base, standard and a governance model for large democratically-accountable advanced narrow and strong AI projects and systems, in critical sectors for the economy and society, to substantially increase their safety, robustness and “value alignment”. 26
Partners Sought & Funding Roadmap PARTNERS BEING SOUGHT Although the project is complete with all core technical and socio-technical expertises, we are, nonetheless, substantially benefit, seeking additional partners, in order of priority: 1. One EU-based large global IT/ICT technology company - to add resiliency to the ecosystem, provide IT integration and/or fill expertise gaps - which has: a. Wide-ranging high-assurance IT expertises; and/or b. Capacity to widely exploit the global commercial military and/or civilian potential. 2. One or more EU Ministries of Defense (MoDs) to endorse and/or participate in the project, especially from states of current core partner, such as Germany, Belgium, Spain. The Italian MoD has already shown extensive interest in participating as additional partner to the ECSEL 2016 program. 3. One or more SMEs/R&D entities, with core high-assurance expertises complementary with those of current partners. ROADMAP http://www.openmediacluster.com/funding-opportunities/ 27
Tripartite TRUSTLESS path to disruption 1. Jump start of TRUSTLESS complete SW/HW platform and ecosystem. With a profitable initial ecosystems that is extremely resilient to economic pressures and determined lifecycle attacks. 2. Establish and widely promoted a Trustless Computing Group international certification body, for both highest-assurance IT service and targeted lawful access schemes. It is extremely technically-proficient & citizen-accountable and primarily non- governmental. It provides voluntary (i.e. beyond law requirements) certification of Highest- assurance IT services and lifecycles for: a. Human IT communications that are suitable for the meaningful exercise of one’s civil rights via IT; b. Lawful and constitutional targeted access, that meaningfully guarantee both the user and the investigating agency against abuse, by satisfying: i. for centralized infrastructure: requirements a. above, plus additional requirements for forensic and other specific requirements ii. for state malware: an extended version of requirements and safeguards set forth by the authoritative “Lawful Hacking“ report. 3. Progressive adoption by EU, UN and/or a few states of such standards -and related certification body - as a voluntary or mandatory standard, by prescribing that: a. Public security agencies must deploy lawful access services/schemes only in compliance to TRUSTLESS certifications b. Grave consequences should follow for illegal cracking, by state and non.state authorities, of the individual use or entire lifecycle, of high-assurance IT providers that offer voluntary lawful access compliance, as certified. 28
TRUSTLESS Trustless socio-technical systems for trustworthy dual-use critical computing This slides: www.openmediacluster.com/EDA-11-2015 Proposal web page: (with exec. summary & 34-pager proposal draft): www.openmediacluster.com/trustless-extended-rd-proposal-to-ecsel-2016/ Contacts: Rufo Guerreschi, Exec. Dir. Open Media Cluster rg@openmediacluster.com +393357545620 Thanks for you attention.

More Related Content

PDF
Trustless Computing Initiative
TRUSTLESS.AI
 
PDF
Cyber Security 4.0 conference 30 November 2016
InfinIT - Innovationsnetværket for it
 
PDF
Cyber Security 4.0 conference 30 November 2016
InfinIT - Innovationsnetværket for it
 
PDF
OmniSpotlight 05-2014
Anita Lösch
 
PDF
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...
Cybersecurity Education and Research Centre
 
PPTX
2016 ISSA Conference Threat Intelligence Keynote philA
Phil Agcaoili
 
PDF
Lightweight Distributed Attack Detection and Prevention for the Safe Internet...
Vladimir Eliseev
 
PDF
Mbs t18 a
SelectedPresentations
 
Trustless Computing Initiative
TRUSTLESS.AI
 
Cyber Security 4.0 conference 30 November 2016
InfinIT - Innovationsnetværket for it
 
Cyber Security 4.0 conference 30 November 2016
InfinIT - Innovationsnetværket for it
 
OmniSpotlight 05-2014
Anita Lösch
 
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...
Cybersecurity Education and Research Centre
 
2016 ISSA Conference Threat Intelligence Keynote philA
Phil Agcaoili
 
Lightweight Distributed Attack Detection and Prevention for the Safe Internet...
Vladimir Eliseev
 
Mbs t18 a
SelectedPresentations
 

What's hot (20)

PDF
The Next Generation Cognitive Security Operations Center: Network Flow Forens...
Konstantinos Demertzis
 
PDF
Telecom security issues (Raoul Chiesa, day 1 )
ClubHack
 
PPTX
Cyber Threat Intelligence - La rilevanza del dato per il business
Francesco Faenzi
 
PPTX
Internship ankita jain
Ankita Jain
 
PDF
Threat Intelligence Workshop
Priyanka Aash
 
PPTX
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
OWASP Delhi
 
PDF
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
PPTX
Threat Intelligence Data Collection & Acquisition
EC-Council
 
PDF
Hacking Portugal , C-days 2016 , v1.0
Dinis Cruz
 
PDF
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
IJCSIS Research Publications
 
