In the near future, privacy-preserving authentication methods will flood the market, and they will be based on Zero-Knowledge Proofs. IBM and Microsoft invested in these solutions many years ago.
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare NelsonSSIMeetup
This talk will introduce Zero-Knowledge Proofs (ZKPs) and explain why they are a key element in a growing number of privacy-preserving, digital-identity platforms. Clare will provide basic illustrations of ZKPs and leave the necessary mathematics foundations to the readers.
After this talk you will understand that there is a variety of ZKPs, it’s still early days, and why ZKP is such a perfect tool for digital identity platforms. This talk includes significant updates from the newly-organized ZKProof Standardization organization plus a signal of maturity: one of the first known ZKP vulnerabilities.
Clare will explain why ZKPs are so powerful, and why they are building blocks for a range of applications including privacy-preserving cryptocurrency such as Zcash, Ethereum, Artificial Intelligence, and older versions of Trusted Platform Modules (TPMs). The presentation includes many backup slides for future learning and researching, including four slides of references.
According to Matthew Green, Zero-Knowledge Proofs are the most powerful tool cryptographers have ever devised. Find out why. Find out how ZKPs apply to identity proofing and authentication.
Zero Knowledge Proofs: What they are and how they workAll Things Open
Title: Zero Knowledge Proofs: What they are and how they work
Presented at All Things Open 2022
Presented by Jim Zhang
Abstract: Have you ever wanted to convince the security guard at the bar that you are over the legal drinking age, but didn’t want to tell them how old you are? Use a zero knowledge proof! Zero knowledge proofs (or ZKPs) are a powerful cryptographic technology that are being used to build privacy-preserving blockchains, next-generation digital identities, and many other things. Come and learn more about what Zero Knowledge Proofs are and how they work.
Verifiable Credentials, Self Sovereign Identity and DLTs Vasiliy Suvorov
My talk from Crypto Valley Conference 2018 on emerging standards in Self-Sovereign Identity, Technology behind it, Overview of implementations and how to use it with blockchain and DLT systems.
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare NelsonSSIMeetup
This talk will introduce Zero-Knowledge Proofs (ZKPs) and explain why they are a key element in a growing number of privacy-preserving, digital-identity platforms. Clare will provide basic illustrations of ZKPs and leave the necessary mathematics foundations to the readers.
After this talk you will understand that there is a variety of ZKPs, it’s still early days, and why ZKP is such a perfect tool for digital identity platforms. This talk includes significant updates from the newly-organized ZKProof Standardization organization plus a signal of maturity: one of the first known ZKP vulnerabilities.
Clare will explain why ZKPs are so powerful, and why they are building blocks for a range of applications including privacy-preserving cryptocurrency such as Zcash, Ethereum, Artificial Intelligence, and older versions of Trusted Platform Modules (TPMs). The presentation includes many backup slides for future learning and researching, including four slides of references.
According to Matthew Green, Zero-Knowledge Proofs are the most powerful tool cryptographers have ever devised. Find out why. Find out how ZKPs apply to identity proofing and authentication.
Zero Knowledge Proofs: What they are and how they workAll Things Open
Title: Zero Knowledge Proofs: What they are and how they work
Presented at All Things Open 2022
Presented by Jim Zhang
Abstract: Have you ever wanted to convince the security guard at the bar that you are over the legal drinking age, but didn’t want to tell them how old you are? Use a zero knowledge proof! Zero knowledge proofs (or ZKPs) are a powerful cryptographic technology that are being used to build privacy-preserving blockchains, next-generation digital identities, and many other things. Come and learn more about what Zero Knowledge Proofs are and how they work.
Verifiable Credentials, Self Sovereign Identity and DLTs Vasiliy Suvorov
My talk from Crypto Valley Conference 2018 on emerging standards in Self-Sovereign Identity, Technology behind it, Overview of implementations and how to use it with blockchain and DLT systems.
Scaling Ethereum using Zero-Knowledge ProofsHyojun Kim
Introduces the way how ZKPs can be used to scale Ethereum blockchains.
— What is Zero-Knowledge Proof?
— zk-SNARKs and Succinctness
— Layer-2 Scalability using zk-SNARKs
— Using SNARK on Ethereum
— Going Future: zk-STARKs
We're hiring! abr.ge/ueaerh
This talk will introduce Zero-Knowledge Proofs (ZKPs) and explain why they are a key element in a growing number of privacy-preserving, digital-identity platforms. Clare will provide basic illustrations of ZKPs and leave the necessary mathematics foundations to the readers.
After this talk you will understand that there is a variety of ZKPs, it’s still early days, and why ZKP is such a perfect tool for digital identity platforms. This talk includes significant updates from the newly-organized ZKProof Standardization organization plus a signal of maturity: one of the first known ZKP vulnerabilities.
Clare will explain why ZKPs are so powerful, and why they are building blocks for a range of applications including privacy-preserving cryptocurrency such as Zcash, Ethereum, Artificial Intelligence, and older versions of Trusted Platform Modules (TPMs). The presentation includes many backup slides for future learning and researching, including four slides of references.
Overview and clarification of blockchain on following respects: what blockchain is, when it appeared, how it works, who designed/develops it, what it can achieve?
Author : Dr Christian Cachin, IBM
Understanding Proof of Work (PoW) and Proof of Stake (PoS) AlgorithmsGautam Anand
We will focus on understanding "Proof of Stake (PoS)" Algorithm, how it different from "Proof of Work" algorithm, the performance benefits and security overview. We will also discuss the upcoming blockchain protocols that are planning to move to PoS.
A short introduction to cryptography. What is public and private key cryptography? What is a Caesar Cipher and how do we decrypt it? How does RSA work?
Paper: https://eprint.iacr.org/2022/1355
Plonk is a widely used succinct non-interactive proof system that uses univariate polynomial commitments. Plonk is quite flexible: it supports circuits with low-degree ``custom'' gates as well as circuits with lookup gates (a lookup gate ensures that its input is contained in a predefined table). For large circuits, the bottleneck in generating a Plonk proof is the need for computing a large FFT.
In this work, the authors present HyperPlonk, an adaptation of Plonk to the boolean hypercube, using multilinear polynomial commitments. HyperPlonk retains the flexibility of Plonk but provides several additional benefits. First, it avoids the need for an FFT during proof generation. Second, and more importantly, it supports custom gates of much higher degree than Plonk without harming the running time of the prover. Both of these can dramatically speed up the prover's running time. Since HyperPlonk relies on multilinear polynomial commitments, the authors revisit two elegant constructions: one from Orion and one from Virgo. The authors also show how to reduce the Orion opening proof size to less than 10kb (an almost factor 1000 improvement) and show how to make the Virgo FRI-based opening proof simpler and shorter.
A project which implements the Elliptic Curve Cryptography for the Diffie-Hellman keys exchange, in order to establish a secure channel between two Android devices.
Introduction to Public Key InfrastructureTheo Gravity
Adonis Fung and I worked on a project where we defined and built PKI (Public Key Infrastructure) for our local development and deployed environments. I gave a talk to our engineers on how PKI works, covering encryption, signing, trust stores, and how the HTTPS handshake works.
For a college course -- CNIT 141: Cryptography for Computer Networks, at City College San Francisco
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
Presentation for September 2017 ISC2 Security Congress
Biometric Recognition for Multi-Factor Authentication
- Biological and Behavioral Biometrics
- Benefits and Issues
- What Every CISO Should Know
- Laws, Standards, and Guidelines
- How to Measure Biometric Recognition
- Attack Vectors
- Multimodal Biometric Recognition
- Continuous Authentication with Biometrics
- Face ID Update
- The Future
Scaling Ethereum using Zero-Knowledge ProofsHyojun Kim
Introduces the way how ZKPs can be used to scale Ethereum blockchains.
— What is Zero-Knowledge Proof?
— zk-SNARKs and Succinctness
— Layer-2 Scalability using zk-SNARKs
— Using SNARK on Ethereum
— Going Future: zk-STARKs
We're hiring! abr.ge/ueaerh
This talk will introduce Zero-Knowledge Proofs (ZKPs) and explain why they are a key element in a growing number of privacy-preserving, digital-identity platforms. Clare will provide basic illustrations of ZKPs and leave the necessary mathematics foundations to the readers.
After this talk you will understand that there is a variety of ZKPs, it’s still early days, and why ZKP is such a perfect tool for digital identity platforms. This talk includes significant updates from the newly-organized ZKProof Standardization organization plus a signal of maturity: one of the first known ZKP vulnerabilities.
Clare will explain why ZKPs are so powerful, and why they are building blocks for a range of applications including privacy-preserving cryptocurrency such as Zcash, Ethereum, Artificial Intelligence, and older versions of Trusted Platform Modules (TPMs). The presentation includes many backup slides for future learning and researching, including four slides of references.
Overview and clarification of blockchain on following respects: what blockchain is, when it appeared, how it works, who designed/develops it, what it can achieve?
