coconut threshold issuance selective disclosure
play

Coconut: Threshold Issuance Selective Disclosure Credentials with - PowerPoint PPT Presentation

May 15, 2023 •33 likes •553 views

Coconut: Threshold Issuance Selective Disclosure Credentials with Applications to Distributed Ledgers Authors Alberto Sonnino* Mustafa Al-Bassam* Shehar Bano* Sarah Meiklejohn* George Danezis* * University College London February 2019 The

  1. Coconut: Threshold Issuance Selective Disclosure Credentials with Applications to Distributed Ledgers Authors Alberto Sonnino* Mustafa Al-Bassam* Shehar Bano* Sarah Meiklejohn* George Danezis* * University College London February 2019

  2. The Authors Alberto Sonnino Mustafa Al-Bassam Bano Shehar Sarah Meiklejohn George Danezis � 2

  3. Challenges in blockchains Strong integrity Poor privacy � 3

  4. Challenges in blockchains Strong integrity Poor privacy send it to the blockchain write the contract anyone can verify � 4

  5. Challenges in blockchains Can we issue credentials in this setting? send it to the blockchain write the contract anyone can verify � 5

  6. What are we trying to do? • Issuing credentials through smart contracts write the contract … while preserving privacy � 6

  7. What are we trying to do? • Issuing credentials through smart contracts write the contract some attributes … while preserving privacy � 7

  8. What are we trying to do? • Issuing credentials through smart contracts write the contract credentials some attributes … while preserving privacy � 8

  9. What are we trying to do? • Issuing credentials through smart contracts another contract credentials … while preserving privacy � 9

  10. What are we trying to do? • Why is it hard? Attributes & signing key should be secret transactions are recorded on chain Credentials showing should be unlinkable In a decentralised setting � 10

  11. What are we trying to do? • Why is it hard? attributes & signing key should be secret transactions are recorded on chain Credentials showing should be unlinkable In a decentralised setting � 11

  12. What are we trying to do? • Why is it hard? attributes & signing key should be secret transactions are recorded on chain credentials showing should be unlinkable In a decentralised setting � 12

  13. Introduction • Which properties do we need? Blindness Unlinkability Threshold Authority Authorities Non- Efficiency Interactivity � 13

  14. Introduction • Which properties do we need? Blindness Unlinkability Threshold Authority Authorities Non- Efficiency Interactivity � 14

  15. Introduction • Which properties do we need? Blindness Unlinkability Threshold Authority Authorities Non- Efficiency Interactivity � 15

  16. Introduction • Which properties do we need? Blindness Unlinkability Threshold Authority Authorities Non- Efficiency Interactivity � 16

  17. Introduction • Which properties do we need? Blindness Unlinkability Threshold Authority Authorities Non- Efficiency Interactivity � 17

  18. Introduction • Which properties do we need? Blindness Unlinkability Threshold Authority Authorities Non- Efficiency Interactivity � 18

  19. So we built Coconut � 19

  20. Introduction • What is Coconut? Contribution I Coconut credentials scheme Contribution II Coconut smart contract library & example of applications � 20

  21. Introduction • What is Coconut? Contribution I Coconut credentials scheme Contribution II Coconut smart contract library & example of applications � 21

  22. Introduction • What is Coconut? Contribution I Coconut credentials scheme Contribution II Coconut smart contract library & example of applications � 22

  23. System Overview • How does Coconut work? request À Ã Õ Œ œ – — � issue À Ã Õ Œ œ – — � aggregate & À Ã Õ Œ œ – — � randomize show À Ã Õ Œ œ – — � authorities � 23

  24. System Overview • How does Coconut work? request À Ã Õ Œ œ – — � issue À Ã Õ Œ œ – — � aggregate & À Ã Õ Œ œ – — � randomize show À Ã Õ Œ œ – — � authorities � 24

  25. System Overview • How does Coconut work? request À Ã Õ Œ œ – — � issue À Ã Õ Œ œ – — � aggregate & À Ã Õ Œ œ – — � randomize show À Ã Õ Œ œ – — � authorities � 25

  26. System Overview • How does Coconut work? request À Ã Õ Œ œ – — � issue À Ã Õ Œ œ – — � aggregate & À Ã Õ Œ œ – — � randomize show À Ã Õ Œ œ – — � authorities � 26