ODP
John Yessis - Telecom and Security
John Yessis
 
PPT
Voice communication security
Fabio Pietrosanti
 
PPTX
Fortinet k
mrehan2k2
 
PPTX
Iot Security, Internet of Things
Bryan Len
 
PDF
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
 
PDF
Privacy & Security for the Internet of Things
Gerry Elman
 
PPTX
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
mike parks
 
DOC
Intrusion detection and anomaly detection system using sequential pattern mining
eSAT Journals
 
PPT
Voice securityprotocol review
Fabio Pietrosanti
 
PPTX
Cyber Threat Intelligence
Prachi Mishra
 
The Next Generation Cognitive Security Operations Center: Network Flow Forens...
Konstantinos Demertzis
 
Telecom security issues (Raoul Chiesa, day 1 )
ClubHack
 
Cyber Threat Intelligence - La rilevanza del dato per il business
Francesco Faenzi
 
Internship ankita jain
Ankita Jain
 
Threat Intelligence Workshop
Priyanka Aash
 
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
OWASP Delhi
 
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
Threat Intelligence Data Collection & Acquisition
EC-Council
 
Hacking Portugal , C-days 2016 , v1.0
Dinis Cruz
 
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
IJCSIS Research Publications
 
John Yessis - Telecom and Security
John Yessis
 
Voice communication security
Fabio Pietrosanti
 
Fortinet k
mrehan2k2
 
Iot Security, Internet of Things
Bryan Len
 
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
 
Privacy & Security for the Internet of Things
Gerry Elman
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
mike parks
 
Intrusion detection and anomaly detection system using sequential pattern mining
eSAT Journals
 
Voice securityprotocol review
Fabio Pietrosanti
 
Cyber Threat Intelligence
Prachi Mishra
 
Ad

Similar to Trustless slides dual-use R&D Proposal (20)

PDF
Government-ForeScout-Solution-Brief
Jonathan Reyes
 
PDF
TRUSTLESS.AI and Trustless Computing Consortium
TRUSTLESS.AI
 
PPT
CTO-Cybersecurity-2010-Dr. Martin Koyabe
segughana
 
PPTX
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
TI Safe
 
PDF
The National Cyber Security Strategy: Success Through Cooperation
Mark Johnson
 
PDF
AM Briefing: Security for the internet of things
Defence and Security Accelerator
 
PDF
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
KROTOASA FOUNDATION
 
PPTX
Cyber Security – Indian Perspective.pptx
SharifulShishir
 
PDF
White Paper: IoT Security – Protecting the Networked Society
Ericsson
 
PDF
Inria - Cybersecurity: current challenges and Inria’s research directions
Inria
 
PDF
Blockchain final 25112015 v1.1
Andrew Coakley
 
PDF
CYBER AWARENESS
EDUJIE DOMINIC IGHODALO
 
PDF
Cyber Defense: three fundamental steps
Leonardo
 
PDF
2013 Italian Report on Cyber Security - Critical Infrastructure and other sen...
AmmLibera AL
 
PDF
TMT industry Threat Landscape
Loucif Kharouni
 
PPTX
Indian Market for Video Surveillance and Electronic Security
Neil Dave
 
PDF
RefugeeDo -A Hand to the Deserving.
IRJET Journal
 
PDF
Telefónica security io_t_final
Christopher Wang
 
PDF
International Cyber Security 2012
Sharmin Ahammad
 
PDF
Connect And Protect
Future Position X
 
Government-ForeScout-Solution-Brief
Jonathan Reyes
 
TRUSTLESS.AI and Trustless Computing Consortium
TRUSTLESS.AI
 
CTO-Cybersecurity-2010-Dr. Martin Koyabe
segughana
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
TI Safe
 
The National Cyber Security Strategy: Success Through Cooperation
Mark Johnson
 
AM Briefing: Security for the internet of things
Defence and Security Accelerator
 
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
KROTOASA FOUNDATION
 
Cyber Security – Indian Perspective.pptx
SharifulShishir
 
White Paper: IoT Security – Protecting the Networked Society
Ericsson
 
Inria - Cybersecurity: current challenges and Inria’s research directions
Inria
 
Blockchain final 25112015 v1.1
Andrew Coakley
 
CYBER AWARENESS
EDUJIE DOMINIC IGHODALO
 
Cyber Defense: three fundamental steps
Leonardo
 
2013 Italian Report on Cyber Security - Critical Infrastructure and other sen...
AmmLibera AL
 
TMT industry Threat Landscape
Loucif Kharouni
 
Indian Market for Video Surveillance and Electronic Security
Neil Dave
 
RefugeeDo -A Hand to the Deserving.
IRJET Journal
 
Telefónica security io_t_final
Christopher Wang
 
International Cyber Security 2012
Sharmin Ahammad
 
Connect And Protect
Future Position X
 
Ad

More from TRUSTLESS.AI (7)

PPTX
Latest slide intro for TRUSTLESS.AI
TRUSTLESS.AI
 
PDF
TRUSTLESS
TRUSTLESS.AI
 
PDF
TRUSTLESS Pitch Slide Deck
TRUSTLESS.AI
 
PPTX
Open media district slide intro pa
TRUSTLESS.AI
 
PPT
SAE Group Studio301 Qantm
TRUSTLESS.AI
 
PPT
Kit Digital
TRUSTLESS.AI
 
PPT
Nasce pta 2010.06.30 02
TRUSTLESS.AI
 
Latest slide intro for TRUSTLESS.AI
TRUSTLESS.AI
 
TRUSTLESS
TRUSTLESS.AI
 
TRUSTLESS Pitch Slide Deck
TRUSTLESS.AI
 
Open media district slide intro pa
TRUSTLESS.AI
 
SAE Group Studio301 Qantm
TRUSTLESS.AI
 
Kit Digital
TRUSTLESS.AI
 
Nasce pta 2010.06.30 02
TRUSTLESS.AI
 

Recently uploaded (20)

