About this class

https://xkcd.com/538/

It was a dark and stormy night, Heimdallr, the guardian of the gods, kept a watchful eye on the Bifrost bridge. “Could it be tonight? Would Loki do it? I can feel it coming. Ragnarok”, said Heimdallr to himself. Thoughts of carnage and destruction occupied his ever-observing head. He had a disturbing feeling in his gut that something was going to happen tonight, and he needed to let the gods know about it.

And finally, there it was, he could see it on the horizon: the giant head of the wolf, Fenrir, alongside his father, the deceiver Loki. Hel, the goddess of the underworld, can be seen leading the army of the dead. “It is time, I must send a message to Odin and the gods to prepare for the final battle”, said Heimdallr.

As he was typing the message on his iPhone 13Pro, a thought popped into his head: “How can I tell Odin without anyone intercepting the message”? Loki was known to have hired a band of hackers to support his war efforts. Furthermore, how can Odin know that it was Heimdallr who wrote the message? How could he stop Loki’s script kiddies from impersonating him in an email or a message? How can he make sure that the tunnel to Asgard was safe and not under attack? A moment of panic took over Heimdallr, how can he send sensitive information on an untrusted network?

In this course, we will set up to help the Norse gods by exploring how Heimdallr can send a private message, in a world that is increasingly public and under attack. We will take a look at this problem from two perspectives: (1) Loki’s perspective, who is trying to intercept and exploit any messages sent to the Gods, and (2) Heimdallr and the gods’ perspective, who are trying to secure their messages from Loki’s army.

Just like Heimdallr and the gods, we find ourselves today in a society that increasingly puts trust in the Internet, a network that is not worthy of that trust. The Internet was designed with the end-to-end principle in mind; push the complexity into the endpoints as much as possible, keeping the intermediary nodes (core routers, switches, etc.) as simple as possible. This is great and all, but it renders the medium of communication unreliable and untrustworthy. Malicious actors can intercept traffic, change network packets, and masquerade as other users or as Internet authorities. The process of ensuring private communication over an untrusted network is the main topic of this class.