Author : Dr Christian Cachin, IBM
Understanding Proof of Work (PoW) and Proof of Stake (PoS) AlgorithmsGautam Anand
We will focus on understanding "Proof of Stake (PoS)" Algorithm, how it different from "Proof of Work" algorithm, the performance benefits and security overview. We will also discuss the upcoming blockchain protocols that are planning to move to PoS.
A short introduction to cryptography. What is public and private key cryptography? What is a Caesar Cipher and how do we decrypt it? How does RSA work?
Paper: https://eprint.iacr.org/2022/1355
Plonk is a widely used succinct non-interactive proof system that uses univariate polynomial commitments. Plonk is quite flexible: it supports circuits with low-degree ``custom'' gates as well as circuits with lookup gates (a lookup gate ensures that its input is contained in a predefined table). For large circuits, the bottleneck in generating a Plonk proof is the need for computing a large FFT.
In this work, the authors present HyperPlonk, an adaptation of Plonk to the boolean hypercube, using multilinear polynomial commitments. HyperPlonk retains the flexibility of Plonk but provides several additional benefits. First, it avoids the need for an FFT during proof generation. Second, and more importantly, it supports custom gates of much higher degree than Plonk without harming the running time of the prover. Both of these can dramatically speed up the prover's running time. Since HyperPlonk relies on multilinear polynomial commitments, the authors revisit two elegant constructions: one from Orion and one from Virgo. The authors also show how to reduce the Orion opening proof size to less than 10kb (an almost factor 1000 improvement) and show how to make the Virgo FRI-based opening proof simpler and shorter.
A project which implements the Elliptic Curve Cryptography for the Diffie-Hellman keys exchange, in order to establish a secure channel between two Android devices.
Introduction to Public Key InfrastructureTheo Gravity
Adonis Fung and I worked on a project where we defined and built PKI (Public Key Infrastructure) for our local development and deployed environments. I gave a talk to our engineers on how PKI works, covering encryption, signing, trust stores, and how the HTTPS handshake works.
For a college course -- CNIT 141: Cryptography for Computer Networks, at City College San Francisco
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
Presentation for September 2017 ISC2 Security Congress
Biometric Recognition for Multi-Factor Authentication
- Biological and Behavioral Biometrics
- Benefits and Issues
- What Every CISO Should Know
- Laws, Standards, and Guidelines
- How to Measure Biometric Recognition
- Attack Vectors
- Multimodal Biometric Recognition
- Continuous Authentication with Biometrics
- Face ID Update
- The Future
-
As German defense minister, Ursula von der Leyen can attest, fingerprints can be hacked. So can facial and other biometrics. Why, then, is biometric-based authentication so fashionable? Why did one of the largest insurance companies just announce it is rolling out fingerprint and facial recognition for its customers (while it uses Symantec VIP for internal employees)? Did product management and marketing conduct a study that concluded customers feel safer with fingerprint and facial?
Apple’s Touch ID, and VISA’s integration with it are shaping the fashionable trend faster than a Milan runway. Hopefully these short hemlines will fade soon. Apple’s senior vice president, Dan Riccio, irresponsibly claims, “Fingerprints are one of the best passwords in the world.” He probably understands it is easy to reset a password. He probably does not understand how hard it is to reset his fingerprints. Truly the inmates are running the asylum.
Presented at Codebits V, 11/11/11 Lisbon.
Video and more info here: https://codebits.eu/intra/s/session/180
note: this talk was co-presented by me and Luís Grangeia (www.slideshare.net/lgrangeia)
Keeping Secrets on the Internet of Things - Mobile Web Application SecurityKelly Robertson
Have you ever wondered why our web apps, and mobile web apps in particular, are hard to secure?
Be sure to read the speakers notes in this presentation
In this lengthy presentation, you will observe where researchers and hackers corrupt the developer's intentions...then, you will look at the Good, the Bad and the Ugly of Secure Software Development, WAF considerations, and Mobile Device Management...
A primer for securing your IoT devices and applications written in Node.js. This presentation covers all layers of security on your device implementation.
Do you find it difficult to manage cloud security in your organization? Here are seven tips that will help you effectively secure your cloud environments.
ZKorum: Building the Next Generation eAgora powered by SSISSIMeetup
The immense potential unlocked by SSI in content-centric social networks (forums) is largely unaddressed by the recent wave of decentralized social networks. Enter ZKorum - a network of verifiable communities where members create anonymous polls and discussions. In this episode, Nicolas Gimenez, the Co-Founder and CTO of ZKorum, unveils the Alpha version and delves into its architecture, drawing inspiration from SSI, DWeb, and Password Managers.
Finding Security a Home in a DevOps WorldShannon Lietz
Presented this talk at DevOps Summit in 2015 to a DevOps community. Discovered that security is new to most DevOps teams and this was a very good discussion.
Improving privacy in blockchain using homomorphic encryption Razi Rais
The slide deck from my session on "Privacy in the blockchain using homomorphic encryption" at blockchain conference (http://blockchainconf.tech).
Agenda:
1. Understand Privacy & Role of Homomorphic Encryption (HE)
2. Blockchain & Zero-Knowledge Proofs (zk-SNARKS)
3. Tools & Technologies
4. Demos (Healthcare & Identity)
The PDX Splunk community came together for a fantastic in-person Splunk PNW User Group at Steeplejack Brewing Company in PDX! We had a great Detection Engineering walkthrough and demo from our sponsor Anvilogic, and Arcus Data gave a wonderful demo of both Edge Hub and AI Assist. See you again soon!
Privacy and Security in the Internet of ThingsJeff Katz
Jeff Katz from KIWI discusses topics relating to Privacy and Security in the Internet of Things. What you should do, what you should never do, and what to avoid becoming. From the IoT Conference September 2015 in Berlin
Similar to Privacy-Preserving Authentication, Another Reason to Care about Zero-Knowledge Proofs (20)
This talk revisits the 2016 Mirai attack which targeted IoT devices including IP cameras, WiFi-connected refrigerators, home routers, and more. The resulting botnet was used to attack Dyn’s DNS platform, which affected many websites including Twitter, SoundCloud, Airbnb, and Spotify.
You will learn and discuss the answers to these questions and more:
• What is the current state of Mirai and Mirai variants?
• What Distributed Denial of Service (DDoS) defenses do you have in place?
• How can you prepare to detect and defend against them botnet malware?
• What is recommended in the September 2018 NISTIR Draft,
Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks.
Talk for Austin ISSA
What’s more accurate, face or iris?
What’s more secure, password or biometrics?
Is the US legal system up to the challenge?
Impact of EU GDPR and PSD2
Does NIST provide quantitative anti-spoofing requirements?
Will ISO/IEC define how to evaluate anti-spoofing for mobile devices?
Panel 4: Beyond Bugs: Embracing Security Features
How can startups go beyond bug hunting to implementing security features? This panel will consider how startups can overcome development challenges, such as impacts on performance, to embrace security features — like site-wide SSL/TLS, Content Security Policy, and multifactor authentication — that can protect consumers from threats proactively and help eliminate entire classes of vulnerabilities.
Moderator:
Katherine McCarron
Division of Privacy and Identity Protection, FTC
Panelists:
Robert Hansen
Vice President of WhiteHat Labs
WhiteHat Security
Clare Nelson
CEO
ClearMark Consulting
Caleb Queern
Manager
KPMG Cyber
OWASP AppSec USA 2015, San Francisco
How do you stump a multi-factor authentication vendor? Ask for a threat model.
This talk will help developers as well as CISOs make better authentication decisions. When we raise the bar, everyone wins.