PDF
Cloud-Scale Log Monitoring _ Datadog.pdf
MuhammadDhomanhuriMa
 
PDF
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
PDF
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
 
PDF
Paper PDF World Game (s) Great Redesign.pdf
Steven McGee
 
PPTX
artificial intelligence overview of it and more
yafotin445
 
PDF
Automated vs Manual WooCommerce to Shopify Migration_ Pros & Cons.pdf
CartCoders
 
PPT
FIRE PREVENTION AND CONTROL PLAN- LUS.FM.MQ.OM.UTM.PLN.00014.ppt
MelwinPaul6
 
PDF
Slides PDF The World Game (s) Eco Economic Epochs.pdf
Steven McGee
 
PDF
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
 
PPTX
Power Point - Lesson 3_2.pptx grad school presentation
JoyPPD
 
PPTX
presentation_pfe-universite-molay-seltan.pptx
yahyamohibme
 
PPTX
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
 
PPTX
INTERNET------BASICS-------UPDATED PPT PRESENTATION
poonam62133
 
PPTX
introduction about ICD -10 & ICD-11 ppt.pptx
naveenithkrishnan
 
PPTX
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
 
PPTX
artificialintelligenceai1-copy-210604123353.pptx
b45r14
 
PPTX
Slides PPTX World Game (s) Eco Economic Epochs.pptx
Steven McGee
 
PDF
Smart Home Technology for Health Monitoring (www.kiu.ac.ug)
publication11
 
PPT
isotopes_sddsadsaadasdasdasdasdsa1213.ppt
Kenneth James Alamillo
 
PDF
FINAL CALL-6th International Conference on Networks & IOT (NeTIOT 2025)
IJMIT JOURNAL
 
Cloud-Scale Log Monitoring _ Datadog.pdf
MuhammadDhomanhuriMa
 
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
 
Paper PDF World Game (s) Great Redesign.pdf
Steven McGee
 
artificial intelligence overview of it and more
yafotin445
 
Automated vs Manual WooCommerce to Shopify Migration_ Pros & Cons.pdf
CartCoders
 
FIRE PREVENTION AND CONTROL PLAN- LUS.FM.MQ.OM.UTM.PLN.00014.ppt
MelwinPaul6
 
Slides PDF The World Game (s) Eco Economic Epochs.pdf
Steven McGee
 
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
 
Power Point - Lesson 3_2.pptx grad school presentation
JoyPPD
 
presentation_pfe-universite-molay-seltan.pptx
yahyamohibme
 
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
 
INTERNET------BASICS-------UPDATED PPT PRESENTATION
poonam62133
 
introduction about ICD -10 & ICD-11 ppt.pptx
naveenithkrishnan
 
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
 
artificialintelligenceai1-copy-210604123353.pptx
b45r14
 
Slides PPTX World Game (s) Eco Economic Epochs.pptx
Steven McGee
 
Smart Home Technology for Health Monitoring (www.kiu.ac.ug)
publication11
 
isotopes_sddsadsaadasdasdasdasdsa1213.ppt
Kenneth James Alamillo
 
FINAL CALL-6th International Conference on Networks & IOT (NeTIOT 2025)
IJMIT JOURNAL
 

