Members-Only
Recent Talks & Demos are for members only
You must be an AI Tinkerers active member to view these talks and demos.
March 20, 2025
·
Poland
Secure Agent-to-Agent Authentication
Learn practical security protocols and authentication methods for safe, reliable communication between autonomous AI agents in distributed systems, including key exchange and access control.
Overview
This talk explores security protocols and authentication mechanisms necessary for ensuring safe and reliable communication between autonomous AI agents in distributed systems.
Links
Tech stack
- security protocolsSecurity protocols establish the hard rules for digital exchangeSecurity protocols establish the hard rules for digital exchange. TLS 1.3 (Transport Layer Security) remains the gold standard for web traffic, eliminating obsolete algorithms like SHA-1 to slash handshake latency. For network-level protection, IPsec provides robust tunneling for VPNs by leveraging AES-256 encryption. These protocols use defined handshakes to verify certificates and negotiate keys, ensuring that even if a packet is intercepted, the payload remains unreadable. Implementation focuses on minimizing the attack surface while maintaining high throughput for enterprise systems.
- OAuthOAuth (Authorization) is the open standard for delegated access: it issues time-limited access tokens to third-party clients, allowing them to use a Resource Owner's data on a Resource Server (API) without ever seeing the user's credentials.OAuth 2.0 is the current Authorization Framework, a critical protocol for securing modern APIs. It strictly separates the Resource Owner (user) from the Client (application) and the Resource Server (API). The core function is authorization delegation: a user grants an application permission to access specific data (scopes) on their behalf. This process yields an Access Token, a credential string with a defined lifetime (e.g., 3600 seconds) that the Client uses to make protected resource requests. This token-based approach prevents the Client from handling the user's primary credentials (username/password), significantly enhancing security and control.
- distributed systemsA collection of independent computers appearing to users as a single coherent system to scale compute and ensure fault tolerance.Distributed systems solve the physical limits of a single machine by networking nodes to handle massive workloads like Google Search or Amazon's DynamoDB. They rely on core principles like consensus algorithms (Paxos, Raft) and the CAP theorem to manage data consistency across geographic regions. By partitioning data and replicating services, these systems prevent single points of failure and allow horizontal scaling. Modern implementations use tools like Kubernetes for orchestration and gRPC for low-latency communication between microservices. Success depends on mastering partial failure: the reality that one node can crash while the rest of the cluster remains operational.
- OpenID ConnectAn identity layer built on top of the OAuth 2.0 protocol that allows clients to verify end-user identity via an authorization server.OpenID Connect (OIDC) streamlines authentication by extending OAuth 2.0 with a dedicated ID Token. It provides a standardized way for applications (Relying Parties) to request and receive information about authenticated sessions and end-users. By using JSON Web Tokens (JWT) and RESTful HTTP flows, OIDC supports diverse clients including web-based, mobile, and JavaScript applications. Major providers like Google, Microsoft, and Okta use this protocol to handle billions of identity requests daily, ensuring interoperability across the modern web ecosystem.
- SAML 2SAML 2.0 is the industry-standard XML framework for exchanging authentication and authorization data between identity providers and service providers.SAML 2.0 (Security Assertion Markup Language) eliminates password fatigue by enabling cross-domain Single Sign-On (SSO) through secure XML assertions. In a typical flow, an Identity Provider (IdP) like Okta or Microsoft Entra ID authenticates a user and passes a digitally signed token to a Service Provider (SP) such as Salesforce or Slack. This protocol relies on a trust relationship established via metadata exchange (including X.509 certificates) to ensure that sensitive user attributes move securely across the web. It remains the backbone of enterprise identity management, supporting complex use cases like identity federation and automated provisioning for thousands of SaaS applications.