Abstract: This presentation discusses multi-factor authentication, and what to look for if you are planning a product refresh, or implementing a solution for the first time. Since there are over 200 vendors, it is not easy to select the best solution for your needs. The goal of this presentation is to arm you with questions to ask, plus identify some suboptimal technologies to avoid. Your feedback to vendors will help them provide better, more secure products and services.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Privacy-Preserving Authentication, Another Reason to Care about Zero-Knowledge Proofs
1. Privacy-Preserving Authentication: Another
Reason to Care about
Zero-Knowledge Proofs
Clare Nelson, CISSP, CIPP/E
@Safe_SaaS
OWASP Austin
August 29, 2017
clare.nelson@allclearid.com
Posted on SlideShare:
https://www.slideshare.net/eralcnoslen/privacypreserving-
authentication-another-reason-to-care-about-zeroknowledge-proofs
2. Clare Nelson, @Safe_SaaS
Any sufficiently advanced
technology is indistinguishable
from magic
—Arthur C. Clarke
Graphic: https://www.shutterstock.com/video/search/loop-ready-file/?ref_context=keyword
4. Clare Nelson, @Safe_SaaS
Scope
In Scope
• Digital User Authentication
Not in Scope
• Other Authentication Use Cases
IoT, Services, Devices
• E-Voting
• Digital Watermarks
• Sealed Auctions
• Cryptocurrency
Zcash
Biometrics
Blockchain, Digital Ledger Technology
Graphic: http://www.itproportal.com/2016/04/07/the-role-of-biometric-authentication-techniques-in-security/
5. Problem #1, Passwords are Broken
2017
936 Breaches
19,001,935 Records Exposed
Source: http://www.idtheftcenter.org/images/breach/2017Breaches/DataBreachReport_2017.pdf
Graphic: https://www.youtube.com/watch?v=rtMztv0foU4
6. Data breaches support, enable other crimes
• Human and drug trafficking
• Terrorist activities
• Child exploitation
• Ransom, prove to company breach occurred
• Other illicit activities
Connecting the Dots
Source: https://www.ncfta.net/Home/News
Weak or stolen
passwords
Data
breaches
Crime
7. Clare Nelson, @Safe_SaaS
Problem #2, Lack of Privacy for Some
Microsoft Privacy Strategy
• Provide customers more
control over collection and use
of their personal information
• Enable people to prove things
about themselves without
revealing their identity
Source: https://privacy.microsoft.com/en-us/privacystatement
Source: https://blogs.technet.microsoft.com/privacyimperative/2008/03/06/microsoft-acquires-credenticas-u-prove-technology/
Graphic: http://www.flowmarq.com/single-post/2015/05/18/IDENTITY-Clarifying-Motivations
8. Clare Nelson, @Safe_SaaS
007 Wants to Read the News
Source: Credit to Anna Lysyanskaya for the 007 metaphor
Graphic: http://www.007.com/characters/the-bonds/
I can tell you.
But then I’ll have to kill you.
www.telegraph.co.uk
Today’s news?
Today’snews?Who are you?
Do you have a subscription?
9. Clare Nelson, @Safe_SaaS
007 Reads the News, Uses Subscription and Reveals PII
My subscription is #4309115
www.telegraph.co.uk
Today’s news?
Today’snews?Who are you?
Do you have a subscription?
www.telegraph.co.uk knows this is 007, it learns 007’s PII including:
- Zip code when he looks up the weather
- Date of birth when he reads his horoscope
- Gender when he browses the personal ads
Source: Credit to Anna Lysyanskaya for the 007 metaphor
Graphic: http://www.007.com/characters/the-bonds/
10. Clare Nelson, @Safe_SaaS
007 Reads the News, Remains Anonymous
Here is a Zero-Knowledge Proof
www.telegraph.co.uk
Today’s news?
Today’snews?Who are you?
Do you have a subscription?
Source: Credit to Anna Lysyanskaya for the 007 metaphor
Graphic: http://www.007.com/characters/the-bonds/
11. Clare Nelson, @Safe_SaaS
Zero-Knowledge Proof (ZKP)
Source: J. Chou, SC700 A2 Internet Information Protocols (2001)
I can’t tell you my secret,
but I can prove to you
that I know the secret
12. Clare Nelson, @Safe_SaaS
Zero-Knowledge Proof (ZKP)
Source: J. Chou, SC700 A2 Internet Information Protocols (2001)
Zero-Knowledge Proofs are convincing,
yet they yield nothing beyond the validity
of the assertion being proven
—Alon Rosen, Author of Concurrent Zero-Knowledge,
Associate Professor IDC Herzliya
14. Clare Nelson, @Safe_SaaS
Definitions: Authentication, Privacy
Authentication (User)
• Process of verifying the identity, attributes of a user
• Two or more of something you know, something you have, or
something you are
Privacy (Individual)
• A state in which one is not observed or disturbed by other
people or entities
• European Union: privacy is a fundamental human right (GDPR)
• Ability of individuals to seclude themselves, or information
about themselves, and thereby express themselves selectively
Source: https://niccs.us-cert.gov/glossary
Source: https://en.oxforddictionaries.com/definition/privacy
Source: https://en.wikipedia.org/wiki/Privacy
Source: http://www.madisonaveinsights.com/2014/06/ghostery-assuages-privacy-concerns-through-transparency-and-control/
Source: https://www.thinglink.com/scene/711605013062877186
Know Have Are
15. Clare Nelson, @Safe_SaaS
Definition of Zero-Knowledge Proof (ZKP), 1 of 2
Proof System
• Proof does not mean math proof, it refers to proof system
Zero-Knowledge Proof
Enables a prover to convince a verifier of the truth of a
statement without leaking any other information
• Zero-knowledge proofs yield nothing beyond the
validity of the assertion
• ZKP supports anonymous, verifiable transaction
identities
• Interactive, requires back and forth, exchange of
messages, between prover and verifier
• Randomness is used
• ZKP is probabilistic, does not provide absolute
certainty
Source: http://www0.cs.ucl.ac.uk/staff/J.Groth/ShortNIZK.pdf
Source: http://www.austinmohr.com/work/files/zkp.pdf
Source: http://www.wisdom.weizmann.ac.il/~oded/zk-tut02.html
Source: https://www.sedicii.com/2015/07/30/zero-knowledge-authentication/
Prover Verifier
Proof of a
statement
16. Clare Nelson, @Safe_SaaS
Definition of Zero-Knowledge Proof (ZKP), 2 of 2
Source: http://www0.cs.ucl.ac.uk/staff/J.Groth/ShortNIZK.pdf
Source: http://www.austinmohr.com/work/files/zkp.pdf
Source: http://www.wisdom.weizmann.ac.il/~oded/zk-tut02.html
Source: https://www.sedicii.com/2015/07/30/zero-knowledge-authentication/
Source: http://mentalfloss.com/article/64108/15-things-you-should-know-about-dogs-playing-poker
ZKP requirements:
• Zero-Knowledge: Reveal no additional
information beyond the statement’s
validity
• Completeness: If statement is true,
honest verifier (follows the protocol)
will be able to prove statement is true
every time
• Soundness: If the statement is false, a
cheating prover cannot convince the
honest verifier that it is true, except
with very small probability
17. Clare Nelson, @Safe_SaaS
Soundness
Source: Credit to Anna Lysyanskaya for the 007 metaphor
Graphic: https://www.google.com/search?biw=1600&bih=765&tbm=isch&q=daniel+craig+james+bond&sa=X&ved=0ahUKEwiaiLWN9s3VAhXI64MKHY7TDHUQhyYIKw#imgrc=Am84tWm-iK_ayM:
It’s Bond. James Bond.
www.telegraph.co.uk
Today’s news?
Today’snews?Who are you?
Do you have a subscription?
(M fails because she can’t prove to Telegraph)
18. Clare Nelson, @Safe_SaaS
Zero-Knowledge Proof (ZKP) Advantages
Source: https://www.slideshare.net/arunta007/elliptic-curve-cryptography-and-zero-knowledge-proof-27914533?next_slideshow=1
• Privacy-preserving
• Zero knowledge is transferred
between prover and verifier
• Verifier accepts or rejects proof after
multiple challenges and responses
• No degradation of protocol
• Based on problems like discrete
logarithms and integer factorization
• Probabilistic proof protocol
• Computational efficiency, no
encryption
19. Clare Nelson, @Safe_SaaS
Evolution from Interactive to Non-Interactive ZKP (NIZKP)
Source: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4732108/
• Interactive, multiple
challenge/response messages
• Requires stable, continuous
communication channel
ZKP
• Non-Interactive, one message
• Takes less time
• More efficient
• Optimized for IoT
NIZKP
20. Clare Nelson, @Safe_SaaS
Disadvantages: Deployment and Correct Usage
Source: https://www.slideshare.net/arunta007/elliptic-curve-cryptography-and-zero-knowledge-proof-27914533?next_slideshow=1
Source: https://www.youtube.com/watch?v=CKncw6mIMJQ&list=PLpr-xdpM8wG8DPozMmcbwBjFn15RtC75N
Source: http://zerocash-project.org/media/pdf/zerocash-extended-20140518.pdf
ZKP
• Limited – Secret must be numerical, translation may be needed
• Lengthy – Many computations, each requires run time
• Stable, continuous connection – Support multiple challenges and
responses between prover and verifier
• Imperfect – An attacker can still intercept the transmission
NIZKP
• More efficient, but in some cases still not succinct
enough
• May not preserve deniability
zk-SNARK
• Still need one-time setup phase
• Tradeoff for having shorter proofs and faster
verification times is stronger assumptions
• zk-SNARK proofs are publicly verifiable, uses Diffie-
Hellman shared secret key variation (too early to
tell disadvantages)
21. Clare Nelson, @Safe_SaaS
Attack Resilience: Academia, not Real World
Source: http://repository.ust.hk/ir/bitstream/1783.1-6277/1/pseudo.pdf
Attack Description Mitigation
Impersonation A malicious impersonator, for either party Need secret, completeness
and soundness
Replay Attack Malicious peer or attacker collects
previous proofs, and resends these
Challenge message required
Man in the
Middle (MITM)
Intruder is able to access and modify
messages between prover and verifier
(without them knowing)
It depends, implementation
specific
Collaborated
Attack
Subverted nodes collaborate to enact
identity fraud, or co-conspirator
It depends, requires
reputation auditing design
Denial of
Service (Dos)
Renders networks, hosts, and other
systems unusable by consuming
bandwidth or deluging with huge number
of requests to overload systems
Could happen during
authentication setup
22. Clare Nelson, @Safe_SaaS
Zero-Knowledge Proof for Authentication, Timeline
1985
- Goldwasser,
Micali, Rackoff
paper (MIT
Research)
2008
- Microsoft
acquired
Credentica,
basis for
Microsoft U-
Prove
2014
- Two Factor
Zero-
Knowledge
Proof
Authentication
System
2013
- Sedicci
founded, no
transmission
of private user
data
2015
- IBM Identity
Mixer
announced
2016
- MIRACL
announced
Zero-Factor
Authentication
- Sovrin
founded
Source: https://courses.csail.mit.edu/6.857/2014/files/16-nguyen-rudoy-srinivasan-two-factor-zkp.pdf
Includes variations, some combine classical systems with ZKP systems
23. Clare Nelson, @Safe_SaaS
Zero-Knowledge Proof (ZKP)
Zero-Knowledge Proofs are one of
the most powerful tools
cryptographers have ever devised.
