claimchain

ClaimChain A Decentralized Public Key Infrastructure based on - PowerPoint PPT Presentation

ClaimChain A Decentralized Public Key Infrastructure based on Cross-Referenced Hash chains Marios Isaakidis, George Danezis @ UCL Bogdan Kulynych , Carmela Troncoso @ IMDEA December 28, 2016 bogdankulynych.me/33c3 Bogdan Kulynych PhD student,


  1. ClaimChain A Decentralized Public Key Infrastructure based on Cross-Referenced Hash chains Marios Isaakidis, George Danezis @ UCL Bogdan Kulynych , Carmela Troncoso @ IMDEA December 28, 2016 bogdankulynych.me/33c3

  2. Bogdan Kulynych PhD student, IMDEA Software Institute, Madrid Twitter: @hiddenmarkov Email: bogdan.kulynych at imdea.org NEXTLEAP project nextleap.eu 1

  3. Goals ClaimChain basics Cross-Referencing Supporting infrastructure Privacy and Security 2

  4. Work in progress 2

  5. Goals

  6. Modern Key Management needs • Frequent key updates • Support for ephemeral keys, OTR, Bitcoin wallets… • Multi-device support • Better handling of key compromisation/loss • Interoperability with legacy agents • Better Web of Trust • Privacy of the social graph • Also vouching for the “state” of a PGP key 3

  7. Modern Key Management needs • Frequent key updates • Support for ephemeral keys, OTR, Bitcoin wallets… • Multi-device support • Better handling of key compromisation/loss • Interoperability with legacy agents • Better Web of Trust • Privacy of the social graph • Also vouching for the “state” of a PGP key 3

  8. Modern Key Management needs • Frequent key updates • Support for ephemeral keys, OTR, Bitcoin wallets… • Multi-device support • Better handling of key compromisation/loss • Interoperability with legacy agents • Better Web of Trust • Privacy of the social graph • Also vouching for the “state” of a PGP key 3

  9. Modern Key Management needs • Frequent key updates • Support for ephemeral keys, OTR, Bitcoin wallets… • Multi-device support • Better handling of key compromisation/loss • Interoperability with legacy agents • Better Web of Trust • Privacy of the social graph • Also vouching for the “state” of a PGP key 3

  10. Modern Key Management needs • Frequent key updates • Support for ephemeral keys, OTR, Bitcoin wallets… • Multi-device support • Better handling of key compromisation/loss • Interoperability with legacy agents • Better Web of Trust • Privacy of the social graph • Also vouching for the “state” of a PGP key 3

  11. Modern Key Management needs • Frequent key updates • Support for ephemeral keys, OTR, Bitcoin wallets… • Multi-device support • Better handling of key compromisation/loss • Interoperability with legacy agents • Better Web of Trust • Privacy of the social graph • Also vouching for the “state” of a PGP key 3

  12. Modern Key Management needs • Frequent key updates • Support for ephemeral keys, OTR, Bitcoin wallets… • Multi-device support • Better handling of key compromisation/loss • Interoperability with legacy agents • Better Web of Trust • Privacy of the social graph • Also vouching for the “state” of a PGP key 3

  13. ClaimChain basics

  14. Claim • Key material • Signature key • Recovery key • Generic things • Encryption keys • Signal prekeys • Identity in social nets / emails • Revocations • Cross-references (will get back to this) Clients maintain per-device append-only logs of claims. 4

  15. Claim • Key material • Signature key • Recovery key • Generic things • Encryption keys • Signal prekeys • Identity in social nets / emails • Revocations • Cross-references (will get back to this) Clients maintain per-device append-only logs of claims. 4

  16. Claim • Key material • Signature key • Recovery key • Generic things • Encryption keys • Signal prekeys • Identity in social nets / emails • Revocations • Cross-references (will get back to this) Clients maintain per-device append-only logs of claims. 4

  17. Claim • Key material • Signature key • Recovery key • Generic things • Encryption keys • Signal prekeys • Identity in social nets / emails • Revocations • Cross-references (will get back to this) Clients maintain per-device append-only logs of claims. 4

