Resilience despite Malicious Participants

31/05/2015 - 14:00


This talk describes 3 different scenarios in which systems can be designed to be robust despite malicious participants.  The scenarios are very different and have very different defenses.  One is how to build trust chains of certificates considering that some CAs might be untrustworthy.  Another is how to build a network that guarantees that two nodes can communicate, with a fair share of bandwidth, even if some switches are malicious (e.g., giving false information in the distributed routing algorithm, flooding the network with garbage traffic, mis-forwarding traffic, or throwing away traffic from one source).  The third is a way to give a a data item an expiration date, after which it is unrecoverable from a storage system. Although this might seem  unrelated to the topic, it really is related.  Trust me.