claimchain

ClaimChain A Decentralized Public Key Infrastructure based on - PowerPoint PPT Presentation

Jul 14, 2023 •41 likes •421 views

ClaimChain A Decentralized Public Key Infrastructure based on Cross-Referenced Hash chains Marios Isaakidis, George Danezis @ UCL Bogdan Kulynych , Carmela Troncoso @ IMDEA December 28, 2016 bogdankulynych.me/33c3 Bogdan Kulynych PhD student,

  1. ClaimChain A Decentralized Public Key Infrastructure based on Cross-Referenced Hash chains Marios Isaakidis, George Danezis @ UCL Bogdan Kulynych , Carmela Troncoso @ IMDEA December 28, 2016 bogdankulynych.me/33c3

  2. Bogdan Kulynych PhD student, IMDEA Software Institute, Madrid Twitter: @hiddenmarkov Email: bogdan.kulynych at imdea.org NEXTLEAP project nextleap.eu 1

  3. Goals ClaimChain basics Cross-Referencing Supporting infrastructure Privacy and Security 2

  4. Work in progress 2

  5. Goals

  6. Modern Key Management needs • Frequent key updates • Support for ephemeral keys, OTR, Bitcoin wallets… • Multi-device support • Better handling of key compromisation/loss • Interoperability with legacy agents • Better Web of Trust • Privacy of the social graph • Also vouching for the “state” of a PGP key 3

  7. Modern Key Management needs • Frequent key updates • Support for ephemeral keys, OTR, Bitcoin wallets… • Multi-device support • Better handling of key compromisation/loss • Interoperability with legacy agents • Better Web of Trust • Privacy of the social graph • Also vouching for the “state” of a PGP key 3

  8. Modern Key Management needs • Frequent key updates • Support for ephemeral keys, OTR, Bitcoin wallets… • Multi-device support • Better handling of key compromisation/loss • Interoperability with legacy agents • Better Web of Trust • Privacy of the social graph • Also vouching for the “state” of a PGP key 3

  9. Modern Key Management needs • Frequent key updates • Support for ephemeral keys, OTR, Bitcoin wallets… • Multi-device support • Better handling of key compromisation/loss • Interoperability with legacy agents • Better Web of Trust • Privacy of the social graph • Also vouching for the “state” of a PGP key 3

  10. Modern Key Management needs • Frequent key updates • Support for ephemeral keys, OTR, Bitcoin wallets… • Multi-device support • Better handling of key compromisation/loss • Interoperability with legacy agents • Better Web of Trust • Privacy of the social graph • Also vouching for the “state” of a PGP key 3

  11. Modern Key Management needs • Frequent key updates • Support for ephemeral keys, OTR, Bitcoin wallets… • Multi-device support • Better handling of key compromisation/loss • Interoperability with legacy agents • Better Web of Trust • Privacy of the social graph • Also vouching for the “state” of a PGP key 3

  12. Modern Key Management needs • Frequent key updates • Support for ephemeral keys, OTR, Bitcoin wallets… • Multi-device support • Better handling of key compromisation/loss • Interoperability with legacy agents • Better Web of Trust • Privacy of the social graph • Also vouching for the “state” of a PGP key 3

  13. ClaimChain basics

  14. Claim • Key material • Signature key • Recovery key • Generic things • Encryption keys • Signal prekeys • Identity in social nets / emails • Revocations • Cross-references (will get back to this) Clients maintain per-device append-only logs of claims. 4

  15. Claim • Key material • Signature key • Recovery key • Generic things • Encryption keys • Signal prekeys • Identity in social nets / emails • Revocations • Cross-references (will get back to this) Clients maintain per-device append-only logs of claims. 4

  16. Claim • Key material • Signature key • Recovery key • Generic things • Encryption keys • Signal prekeys • Identity in social nets / emails • Revocations • Cross-references (will get back to this) Clients maintain per-device append-only logs of claims. 4

