Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: privacy – Page 23

Distributed Objective Consensus: Beyond POW & POS

At the heart of Bitcoin or any Blockchain ledger is a distributed consensus mechanism. It’s a lot like voting. A large and diverse deliberative community validates each, individual user transaction, ownership stake or vote.

But a distributed consensus mechanism is only effective and faithful if the community is impartial. To be impartial, voters must be fairly separated. That is, there must be no collusion enabled by concentration or hidden collaboration. They must be separated from the buyer and seller; they must be separated from the big stakeholders; and they must be separated from each other. Without believable and measurable separation, all sorts of problems ensue. One problem that has made news in the Bitcoin word is the geographical concentration of miners and mining pools.

A distributed or decentralized transaction validation is typically achieved based on Proof-of-Work (POW) or Proof-of-Stake (POS). [explain]. But in practice, these methodologies exhibit subtle problems…

The problem is that Proof-of-Work can waste an enormous amount of energy and both techniques result in a concentration of power (either by geography or by special interest) — rather than a fair, distributed consensus.

In a quasi-formal paper, C.V. Alkan describes a fresh approach to Blockchain consensus. that he calls Distributed Objective Consensus. As you try to absorb his mechanism, you encounter concepts of Sybil attacks, minting inequality, the “nothing-at-stake” problem, punishment schemes and heartbeat transactions. Could Alkan’s distributed consensus mechanism be too complex for the public to understand or use?…

While I have a concern that time stamps and parent-child schemes may degrade user anonymity, the complexity doesn’t concern me. Alkan’s paper is a technical proposal for magic under the covers. Properly implemented, a buyer and seller (and even a miner) needn’t fully understand the science. The user interface to their wallet or financial statement would certainly be shielded from the underlying mechanics.

Put another way: You would not expect a user to understand the mechanism any more than an airline passenger understands the combustion process inside a jet engine. They only want to know:

• Does it work? • Is it safe? • Is it cost effective? • Will I get there on time?

So will Alkan’s Decentralized Objective Consensus solve the resource and concentration problems that creep into POW and POS? Perhaps. At first glance, his technical presentation appears promising. I will return to explore the impact on privacy and anonymity, which is my personal hot button. It is a critical component for long term success of any coin transaction system built on distributed consensus. That is, forensic access and analysis of a wallet or transaction audit trail must be impossible without the consent and participation of at least one party to a transaction.

Philip Raymond co-chairs CRYPSA and The Bitcoin Event. He is a Lifeboat board member, editor
at AWildDuck and will deliver the keynote address at Digital Currency Summit in Johannesburg.

Judge Rules That Unlocking Cellphones via Fingerprint Does Not Violate Constitutional Rights

Wow — hope that folks at Apple, Samsung, Motorola, etc. see this.

In response to an incident that lacked any relation to the last fingerprint-related news, a Minnesota court ruled against a recent Fifth Amendment appeal regarding device passwords. The Minnesota Court of Appeals ruled that ordering an individual to unlock a device with a fingerprint “is no more testimonial than furnishing a blood sample, providing handwriting or voice exemplars, standing in a lineup, or wearing particular clothing.”

The case in question involved Matthew Vaughn Diamond, a man Carver County District Court found guilty in 2015 of burglary and theft, among other crimes. Other news outlets cite arrest records from far before 2015, but the records showed no relevance to the January 2017 ruling. The Carver County District Court fought Diamond over his phone’s contents—he locked the phone with a fingerprint and refused to unlock the phone for the court. He argued, initially, that forcing his fingerprint violated both his Fourth and Fifth Amendment rights. However, the Minnesota Court of Appeals heard only the Fifth Amendment appeal.

According to the Fifth Amendment, compelled self-incrimination is a violation of human rights. “The Supreme Court has held that ‘a witness may have a reasonable fear of prosecution and yet be innocent of any wrongdoing. The privilege serves to protect the innocent who otherwise might be ensnared by ambiguous circumstances’.” Additionally, the “right to remain silent” from the Miranda Rights, read to an arrestee at the time of arrest, granted a suspect the ability to refuse questions. Additionally, at the minimum, gave suspects the right to avoid answering questions legally and without fear of immediate repercussions.

IARPA launching two programs aimed at making fingerprints more reliable biometrics

Intelligence Advanced Research Projects Activity (IARPA), the intelligence community’s research arm, will soon launch two programs designed to detect fake fingerprints and develop devices to collect fingerprint data without the aid of a human operator, according to a report by GCN.

The Odin program, which is scheduled to begin with four prime developers in early March, will develop detection technologies that can spot presentation attacks on biometric devices that attempt to spoof physical biometric samples, said Chris Boehnen, senior program manager at IARPA.

Boehnen said that prosthetic fingers, fake fingerprints made with wood glue and other tactics can dupe current fingerprint sensors.