But unfortunately they’re also
relatively poorly understood.
Source: https://blog.cryptographyengineering.com/2014/11/27/zero-knowledge-proofs-illustrated-primer/
—Matthew Green, cryptographer and
professor at Johns Hopkins University,
creator of Zcash
∀ x ∈ L, z ∈ {0, 1} ∗, ViewV∗ [P(x) ↔ V∗ (x, z)] = S(x, z)
24. Clare Nelson, @Safe_SaaS
Zero-Knowledge Proof Illustration
Horizon Telecom Company
• Cell towers
• 11 vertices
• Connected by lines, or edges
• Avoid overlap
• Use 1 of 3 signals
Source: https://blog.cryptographyengineering.com/2014/11/27/zero-knowledge-proofs-illustrated-primer/
25. Clare Nelson, @Safe_SaaS
Zero-Knowledge Proof Illustration
Source: https://blog.cryptographyengineering.com/2014/11/27/zero-knowledge-proofs-illustrated-primer/
Instance of 3-Color Graph
Problem
• Use colors to represent
frequency bands
• Avoid overlap
• Use 1 of 3 signals
• Easy to solve for 11 vertices
• Hard to solve for larger
numbers, e.g. 900
• Outsource problem, need big
compute
26. Clare Nelson, @Safe_SaaS
Zero-Knowledge Proof Illustration
Source: https://blog.cryptographyengineering.com/2014/11/27/zero-knowledge-proofs-illustrated-primer/
Proof of Solution
• Indoor basketball court
• Spread pieces of paper on floor,
each piece is a vertex
• Pick 3 different-colored crayons
at random
• Color the paper to represent
the solution
• Put hats over the paper to hide
the solution
27. Clare Nelson, @Safe_SaaS
Zero-Knowledge Proof Illustration
Source: https://blog.cryptographyengineering.com/2014/11/27/zero-knowledge-proofs-illustrated-primer/
Source: http://www.automatedtesting.com/Product%20Roadmap.html
Proof of Solution
• Remove two hats
• See vertices are different colors
___________________________
Repeat this process
Lay out new pieces of paper on
floor
Pick 3 crayons at random
Color the paper
Place hats over paper
Invite Verifier
Remove two hats
Prove have solution without
revealing it
Each time the process is repeated,
confidence goes up that a valid solution
was found
29. Clare Nelson, @Safe_SaaS
Zero-Knowledge Proof (ZKP), Discrete Logarithm Example
Source: http://slideplayer.com/slide/8235130/
b = gx (mod n)
Step Description Prover (P) Verifier (V)
0 Setup g, b, n, x g, b, n
1 Prover generates random r r
2 P sends h = gr mod n to V h h
3 V flips a coin, c = H or T c c
4 If c = H, P sends r to V r, check gr = h
5 If c = T, P sends m = x + r m m, check gm = bh
6 Repeat steps 1-5 until Verifier is convinced that Prover knows x (with
probability 1-2-k, for k iterations)
34. The Future
Source: https://eprint.iacr.org/2010/212.pdf
Graphic:: https://www.scientificamerican.com/article/quantum-computers-compete-for-supremacy/
With that notation, hP(x, w), V ∗ (Z)i is the same as
com ← P1(x, w), ch ← V ∗ 1 (com, Z), resp ← P2(x, w, ch), V
∗ 2 (resp, Z).
Σ is SHVZK 〚HVZK〛. Hence there is a quantum-
polynomial-time simulator SΣ such that for any 〚quantum-
polynomial-time〛 DΣ: Pr[b = 1 : com ← P1(x, w), ch R ←
Cηx, resp ← P2(x, w, ch), b ← DΣ(|Ψi, com, ch, resp)] − Pr[b
= 1 : (com, ch, resp) ← SΣ(x), b ← DΣ(|Ψi, com, ch, resp)] ≤
εD
where εD = εD(η) is a negligible function depending on DΣ.
Let [ch = ch∗ ] := 1 iff ch = ch∗ .
Then: Pr[succ = 1 ∧ b = 1 : ZE ← |Ψi,hP(x, w), V ∗ (Z)i, b ←
D(Z, E), ch∗ R ← Cηx, succ := [ch = ch∗ ]] (3) = Pr[succ = 1 ∧ b
= 1 : ZE ← |Ψi, com ← P1(x, w), ch ← V ∗ 1 (com, Z), resp ←
P2(x, w, ch), V ∗ 2 (resp, Z), b ← D(Z, E), ch∗ R ← Cηx, succ :=
[ch = ch∗ ]] (∗) = Pr[succ = 1 ∧ b = 1 : com ← P1(x, w), ch∗ R
← Cηx, resp ← P2(x, w, ch∗ ), ZE ← |Ψi, ch ← V ∗ 1 (com, Z),
succ := [ch = ch∗ ], V ∗ 2 (resp, Z), b ← D(Z, E)] ε ≈ Pr[succ = 1
∧ b = 1 : (com, ch∗ , resp) ← SΣ(x), ZE ← |Ψi, ch ← V ∗ 1
(com, Z), succ := [ch = ch∗ ], V ∗ 2 (resp, Z), b ← D(Z, E)] =
Pr[succ = 1 ∧ b = 1 : ZE ← |Ψi, Y, C ← |0i, S1(x, CZY ), succ ←
M(C), b ← D(Z, E)]
35. Clare Nelson, @Safe_SaaSGraphic: http://www.trustev.com/
Alternative for Privacy-Invasive, Continuous, Risk-Based Authentication
36. Trusted Platform Module (TPM)
• TPM 1.2 uses ZKP
• TPM 2.0 takes another path
• 2017 Paper from IBM, Intel, Infineon
Solution, minimal changes to
current TPM 2.0
Source: https://www.cryptomathic.com/news-events/blog/the-trusted-platform-module-explained
Source: http://ieeexplore.ieee.org/document/7958616/
Source: https://eprint.iacr.org/2017/639
Breaking News in the ZKP World
May 2017 conference
YouTube meeting presentation: https://www.youtube.com/watch?v=8tzLOA4YGhc
37. Clare Nelson, @Safe_SaaS
Source: https://www.youtube.com/watch?v=1fXLJBN-KfI
Source: https://arxiv.org/pdf/1604.02804.pdf
Source: https://simons.berkeley.edu/sites/default/files/docs/1328/slidesunruh.pdf
Source: https://eprint.iacr.org/2010/212.pdf
Graphic: https://www.newscientist.com/article/mg23130894-000-revealed-googles-plan-for-quantum-computer-supremacy/
Zero-Knowledge Proof in a Quantum World?
Station Q
• Worldwide consortium for the advancement of
topological quantum computation
• Zero-knowledge proof systems for QMA
QMA = Quantum Merlin Arthur (Merlin
Arthur from computational complexity)
Dominique Unruh
• New challenges in quantum case
• Quantum proofs of knowledge
• There are zero-knowledge quantum proofs of
knowledge for all languages in NP (2015)
38. Clare Nelson, @Safe_SaaS
We Stand on the Shoulders of Giants
Source: https://www.csail.mit.edu/user/733
Source: http://researcher.watson.ibm.com/researcher/view.php?person=zurich-jca
Source: http://www.idtrail.org/content/view/55/43/index.html
Source: https://z.cash/team.html
Shafi Goldwasser
Jan Camenisch
Stefan Brands
Matthew Green
39. Clare Nelson, @Safe_SaaS
@Safe_SaaS
clare.nelson@allclearid.com
Slides posted on SlideShare:
https://www.slideshare.net/eralcnoslen/pri
vacypreserving-authentication-another-
reason-to-care-about-zeroknowledge-proofs
Questions?