  18. Hash chains of claims 5

  19. Claim chain imprint Imprint is a hash of the chain head: H ( B n ) • Compact representation of the chain state • Can verify the integrity of the chain top to bottom • Signatures allow to verify new blocks 6

  20. Cross-Referencing

  21. Cross-referencing • Alice commits to an imprint of Bob’s chain • Resulting in WoT which also tracks the updates of chains 7

  22. Social evidence processing policy Validating someone’s claim chain need to involve social verification to detect forks (compromise) or fake imprint. • A client decides a set of other nodes they choose to trust • Defines client’s the trust model 8

  23. Social evidence processing policy Validating someone’s claim chain need to involve social verification to detect forks (compromise) or fake imprint. • A client decides a set of other nodes they choose to trust • Defines client’s the trust model 8

  24. Social evidence processing policy Validating someone’s claim chain need to involve social verification to detect forks (compromise) or fake imprint. • A client decides a set of other nodes they choose to trust • Defines client’s the trust model 8

  25. Supporting infrastructure

  26. Storage infrastructure Options to distribute the claim chains: • Peer-to-peer / In-band • Not efficient • Centralized storage / the Cloud • Can be highly available • Easy to deploy • No need to trust for integrity! • Privacy problems • Other security problems • DHT, etc. Chains can be stored in KV stores with K = H ( B i ) , V = B i . 9

  27. Storage infrastructure Options to distribute the claim chains: • Peer-to-peer / In-band • Not efficient • Centralized storage / the Cloud • Can be highly available • Easy to deploy • No need to trust for integrity! • Privacy problems • Other security problems • DHT, etc. Chains can be stored in KV stores with K = H ( B i ) , V = B i . 9

  28. Storage infrastructure Options to distribute the claim chains: • Peer-to-peer / In-band • Not efficient • Centralized storage / the Cloud • Can be highly available • Easy to deploy • No need to trust for integrity! • Privacy problems • Other security problems • DHT, etc. Chains can be stored in KV stores with K = H ( B i ) , V = B i . 9

  29. State tracking mechanism Need a kind of ”DNS” to resolve names to latest head imprints • In-band • Opportunistic encryption-like • Easy to deploy • No availability • Centralized • Privacy problems • Can be highly available • Gossiping, DHT, The Blockchain, etc. 10

  30. State tracking mechanism Need a kind of ”DNS” to resolve names to latest head imprints • In-band • Opportunistic encryption-like • Easy to deploy • No availability • Centralized • Privacy problems • Can be highly available • Gossiping, DHT, The Blockchain, etc. 10

  31. State tracking mechanism Need a kind of ”DNS” to resolve names to latest head imprints • In-band • Opportunistic encryption-like • Easy to deploy • No availability • Centralized • Privacy problems • Can be highly available • Gossiping, DHT, The Blockchain, etc. 10

  32. State tracking mechanism Need a kind of ”DNS” to resolve names to latest head imprints • In-band • Opportunistic encryption-like • Easy to deploy • No availability • Centralized • Privacy problems • Can be highly available • Gossiping, DHT, The Blockchain, etc. 10

  33. Privacy and Security

  34. Access control • Clients can encrypt blocks so that only chosen groups can read them • Naive way — encrypt blocks with a session key, encrypt session key with other people public keys • Attribute-based or predicate-based encryption 11

  35. Query privacy Centralized storage infrastructure or state tracking mechanism can learn the social graph • Privacy through anonymity • Dummy queries • Private information retrieval • Not practical • Relaxed PIR hard to deploy 12

  36. Summary ClaimChain: • Put claims of any nature, mainly cryptographic material, in high-integrity stores • Clients commit to states of other chains • Each client defines their source of authority about states • Complementary to opportunistic encryption efforts • Allow to be stored on untrusted storage • Other than setting social policy, can be made automatic 13

  37. Thank you! 13

  38. Bogdan Kulynych PhD student, IMDEA Software Institute, Madrid Twitter: @hiddenmarkov Email: bogdan.kulynych at imdea.org NEXTLEAP project nextleap.eu 14

Recommend


More recommend