Trustless slides dual-use R&D Proposal

  • 1. TRUSTLESS Trustless socio-technical systems for trustworthy dual-use critical computing This slides: www.openmediacluster.com/EDA-11-2015 Proposal web page: (with exec. summary & 34-pager proposal draft): www.openmediacluster.com/trustless-extended-rd-proposal-to-ecsel-2016/ Contacts: Rufo Guerreschi, Exec. Dir. Open Media Cluster rg@openmediacluster.com +393357545620 Intro slides to a TRUSTLESS-based TRUSTLESS Extended & Dual-use R&D Proposal to ECSEL 2016, Italian PNRM, and H2020
  • 2. About Us: Open Media Cluster ● What: A micro non-profit R&D/innovation center in Rome, Italy, pursuing leading-- edge R&D on dual-use privacy- and security--enhancing ICT technologies for civilian and dual-use markets. ● Single Focus: Together with uniquely-qualified global R&D partners and advisors, attract R&D funding on the TRUSTLESS R&D project, and promote a related certification body through a global event series, Free and Safe in Cyberspace. ● Expertise: Outcome of 15 years of expertise in e-voting, e-participation, free software, and bleeding-edge privacy-enhancing technologies and solutions, through NGO and SME work of exec. dir. and leading staff. World-class advisory boards. ● Mission: Enabling unprecedented and constitutionally-meaningful e-privacy for all, while increasing public safety. ● History: Established in May 2011, to provide the core innovation center and R&D project to provide industrial critical mass of the Open Media Park, a planned 47,000 sq.mts.140M€ ICT/media media/ICT park in Rome, Italy. 2
  • 3. About Us: Open Media Cluster ● What. A micro non-profit R&D/innovation center in Rome, Italy, pursuing leading-- edge R&D on dual-use privacy- and security--enhancing ICT technologies for civilian and dual-use markets ● Mission. Enabling unprecedented and constitutionally-meaningful e-privacy for all, while increasing public safety. ● Expertise. 15 years of expertise in e-voting, e-participation, free software, and bleeding-edge privacy-enhancing technologies and solutions. ● Focus. Attract R&D funding and world-wide consensus on the TRUSTLESS R&D project and certification initiative, with uniquely-qualified global partners and advisors, as the epitome of over 15 years of research. ● History. Established in May 2011, as the core innovation center to provide industrial critical mass of the Open Media Park, a planned 47,000 sq.mts.140M€ ICT/media tech park in Rome, Italy. 3 Open Media Cluster Center A planned geolocated open media & IT security with 7.000sq.mts and 12 partners, slated for 2018-2020
  • 4. ● Aim: Develop, from existing open components, a complete computing platform, ecosystem & certification body for critical dual-use IT communications, that provide unprecedented and constitutionally-meaningful levels of information assurance, while overall substantially increasing public safety.(based on the TRUSTLESS) ● How: Kick-start an extremely open and resilient ecosystem, a certification body, and a complete critical SW/HW stack for an end-2-end computing platform, for basic voice & text communications, that is devoid of the need or assumption of trust in anyone or anything - except in the intrinsic resilience of all socio-technical organizational processes critically involved in the entire lifecycle (from standards setting to fabrication oversight) against decisive attacks of up to tens of M€s, as assessable by an informed and moderately educated citizen. ● Key & unique concepts: (1) Complete verifiability, extreme compartmentation and minimization and sufficiently extreme verification relative to complexity of all critical HW&SW; (2) Citizen/peer-witness oversight of all critical service components, including ICs fabrication, and server-room access, including for lawful access requests; (3) Expert and user-accountable certification governance. ● Target Military Uses: Initially targeted to the most critical defensive and targeted- offensive communications, it is extensible to high-availability dual-use IoT, M2M, and semi-autonomous systems, and wide-scale consumer roll out. ● Overcoming Privacy/Safety Dichotomy & Reaching Critical Mass: TRUSTLESS provides unique extreme safeguards for transparently reconciling lawful access and personal confidentiality, which is crucial for legal sustainability of a critical mass of dual-use investments for create a EU-domestic “trustworthy computing base”. 4 TRUSTLESS Extended & Dual Use
  • 6. High-assurance IT Security Today ● While unbreakable encryption is everywhere, nearly everything is scalably broken, mostly at birth ○ All or nearly all endpoints, both ordinary commercial systems and high- trustworthiness IT systems, are broken beyond point of encryption, and scalably exploitable by powerful nations and an undefined by relatively large number of other mid- or high-level threat actors. ○ TOR is broken - except for very expert and selective uses - because of attacks through traffic analysis, endpoints and/or other techniques by APTs. ○ If so broken, Why no news military hack?! Often because that’s a state secret or because the whole point of advanced APTs is to stay undetected for years to snoop and alter data at leisure. ● State-mandated and state-sanctioned backdoors are nearly everywhere ○ Critical vulnerabilities, that make nearly everything broken, are nearly always either state-mandated or state-sanctioned backdoors, because a few states have either created, acquired or discovered them, while keeping that knowledge hidden, legally or illegally. ○ A few states have all the tools they need to pursue criminals with due legal process, except very few the most skilled and well-financed actors with access to top techs and/ir top OpSec (digital and non-digital) such as top criminals, billionaires, or highest state security officials. A huge asymmetry of power and information superiority, that is self-reinforcing with incalculable consequences. 6