Recommended Reading
1. Data and Goliath, Bruce Schneier (2015)
2. Matthew Green, cryptography blog, Professor Johns Hopkins
3. One TPM to Bind Them All, TPM 2.0 paper by Jan Camenisch,
et al. (2017)
40. Clare Nelson, @Safe_SaaS
Source: https://www.symantec.com/connect/blogs/you-can-t-have-privacy-without-security
Source: https://www.microsoft.com/en-us/research/research-area/security-privacy-cryptography/
You can have security
without privacy,
but you can’t have privacy
without security.
— Carolyn Herzog, EVP and General Counsel, ARM
42. Clare Nelson, @Safe_SaaS
References, 1 of 3
• Attribute-based Credentials for Trust (ABC4Trust) Project, https://abc4trust.eu/ (2017).
• AU2EU Project, Authentication and Authorization for Entrusted Unions, http://www.au2eu.eu/ (2017).
• Baldimsti, Foteini; Lysanskaya, Anna. Anonymous Credentials Light. http://cs.brown.edu/~anna/papers/bl13a.pdf (2013).
• Ben Sasson, Eli; Chiesa, Alessandro; Garman, Christina, et al. Zerocash: Decentralized Anonymous Payments from Bitcoin, http://zerocash-
project.org/media/pdf/zerocash-extended-20140518.pdf (May 2014).
• Bitansky, Nir; Weizman, Zvika Brakerski; Kalai, Yael. 3-Message Zero Knowledge Against Human Ignorance,
https://eprint.iacr.org/2016/213.pdf (September 2016).
• Brands, Stefan. Rethinking Public Key Infrastructures and Digital Certificates. The MIT Press,
http://www.credentica.com/the_mit_pressbook.html (2000).
• Camenisch, Jan and E. Van Herreweghen, Design and implementation of the IBM Idemix anonymous credential system, in Proceedings of the
9th ACM conference on Computer and communications security. ACM, 2002, pp. 21–30.
• Camenisch, Jan; Dubovitskaya, Maria; Enderlein, Robert; et al. Concepts and languages for privacy-preserving attribute-based
authentication, https://pdfs.semanticscholar.org/82e2/4078c9ba9fcaf6177a80b8496779676af114.pdf (2013).
• Cutler, Becky. The Feasibility and Application of Using Zero-Knowledge Protocol for Authentication Systems,
http://www.cs.tufts.edu/comp/116/archive/fall2015/bcutler.pdf (2015).
• Geraud, Rémi. Zero-Knowledge: More Secure than Passwords? https://blog.ingenico.com/posts/2017/07/zero-knowledge-proof-more-
secure-than-passwords.html (July 25, 2017).
• Geers, Marjo; Comparing Privacy in eID Schemes, http://www.id-world-magazine.com/?p=923 (2017).
• Goldreich, Oded. Zero-Knowledge: a tutorial by Oded Goldreich, http://www.wisdom.weizmann.ac.il/~oded/zk-tut02.html has extensive
reference list (2010).
43. Clare Nelson, @Safe_SaaS
References, 2 of 3
• Goldreich, Oded; Yair, Oren. Definitions and Properties of Zero-Knowledge Proof Systems,
http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.17.2901 (19940.
• Goldwasser, Micali, Rackoff, The Knowledge Complexity of Interactive Proof-Systems, ACM 0-89791-151-2/85/005/02911 (1985).
• Green, Matthew. Zero Knowledge Proofs: An Illustrated Primer, https://blog.cryptographyengineering.com/2014/11/27/zero-knowledge-
proofs-illustrated-primer/ (November 2014).
• Groth, Jens; Lu, Steve. “A Non-Interactive Shuffle with Pairing Based Verifiability,”
http://www0.cs.ucl.ac.uk/staff/J.Groth/AsiacryptPairingShuffle.pdf (2006).
• Groth, Jens. Short Pairing-Based Non-Interactive Zero-Knowledge Arguments, http://www0.cs.ucl.ac.uk/staff/J.Groth/ShortNIZK.pdf (2010).
• Guillou, Quisqater, “How to Explain Zero-Knowledge Protocols to Your Children,” http://pages.cs.wisc.edu/~mkowalcz/628.pdf (1998).
• Gupta, Anuj Das; Delight, Ankur. Zero-Knowledge Proof of Balance: A Friendly ZKP Demo, http://blog.stratumn.com/zero-knowledge-proof-
of-balance-demo/ (June 2017).
• Hardjono, Thomas; Pentland, Alex “Sandy”; MIT Connection Science & Engineering; Core Identities for Future Transaction Systems,
https://static1.squarespace.com/static/55f6b5e0e4b0974cf2b69410/t/57f7a1653e00be2c09eb96e7/1475846503159/Core-Identity-
Whitepaper-v08.pdf (October 7, 2016). [TBD: check back, right now it is a DRAFT, do not cite]
• ISO/IEC Information technology — Security techniques — Entity authentication — Part 5: Mechanisms using zero-knowledge techniques,
https://www.iso.org/standard/50456.html (2015).
• Johnstone, Mike; Why we need privacy-preserving authentication in the Facebook age,
http://www.iaria.org/conferences2015/filesICSNC15/ICSNC_Keynote_v1.1a.pdf (November 2013).
• Kogta, Ronak. ZK-Snarks in English, https://www.slideshare.net/rixor786/zksnarks-in-english?qid=0e3be303-84fc-43d2-be96-
6db2085a28ff&v=&b=&from_search=3 (July 2017).
44. Clare Nelson, @Safe_SaaS
References, 3 of 3
• Lysyanskaya, Anna. How to Balance Privacy and Key Management in User Authentication,
http://csrc.nist.gov/groups/ST/key_mgmt/documents/Sept2012_Presentations/LYSYANSKAYA_nist12.pdf (2012).
• Martin-Fernandez, Francisco; Caballero-Gil, Pino; Caballero-Gil, Candido. Authentication Based on Non-Interactive Zero-Knowledge Proofs
for the Internet of Things. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4732108/ (January 2016).
• Mohr, Austin. A Survey of Zero-Knowledge Proofs with Applications to Cryptography, http://www.austinmohr.com/work/files/zkp.pdf.
• Montenegro, Jose.; Fischer, Michael; Lopez, Javier; et al. Secure Sealed-Bid Online Auctions Using Discreet Cryptographic Proof,
http://www.sciencedirect.com/science/article/pii/S0895717711004535?via%3Dihub (June 2013).
• Nguyen, Quan; Rudoy, Mikhail; Srinivasan, Arjun. Two Factor Zero Knowledge Proof Authentication System,
https://courses.csail.mit.edu/6.857/2014/files/16-nguyen-rudoy-srinivasan-two-factor-zkp.pdf (2014).
• Unruh, Dominique. Quantum Proofs of Knowledge, https://eprint.iacr.org/2010/212.pdf (February 2015).
• Wilcox, Zooko. Podcast, Zero Knowledge, The Future of Privacy. https://medium.com/blockchannel/episode-3-zero-knowledge-the-future-
of-privacy-ea18479295f4 (February 21, 2017).
• Wu, Huixin; Wang, Feng. A Survey of Noninteractive Zero Knowledge Proof System and its Applications.
https://www.hindawi.com/journals/tswj/2014/560484/ (May 2014).
46. Clare Nelson, @Safe_SaaS
Clare Nelson, CISSP, CIPP/E
Director, Office of the CTO at AllClear ID
Security, Privacy, and Identity
• Background
o Encrypted TCP/IP variants for NSA
o Product Management at DEC (HP), EMC2
o Director Global Alliances at Dell, Novell
o VP Business Development, TeaLeaf Technology (IBM), Mi3 Security
o CEO ClearMark Consulting, MFA Technology and Architecture
• 2001-2014 CEO ClearMark Consulting
• 2014 Co-founder C1ph3r_Qu33ns
• Publications include:
o 2010 August, ISSA Journal, Security Metrics: An Overview
o 2015 April, ISSA Journal, Multi-Factor Authentication: What to Look For
• Talks/Keynotes: Cloud Identity Summit 2017, InfraGard,
HackFormers; BSides Austin; LASCON; OWASP AppSec USA, ISSA
Austin; clients including Fortune 500 financial services, 2015 FTC
Panel
• B.S. Mathematics
Graphic: http://www.activistpost.com/2015/09/fbi-biometrics-programs-surveillance-database.html
48. Clare Nelson, @Safe_SaaS
Many Types of Zero-Knowledge Proof
Source: https://www.sedicii.com/2015/07/30/zero-knowledge-authentication/
Source: https://blog.cryptographyengineering.com/2014/11/27/zero-knowledge-proofs-illustrated-primer/
Acronym Description Notes
ZKP Interactive Zero-Knowledge Proof First invention, multiple
messages between
prover and verifier
NIZKP Non-Interactive Zero-Knowledge Proof
Common Reference String model
• In 2003, Rafael Pass showed that in the common
reference string model non-interactive zero-
knowledge protocols do not preserve all of the
properties of interactive zero-knowledge
protocols; e.g., they do not preserve deniability
Less interaction
required between
prover and verifier
n/a Fiat-Shamir
zk-SNARK zero-knowledge Succinct Non-interactive ARgument of
Knowledge
Zcash
49. Clare Nelson, @Safe_SaaS
The views presented herein,
expressed in any form, represent
my personal views, and do not
necessarily reflect the views of
my employer.
