Authcoin Validation and Authentication in Decentralized Networks - - PowerPoint PPT Presentation

authcoin validation and authentication in decentralized
SMART_READER_LITE
LIVE PREVIEW

Authcoin Validation and Authentication in Decentralized Networks - - PowerPoint PPT Presentation

Aug 29, 2023 343 likes •559 views

Introduction Authcoin Conclusion and Future Work Authcoin Validation and Authentication in Decentralized Networks Benjamin Leiding 1 Clemens H. Cap 2 Thomas Mundt 2 Samaneh Rashidibajgan 2 1 University of G ottingen

slide-1
SLIDE 1

Introduction Authcoin Conclusion and Future Work

Authcoin Validation and Authentication in Decentralized Networks

Benjamin Leiding 1 Clemens H. Cap 2 Thomas Mundt 2 Samaneh Rashidibajgan 2

1University of G¨

  • ttingen

benjamin.leiding@cs.uni-goettingen.de

2University of Rostock

{clemens.cap,thomas.mundt,samaneh.rashidibajgan}@uni-rostock.de

September 6, 2016

Benjamin Leiding Authcoin — MCIS 2016 1 / 19

slide-2
SLIDE 2

Introduction Authcoin Conclusion and Future Work

Overview

1 Introduction 2 Authcoin 3 Conclusion and Future Work

Benjamin Leiding Authcoin — MCIS 2016 2 / 19

slide-3
SLIDE 3

Introduction Authcoin Conclusion and Future Work

Introduction

Benjamin Leiding Authcoin — MCIS 2016 3 / 19

slide-4
SLIDE 4

Introduction Authcoin Conclusion and Future Work

Motivation

Existing solutions

  • Certificate authorities (CAs)
  • PGP Web of Trust
  • Certcoin

BUT: All of them suffer from several disadvantages.

Benjamin Leiding Authcoin — MCIS 2016 4 / 19

slide-5
SLIDE 5

Introduction Authcoin Conclusion and Future Work

Certificate Authorities (CAs)

Figure: Hierarchical trust model

Benjamin Leiding Authcoin — MCIS 2016 5 / 19

slide-6
SLIDE 6

Introduction Authcoin Conclusion and Future Work

PGP Web of Trust

Figure: PGP Web of Trust

  • Decentralized trust model for

public keys

  • Mainly used for encrypted email

communication

  • Users sign other users’ public key

using their own private key to certify authenticity

  • Interpreting each key as node and

each signature as directed edge results in a directed graph → The PGP Web of Trust

Benjamin Leiding Authcoin — MCIS 2016 6 / 19

slide-7
SLIDE 7

Introduction Authcoin Conclusion and Future Work

Certcoin

An alternative approach

  • PGP Web of Trust + Block chain = Certcoin
  • Shares similarities with Authcoin
  • Inherited almost all disadvantages of the PGP Web of Trust
  • Has not been implemented yet

Benjamin Leiding Authcoin — MCIS 2016 7 / 19

slide-8
SLIDE 8

Introduction Authcoin Conclusion and Future Work

Authcoin

Benjamin Leiding Authcoin — MCIS 2016 8 / 19

slide-9
SLIDE 9

Introduction Authcoin Conclusion and Future Work

Overview

Benjamin Leiding Authcoin — MCIS 2016 9 / 19

slide-10
SLIDE 10

Introduction Authcoin Conclusion and Future Work

General Validation and Authentication

Figure: General V&A procedure

Benjamin Leiding Authcoin — MCIS 2016 10 / 19

slide-11
SLIDE 11

Introduction Authcoin Conclusion and Future Work

Validation and Authentication

Validation

1 An entity has access to the email account (account validation) 2 Same entity has access to the public and private key (key

validation)

3 The key pair corresponds to the tested email account

(binding)

Authentication

  • Verify the identity of the entity.

Benjamin Leiding Authcoin — MCIS 2016 11 / 19

slide-12
SLIDE 12

Introduction Authcoin Conclusion and Future Work

Challenges

Challenges in a Nutshell

  • Security depends on chosen challenges
  • Flexible and customizable (use case, threat level, available

information)

  • Bidirectional validation and authentication
  • Varying complexity
  • Users have to interpret information

Benjamin Leiding Authcoin — MCIS 2016 12 / 19

slide-13
SLIDE 13

Introduction Authcoin Conclusion and Future Work

Storing Information

Block chain

  • Store keys, signatures, challenges, responses, etc
  • Utilize advantages of block chain-based storage:

decentralized, distributed, fault tolerant, transparent, difficult to manipulate, etc.

  • Either setup own chain or utilize existing one (as Namecoin

does)

Benjamin Leiding Authcoin — MCIS 2016 13 / 19

slide-14
SLIDE 14

Introduction Authcoin Conclusion and Future Work

Overview

Benjamin Leiding Authcoin — MCIS 2016 14 / 19

slide-15
SLIDE 15

Introduction Authcoin Conclusion and Future Work

Automated Validation and Authentication Requests

Validation and Authentication Requests (VARs)

  • Automatically and randomly create with each new block
  • Number of generated VARs depends on number of valid keys

in chain

  • Break into sybil collectives “by accident”

Benjamin Leiding Authcoin — MCIS 2016 15 / 19

slide-16
SLIDE 16

Introduction Authcoin Conclusion and Future Work

Conclusion and Future Work

Benjamin Leiding Authcoin — MCIS 2016 16 / 19

slide-17
SLIDE 17

Introduction Authcoin Conclusion and Future Work

Conclusion

Conclusion

  • Highly flexible Challenge-Response-based V&A
  • Bidirectional V&A
  • Tamper-proof and transparent information storage (block

chain)

  • More resilient against sybil node attacks than current solutions
  • No single point of failure

Benjamin Leiding Authcoin — MCIS 2016 17 / 19

slide-18
SLIDE 18

Introduction Authcoin Conclusion and Future Work

Future Work

Future Work

  • Implementation
  • API-based incentive system
  • Abstract from key pair use case
  • Biometric identifiers?

Benjamin Leiding Authcoin — MCIS 2016 18 / 19

slide-19
SLIDE 19

Introduction Authcoin Conclusion and Future Work

Questions?

Benjamin Leiding Authcoin — MCIS 2016 19 / 19