  27. System Overview • How does Coconut work? request À Ã Õ Œ œ – — � issue À Ã Õ Œ œ – — � aggregate & À Ã Õ Œ œ – — � randomize show À Ã Õ Œ œ – — � authorities � 27

  28. System Overview • Threshold authorities t n Users need to collect authorities only t shares � 28 OpenSSL Pri

  29. System Overview • Threshold authorities honest authorities t n Users need to collect authorities only t shares � 29 OpenSSL Pri

  30. Coconut Credentials Scheme • From where do coconuts come from? Coconut PS Signatures BLS Signatures � 30

  31. Coconut Credentials Scheme • From where do coconuts come from? Coconut PS Signatures BLS Signatures • What do they look like? take an attribute: m m m compute: ( ) h H H ( ( c c m ) ) h h H c m m + x x + + m m y h x my y ) signature: ( ) & secret key: ( ( ( x y ) ) ) ( ( h ) x y h h , , h h x , , y σ σ σ , , � 31

  32. Coconut Credentials Scheme • Communication protocol user authority verifier i i i À Ã Õ Œ œ – — � ( Λ , φ ) repeat times t À Ã Õ Œ œ – — � ( ˜ σ i ) À Ã Õ Œ œ – — � ( Θ , φ � ) � 32

  33. Coconut Smart Contract Library • General purpose library contract info contract info À Ã Õ Œ œ – — � À Ã Õ Œ œ – — � create attributes attributes À Ã Õ Œ œ – — � À Ã Õ Œ œ – — � request credentials À Ã Õ Œ œ – — � issue credentials À Ã Õ Œ œ – — � authorities credentials À Ã Õ Œ œ – — � verify Ledger � 33

  34. Applications • Privacy-preserving petitions proof of identity À Ã Õ Œ œ – — � happens citizen authorities credentials À Ã Õ Œ œ – — � only once À Ã Õ Œ œ – — � sign petition happens every create petition petition À Ã Õ Œ œ – — � vote campaign creator Ledger � 34

  35. Performance • What is out there? The Coconut Smart contract library cryptographic library Python & Timing & benchmark Everything is released as open source software Applications https://github.com/asonnino/coconut Coin tumbler E-Petition (CRD proxy distribution ) � 35

  36. Performance • What is out there? The Coconut Smart contract library cryptographic library Python & Timing & benchmark Everything is released as open source software Applications https://github.com/asonnino/coconut Coin tumbler E-Petition (CRD proxy distribution ) � 36

  37. Performance • What is out there? The Coconut Smart contract library cryptographic library Python & Timing & benchmark Everything is released as open source software Applications https://github.com/asonnino/coconut Coin tumbler E-Petition (CRD proxy distribution ) � 37

  38. Performance • What is out there? The Coconut Smart contract library cryptographic library Python & Timing & benchmark Everything is released as open source software Applications https://github.com/asonnino/coconut Coin tumbler E-Petition (CRD proxy distribution ) � 38

  39. Performance • What is out there? The Coconut Smart contract library cryptographic library Python & Timing & benchmark Everything is released as open source software Applications https://github.com/asonnino/coconut Coin tumbler E-Petition (CRD proxy distribution ) � 39

  40. Performance • How fast is Coconut? σ 2 [ms] √ Operation µ [ms] PrepareBlindSign 2.633 ± 0.003 sign BlindSign 3.356 ± 0.002 Unblind ± 0.002 0.445 AggCred ± 0.000 0.454 ProveCred 1.544 ± 0.001 verify VerifyCred ± 0.002 10.497 signing is fast, verifying takes 10ms � 40

  41. Performance • What is the size of the credentials? 2 Group Elements No matter how many attributes… No matter how many authorities… � 41

  42. Performance • How does Coconut scale? Number of authorities: n , Signature size: 132 bytes Transaction complexity size [B] Signature on public attribute: O ( n ) request credential 32 O ( n ) À issue credential 132 O ( 1 ) Ã verify credential 162 Signature on private attribute: O ( n ) issue request credential 516 O ( n ) À issue credential 132 O ( 1 ) Ã verify credential 355 verify Signing scales linearly, verifying is constant time � 42