Graphic: http://rununcensored.com/wp-content/uploads/2013/06/disclaimer.jpg
50. Some consumers want control of their
identity
• See where their identity resides
• See what data is collected
• Manage and curate it
• Request deletion
• If the data is old, update or leave as is
Source: https://www.sedicii.com/about-us/
Future of Identity and Privacy
51. Clare Nelson, @Safe_SaaS
Additional Research
• Libsnark (on GitHub)
Zero knowledge: the verifier learns nothing from the proof beside the
truth of the statement (i.e., the value qux, in the above examples,
remains secret).
Succinctness: the proof is short and easy to verify.
Non-interactivity: the proof is a string (i.e. it does not require back-
and-forth interaction between the prover and the verifier).
Soundness: the proof is computationally sound (i.e., it is infeasible to
fake a proof of a false NP statement). Such a proof system is also called
an argument.
Proof of knowledge: the proof attests not just that the NP statement is
true, but also that the prover knows why (e.g., knows a valid qux).
• Pinocchio (Nearly Practical Verifiable Computation
Microsoft Research and IBM Research
https://eprint.iacr.org/2013/279.pdf
Source: https://github.com/scipr-lab/libsnark
Source: https://github.com/akosba/jsnark
52. Clare Nelson, @Safe_SaaS
Schnorr NIZK (IETF Draft)
The Schnorr NIZK proof is obtained from
the interactive Schnorr identification
scheme through a Fiat-Shamir
transformation
• This transformation involves using a
secure cryptographic hash function to
issue the challenge instead.
Source: https://tools.ietf.org/html/draft-hao-schnorr-01
Source: http://www.art.com/products/p15063445373-sa-i6847848/sidney-harris-i-think-you-should-be-more-explicit-here-in-step-two-cartoon.htm
53. Clare Nelson, @Safe_SaaS
ISO/IEC 9798-5 Zero-Knowledge Techniques (2009)
1. Providing unilateral authentication
Identities
Integer factorization
Discrete logarithms with respect to
numbers that are either prime or
composite
Discrete logarithms on elliptic curves
2. Providing unilateral or mutual
authentication
Asymmetric encryption systems
Source: https://www.iso.org/standard/50456.html
Asymmetric cryptography
• Remove potential threat
• Verifier cannot use Claimant
as an Oracle
• Get information about
private key
Entity authentication using zero-knowledge techniques
54. Clare Nelson, @Safe_SaaS
ISO/IEC 9798-5:2009
Compliance with ISO/IEC 9798-5 may involve the use of the following
patents and their counterparts in other countries.
Source: https://www.iso.org/standard/50456.html
Patent Title Inventor Filing
Date
US 4 995 082 Method for identifying subscribers and for
generating and verifying electronic signatures
in a data exchange system
C.P. Schnorr 1990
US 5 140 634 Method and apparatus for authenticating
accreditations and for authenticating and
signing messages
L.C. Guillou
and J-J.
Quisquater
1991
EP 0 311 470 Methods and systems to authenticate
authorizations and messages with a zero
knowledge-proof system and to provide
messages with a signature
L.C. Guillou
and J-J.
Quisquater
1998
EP 0 666 664 Method for performing a double-signature
secure electronic transaction
M. Girault 1995
55. Clare Nelson, @Safe_SaaS
Source: https://www.wsj.com/articles/hbos-hack-hollywood-is-under-siege-1502443802
Data, data everywhere. Jeremiah
Grossman, chief of security strategy
for cybersecurity company Sentinel
One, tells the WSJ that Hollywood TV
and movie companies are vulnerable
because they work with so many
partners that “their data is all over
the place.”
56. Clare Nelson, @Safe_SaaS
Evolution of Cryptography
Source: http://zerado.com/en/news/a-perfect-tool-for-secret-payments-from-bitcoin-with-zero-knowledge-proof-the-impact-of-z-cash/
57. Clare Nelson, @Safe_SaaS
More Authentication Examples
Company(s) Name Description
Gemalto,
Microsoft
U-Prove Gemalto integrated smart card technology with Microsoft U-Prove.
• U-Prove has been instrumental guiding minimal disclosure security.
• With Gemalto smart card technology is continuing to push this form of
online authentication forward (February 2017).
Source: http://www.id-world-magazine.com/?p=923
Source: https://blog.gemalto.com/corporate/2011/02/15/what-you-can-expect-to-see-from-us-at-the-rsa-conference/
58. Clare Nelson, @Safe_SaaS
Is Identity Theft Getting Worse or Better?
Changing Nature of Identity Theft
• Past: Financial- or credit-related identity theft
• Today: Malicious actors use stolen PII to:
Seek employment
Travel across international borders
Obtain prescription drugs
Receive medical treatment
Claim benefits
File false tax returns
Aid in other criminal activities
Synthetic Identity Theft
Occurs when a malicious actor constructs a new
identity
• Composite of multiple individuals' legitimate
information
• Plus fabricated information
Source: https://iapp.org/media/pdf/resource_center/m-17-12.pdf
2017 OMB Memo
• Preparing for and Responding to a
Breach of Personally Identifiable
Information
59. Clare Nelson, @Safe_SaaS
Computational Complexity and Cryptography
Source: http://slideplayer.com/slide/4951940/
Complexity Theory
• Study the resources required
to solve computational tasks
Time
Space (memory)
• Understand relations
between complexity
phenomena
• Provide new perspective on
various concepts
Cryptography
• Specify security
requirements of systems
• Use the computational
infeasibility of problems to
obtain security
• Almost any cryptographic
task requires using these
ideas
Connected
60. Clare Nelson, @Safe_SaaS
Concepts and languages for privacy-preserving attribute-based
authentication (2014)
Online Identity Providers
• Use SAML, OpenID, or WS-Federation
• The Identity Provider can impersonate its users, track and monitor
user online behavior
Privacy-preserving authentication solutions aim to prevent that
Source: http://www.sciencedirect.com/science/article/pii/S2214212614000167
Price is $31.50
Published in this journal
61. Clare Nelson, @Safe_SaaS
The Privacy Conundrum
If authentication concerns what a Relying Party needs to know about
you, then privacy is all about what they don’t need to know.
Privacy amounts to information minimization; security professionals
know this all too well as the “Need to Know” principle.
Source: https://www.secureidnews.com/news-item/abandoning-identity-in-favor-of-attributes/
63. Clare Nelson, @Safe_SaaS
ISO/IEC 9798-5
Compliance may involve the use of the following patents
Source: https://www.iso.org/standard/50456.html
Patent Title Inventor Filing
Date
US 4 995 082 Method for identifying subscribers and for
generating and verifying electronic signatures in a
data exchange system
C.P. Schnorr 1990
US 5 140 634 Method and apparatus for authenticating
accreditations and for authenticating and signing
messages
L.C. Guillou and
J-J. Quisquater
1991
EP 0 311 470 Methods and systems to authenticate
authorizations and messages with a zero
knowledge-proof system and to provide
messages with a signature
L.C. Guillou and
J-J. Quisquater
1998
EP 0 666 664 Method for performing a double-signature secure
electronic transaction
M. Girault 1995
64. Clare Nelson, @Safe_SaaS
ZKP Authentication Examples in Real World
Company Product Description GitHub
IBM Identity
Mixer
Cryptographic algorithm which enables transactions to occur
without unwillingly sharing any personal data,
https://github.com/IBM-Bluemix/idemix-
issuer-verifier
Microsoft U-Prove Cryptographic technology that enables the issuance and
presentation of cryptographically protected statements in a
manner that provides what is known as “multi-party security:”
issuing organizations, users, and relying parties can protect
themselves not just against outsider attacks but also against
attacks originating from each other.
https://github.com/credentials/uprove_sdk
Sedicii Sediccii Patented zero-knowledge proof authentication service, use
cases:
- Call center authentication
- Website login
- Credit card authorization
- Identity hub
- Respond to negative social media feedback
None
MIRACL MIRACL
Trust ZFA
Multi-Factor Zero-Knowledge Authentication (ZFA) Protocol, https://github.com/miracl/milagro-mfa-
server/wiki/What-is-M-Pin-Core
Sovrin Self-
Sovereign
Identity
Non-profit, open source, Sovrin Identity Network establishes
trust through transparency, diffusion, and neutrality,
https://github.com/sovrin-foundation/sovrin
Source: https://www.microsoft.com/en-us/research/wp-content/uploads/2016/02/U-Prove20Technology20Overview20V1.120Revision202.pdf
65. Clare Nelson, @Safe_SaaS
Evolution from Interactive to Non-Interactive ZKP (NIZKP)
Source: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4732108/
ZKP defines a method to prove the knowledge of a
certain piece of information without revealing
anything about it
• Typical ZKPs are based on several challenges and
responses, involving a successive exchange of
messages, which implies the need to have a
stable and continuous connection between
nodes
• However, this assumption is impossible in a
volatile environment like IoT, where sometimes,
devices move at a high speed, such as, for
example, smart vehicles
• In these cases, a massive exchange of messages
to run a typical ZKP can be infeasible due to
possible connection failures during the protocol
• In order to deal with this problem, the idea of
non-interactive ZKP (NIZKP) has emerged
In NIZKP, all of the challenges of a typical ZKP are
condensed into a single package sent in a single
message
• Optimizes time necessary for the exchange of
messages
• Single message instead of many messages
• The single message can be sent as a beacon in
broadcast mode
• Research: transform an interactive protocol into a
non-interactive protocol, which can be applied to
turn interactive ZKPs into NIZKPs thanks to the
use of hash function.