  • 7. Military Cyber-Offence - Gaps Needs: In an era of asymmetric and hybrid threats, and increasingly vulnerable critical IT systems, information superiority is nearly everything. Gaps: 1. Information sharing is hampered by lack of trust among among EU states, and NATO members, in turn due to lack of inadequate socio-technical standards and safeguards, against abuse of national or international laws and treaties. (Safe Harbor) 2. Reconnaissance and situational awareness systems are increasingly ineffective, as more and more threats are: asymmetric; within our borders; or, outside borders, but without troops on the ground or access to airspace. (Siria) 3. Bulk surveillance systems are increasingly proven ineffective; hard to turn into leads; and increasingly prone to internal and external abuse (OPM hack, Snowden) 4. Endpoint surveillance systems have the side effect of: a. increasing the vulnerability of our critical civilian and military assets, by the spreading critical 0-days and management infrastructure (see Hacking Team); b. being increasingly vulnerable to external and internal actors, because of the insufficient audit relative to complexity of underlying low-level SW/HW and lifecycle of the management infrastructure (see Inslaw’s Promis); c. (and, therefore) are gravely increasing risks of privacy abuse and legal and constitutional challenges, to their use abroad & at home. (Snowden, Safe Harbor) Solution: Re-center Information superiority on high complementarity of human intelligence and a new generation of targeted surveillance socio-technical systems with intrinsic democratic accountability, user-trustworthiness and effectiveness. 7
  • 8. Military Cyber-Defense Gaps ● Nearly everything is broken. Nearly all highest-assurance military command IT systems and standards can be rendered remotely and undetectably compromisable by a large number actors, through the hacking, bribing or threatening of just one person (or 2 rarely) in a critical role in its lifecycle or operation. No public or “trustworthy independent” audit of “trusted” parts and/or are vulnerable to malware in SW&HW stacks between the user’s interaction and the “trusted” components. ● Risks are increasingly beyond point of encryption and network nodes, through endpoint lifecycle compromisation, via “memory-resident or fileless malware” sasy Kaspersky ● Lack of trustworthy low-level computing base & life-cycle. EU MoDs and critical civilian institutions lack access to end-2-end IT services and systems that are independently and publicly verifiable and/or with critical HW components and fabrication processes that are sufficiently verified relative to complexity, as well as comprehensive and user-trustworthy high-assurance IT standards and certifications. Such lack is most crucial in dual-use strategic communications where complete compromisation can go undetected for years. US Defense Science Board: “Trust cannot be added to integrated circuits after fabrications”. ● Consequences: Use of inadequate Intelligence and command IT systems exposes EU and EU Member States military, institutions, citizens and assets to undetected abuse by hostile or competing nations, and an increasing number of private actors. ● Root Causes: (a) Competitive pressures for increased performance in civilian IT markets, (b) Protection of intellectual property and against vulnerability disclosure; 8
  • 9. Some recent news on these Gaps ● Reuters said "A [US] presidential review committee concluded the [bulk] surveillance regime did not lead to a single clear counter terrorism breakthrough that could be directly attributed to the program” ● EU counter-terrorism coordinator said (min21.10): “Shared privacy safeguards is a precondition to share terrorism intelligence data” ● On Nov 17th, the NATO Secretary General said: “It is essential that we work together in several areas: improving our situational awareness, civil preparedness and resilience, cyber defence, strategic communications, and joint training and exercises”.** ● On the same day, Head of EDA and EEAS, Ms Mogherini, said “Military research has reduced by over ⅓ over last few years. R&D is crucial … EDA allows MS to acquire together what is out of reach individually”. “EDA support dual-use technologies and the preparatory actions for CSDP-related research. The preparatory actions will be a game changer, the 1st time that the EU budget is used to fund defence research”. ● Italian Prime Minister Renzi recently said: “In respect of privacy, We’ll invest additional 150M€ in cybersecurity”, outside EU spending caps. Many MS will follow. ● Italian Justice Minister Orlando recently said: “We need new, more advanced endpoint surveillance” 9
  • 10. TRUSTLESS Binding Paradigms Certified TRUSTLESS computing services, devices, lifecycles and the certification body would comply with the TRUSTLESS Binding Paradigms (here in full version) 1. assumes that extremely-skilled attackers are willing to devote even tens of millions of Euros to compromise the supply chain or lifecycle, through legal and illegal subversion of all kinds, including economic pressures. 2. provides extremely user-accountable and technically-proficient oversight of all hardware, software and organizational processes critically involved in the entire lifecycle and supply chains; 3. provides extreme levels of auditing intensity relative to system complexity, for all critical components; and includes only publicly verifiable components, and strongly minimizes use of non-Free/Open-source software and firmware. 4. includes only open innovations with clear and low long-term royalties (<15% of end-user cost) from patent and licensing fees, to prevent undue intellectual property right holders’ pressures, lock-ins, patent vetoes and ensure low-cost; 5. includes only highly-redundant hardware and/or software cryptosystems, whose protocols, algorithms and implementations are open, long-standing, extensively- verified and endorsed, and with significant and scalable post-quantum resistance levels. 6. Is continuously certified by an extremely technically-proficient and user- accountable independent standard/certification body. 10