  17. Claim • Key material • Signature key • Recovery key • Generic things • Encryption keys • Signal prekeys • Identity in social nets / emails • Revocations • Cross-references (will get back to this) Clients maintain per-device append-only logs of claims. 4

  18. Hash chains of claims 5

  19. Claim chain imprint Imprint is a hash of the chain head: H ( B n ) • Compact representation of the chain state • Can verify the integrity of the chain top to bottom • Signatures allow to verify new blocks 6

  20. Cross-Referencing

  21. Cross-referencing • Alice commits to an imprint of Bob’s chain • Resulting in WoT which also tracks the updates of chains 7

  22. Social evidence processing policy Validating someone’s claim chain need to involve social verification to detect forks (compromise) or fake imprint. • A client decides a set of other nodes they choose to trust • Defines client’s the trust model 8

  23. Social evidence processing policy Validating someone’s claim chain need to involve social verification to detect forks (compromise) or fake imprint. • A client decides a set of other nodes they choose to trust • Defines client’s the trust model 8

  24. Social evidence processing policy Validating someone’s claim chain need to involve social verification to detect forks (compromise) or fake imprint. • A client decides a set of other nodes they choose to trust • Defines client’s the trust model 8

  25. Supporting infrastructure

  26. Storage infrastructure Options to distribute the claim chains: • Peer-to-peer / In-band • Not efficient • Centralized storage / the Cloud • Can be highly available • Easy to deploy • No need to trust for integrity! • Privacy problems • Other security problems • DHT, etc. Chains can be stored in KV stores with K = H ( B i ) , V = B i . 9

  27. Storage infrastructure Options to distribute the claim chains: • Peer-to-peer / In-band • Not efficient • Centralized storage / the Cloud • Can be highly available • Easy to deploy • No need to trust for integrity! • Privacy problems • Other security problems • DHT, etc. Chains can be stored in KV stores with K = H ( B i ) , V = B i . 9

  28. Storage infrastructure Options to distribute the claim chains: • Peer-to-peer / In-band • Not efficient • Centralized storage / the Cloud • Can be highly available • Easy to deploy • No need to trust for integrity! • Privacy problems • Other security problems • DHT, etc. Chains can be stored in KV stores with K = H ( B i ) , V = B i . 9

  29. State tracking mechanism Need a kind of ”DNS” to resolve names to latest head imprints • In-band • Opportunistic encryption-like • Easy to deploy • No availability • Centralized • Privacy problems • Can be highly available • Gossiping, DHT, The Blockchain, etc. 10

  30. State tracking mechanism Need a kind of ”DNS” to resolve names to latest head imprints • In-band • Opportunistic encryption-like • Easy to deploy • No availability • Centralized • Privacy problems • Can be highly available • Gossiping, DHT, The Blockchain, etc. 10

  31. State tracking mechanism Need a kind of ”DNS” to resolve names to latest head imprints • In-band • Opportunistic encryption-like • Easy to deploy • No availability • Centralized • Privacy problems • Can be highly available • Gossiping, DHT, The Blockchain, etc. 10

  32. State tracking mechanism Need a kind of ”DNS” to resolve names to latest head imprints • In-band • Opportunistic encryption-like • Easy to deploy • No availability • Centralized • Privacy problems • Can be highly available • Gossiping, DHT, The Blockchain, etc. 10

  33. Privacy and Security

  34. Access control • Clients can encrypt blocks so that only chosen groups can read them • Naive way — encrypt blocks with a session key, encrypt session key with other people public keys • Attribute-based or predicate-based encryption 11

  35. Query privacy Centralized storage infrastructure or state tracking mechanism can learn the social graph • Privacy through anonymity • Dummy queries • Private information retrieval • Not practical • Relaxed PIR hard to deploy 12

  36. Summary ClaimChain: • Put claims of any nature, mainly cryptographic material, in high-integrity stores • Clients commit to states of other chains • Each client defines their source of authority about states • Complementary to opportunistic encryption efforts • Allow to be stored on untrusted storage • Other than setting social policy, can be made automatic 13