• NIZKP for NP whose construction is based on one-
way permutations and certified trapdoor
permutations
66. Clare Nelson, @Safe_SaaS
Microsoft U-Prove
Cryptographic technology that enables the issuance
and presentation of cryptographically protected
statements in a manner that provides what is known as
“multi-party security”
• Issuing organizations, users, and relying parties can
protect themselves not just against outsider attacks
but also against attacks originating from each other
• Enables any desired degree of privacy (including
authenticated anonymity and pseudonymity)
without contravening multi-party security
• User-centric aspects make the U-Prove technology
suited to create the digital equivalent of paper-
based credentials and the plastic cards in one's
wallet
Source: https://www.microsoft.com/en-us/research/project/u-prove/
67. Clare Nelson, @Safe_SaaS
This little-known
mathematical concept
could eventually make
passwords and PIN
codes obsolete.
Source: https://blog.ingenico.com/posts/2017/07/zero-knowledge-proof-more-secure-than-passwords.html
Source: https://perezbox.com/category/security/
—Remi Geraud, cryptography and
security expert in the Advanced Research
team of Ingenico’s innovation lab
Promise of Zero-Knowledge Proof
68. Clare Nelson, @Safe_SaaS
Source: https://www.zurich.ibm.com/identity_mixer/
Graphic: http://www.sandybeachbungalows.com/
—Jan Camenisch, Cryptographer and Co-Inventor of IBM Identity Mixer
The Internet is like the lunar surface—it never
forgets a footprint.
With Identity Mixer, we can turn it into a sandy
beach that regularly washes everything away.
69. Clare Nelson, @Safe_SaaS
If your personal data is
never collected, it cannot
be stolen.
Source: https://www.zurich.ibm.com/identity_mixer/
Graphic: https://www.va.gov/identitytheft/
Graphic: https://www.quora.com/How-many-online-accounts-does-the-average-American-person-have
—Maria Dubovitskaya, Cryptographer,
Research Staff Member, IBM Zurich
Research Laboratory
70. Clare Nelson, @Safe_SaaS
Examples of Additional Applications, Beyond Authentication
Category Name Description
Cryptocurrency Zcash Open, permissionless cryptocurrency that can fully protect the privacy of
transactions using zero-knowledge cryptography
• The scientists, advisors and engineers of ZECC developed and launched
the Zcash protocol; this includes all of the authors of the Zerocash
protocol, most of the creators of the Zerocoin protocol, and leading
researchers of zk-SNARKs themselves
zk-SNARKs stands for zero-knowledge Succinct Non-interactive ARgument of
Knowledge, and it is the protocol for Zcash
Watermark Watermark
verification
• Show the presence of watermark without revealing information about it
• Prevents removal of the watermark and reselling duplicate copies
E-Voting Emerging Stay tuned for updates, watching Estonia i-voting system, may be used for
homomorphic tallying.
Auctions Sealed-Bid
Auction
Winning bid is determined without information about the losing bids
leaking to either the auctioneer or other bidders, Secure Multiparty
Computation (SMC).
Cryptocurrency projects are fueling ZKP research and evolution
Source: https://www.slideshare.net/arunta007/elliptic-curve-cryptography-and-zero-knowledge-proof-27914533?next_slideshow=1
Source: https://www.nist.gov/publications/secure-sealed-bid-online-auctions-using-discreet-cryptographic-proofs
Source: https://eprint.iacr.org/2016/776.pdf
71. Clare Nelson, @Safe_SaaS
Is Identity Theft Getting Worse or Better? (Continued)
As the ways in which criminals can exploit PII have evolved, so too have
the ensuing types of harm to potentially affected individuals.
Identity theft can result in:
• Embarrassment
• Inconvenience
• Reputational harm
• Emotional harm
• Financial loss
• Unfairness
• In rare cases, risk to personal safety
Individuals can be:
• Arrested and charged for crimes they did not commit
• Professionals such as pharmacists and doctors can suffer irreparable
reputational harm
• Individuals can have benefits suspended or terminated
Source: https://iapp.org/media/pdf/resource_center/m-17-12.pdf
72. Clare Nelson, @Safe_SaaS
Open Source
Privacy-Preserving Attribute-Based Credential Engine
(p2abcengine)
• On GitHub:
https://github.com/p2abcengine/p2abcengine?cm_mc_u
id=33935528777214954828808&cm_mc_sid_50200000=
1502323851
• Interoperates with IBM Identity Mixer and Microsoft U-
Prove
• Developers can use Privacy-ABCs without having to
consider the specifics of the underlying cryptographic
algorithms
73. Clare Nelson, @Safe_SaaS
Open Source: Architecture
Parties of the privacy-preserving
Attribute-Based Credentials
(pABC) system:
• User
• Issuer
• Verifier
• Inspector
• Revocation Authority
Crypto Engines
Source: https://github.com/p2abcengine/p2abcengine/wiki/Architecture
Crypto Engine Crypto Engine
74. Clare Nelson, @Safe_SaaS
ABC4Trust EU Project
Source: https://www.abc4trust.eu/
EU-funded R&D project
Advancing the federation and interchangeability of
technologies supporting trustworthy, privacy-preserving
Attribute-Based Credentials (Privacy-ABCs)
75. Clare Nelson, @Safe_SaaS
Zero-Knowledge Proof, Formal Definition
Source: http://www.cs.cornell.edu/courses/cs6810/2009sp/scribe/lecture18.pdf
An interactive proof system (P, V) for a language L is zero-knowledge if
for any PPT verifier V∗ there exists an expected PPT simulator S such
that
∀ x ∈ L, z ∈ {0, 1} ∗, ViewV∗ [P(x) ↔ V∗ (x, z)] = S(x, z)
As usual, P has unlimited computation power (in practice, P must be a
randomized TM).
Intuitively, the definition states that an interactive proof system (P, V)
is zero-knowledge if for any verifier V∗ there exists an efficient
simulator S that can essentially produce a transcript of the
conversation that would have taken place between P and V∗ on any
given input.
77. Clare Nelson, @Safe_SaaS
Definition of Zero-Knowledge Proof (ZKP) Authentication Protocol
Zero Knowledge Proof (ZKP) Authentication Protocol
• Two parties involved
1. Prover
2. Verifier
• Enables the prover to show that they have the
credential (e.g., password), without having to give
the verifier the credential details
Source: https://en.wikipedia.org/wiki/Zero-knowledge_proof
Source: http://www.austinmohr.com/work/files/zkp.pdf
Source: http://www.wisdom.weizmann.ac.il/~oded/zk-tut02.html
Source: https://www.sedicii.com/2015/07/30/zero-knowledge-authentication/
No transmission or storage of
password/credential details
78. Clare Nelson, @Safe_SaaS
Source: https://www.wired.com/story/how-your-phone-number-became-the-only-username-that-matters/
Source: https://www.shutterstock.com/video/clip-4218796-stock-footage-girl-using-mobile-phone-smartphone.html
Identity, More Caution
How your phone number
became the only username
that matters
—David Pierce Gear, Wired
(August 2017)
79. Clare Nelson, @Safe_SaaS
Source: https://fidoalliance.org/specs/fido-uaf-v1.1-id-20170202/fido-ecdaa-algorithm-v1.1-id-20170202.html
Graphic: https://www.laptopmag.com/articles/tpm-chip-faq
FIDO ECDAA Algorithm
FIDO Basic Attestation scheme alternative
• Direct Anonymous Attestation (DAA) scheme
based on elliptic curves and bilinear pairings
called ECDAA
• Direct Anonymous Attestation is a cryptographic
scheme combining privacy with security
• Basic building blocks for its implementation are
part of TPM 2.0
80. Clare Nelson, @Safe_SaaS
Market Forces have Stunted Privacy by Design, Privacy by Default
• Given the maturity and
growing acceptance of Privacy
by Design and Privacy by
Default, it is surprising that
there are so few Privacy-
Preserving MFA solutions on
the market today.