  43. Performance • Did you evaluate it in the real world? server client pick 10 locations across the world � 43

  44. Performance • Did you evaluate it in the real world? 600 Public attribute Private attribute 500 400 Client Latency [ms] 300 200 100 0 1 2 3 4 5 6 7 8 9 10 Threshold parameter client latency VS number of authorities � 44

  45. Performance • Did you evaluate it in the real world? Tokyo & Sidney 600 Public attribute Private attribute 500 400 Client Latency [ms] 300 200 100 Europe (close to client) 0 1 2 3 4 5 6 7 8 9 10 Threshold parameter client latency VS number of authorities � 45

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Texas Instruments & RFAB TI Information Selective Disclosure TI Information Selective

Texas Instruments & RFAB TI Information Selective Disclosure TI Information Selective

Texas Instruments & RFAB TI Information Selective Disclosure TI Information Selective Disclosure TI Information Selective Disclosure 2015 Corporate Citizenship Report Past 10 years Read more at TI.com/CCR TI Information

495 views • 13 slides
Bond Issuance, Muni A Bond Issuance, Muni Advisor R visor Rule and le and Continuing Disclosure

Bond Issuance, Muni A Bond Issuance, Muni Advisor R visor Rule and le and Continuing Disclosure

Bond Issuance, Muni A Bond Issuance, Muni Advisor R visor Rule and le and Continuing Disclosure Continuing Disclosure Presenters: Lawrence Flynn Walter Goldsmith Topics for Discussion Continuing Disclosure - Background and post-MCDC

364 views • 20 slides
why Ecos? A Better Coconut Water 1. Fresher Taste & Aroma : natural young Thai coconut

why Ecos? A Better Coconut Water 1. Fresher Taste & Aroma : natural young Thai coconut

why Ecos? A Better Coconut Water 1. Fresher Taste & Aroma : natural young Thai coconut water has a more robust flavor and aroma compared to older coconut water from Brazil, Indonesia or the Philippines. Ecos coconuts come from the

669 views • 5 slides
Cooperative Data Analysis in Supply Chains Using Selective Information Disclosure JRG LSSIG 1

Cooperative Data Analysis in Supply Chains Using Selective Information Disclosure JRG LSSIG 1

Cooperative Data Analysis in Supply Chains Using Selective Information Disclosure JRG LSSIG 1 AND MICHAEL HAHSLER 2 1 University of Applied Sciences Zittau/Grlitz, Germany 2 Southern Methodist University, Dallas, Texas INFORMS Computing

395 views • 17 slides
PIV Token Issuance PIV Token Issuance Ketan Mehta Mehta_Ketan@bah.com October 6, 2004 1

PIV Token Issuance PIV Token Issuance Ketan Mehta Mehta_Ketan@bah.com October 6, 2004 1

PIV Token Issuance PIV Token Issuance Ketan Mehta Mehta_Ketan@bah.com October 6, 2004 1 Agenda Agenda Definition and Purpose Issuance Process Token Issuance Authority Requirements Token Personalization Requirements

324 views • 13 slides
Edera at Coconut Point Edera at Coconut Point Working Team 13TH FLOOR DEVELOPER JOE MCHARRIS

Edera at Coconut Point Edera at Coconut Point Working Team 13TH FLOOR DEVELOPER JOE MCHARRIS

Edera at Coconut Point Edera at Coconut Point Working Team 13TH FLOOR DEVELOPER JOE MCHARRIS ALBERT CORDOVES ARCHITECTURE McHarris Planning & Design Corwil Architects LANDSCAPE GREG DISERIO ARCHITECTURE David M. Jones, Jr. &

643 views • 53 slides
Coconut Sweetening Process Coconut Sweetening Process Elizabeth Casey Justin Dillingham Mohd

Coconut Sweetening Process Coconut Sweetening Process Elizabeth Casey Justin Dillingham Mohd

Coconut Sweetening Process Coconut Sweetening Process Elizabeth Casey Justin Dillingham Mohd Hussain Brady Stewart BAE 4022 Spring 2006 About Griffin Food Company About Griffin Food Company Founded in Muskogee, OK in 1908 by John

504 views • 22 slides
Watershed Below TMDL Threshold At TMDL Threshold Above TMDL Threshold Water Quality Overview

Watershed Below TMDL Threshold At TMDL Threshold Above TMDL Threshold Water Quality Overview