  37. Thank you! 13

  38. Bogdan Kulynych PhD student, IMDEA Software Institute, Madrid Twitter: @hiddenmarkov Email: bogdan.kulynych at imdea.org NEXTLEAP project nextleap.eu 14

Recommend

A Multi-perspective Analysis of Carrier-Grade NAT Deployment Magdalena Prbstl May 18, 2017

A Multi-perspective Analysis of Carrier-Grade NAT Deployment Magdalena Prbstl May 18, 2017

A Multi-perspective Analysis of Carrier-Grade NAT Deployment Magdalena Prbstl May 18, 2017 Background Operators Perspectives on CGN Measurement Methodology Global CGN Presence CGN Behaviour Implications, Conclusion and Takeaway Background

289 views • 14 slides
Peer-to-peer Architecture for Collaborative Intrusion and Malware Detection on a Large Scale

Peer-to-peer Architecture for Collaborative Intrusion and Malware Detection on a Large Scale

UNIVERSITY OF MODENA AND REGGIO EMILIA Peer-to-peer Architecture for Collaborative Intrusion and Malware Detection on a Large Scale Mirco Marchetti, Michele Messori and Michele Colajanni WebLab, University of Modena and Reggio Emilia, Italy

298 views • 19 slides
Six Faces of Data Centric Networking Eiko Yoneki University of Cambridge Computer Laboratory

Six Faces of Data Centric Networking Eiko Yoneki University of Cambridge Computer Laboratory

Six Faces of Data Centric Networking Eiko Yoneki University of Cambridge Computer Laboratory Data Centric Networking Shift of Communication Paradigm From end-to-end to data centric Data as communication token Multipoint

457 views • 30 slides
Various Faces of Data Centric Networking Eiko Yoneki University of Cambridge Computer Laboratory

Various Faces of Data Centric Networking Eiko Yoneki University of Cambridge Computer Laboratory

Various Faces of Data Centric Networking Eiko Yoneki University of Cambridge Computer Laboratory Data Centric Networking Shift of communication paradigm From end-to-end to data centric Data as communication token Multipoint

418 views • 19 slides
DSDS: DATA STORE DRIVEN APPLICATION SCHEDULING Frezewd Lemma Tena, Christof Fetzer TU Dresden,

DSDS: DATA STORE DRIVEN APPLICATION SCHEDULING Frezewd Lemma Tena, Christof Fetzer TU Dresden,

DSDS: DATA STORE DRIVEN APPLICATION SCHEDULING Frezewd Lemma Tena, Christof Fetzer TU Dresden, Germany 1 MOTIVATION Context: reduce end user perceived latency move computing closer to end user how to build an edge cloud? Problem

657 views • 23 slides
Sistemas Distribudos Aula 9 Aula passada Aula de hoje DNS Arquitetura P2P CDN Bittorrent

Sistemas Distribudos Aula 9 Aula passada Aula de hoje DNS Arquitetura P2P CDN Bittorrent

Sistemas Distribudos Aula 9 Aula passada Aula de hoje DNS Arquitetura P2P CDN Bittorrent Distributed Hash Table (DHT) Figueiredo 2016 Aquitetura de Sistemas Distribudo Duas grandes abordagens cliente/servidor: clssica e mais

471 views • 20 slides
Data Storage Solutions for Decentralized Online Social Networks Anwitaman Datta S* Aspects of

Data Storage Solutions for Decentralized Online Social Networks Anwitaman Datta S* Aspects of

Data Storage Solutions for Decentralized Online Social Networks Anwitaman Datta S* Aspects of Networked & Distributed Systems (SANDS) School of Computer Engineering NTU Singapore iSocial Summer School, KTH Stockholm Research @

1.21k views • 83 slides
MC714: Sistemas Distribu dos Prof. Lucas Wanner Instituto de Computac ao, Unicamp

MC714: Sistemas Distribu dos Prof. Lucas Wanner Instituto de Computac ao, Unicamp