• The business of monetizing
your behavior and associated
identity attributes could be the
reason for the slow growth.
Source: http://www.azquotes.com/quote/763098
Editor's Notes
This presentation is posted on slideshare
80 slides, we’ll go through first two dozen today
How many of you are familiar with Zero-Knowledge Proofs, or the concept?
It seems like magic at first
Why? Get copy of TPM paper, I’ll give it to you at end of talk.
TPM, chip, surface mounted to motherboard, before BIOS
Root of Trust
Hardware base security solution for data protection and reliable authentication via TPM that stores key, passwords and digital certificates.
Great controversy in the world of TPM, and it centers around ZKP.
Make bitcoin anonymous
The budget for cryptocurrency research is far larger than the budget for user authentication.
This means user authentication solutions will benefit from the privacy-preserving research for cryptocurrrency.
Zero-Knowledge Proof has taken off because of its application in cryptocurrency.
Zero-Knowledge Proof has been applied to cryptocurrency, e-voting, sealed auctions, and many more applications
Today, you will learn about Zero-Knowledge Proof, and perhaps apply it to other applications, and support a privacy-preserving approach
OWASP Top 10: Broken Authentication and Session Management
We are numb to passwords broken
We are numb to breaches
Over 60-80% tied to weak or stolen passwords
USA
Year to date
Identity Theft Resource Center
Aug 22
June 1980, Comfortably Numb
We’re not just mitigating identity theft, and preserving privacy, we are fighting the nastiest crimes on earth.
National Cyber-Forensics Training & Alliance
What do criminals do with your stolen credentials, credit card number, driver’s license number, mobile number, SSN, address, date of birth?
Why haven’t we solved this? No single entity suffers sufficient economic damage to make it a significant business risk they need to address or mitigate.
Digi.me and others: your data, bring it together in one place you own instead of being scattered across the web
Creating the CONSENT ECONOMY
Collection and use of personal information
Old enough to order a Margarita without showing your driver’s license, just a boolean yes or no that you are old enough
GDPR, existing EU Data Protection Directive
Recommendation 1 of 3: Data and Goliath, Bruce Schneier
Privacy-invasive pattern
Identity graph: consumer journey, one or many personal identifiers or emails, collect identifiers, browser cookies, purchase history, all actions
What Jan Camenisch of IBM Zurich calls Authentication without Identification
Secret, or difficult to solve problem
Nothing? Other crypto methods yield nothing right?
Nothing about a private key
Definitions
Two or more of something you know…
Dan Crowley stood here a few months ago
Definition of privacy is personal, depends on the context, depends on laws, cultural norms
High level
First curve ball
Proof system, interaction between a prover and a verifier
You can make the certainty as high as you want
Honest prover? Honest verifier? Literature has much more about cheating provers.
I have two brothers, they gave me the great gift of skepticism because they would cheat at Monopoly, cards, etc. They would not always follow the rules.
Challenge: make sure correctly implemented, prover and verifier are following the protocol
Imposters are foiled
Leave out: Discrete logarithms = integer k exponent solving the equation bk = g, where b and g are elements of a group
volatile environment like IoT, where sometimes, devices move at a high speed, such as, for example, smart vehicles
Interactive Zero-Knowledge Proof, could have many messages back and forth.
Non-Interactive use a single message instead of many.
Deployment and correct usage are problematic: need smart people, need smart developers, smart testers, etc.
zero-knowledge Succinct Non-interactive ARgument of Knowledge
Usain Bolt?
(i.e. messages to the Verifier or the Prover might be modified or destroyed)
Anonymous Peer-2-Peer Authentication System, Vulnerability
Hard to just do threat modeling with ZKP alone, need to put it into a system, Chinese Academy of Sciences
Example of ZKP combined with classical systems or constructs
When was Zero-Knowledge Proof invented? 1982
In the 1980s.
ZKP is only 35+ years old.
Hyperbole?
2nd of 3 recommended reading suggestions, look up Matthew Green’s blog
We have a choice, dive into math symbols like this, or use a metaphor
Vertex
The verifier is Horizon Telecom, probabilistic polynomial-time
The prover is the
2,000 zcoins
Keep in mind, this is a coarse metaphor for ZKP
3 cycles,
Prover = griff computing
Verifier is us, Horizon telecom
prover is all-powerful and possesses unlimited computational resources, but cannot be trusted
verifier has bounded computation power
Messages are sent between the verifier and prover until the verifier has an answer to the problem and has "convinced" itself that it is correct.
Digest, Signature, Public key, Timestamp
Modulo n
Prover knows x, the verifier does not
S: you have seen this scary math, what does it look like in real life?
ZFA = Multi-Factor Zero Knowledge Authentication
Real World Example. In the world of user authentication, when you give a demo, there is nothing to see.
Also have a browser version.
Success after enter PIN
Success after enter PIN
Authentication demo not worth much
What we really saw was the user experience
What is one of the fastest growing areas for customer authentication?
Combined with biometrics, behavavioral biometrics
Opt out, don’t give consent, ask for alternatives
Green is digital exhaust, digital presence
GDPR: need consent to process personal data
Outed: Chen and Li (2013)
https://trustedcomputinggroup.org/wp-content/uploads/INFOGRAPHIC-TCG-PR-Works-FINAL.pdf
“severe shortcomings” weakens security
Homework #2, read this paper, 20 pages
Weakens the security
Trusted Platform Module (TPM)
Microcontroller designed by Trusted Computing Group
Interfaces with standard hardware/software platform in order to allow it to be secured
Surface mounted chip
Research
Conference this year, Canada, China, and US presented paper on
Zero-knowledge proof systems for QMA
QMA = Quantum Merlin Arthur (Merlin Arthur from computational complexity)
Shafi is the recipient of numerous awards including the Turing Award, and Grace Hopper Award
Three more pages of references and recommended reading in the backup slides section
More diagrams: http://blog.stratumn.com/zero-knowledge-explained-part-1-use-cases/
OMB memo, we need better security
If you want privacy-preserving authentication, then you need better security
Open for debate
When did passwords start?
Where are we today? This grey area.
June, Cloud Identity Summit, “Financial Services are in a race to the bottom to reduce user friction during authentication”
Why do these arrows extend in time? Won’t we kill the password?
My profile is on LinkedIn
Earlier this year I got EU GDPR certification, highly recommend it
I live at the intersection of Security, Privacy and Identity
Usual suspects
Did research, surprised to see it in standards
Many others
Drop deniability, non-repudiation, what happens when you want to make a track bicycle go fast? You take off the breaks to reduce weight, you have also produced a more dangerous bicycle
- In cryptography, the common reference string (CRS) model captures the assumption that a trusted setup in which all involved parties get access to the same string crstaken from some distribution D exists.
Rob Leslie
This is a B2C play, why won’t B2B work initially in the US?
GDPR
178 Swiss francs = ~$185
1-4 = unilateral authentication
5 is either uni or mutual authentication
Entity Authentication what is entity?
This is a reference slide, just read the red font: single message instead of many: Goal to make it more efficient
Interactive Zero-Knowledge Proof, could have many messages back and forth.
Non-Interactive use a single message instead of many.
It’s going to get worse before it gets better
It’s not just a matter of privacy, it’s a matter of security
Question: how many are open source? All but Sedicii
All but Sedicii are open source, or partially open source
More information
Just focus on the yellow column, GitHub links, some or all is open source
Why aren’t there more privacy-preserving solutions on the market? Hard to implement, setup nontrivial.
ZKP is only one part of the authentication solution
Setup involves keys
Instead of PKI with centralized root certificate authority
Decentralized, distributed TAs, receive key shares to create the whole key
Zcash, protect the privacy of transactions
3 cycles,
prover is all-powerful and possesses unlimited computational resources, but cannot be trusted
verifier has bounded computation power
Messages are sent between the verifier and prover until the verifier has an answer to the problem and has "convinced" itself that it is correct.
Digest, Signature, Public key, Timestamp
Quote Dan Crowley something you forgot, lost, or were
Secure Technology Alliance, was Smart Card Alliance
Includes Location
Mobile Identity Authentication, one could argue it mitigates using the same channel for know, have, are, all on mobile device, typically smartphone
TPM
Attestation = One component of trusted computing that has attracted particular attention is remote attestation. Attestation allows a program to authenticate itself and remote attestation is a means for one system to make reliable statements about the software it is running to another system. The remote party can then make authorization decisions based on that information.
Source: https://courses.cs.washington.edu/courses/csep590/06wi/finalprojects/bare.pdf