Nantucket Harbor Watershed Below TMDL Threshold At TMDL Threshold Above TMDL Threshold Water Quality Overview Routine monitoring: June-September. Water quality, dissolved oxygen, algae, eelgrass. Work with State agencies to

631 views • 19 slides
Coconut Bliss THERE ARE MANY WAYS TO ACHIEVE BLISS WE USE COCONUTS. Luna & Larry Old

Coconut Bliss THERE ARE MANY WAYS TO ACHIEVE BLISS WE USE COCONUTS. Luna & Larry Old

Coconut Bliss THERE ARE MANY WAYS TO ACHIEVE BLISS WE USE COCONUTS. Luna & Larry Old School Quality The Evolution of Ice Cream A simple concept that met a growing need Coconut Milk based Ice Cream, sweetened with Agave Syrup

504 views • 14 slides
Changes to the Commercial Building Disclosure Program www.cb .cbd.gov.a .au On 1 July 2017,

Changes to the Commercial Building Disclosure Program www.cb .cbd.gov.a .au On 1 July 2017,

Changes to the Commercial Building Disclosure Program www.cb .cbd.gov.a .au On 1 July 2017, the mandatory disclosure threshold on commercial office buildings and office spaces will be lowered from 2000m 2 to 1000m 2 . Information on the CBD

343 views • 9 slides
Threshold Implementations Svetla Nikova Threshold Implementations A provably secure

Threshold Implementations Svetla Nikova Threshold Implementations A provably secure

Threshold Implementations Svetla Nikova Threshold Implementations A provably secure countermeasure Against (first) order power analysis based on multi party computation and secret sharing 2 Outline Threshold Implementations

990 views • 58 slides
MUNICIPAL DEBT ISSUANCE FUNDAMENTALS SESSION 1: THE PATH TO ISSUANCE SEPTEMBER 9, 2020 Jay

MUNICIPAL DEBT ISSUANCE FUNDAMENTALS SESSION 1: THE PATH TO ISSUANCE SEPTEMBER 9, 2020 Jay

MUNICIPAL DEBT ISSUANCE FUNDAMENTALS SESSION 1: THE PATH TO ISSUANCE SEPTEMBER 9, 2020 Jay Goldstone, Former Chief Operating Officer and Chief Financial Officer, City of San Diego Steve Heaney, Former Co-Head Municipal Securities Group, Stifel

744 views • 49 slides
Fair Trade & Organic Farming Organic Coconut Sap Sugar Chocolate 1 6/10/2014 FF I.

Fair Trade & Organic Farming Organic Coconut Sap Sugar Chocolate 1 6/10/2014 FF I.

6/10/2014 Fair Trade & Organic Farming Organic Coconut Sap Sugar Chocolate 1 6/10/2014 FF I. Introduction to Coconut Sap Sugar II. Stages of Production - Video III. Health Benefits IV. Economics V. Chocolates VI. Opportunities

386 views • 11 slides
STEPS FOR REPORTING DEBT ISSUANCE TO CDIAC: REPORT OF PROPOSED DEBT ISSUANCE (RPDI) & REPORT

STEPS FOR REPORTING DEBT ISSUANCE TO CDIAC: REPORT OF PROPOSED DEBT ISSUANCE (RPDI) & REPORT

STEPS FOR REPORTING DEBT ISSUANCE TO CDIAC: REPORT OF PROPOSED DEBT ISSUANCE (RPDI) & REPORT OF FINAL SALE (RFS) WILL BEGIN SOON Upcoming CDIAC Events MARCH 17-19, 2015 DATE AND LOCATIONTO BE ANNOUNCED Municipal Debt Essentials

486 views • 17 slides
Threshold resummation far from threshold GGI, Firenze, September 7 th , 2011 Giovanni Ridolfi

Threshold resummation far from threshold GGI, Firenze, September 7 th , 2011 Giovanni Ridolfi

Threshold resummation far from threshold GGI, Firenze, September 7 th , 2011 Giovanni Ridolfi Universit` a di Genova and INFN Genova, Italy Plan of the talk: 1. When is threshold resummation relevant? 2. Ambiguities in resummed results

939 views • 69 slides
Item 4. ESER 2010 Final Issuance and ESER 2014 2 nd Issuance 1 Earthquake Safety and Emergency

Item 4. ESER 2010 Final Issuance and ESER 2014 2 nd Issuance 1 Earthquake Safety and Emergency

