securely migrate digital identities from a class pki to a
play

Securely Migrate Digital Identities from a Class PKI to a Blockchain - PowerPoint PPT Presentation

Dec 11, 2022 •352 likes •464 views

Securely Migrate Digital Identities from a Class PKI to a Blockchain Keywords : Certificate authority, Digital identity management, PKI, Blockchain Reading list: Bitcoin: A Peer-to-Peer Electronic Cash System https://bitcoin.org/bitcoin.pdf

  1. Securely Migrate Digital Identities from a Class PKI to a Blockchain Keywords : Certificate authority, Digital identity management, PKI, Blockchain

  2. Reading list: Bitcoin: A Peer-to-Peer Electronic Cash System https://bitcoin.org/bitcoin.pdf Greg Slepak on HTTPS, Identity and DNSChain: https://www.youtube.com/watch?v=W4faDEyHJeM Blockstack: A Global Naming and Storage System Secured by Blockchains https://www.usenix.org/node/196209

  3. Problems with the current class PKI ● Single point of failure One certificate authority can undermine the security of the whole system. ● Poor identity retention A single user can have multiple public keys. ● Expensive as f*ck An EV certificate at Symantec costs $995 / year.

  4. What is a blockchain? A blockchain is a ledger shared among all computers in a large P2P-network. The blockchain offers data storage which is append only! This is achieved by making it expensive to add a new block. In Bitcoin you need to find SHA2 2 (block header | n ) < 2 256 - k

  5. Identity on a blockchain (ID, public key) posted on the blockchain. All subsequent changes to the identity must be signed with the private key. ● The blockchain is distributed, no single point of failure! ● Only one key is valid at a time (the last key in the chain). ● No way for an adversary to replace a keypair without knowing the private key. > pip install blockstack

  6. Migrate an identity from a class PKI to a blockchain The first person to register an identity is considered to be the legitimate owner, similar to how DNS works. Problem I can hijack Google’s identity by posting (Google, my public key) to the blockchain. Solution Prove your identity with a certificate and a signature pinned on the blockchain.

  7. Migration process A blockchain truststore containing all CAs and their public keys is posted at the beginning of the blockchain. A client registers their identity by pinning a certificate on the blockchain. Certificates with extended validation needs to be confirmed by a CA.

  8. Make it secure ● Use the timestamp in the block header check for expiration. ● Bundle the certificate with an OCSP response to prove that the certificate is not revoked. ● Sign the transaction with the private key of the certificate to prove ownership. ● Require confirmation from a CA for EV certificates. ● Honour public key pins. ● Check if the CA signature of the certificate is valid using a blockchain truststore .

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Digital Identities, Social Engineering &amp; Mule Networks Dr Stephen Topliss, Vice President

Digital Identities, Social Engineering &amp; Mule Networks Dr Stephen Topliss, Vice President

Digital Identities, Social Engineering &amp; Mule Networks Dr Stephen Topliss, Vice President Product Strategy April 3 rd 2019 Digital Identities Building a Digital Identity Network Risk Based Authentication Events are processed in real

228 views • 22 slides
How to migrate to a new-age IT stack with KVM Present a method to migrate from traditional

How to migrate to a new-age IT stack with KVM Present a method to migrate from traditional

How to migrate to a new-age IT stack with KVM Present a method to migrate from traditional hypervisors to KVM Optimized process, using only open source tools Live demo: Migrate a Windows VM from VMware to KVM Q &amp; A

1.82k views • 17 slides
Safeguarded Digital Identities Loretta ANANIA, EC STOA Digital Sovereign Identity Workshop Why

Safeguarded Digital Identities Loretta ANANIA, EC STOA Digital Sovereign Identity Workshop Why

Safeguarded Digital Identities Loretta ANANIA, EC STOA Digital Sovereign Identity Workshop Why safeguards are needed IN EUROPE PRIVACY IS A FUNDAMENTAL RIGHT THAT THE EU TREATY ASSIGNS TO EACH INDIVIDUAL CITIZEN EC SUCCESS STORIES: MAKE

323 views • 4 slides
MIGRATE ALL THE THINGS! Better Drupal workflows, using Migrate Dave Vasilevsky

MIGRATE ALL THE THINGS! Better Drupal workflows, using Migrate Dave Vasilevsky

MIGRATE ALL THE THINGS! Better Drupal workflows, using Migrate Dave Vasilevsky vasi@evolvingweb.ca twitter.com/djvasi @vasi on drupal.org, github Our expertise, your digital DNA | evolvingweb.ca | @evolvingweb ABOUT ME Doing Drupal since