  • 11. Enabling Arch. & Client form-factor ● The technical architecture, from existing open components, is based on a 300Mhz CPU-based hardware platform which will have power- consumption and form-factor that make it suitable for a new 2.0-2.5mm-- thin handheld end--user device class (or CivicPod) - integrated in or “attached” to any user's ordinary smartphone, and interfaceable a user’s desktop monitor - as well as for server, onion routing mid-points and M2M/IoT devices,- albeit initially with minimal feature and performance. ● In a single highly-portable device, it integrates the features of a display smart-card, a simple handheld device, a smart-card reader, and a barebones desktop PC. Smartphones, now often 4.75-6.5mm thin, are getting too thin to handle, creating a radical portability opportunity. 11
  • 13. Service Architecture (1/2) ● CivicPod. A dedicated 2.0-2.5mm-thin touch-screen handheld device, which used attached to the back of any user's mobile phone via a smartphone hard case. Its backface exposes an external smart-card reader, which can be used an alternative hard case that adds a 0.7mm slot for non-RF CivicCards (or smartcards) to use for in EU border points, multiple users, CivicKiosks at public offices; downward-compatibility and interoperability eIDAS and EU/NATO SECRET. ● CivicDongle. Each CivicPod user will optionally receive, at cost, a paired cheap TV-connected Wifi-enabled HDMI-Dongle (or CivicDongle) with capability to act as secure onion routing node in order to create a network of thousands (exit, relay, directory) to ensure metadata privacy, most likely as a “private extension” of the Tor network. 13
  • 14. Service Architecture (2/2) ● CivicLab & CivicRoom. CivicDevices are all assembled, verified, flashed, and transferred to their users in dedicated custom--built street--facing lab (or CivicLab), that contains a server room (or CivicRoom), where all privacy--sensitive services, if offered, must be hosted, whose access requires 5 randomly-selected peer--witnesses and dedicated servers (or CivicServers). ● CivicFab. Fabrication and design of all critical hardware components will be subject to citizen-witness-based oversight processes (or CivicFab) that will substantially exceed in end--user- trustworthiness those of NSA Trusted Foundry Program, at substantially lower costs. After a short initial exclusivity for a post--R&D TRUSTLESS Consortium, TRUSTLESS services can be extended and commercialized by any willing service provider (or CivicProviders). ● TRUSTLESS Certification Body. Providers are continuously verified by a to--be--established dedicated certification organization, according to TRUSTLESS Paradigms and TRUSTLESS Specifications, updated by the same. 14
  • 16. TRUSTLESS Core Partners (1/2) • Lfoundry. (Italy) Leading EU-located and EU-owned foundry with a 200mm plant, with over 1700 staff, 110nm-capable, and with capacity of 40,000 wafers per month. The only independent and economically-viable EU foundry with in the 60nm and 160nm capabilities, suitable for high-assurance low-performance general-purpose end-user computing. Historical expertise in high-assurance critical hardware components production. EAL5+ certification for smart cards production is in progress. • Kryptus (Brazil) Developed the first secure general-purpose CPU microprocessor in the southern hemisphere, the SCuP, which uniquely provides open and verifiable designs and FLOSS microcode; at the core of TRUSTLESS HW architecture. Designed the 400.000 voting machines of Brazil, fighter-to-fighter communications systems, and the HSM of core Root CA of the main Brazilian PKI. • KernKonzept (Germany). Developers of the World’s most mature Free/Open Source microkernel and runtime environment for high-assurance ICT, the L4Re. Deployed globally by major Telcos and publicly audited for over 8 years. • KU Leuven COSIC. (Belgium) Research group COSIC (Computer Security and Industrial Cryptography) World leading expertise in digital security and strives for innovative security solutions, in a broad range of application domains. It is lead by Prof. Bart Preneel, President of the International Association for Cryptologic Research, arguably EU foremost IT security expert 16
  • 17. TRUSTLESS Core Partners (2/2) ● GSMK Cryptophone. (Germany) For over a decade the only publicly available cryptophone maker with the full software stack publicly verifiable. Used by diplomats, top executives and investigative journalists, including Laura Poitras and Glenn Greenwald, the filmmaker and journalist primarily delegated by Edward Snowden with the publishing of his revelations. Their CTO is spokesperson of Chaos Computer Club, main EU hacker NGO. ● SCYTL Secure Electronic Voting S.A. (Spain) Global leader in e--voting and high-- assurance remote deliberation technologies. Present in over 20 countries. Has pioneered innovative cryptographic techniques and socio-technical processes. ● Center for Cyber Intelligence and Information Security (Italy) The leading state cyber-security academic research center in Italy, with ties with state security agencies. ● American Mini Foundry. (USA) US leader in highest_assurance IC foundry oversight). World-class competencies in hardware fabrication assurance processes. Among the team members that will be involved is their President Scadden, and Gerry Etzold, Former Technical Director of NSA Trusted Access Program (2008-2009). ● Goethe University – DT Chair for Mobile Business and Multilateral Security (Germany). Leads in research on privacy and security in mobile networks, and related social and economical aspects. Lead: ABC4trsut, TresPass, PrivacyOS. Chair is Prof. Rannenberg, member of NIS Platform for individual rights. ● ROtechnology. High-availability dual-use IoT systems. ● Security Brokers. Targeted lawful access and state-grade 0-days. ● ReaQta. Targeted lawful access and deep endpoint defence. 17