Item 4. ESER 2010 Final Issuance and ESER 2014 2 nd Issuance 1 Earthquake Safety and Emergency Response (ESER) 2010 and 2014 General Obligation Bond Programs Presentation to the Capital Planning Committee February 22, 2016 PSB: West faade

234 views • 10 slides
Fitness Comparison by Statistical Testing in Construction of SAT-Based Guess-and-Determine

Fitness Comparison by Statistical Testing in Construction of SAT-Based Guess-and-Determine

Fitness Comparison by Statistical Testing in Construction of SAT-Based Guess-and-Determine Cryptographic Attacks Artem Pavlenko, Maxim Buzdalov, Vladimir Ulyantsev GECCO 2019, July 16 Symmetric cryptography Alice wants to send a secret

715 views • 44 slides
ENCRYPTION WITHOUT MAGIC, RISK MANAGEMENT WITHOUT PAIN #qconlondon @vixentael @vixentael

ENCRYPTION WITHOUT MAGIC, RISK MANAGEMENT WITHOUT PAIN #qconlondon @vixentael @vixentael

ENCRYPTION WITHOUT MAGIC, RISK MANAGEMENT WITHOUT PAIN #qconlondon @vixentael @vixentael Product Engineer Feel free to reach me with security questions. I do check my inbox :) CRYPTOGRAPHY? Blowfish Twofish Rabbit Salsa20 AES OFB

1.03k views • 69 slides
Cryptography for Cloud Security Mohsen Toorani Department of Informatics, University of Bergen

Cryptography for Cloud Security Mohsen Toorani Department of Informatics, University of Bergen

Cryptography for Cloud Security Mohsen Toorani Department of Informatics, University of Bergen Simula@UiB Coins Winter School Finse, Norway May 12, 2017 Mohsen Toorani Cryptography for Cloud Security Finse Winter School 2017 1 / 58 Our

1.39k views • 82 slides
Sample or Random Security A Security Model for Segment-Based Visual Cryptography Sebastian

Sample or Random Security A Security Model for Segment-Based Visual Cryptography Sebastian

Sample or Random Security A Security Model for Segment-Based Visual Cryptography Sebastian Pape Dortmund Technical University March 5th, 2014 Financial Cryptography and Data Security 2014 Sebastian Pape Sample or Random Security March

541 views • 25 slides
Analysis of cryptographic hash functions Christina Boura SECRET Project-Team, INRIA

Analysis of cryptographic hash functions Christina Boura SECRET Project-Team, INRIA

Analysis of cryptographic hash functions Christina Boura SECRET Project-Team, INRIA Paris-Rocquencourt Gemalto, France Ph.D. Defense December 7, 2012 1 / 43 Symmetric key cryptography Alice and Bob share the same secret key . Key Ciphertext

1.17k views • 59 slides
Jasmin: High-Assurance and High-Speed Cryptography Jos Bacelar Almeida Manuel Barbosa Gilles

Jasmin: High-Assurance and High-Speed Cryptography Jos Bacelar Almeida Manuel Barbosa Gilles

Jasmin: High-Assurance and High-Speed Cryptography Jos Bacelar Almeida Manuel Barbosa Gilles Barthe Arthur Blot Benjamin Grgoire Vincent Laporte Tiago Oliveira Hugo Pacheco Benedick Schmidt Pierre-Yves Strub CCS17 2017-11-02

440 views • 31 slides
Consultative Committee for Photometry and Radiometry CCPR Dr Takashi USUDA CCPR President and

Consultative Committee for Photometry and Radiometry CCPR Dr Takashi USUDA CCPR President and

Consultative Committee for Photometry and Radiometry CCPR Dr Takashi USUDA CCPR President and CIPM member (NMIJ Japan) 25 th meeting of the CGPM Scope of the CCPR Consultative Committee for Photometry Describes the

420 views • 9 slides
Coordinator: Technikon Forschungs- und Planungsgesellschaft mbH coordination@futuretpm.com

Coordinator: Technikon Forschungs- und Planungsgesellschaft mbH coordination@futuretpm.com

The FutureTPM project has received funding from the European Unions Horizon 2020 research and innovation programme under grant agreement No 779391. Coordinator: Technikon Forschungs- und Planungsgesellschaft mbH coordination@futuretpm.com

495 views • 15 slides

More recommend