1.32k views • 90 slides
Migrate Getting it into Drupal andrew morton drewish@zivtech.com Migrate 2.0 Powerful

Migrate Getting it into Drupal andrew morton drewish@zivtech.com Migrate 2.0 Powerful

Migrate Getting it into Drupal andrew morton drewish@zivtech.com Migrate 2.0 Powerful object oriented framework for moving content into Drupal. Minimal UI, primarily code based. Steep learning curve (aka migraine module) but

1.07k views • 34 slides
Digital Security Learning Table Workshop: Strategies for Sharing Documents Securely Alice

Digital Security Learning Table Workshop: Strategies for Sharing Documents Securely Alice

Digital Security Learning Table Workshop: Strategies for Sharing Documents Securely Alice Aguilar, Executive Director Jamie McClelland, Technology Director Progressive Technology Project What tools are you using to share files? Where do you

355 views • 20 slides
Identities: Mirrors and Windows Our identities from our fingerprints and Facebook profile to

Identities: Mirrors and Windows Our identities from our fingerprints and Facebook profile to

Identities: Mirrors and Windows Our identities from our fingerprints and Facebook profile to our family trees fundamentally shape the ways that we think about, feel, and interact with the world. This neighborhood gives students the

657 views • 14 slides
Drupal Migrate D2D for Beginners - Let's dip our toes https://2015.midcamp.org/node/92 MidCamp

Drupal Migrate D2D for Beginners - Let's dip our toes https://2015.midcamp.org/node/92 MidCamp

Drupal Migrate D2D for Beginners - Let's dip our toes https://2015.midcamp.org/node/92 MidCamp 2015 Wilbur Ince @wylbur Triplo http://triplo.co Agenda Discuss Migrate and D2D Process Explore Wizard UI Drupal Migrate and D2D Why do I

909 views • 24 slides
Migrate early, migrate often! JDK release cadence strategies Dan Heidinga Theresa Mammarella

Migrate early, migrate often! JDK release cadence strategies Dan Heidinga Theresa Mammarella

Migrate early, migrate often! JDK release cadence strategies Dan Heidinga Theresa Mammarella Eclipse OpenJ9 Project Lead Eclipse OpenJ9 Software Developer Interpreter Lead, IBM Runtimes @t_mammarella @danheidinga theresa-m DanHeidinga Who

540 views • 33 slides
OA2 Overview and Site Planning Building collaboration sites to communicate securely, share assets

OA2 Overview and Site Planning Building collaboration sites to communicate securely, share assets

OA2 Overview and Site Planning Building collaboration sites to communicate securely, share assets &amp; accomplish work together online. John Studdard Managing Partner Big Couch Media Group Full service South Florida based Digital Agency To

314 views • 19 slides
Virtual Identities This lesson considers the extent to which people are able to create online,

Virtual Identities This lesson considers the extent to which people are able to create online,

Virtual Identities This lesson considers the extent to which people are able to create online, virtual identities, and whether these reflect real life identities On The Internet Nobody Knows You Are A Dog! This cartoon from the early days

458 views • 17 slides
Trig Identities An identity is an equation that is true for all values of the variables. Examples

Trig Identities An identity is an equation that is true for all values of the variables. Examples

Trig Identities An identity is an equation that is true for all values of the variables. Examples of identities might be obvious results like Elementary Functions Part 4, Trigonometry 2 x + 2 x = 4 x Lecture 4.8a, Trig Identities and

276 views • 6 slides
Digital Currencies Chris Head Digital Monetary Trust Trusted central authority

Digital Currencies Chris Head Digital Monetary Trust Trusted central authority

Digital Currencies Chris Head Digital Monetary Trust Trusted central authority Tamper-resistant cryptographic coprocessor Anonymity of account holders' identities Deposits backed by investments into securities Closed 2005

375 views • 14 slides
FEEDS UI + MIGRATE ENGINE = DREAM MIGRATIONS AND IMPORTS Work in progress Irina Zaks

FEEDS UI + MIGRATE ENGINE = DREAM MIGRATIONS AND IMPORTS Work in progress Irina Zaks

FEEDS UI + MIGRATE ENGINE = DREAM MIGRATIONS AND IMPORTS Work in progress Irina Zaks izaks@stanford.edu http://fibonacciwebstudio.com/ In this presentation Content migration tools for Drupal 8 in 2018 Comparison of Feeds and Migrate

