17:56:41 <RRSAgent> RRSAgent has joined #auto
17:56:41 <RRSAgent> logging to https://www.w3.org/2021/01/11-auto-irc
17:56:43 <Zakim> RRSAgent, make logs Public
17:56:44 <Zakim> Meeting: Automotive Working Group Teleconference
17:57:02 <ted> Meeting: In-Vehicle Best Practices
18:03:15 <ted> scribenick: ted
18:03:19 <ted> Scribe: Ted
18:03:59 <ted> Present+ Ted, Glenn, Rudi, Ashish, Adnan, Isaac, Peter
18:04:55 <ted> Present+ Arman
18:09:03 <ted> Ted: aggregate, queries...
18:09:08 <ted> … @@
18:09:29 <ted> Glenn: I had similar thought, NHTSA is looking at accident recreation and safety features
18:09:46 <ted> … a particular OEM is working with them in providing that aggregate data
18:10:06 <ted> … it could be on a use case by use case basis where the data and insights are provided
18:11:35 <ted> … there is clear overlap in this NSF proposal as well as intersection with SmartCities and multi-modal transportation
18:11:59 <ted> … it could include other modes of transportation and external data sets
18:13:09 <ted> Ted: parallels with industry issues@@
18:15:17 <ted> Glenn: the types of aggregate data sets...
18:17:55 <ted> Isaac: agree it makes sense to explore
18:27:00 <ted> @@
18:27:07 <ted> Topic: Proxy reencryption
18:27:10 <ted> Isaac shares screen with diagram of key holder and other parties
18:27:20 <ted> [scribe was having technical/laptop problems]
18:27:53 <ted> Isaac: everything signed on the car would be encrypted with public key provded by owner
18:28:19 <ted> Rudi: this problem common in content protection such as DRM for restricting content
18:28:30 <ted> … handling different viewer's subscriptions
18:29:10 <ted> … I would suggest looking at best practices being used there. PKI is slow versus @@k
18:29:24 <ted> s/@@k/symetric key/
18:29:53 <ted> … the symetric key is rotated. entitlement messages might be encrypted with PKI
18:30:06 <ted> … separate from the symetric content key
18:31:50 <ted> Isaac: that is a different approach with more complex key management. proxy reencryption also requires key managmenent but fewer just initial key pair per entity
18:33:55 <ted> [slide 2]
18:34:35 <ted> Isaac: NuCypher is trying to avoid single entity in the cloud, you can instead have multiple nodes which makes you more resilient to attacks as well
18:35:42 <ted> … owner will create a specific key pair, provide the car with public key. the car can use this key to sign additional keys and use them to encrypt the data
18:37:27 <ted> … in parallel the individual or third party on their behalf and can provide a reencryption key. next the user can share with the network the reencryption key along with policy
18:37:58 <ted> … the nodes enforcing the policy don't know anything about the data, unable to read
18:38:23 <ted> [slide 3 diagram]
18:39:02 <ted> … data consumer can request reencryption key and separately request data from the shared storage
18:39:34 <ted> Rudi: doesn't this require sharing private keys as well?
18:40:14 <ted> Isaac: no. proxy allows you to reencrypt data without knowing anything about it
18:42:43 <ted> Adnan: qualified applications each require a policy?
18:43:57 <ted> Isaac: one key is used to encrypt all the data, separately you sign reencryption keys and send to separate, trusted entity than the data storer
18:44:15 <ted> Rudi: in order to reencrypt don't you need the data in the clear?
18:44:27 <ted> Isaac: no, not with these types of resigned keys
18:44:46 <ted> … this scheme was initially used for encrypting email
18:45:17 <ted> … it allowed someone to take over, temporarily, use of a mail account while on vacation
18:47:09 <ted> Ted attempts to give a physical lock analogy
18:47:24 <ted> Isaac: better would be changing envelopes for mail
18:48:19 <ted> … everything in car encrypted with initial public key. for lock analogy, you can change lock without opening the door
18:48:31 <ted> … it is one mathematical operation
18:48:57 <ted> Rudi: to do so, you need some information about the initial private key that the public one is derived from
18:49:07 <ted> … that private key needs to be available somewhere
18:49:27 <ted> … leave the owner (Alice) possession
18:50:17 <ted> Isaac: Bob and Alice each provide their public key
18:50:33 <ted> Rudi: then the generated private key to reencrypt at risk of being cracked
18:52:03 <ted> Arman: shared key/secret
18:54:18 <ted> Ashish: so reencryption key created at start?
18:54:31 <ted> Isaac: no, at any time for additional data consumer
18:56:02 <ted> [Alice's private key and Bob's public key used to generate reencryption]
18:56:34 <ted> Arman: Alice gives Bob permission to decrypt. any information decrypted can be done based on his public key?
18:56:44 <ted> Isaac: no, needs the reencryption key
18:58:29 <ted> … there are other schemes that provide more protection
19:00:50 <ted> Arman: how do you restrict what data on the shared sever that Bob can access?
19:05:15 <ted> [continue this in two weeks and Isaac will send materials]
19:05:19 <RRSAgent> I have made the request to generate https://www.w3.org/2021/01/11-auto-minutes.html ted