move tabletop-discussion.md

docs/tabletop-discussion.md

@@ -0,0 +1,70 @@
+# Table-top discussion
+
+
+## Documentation and Tutorials
+1. [Enrollment](enrollment_diagram.md)
+2. [Login](login_diagram.md)
+3. [Cipher and Renew](encipher_decipher_renew_nkode.md)
+4. [nKode API Tutorial 1](../notebooks/Enrollment_Login_Renewal_Simplified.ipynb)
+5. [nKode API Tutorial 2](../notebooks/Enrollment_Login_Renewal_Detailed.ipynb)
+6. [Dispersion Tutorial](../notebooks/Dispersion.ipynb)
+7. [Split Shuffle](../notebooks/Split_Shuffle.ipynb)
+
+## Discussion Topics
+### nKode Length
+[Memorized Secret](https://pages.nist.gov/800-63-3/sp800-63b.html#memsecret) `Memorized secrets SHALL be at least 8 characters in length if chosen by the subscriber. Memorized secrets chosen randomly by the CSP or verifier SHALL be at least 6 characters in length and MAY be entirely numeric.`
+- The minimum entropy for a randomly chosen memorized secret is approximately 20 bits.
+- A keypad with 6 keys, each having 9 properties, exceeds this requirement with a minimum 4-character nKode, providing approximately 23 bits of entropy.
+
+### nKode Observation
+- Cracking an nKode [Evil nKode](https://git.infra.nkode.tech/dkelly/evilkode)
+- Replay Attack
+
+### Dispersion Attack
+
+### nKode Over low-bandwidth
+
+### nKode Over Unencrypted Channel
+- TOTP
+- DARC
+
+### Discussion Outcomes:
+
+#### Attacks and controls
+| Attacks                 | Controls                                                                       |
+|-------------------------|--------------------------------------------------------------------------------|
+| Screen Recording Attack | Split shuffle/more icons per key than keys                                     |
+| Exfiltrated DB          | Physically separated keys and icons, partial or full encryption, nKode renewal |
+| *APT                    | *Don't wait for garbage collector, manage timeouts                             |
+| Phishing                | Dispersion Resistant Keypad, nKode policy, passkey protected keypad icons      |
+| *MiTM                   | TLS, *TOTP shuffle, *DARC                                                      |
+
+*not implemented yet/needs another look
+
+#### asks for Dr. Kandah
+
+- Evil nKode screen watching/key replay
+    - Given a particular policy and keypad size:
+      - what is the probability of a key replay?
+      - what trade-offs are made between key replay and cracking an nkode? 
+    - Is the split shuffle unbiased?
+    - Can we rig the shuffle in our favor with keypad caching or other techniques?
+- Dispersion Attack/Phishing attack
+    - is the dispersion algorithm unbiased?
+    - Develop a modified dispersion algorithm to phish a dispersion resistant keypad
+- validate the cipher
+  - validate the server-side values
+  - validate the relationship between the mask and the hash
+  - validate the renewal
+  - are these processes/algorithms secure?
+- What is the minimum amount of encryption needed to secure user's nkodes against a full/partial database exfiltration
+  - How long will it take to brute force a hash with a full plain text breach of the database and what's gained?
+- How often do nkode icons need to be changed to maintain security if at all?
+  - if it does need to be changed can we start with 4 icons and add icons over time then roll the icons (drop the first icons and append a new one) after reaching a max size?
+- Low-bandwidth: how low can we go?
+  - TCP vs UDP
+  - Security of RX/TX without tls/encrypted channel
+- Hypothetical: What security gains are made if we split the cipher keys into multiple parts and put them on different machines in many locations?
+
+Other stuff:
+- unbiased icons/psychology