  • 18. EU Institutions support to date ● On last Dec 2nd, we presented a 30 minute keynote at the “Cyber Defense Industry Day”, organized by the EDA Project Team Cyber Defence (draft agenda .doc). ● On Oct 1st, we’ve met for 4 hours the head of the 2° Office of the Technological Innovation Department of the Secretariat General of the Italian MoD C.V. Cappelletti, and 2 of his team (C.V. Galasso and Ten.Col. Roggi), which handles R&D projects from TRL2-6 and EDA. ● On Sept 30th, we have submitted a 4M€ R&D proposal to H2020 FET-Open RIA with our core technical partners. ● On Sept 24-25th in Brussels, we held the first event of the global event series Free and Safe in Cyberspace, with world-class speakers including EDPS, ECSEL, DG Connect Trust and Security Unit, EIT Digital Privacy Security and Trust Action Line, Richard Stallman, Bruce Schneier, Bart Preneel, and EDA Head of Information Superiority, Michael Sieber. A LatAm Edition was held in Oct 2015 in Iguazu, Brazil. A North American version is planned for 6/7 2016. ● On Sept 16th, we met for 3 hrs with Capo Reparto (Head) of VI Reparto Sistemi C4I e Trasformazione of the Italian MoD Adm. Di Biase, and 12 senior officers team, who manages the entire IT procurement and R&D (TRL7-9) of the Italian MoD. ● On July 3rd, we met extensively Ciocca the Deputy Director of the Italian DIS (Dipartimento Informazioni per la Sicurezza) to discuss the public safety. ● On June 3rd, EDA Head of Microelectronics, Scheidler invited us to present our project in a one hour keynote to 22 MoDs at the annual EDA CapTech meeting. ● We’ve been invited to a meeting at Italian Ministry of Economic Development (MISE) with 18
  • 19. Alignment to EU strategies (1/2) EU Cybersecurity Strategy says: ● “The same laws and norms that apply in other areas of our day-to-day lives apply also in the cyber domain.Cybersecurity can only be sound and effective if it is based on fundamental rights and freedoms as enshrined in the Charter of Fundamental Rights of the European Union and EU core values. Reciprocally, individuals' rights cannot be secured without safe networks and systems”. ● “.... promote cyberspace as an area of freedom and fundamental rights. Expanding access to the Internet should advance democratic reform and its promotion worldwide. Increased global connectivity should not be accompanied by censorship or mass surveillance.” ● “The need for requirements for transparency, accountability and security is becoming more and more prominent”. ● “..., as well as possibly establish voluntary EU-wide certification schemes building on existing schemes in the EU and internationally.” ● “The EU will place a renewed emphasis on dialogue with third countries, with a special focus on like-minded partners that share EU values.”. ● “There is a risk that Europe not only becomes excessively dependent on ICT produced elsewhere, but also on security solutions developed outside its frontiers. It is key to ensure that hardware and software components produced in the EU and in third countries that are used in critical services and infrastructure and increasingly in mobile devices are trustworthy, secure and guarantee the protection of personal data.” 19
  • 20. Alignment to EU strategies (2/2) ● EDA Head of Information Superiority, Michael Sieber, stated (m3.37) at our Free and Safe in Cyberspace: “Among EU member states, it’s hilarious: they claim digital sovereignty but they rely mostly on Chinese hardware, on US American software, and they need a famous Russian to reveal the vulnerabilities" ● EU Cyber Defence Policy Framework states: “The development of strong technological capacities in Europe to mitigate threats and vulnerabilities is essential. Industry will remain the primary driver for cyber defence related technology and innovation. So it will be crucial to maintain close cooperation with the private sector, .... It is also important to foster an assured and competitive European industrial cyber security supply chain by supporting the development of a robust European cybersecurity sector including through involvement with SMEs”. “Contribute to develop further and adapt public sector cyber security and defence organisational and technical standards for use in the defence and security sector. Where necessary, build on the ongoing work of ENISA and EDA”. ● The EU Digital Agenda Commissioner Oettinger recently stated “The debate about technological sovereignty has arisen out of a realization that freedoms and values that we cherish in Europe are at risk. There are some who do not respect privacy of our citizens. Some do not want to play on fair terms with our businesses. We need to safeguard our values and interests. It is in the interest of all citizens that we ensure a prosperous and a secure European digital future. That means that we have to be leaders in these technologies and support international standardization efforts that ensure high levels of security, proven by certification where necessary.” 20
  • 21. 21 US Defense Science Board preaches ...
  • 23. TRUSTLESS & EDA-SoC TRUSTLESS pursues similar scope and ambitions as EDA SoC project, except it: (1) Aims initially at communications; (2) Does not rely on parts, providers or fabrication processes upfront trusted; (3) Aims at much higher ecosystem resiliency and IP openness; (4) Has a solid 12-months 3M€ post-R&D go to market strategy A TRUSTLESS binding MOU (pdf) signed among its core technical participants ensures, sustainably in time, the radical openness of the resulting platform in relation to both the public verifiability of critical components, low and crystal-clear and low overall IP royalties, an open competitive ecosystem. 23
  • 24. A. Proposal to ECSEL 2016 (due in May) a. 50% from ECSEL funds, allocated by the EU Commission b. 25% from cumulative funding from Ministries of EU Member States where core TRUSTLESS proposal technical partners are based, i.e. Italy, Germany or Spain: i. One or 2 ECSEL-participating Ministries (see above) ii. One to 2 other Ministries, such as Ministry of Defense or Ministry of Economic Development, that enter in a “participation agreement” with the ECSEL program. There have been 2 precedents already. (The Italian MIUR may need to be renounced upfront, because of past delays of 5 years.) c. 25% from private R&D partners, in terms of resources. Current TRUSTLESS partners, which cover all the core technological and socio-technical areas. (optional) additional leading dual-use IT system developer and integrator with a global presence, from Italy, Germany or Spain. B. EDA Cat-B proposal, coordinated with ECSEL 2016: Gather 2 EU Ministries of Defense - among Italy, Germany and/or Spain, related national defense contractors, TRUSTLESS partners an EDA Cat-B project, same as above. Unlike a typical EDA Cat-B project (funded typically 50% by at least 2 MoDs and 50% in resources by private), it will be “jointed” to a ECSEL proposal so that 50% of the costs would be born by ECSEL EU funds. C. Horizon 2020 proposals in 2016 and 201017 as per our roadmap. See details on our funding section on the 34-pager draft proposal, and on our roadmap webpage. 24 Funding Strategy