MC714: Sistemas Distribu dos Prof. Lucas Wanner Instituto de Computac ao, Unicamp Aula 22: Sistemas Peer-to-Peer Estruturados: DHT/Chord Distributed Hash Tables (DHT) Chord Consider the organization of many nodes into a logical

256 views • 7 slides
Presenter: Yunfeng Gu Supervisor: Azzedine Boukerche PARADISE Research Laboratory University of

Presenter: Yunfeng Gu Supervisor: Azzedine Boukerche PARADISE Research Laboratory University of

Presenter: Yunfeng Gu Supervisor: Azzedine Boukerche PARADISE Research Laboratory University of Ottawa, Canada Supporting Multi-dimensional Range Query in the P2P Network DS-RT 2011 . P2P A Appli

713 views • 42 slides
Experiences in Building and Operating ePOST, a Reliable Peer-to-Peer Application Alan Mislove

Experiences in Building and Operating ePOST, a Reliable Peer-to-Peer Application Alan Mislove

Experiences in Building and Operating ePOST, a Reliable Peer-to-Peer Application Alan Mislove Ansley Post Andreas Haeberlen Peter Druschel Max Planck Institute for Software Systems Rice University 1 Reliable P2P

618 views • 42 slides
Building and verifying a quasi-certification entity over Distributed Hash Tables F. Kordon -

Building and verifying a quasi-certification entity over Distributed Hash Tables F. Kordon -

Building and verifying a quasi-certification entity over Distributed Hash Tables F. Kordon - Universit P. & M. Curie - CC2016 Join work with X. Bonnaire, R. Cortes & O. Marin UPMC (France), UFSM (Chile), NYUS (China)

648 views • 53 slides
Crude-Oil Blend Scheduling Optimization of a Complex Industrial-Sized Refinery: A Discrete-Time

Crude-Oil Blend Scheduling Optimization of a Complex Industrial-Sized Refinery: A Discrete-Time

Crude-Oil Blend Scheduling Optimization of a Complex Industrial-Sized Refinery: A Discrete-Time Benchmark Motivation 1: Replace Full Space MINLP by MILP + NLP decompositions for large problems Motivation 2: Crude-oil scheduling in 1 st feedstock

386 views • 11 slides
Computer Graphics (CS/ECE 545) Lecture 7: Morphology (Part 2) & Regions in Binary Images (Part

Computer Graphics (CS/ECE 545) Lecture 7: Morphology (Part 2) & Regions in Binary Images (Part

Computer Graphics (CS/ECE 545) Lecture 7: Morphology (Part 2) & Regions in Binary Images (Part 1) Prof Emmanuel Agu Computer Science Dept. Worcester Polytechnic Institute (WPI) Recall: Dilation Example For A and B shown below Translation of

1.04k views • 61 slides
CS 4495 Computer Vision Binary images and Morphology Aaron Bobick School of Interactive

CS 4495 Computer Vision Binary images and Morphology Aaron Bobick School of Interactive

Morphology CS 4495 Computer Vision A. Bobick CS 4495 Computer Vision Binary images and Morphology Aaron Bobick School of Interactive Computing Morphology CS 4495 Computer Vision A. Bobick Administrivia PS6 should be working

1.08k views • 46 slides
Binary images Constrained image capture setting Two pixel values Foreground and

Binary images Constrained image capture setting Two pixel values Foreground and

Sudheendras office hours Mon, Wed 1-2 pm Lecture 3: Binary image analysis ENS 31NR Forsyth and Ponce book Thursday, Sept 6 Binary images Constrained image capture setting Two pixel values Foreground and background

518 views • 13 slides
MORPHOLOGICAL OPERATORS INEL 6088 - M. Toledo Ref: Sec. 2.6, 2.7 Jain et. al, Ch. 8 Davies

MORPHOLOGICAL OPERATORS INEL 6088 - M. Toledo Ref: Sec. 2.6, 2.7 Jain et. al, Ch. 8 Davies