Sci-fi medical clinic opens in San Francisco

Resembling something that looks more like an Apple store than a traditional doctor’s office, Forward proposes an entirely different approach to healthcare, with unlimited access to the clinic’s medical resources through a single monthly membership fee.

Upon arriving at a Forward clinic, members sign in on an iPad and enter a custom-designed body scanner. The device immediately processes a variety of biometric data which can be accessed by members through an app on their phone.

Things get even more futuristic when you move into the clinic’s exam rooms. Faced with a giant touch screen display on the wall integrating your medical history and recent biometric data, the doctor can discuss any imminent healthcare issues while an AI system monitors the conversation and instantly displays notes and suggested treatment plans.

Cryptographers Rally to NIST Call for Quantum Computer Algorithms

Has anyone besides NSA, NIST, DARPA, IARPA, etc. realize and thought about what type of cyber warfare will exist in a QC world? The skillsets alone will be so far advance than the techies that we have seen in most companies today as well as in most government agencies. Granted we’re simplifying things with the platform; however, skillsets will still need to be more advance than what we have seen with the standard techie.

Members of the cryptography community have expressed interest in the National Institute of Standards and Technology’s (NIST) recent call for an algorithm less susceptible to hacks from a computer that does not exist yet.

NIST announced a call for proposals for post-quantum cryptography standardization on Dec. 20. One or more of the proposed algorithms will ultimately replace some of NIST’s cryptographic standards that are most vulnerable to quantum computers. According to Dustin Moody, a mathematician at NIST, 40 people have joined the agency’s online cryptography forum since the call was announced two weeks ago. The forum had about 200 members before the call went out. Moody said that many people were anticipating the announcement, as cryptography enthusiasts tend to run in the same circles.

“Most people who are interested in the field already knew about it,” Moody said. “The call wasn’t a surprise.”

US Government Escalates Push for Post-Quantum Cryptography

Federal agencies of the US government are expanding their calls for quantum computing resistant encryption methods. In effect, the National Institute of Standards (NIST) recently announced a request for public-key post-quantum algorithms. This action follows warnings from the National Security Agency (NSA) about the risks of potential quantum-based cyberattacks and the NSA’s appeal for developing post-quantum algorithms.

Also read: New Developments in Quantum Computing Impact Bitcoin

Moreover, in the near future, it might possible for anyone to manipulate the awesome power of quantum computing. The astronomical price of a quantum computer would not be a limitation because, for example, IBM is offering to the general public quantum computing via the cloud.

Biometric Security Gains Popularity, But Is Far from Foolproof

Whenever cybersecurity is discussed, the topic of biometric authentication rises alongside it as a better, more effective, more secure method of security. But is it? Do biometrics actually provide a safer way to complete purchase transactions online?

“Biometrics are a device-specific authentication method,” said Madeline Aufseeser, CEO of online fraud prevention company Tender Armor, of the ways biometric authentication is presently used to secure a digital purchase transaction (as opposed to logging into a bank’s web site, to view an account or transfer money). “Typically the same biometric method does not work across multiple purchasing channels today. The fingerprint used to make a purchase with a smartphone cannot necessarily be used to authenticate a phone order purchase or purchase made with a computer. When you confirm [a purchase transaction] with your fingerprint on a smartphone, all that’s saying is that’s the same fingerprint that’s allowed to use this phone, or the specific application on the phone. Because the fingerprint is only resident and stored on the phone, the phone is authenticating itself, not the cardholder conducting the transaction.”

This sounds a little odd compared to what we might have heard about the capabilities of biometrics previously, mainly because it goes against a core assumption: that a biometric identifier (like a fingerprint) goes with transactional data, from the phone or device, to the payment processor, to the merchant.

Edward Snowden will discuss Trump & privacy: Nov 10th

Tune in tomorrow (Thursday, Nov 10, 2016) at 4:30PM Eastern. Find out what Edward Snowden has to say on the future of the US. [Source: StartPage via Engadget]

American technology policies could change significantly under Donald Trump, and that includes its stance on privacy. How will the new leader alter government surveillance, for example? Edward Snowden might have an answer. The whistleblower and Dutch search engine StartPage are hosting a live event on November 10th at 4:30PM Eastern to address what happens to privacy in the Trump era, among other questions. Snowden speaking engagements are nothing new, but this is special — he’s more than a little familiar with government spying activities, and this is his first chance to opine on how things might be different under a new administration.

Snowden hasn’t said much of anything about the subject as of this writing. However, Trump doesn’t exactly have a stellar record on internet privacy so far. He has proposed reauthorizing the Patriot Act and the previous, less restrained NSA mass surveillance that took place while the Act was in force. He tends to “err on the side of security” over privacy, even if he’s not especially fond of it. As such, Snowden probably won’t have many kind things to say. He’s in favor of more privacy wherever possible, and that could easily put him at greater odds with the US government than he is now.

/* */