670 views • 46 slides
CHAPTER 3: MIGRATION APHUG | BHS | Ms. Justice Key Question 3.3 Where do people migrate? Where

CHAPTER 3: MIGRATION APHUG | BHS | Ms. Justice Key Question 3.3 Where do people migrate? Where

CHAPTER 3: MIGRATION APHUG | BHS | Ms. Justice Key Question 3.3 Where do people migrate? Where Do People Migrate? Global Migration Flows Global-scale migration across international boundaries and between world regions Explorers

224 views • 19 slides
Units in quasigroups with Bol-Moufang type identities Natalia N. Didurik and Victor A.

Units in quasigroups with Bol-Moufang type identities Natalia N. Didurik and Victor A.

Introduction Units in quasigroups with classical Bol-Moufang identities Identities defining a CML Results Quasigroup based El Gamal Units in quasigroups with Bol-Moufang type identities Natalia N. Didurik and Victor A. Shcherbacov

472 views • 34 slides
MashSSL Quick Summary Siddharth Bajaj Ravi Ganesan VeriSign Inc. SafeMashups Inc.

MashSSL Quick Summary Siddharth Bajaj Ravi Ganesan VeriSign Inc. SafeMashups Inc.

MashSSL Quick Summary Siddharth Bajaj Ravi Ganesan VeriSign Inc. SafeMashups Inc. sbajaj@verisign.com ravi@safemashups.com www.verisign.com www.safemashups.com info@mashssl.org www.mashssl.org Outline Why do we need a new security

639 views • 17 slides
Post-quantum RSA We built a great, great 1-terabyte RSA wall, and we had the university pay for

Post-quantum RSA We built a great, great 1-terabyte RSA wall, and we had the university pay for

Post-quantum RSA We built a great, great 1-terabyte RSA wall, and we had the university pay for the electricity Daniel J. Bernstein Joint work with: Nadia Heninger Paul Lou Luke Valenta Post-quantum RSA Daniel J. Bernstein, Nadia Heninger,

788 views • 50 slides
Course Overview Dan Boneh Welcome Course objectives: Learn how crypto primitives work

Course Overview Dan Boneh Welcome Course objectives: Learn how crypto primitives work

Online Cryptography Course Dan Boneh Introduction Course Overview Dan Boneh Welcome Course objectives: Learn how crypto primitives work Learn how to use them correctly and reason about security My

961 views • 50 slides
Blockchain and Cryptoassets Alan Wunsche, MBA, CPA, CA, CBP Toronto, Canada November 15, 2018

Blockchain and Cryptoassets Alan Wunsche, MBA, CPA, CA, CBP Toronto, Canada November 15, 2018

Blockchain and Cryptoassets Alan Wunsche, MBA, CPA, CA, CBP Toronto, Canada November 15, 2018 OUR OBJECTIVE 1. Know Key Terms and Concepts 2. Understand Cryptoassets, Tokens Alan Wunsche 3. Highlight Regulatory Concerns CEO, TokenFunder 2

1.37k views • 43 slides
What is open source? Computer software where the source code is distributed under an open

What is open source? Computer software where the source code is distributed under an open

What is open source? Computer software where the source code is distributed under an open source license that allows anyone to study, change, improve and distribute the software. Promotes collaboration Community of developers

878 views • 16 slides
Security Protocols Part 9 SSL Protocol Recap Digital Certificate Authentication

Security Protocols Part 9 SSL Protocol Recap Digital Certificate Authentication

Security Protocols Part 9 SSL Protocol Recap Digital Certificate Authentication Integrity Non-repudiation CA (Certification Authority) Issue digital certificates (via digital signature) Publish/Distribute digital

491 views • 13 slides
EuroCamp A federated framework for secure videoconference Daniel Kouril, Michal Prochazka

EuroCamp A federated framework for secure videoconference Daniel Kouril, Michal Prochazka

EuroCamp A federated framework for secure videoconference Daniel Kouril, Michal Prochazka Acknowledgement This work is funded by CESNET Development Fund Masaryk University EuroCamp '08 - Stockholm 2 Outline Introduction

594 views • 23 slides
Document Document SHA256 SHA256

Document Document SHA256 SHA256

Document Document SHA256 SHA256 !$(@0 = !$(@0 !$(@0 (digest) (digest) (digest) Sign Verify K?WS0* (signature) (Modified) Document Document SHA256

843 views • 61 slides

More recommend