MORPHOLOGICAL OPERATORS INEL 6088 - M. Toledo Ref: Sec. 2.6, 2.7 Jain et. al, Ch. 8 Davies MORPHOLOGICAL OPERATORS Intersection of A and B: binary image which is 1 at all pixels p which are 1 in both A and B Union of A and B: binary image which

677 views • 19 slides
CSSE463: Image Recognition Day 3 Announcements/reminders: Lab 1 should have been turned in

CSSE463: Image Recognition Day 3 Announcements/reminders: Lab 1 should have been turned in

CSSE463: Image Recognition Day 3 Announcements/reminders: Lab 1 should have been turned in last night. Tomorrow: Lab 2 (posted): on color images. Bring laptop . Today: Introduce Fruit Finder , due next Friday . Lots of

626 views • 16 slides
Do Now! Have out your IMN, calculator and a pencil. TOC: pg. 13,Dilations and Scale Factor

Do Now! Have out your IMN, calculator and a pencil. TOC: pg. 13,Dilations and Scale Factor

Week 3 08.14.17 Day 4 Dilations.notebook August 17, 2017 Do Now! Have out your IMN, calculator and a pencil. TOC: pg. 13,Dilations and Scale Factor Aug 129:14 AM Learning Target: I can dilate geometric figures on the coordinate plane.

206 views • 5 slides
Segmentation Bottom-up Segmentation Semantic / instance segmentation Many Slides from L.

Segmentation Bottom-up Segmentation Semantic / instance segmentation Many Slides from L.

Segmentation Bottom-up Segmentation Semantic / instance segmentation Many Slides from L. Lazebnik. Outline Bottom-up segmentation Superpixel segmentation Semantic segmentation Metrics Architectures

1.28k views • 49 slides
a better and faster way Shu Kong CS, ICS, UCI Image Understanding --> Scene Parsing Scene

a better and faster way Shu Kong CS, ICS, UCI Image Understanding --> Scene Parsing Scene

Scene Parsing through Per-Pixel Labeling: a better and faster way Shu Kong CS, ICS, UCI Image Understanding --> Scene Parsing Scene Parsing semantic segmentation classifying each pixel into one of defined categories Scene Parsing semantic

1.29k views • 103 slides
Pay Attention to the Pixel, Understand the Scene Better Shu Kong CS, ICS, UCI Background: Scene

Pay Attention to the Pixel, Understand the Scene Better Shu Kong CS, ICS, UCI Background: Scene

Pay Attention to the Pixel, Understand the Scene Better Shu Kong CS, ICS, UCI Background: Scene Parsing pixel level labeling semantic segmentation -- assigning a class label to each pixel wall painting pillow sofa cabinet

1.14k views • 80 slides
Einfhrung in Visual Computing Unit 18: Morphological Operations http://

Einfhrung in Visual Computing Unit 18: Morphological Operations http://

Einfhrung in Visual Computing Unit 18: Morphological Operations http:// www.caa.tuwien.ac.at/cvl/teaching/sommersemester/evc Content: Introduction Structuring Element Erosion Dilation Opening Closing Hit and

1.56k views • 87 slides
SVG Filters A Crash Course blur() brightness() contrast() grayscale()

SVG Filters A Crash Course blur() brightness() contrast() grayscale()

SVG Filters A Crash Course blur() brightness() contrast() grayscale() hue-rotate() invert() opacity() saturate() sepia() drop-shadow() url() filter: blur(6px);

1.02k views • 90 slides
h -polynomials of dilated lattice polytopes Katharina Jochemko KTH Stockholm Einstein

h -polynomials of dilated lattice polytopes Katharina Jochemko KTH Stockholm Einstein

h -polynomials of dilated lattice polytopes Katharina Jochemko KTH Stockholm Einstein Workshop Discrete Geometry and Topology, March 13, 2018 Lattice polytopes A set P R d is a lattice polytope if there are x 1 , . . . , x m Z d with

339 views • 33 slides

More recommend