  • 25. Prevention of Malevolent Use ● Mitigations at service level. As per binding agreement among TRUSTLESS R&D participants, all certified TRUSTLESS services must include a voluntary compliance - in addition of what’s required by law - to lawful access requests. These request will be evaluated by a citizen-witness process, that is overseen by an independent certification body,the TRUSTLESS Certification Body, so as to guarantee the rights of users and the legit needs of the public security agency. ● Mitigations at the fabrication level. The public availability of all TRUSTLESS critical SW & HW source designs could enable malevolent users to produce their own CivicPods for malevolent use. Such threat can be reduced extremely by the current inability of malevolent states or groups to fully control a suitable semiconductor foundry. In the rare case in which they may attempt to enter in suitable agreements with suitable foundries, intelligence work can make sure to either prevent it or, better, insert vulnerabilities in their fabrication processes to acquire in the future extremely valuable intelligence. See details at the Malevolent Use section of the 34-pager Draft Proposal 25
  • 26. Commercial Exploitation ● Short Term (1 yr): Our conceptual business plan predicts the need for only 3-4M€ to enable participants consortium to go-to-market with 13.000 unit sets, catering to the most critical civilian and military strategic communication, downward compatible to mainstream military (EU/NATO SECRET) and civilian (eIDAS “high”) standards. ● Short-Medium (2-3 yrs): ○ Civilian: The guaranteed low royalty fees, open ecosystem, and highly-portable client-side form factor will support deployment in the tens of millions in the corporate, e-banking, government. The addition of substantial non-security features (see civicdevices details), and reduction of unit cost at scale to tens of euros, will support wide scale consumer roll out in the tens of millions. ○ Military: Added support for high-availability scenarios will enable to cater to such as: critical infrastructure, cyber-physical systems, autonomous and semi- autonomous IT systems, fixed and moveable, command & control systems for military missions. Help EU/EDA lead within NATO in the development of a strategic and emerging niche of foundational IT capabilities. ● Medium-Long term: Derivative of the results will spur ever more trustworthy IT systems in numerous domains and wide market applications. The platform and ecosystem will evolve to constitute a sufficiently trustworthy low-level computing base, standard and a governance model for large democratically-accountable advanced narrow and strong AI projects and systems, in critical sectors for the economy and society, to substantially increase their safety, robustness and “value alignment”. 26
  • 27. Partners Sought & Funding Roadmap PARTNERS BEING SOUGHT Although the project is complete with all core technical and socio-technical expertises, we are, nonetheless, substantially benefit, seeking additional partners, in order of priority: 1. One EU-based large global IT/ICT technology company - to add resiliency to the ecosystem, provide IT integration and/or fill expertise gaps - which has: a. Wide-ranging high-assurance IT expertises; and/or b. Capacity to widely exploit the global commercial military and/or civilian potential. 2. One or more EU Ministries of Defense (MoDs) to endorse and/or participate in the project, especially from states of current core partner, such as Germany, Belgium, Spain. The Italian MoD has already shown extensive interest in participating as additional partner to the ECSEL 2016 program. 3. One or more SMEs/R&D entities, with core high-assurance expertises complementary with those of current partners. ROADMAP http://www.openmediacluster.com/funding-opportunities/ 27
  • 28. Tripartite TRUSTLESS path to disruption 1. Jump start of TRUSTLESS complete SW/HW platform and ecosystem. With a profitable initial ecosystems that is extremely resilient to economic pressures and determined lifecycle attacks. 2. Establish and widely promoted a Trustless Computing Group international certification body, for both highest-assurance IT service and targeted lawful access schemes. It is extremely technically-proficient & citizen-accountable and primarily non- governmental. It provides voluntary (i.e. beyond law requirements) certification of Highest- assurance IT services and lifecycles for: a. Human IT communications that are suitable for the meaningful exercise of one’s civil rights via IT; b. Lawful and constitutional targeted access, that meaningfully guarantee both the user and the investigating agency against abuse, by satisfying: i. for centralized infrastructure: requirements a. above, plus additional requirements for forensic and other specific requirements ii. for state malware: an extended version of requirements and safeguards set forth by the authoritative “Lawful Hacking“ report. 3. Progressive adoption by EU, UN and/or a few states of such standards -and related certification body - as a voluntary or mandatory standard, by prescribing that: a. Public security agencies must deploy lawful access services/schemes only in compliance to TRUSTLESS certifications b. Grave consequences should follow for illegal cracking, by state and non.state authorities, of the individual use or entire lifecycle, of high-assurance IT providers that offer voluntary lawful access compliance, as certified. 28
  • 29. TRUSTLESS Trustless socio-technical systems for trustworthy dual-use critical computing This slides: www.openmediacluster.com/EDA-11-2015 Proposal web page: (with exec. summary & 34-pager proposal draft): www.openmediacluster.com/trustless-extended-rd-proposal-to-ecsel-2016/ Contacts: Rufo Guerreschi, Exec. Dir. Open Media Cluster rg@openmediacluster.com +393357545620 Thanks for you attention.