- LDAPLDAP is the industry-standard protocol for accessing and managing distributed directory information services over an IP network.Lightweight Directory Access Protocol (LDAP) functions as the structural backbone for enterprise identity management. It utilizes a hierarchical tree structure (the Directory Information Tree) to organize data like usernames, email addresses, and security groups. By operating on Port 389 (or 636 for LDAPS), it allows applications like OpenLDAP and Microsoft Active Directory to execute rapid lookups and authentication binds. Its efficiency stems from being optimized for high-volume read operations, making it the go-to choice for centralized credential storage across diverse corporate networks.
- KerberosA mature, ticket-based network authentication protocol designed to prove identity over insecure channels using symmetric cryptography.Developed at MIT under Project Athena in the 1980s, Kerberos serves as the backbone for modern identity management systems like Microsoft Active Directory. It eliminates the need to transmit passwords across the wire by utilizing a Key Distribution Center (KDC) to issue time-stamped tickets. These tickets (TGTs) allow users to access specific services (LDAP, file shares, or databases) without re-authenticating for every session. By relying on a trusted third party and strict time synchronization (usually within 5 minutes), Kerberos effectively mitigates replay attacks and remains the industry standard for secure, single sign-on enterprise environments.
- RADIUSRADIUS is the industry-standard protocol for centralized Authentication, Authorization, and Accounting (AAA) across distributed network access points.Network engineers rely on RADIUS (Remote Authentication Dial-In User Service) to manage secure access via a client-server architecture. When a user connects to a NAS (Network Access Server), the device forwards credentials to a central RADIUS server (like FreeRADIUS or Cisco ISE) using UDP port 1812. The server validates the request against a backend database (LDAP or Active Directory) and returns specific configuration parameters (VLAN assignments or time limits). This protocol remains the backbone of enterprise Wi-Fi (802.1X) and VPN security by decoupling user identity from physical hardware.
- WebAuthnWebAuthn is the W3C standard for secure, hardware-based passwordless authentication using public-key cryptography.WebAuthn replaces vulnerable passwords with cryptographic key pairs stored on authenticators like YubiKeys, Touch ID, or Windows Hello. It operates as a core component of the FIDO2 framework, enabling browsers (Chrome 67+, Safari 13+) to communicate directly with local hardware via the Credentials Container API. By leveraging asymmetric encryption, it eliminates phishing risks: the private key never leaves the device, and the public key stored on the server is useless to attackers if leaked. This protocol delivers a sub-second login experience that satisfies high-assurance security requirements (AAL3) without the friction of traditional multi-factor methods.
- FIDO2FIDO2 replaces vulnerable passwords with unphishable public-key cryptography using WebAuthn and CTAP standards.FIDO2 eliminates credential theft by moving authentication to the local device. It combines the W3C WebAuthn standard with the Client to Authenticator Protocol (CTAP) to enable secure logins via biometric sensors (Windows Hello, FaceID) or hardware keys (YubiKey 5 Series). By utilizing unique cryptographic key pairs for every site, FIDO2 prevents man-in-the-middle attacks and ensures that a data breach at one service provider cannot compromise user accounts elsewhere.
Related projects
Teachable AI Agents in Software Development
Poland
Learn how to build AI agents that continuously adapt to development workflows, using practical techniques and best practices…
Vital AI Agent Ecosystem + Chat.ai
New York City
Demonstration of an open standard and open-source Vital AI Agent Ecosystem for deploying agents, enabling inter-agent communication, collaboration,…
Agent Laboratory: Agentic AI Researcher
Prague
The session demonstrates an end‑to‑end autonomous workflow using specialized LLM agents to conduct literature reviews, design plans, run…
aius.co—the long-term memory agentic framework
Poland
The session explains aius.co’s modular agentic architecture, detailing long‑term memory persistence, compute allocation, and autonomous evolution of agents…
Trustworthy and Secure Agents
Zürich
This talk demonstrates a prototype system enforcing strict security policies on LLM agents, enabling precise control over their…
Multi-Agent Systems Solving Complex Tasks in IT Environments
Poland
Explore a LangChain-based multi-agent architecture that integrates tools and graph knowledge retrieval to automate complex IT support and…