The Witness Angel is your judicial testimony, irrefutable and inviolable.
It acts like a digital memory, but which can never be accessed outside a proper judicial complaint.
Thanks to its innovative write-only encryption, it overcomes the opposition between protection of privacy and recording of judicial proofs.
Discover here how it works, with some technical details on its first implementation.
2. Unsatisfying Society Invariants
●
Lies (often) overpower Truth
●
« It's your word against theirs »™
●
France:
– 2% of 75k yearly rapes obtain justice
– 20% of female employees were sexually harassed
– 30% of all employees were morally harassed
– Rise of #METOO & other Twitter Justices
●
Memories are incomplete, biased, alterable
3.
4. "Solutions" bringing problems
●
Blind trust in forensic technicians
– See 1141 victims of Dookhan Scandal
●
Cameras, trackers & spies everywhere
– Watch live on www.insecam.org
●
Conflict: Privacy vs Security
– Weird results
●
Opacity for governments and global corporations
●
Transparency for harmless citizens
5. An appeal for subsidiarity
●
Smartphone recordings
●
Car dashcams (popular in Russia)
●
Body worn video (police, firefighters)
All still dangerous and one-sided
6. Beyond dilemmas
●
What do we really want?
– WRITE-ONLY recordings
●
How do we do it?
– Asymmetric cryptography & Trusted third-parties
●
When do we want it ?
– ASAP
7. New roles
●
Key Guardians
– Global, diverse & independant entities
– Provide unique padlocks for data containers
– Certify and timestamp the containers (blind signatures)
●
Witness Angel Devices
– Record data (gps, audio, video, heartbeats...)
– Encrypt data into write-only containers
●
Revelation Stations (at the tribunal)
– Query all parties for authorizations
– Decrypt only the officially requested chunk of data
9. So much work...
●
Technical:
– Cryptographic utilities everywhere
– Webservices and data storage
– Mobile apps with sensors/recorders
– Revelation station
– Container management and verification software (later)
●
Non-technical:
– Legal evolutions to regulate the system
– Partnerships with enterprises and associations
– Public awareness regarding "write-only" concept
10. ... and so little workforce
●
Do not reinvent the wheel
●
Be robust as heck
●
Be cross-platform from the start
●
Explore and make Proofs of Concept
11. I choose you... PYTHON
●
Not a "by default" choice
●
Good interoperability
– With operating systems
– With other langages
●
Good for webservices
●
Good for cryptography
●
Good for… smartphones?
12. WA-Cryptolib
●
Pycryptodome has it (almost) all
– Symmetric ciphers: AES & Chacha20
– Asymmetric ciphers: RSA
– PSS & DSS signatures
– Shamir’s shared secrets (yummy!)
●
Compiled C/C++ extensions: FAST
●
We only need thin wrappers, to check
permissions and enforce high security settings
13. WA-Escrow (trusted third-party)
●
No time for SOAP/REST : Json-RPC all the way
– Use django-json-rpc bridge
– See « Rest is the new Soap » on the Web
●
No time for custom serialization of bytes, dates etc.
– PyMongo's Extended Json
●
No time for 0xab179e101 errors
– Error Slugs ("error->functional->unknown_uuid")
●
No time for handmade storage
– SQL tables with django-cryptography fields
14. WA-Client (mobile app)
●
Here begins the fun (and hazard)
●
No money for a custom smartwatch (yet)
●
What our prototype needs
– Native app on Android (but portable to iOS someday)
– Full access to sensors/media/web
– Compatible with C/C++ extensions
– Runnable as a background service
– Launchable at boot (someday)
– With a nice GUI to manage it
17. Kivy Limits & Challenges
●
Build complexity: ...acceptable
●
App size & launch time: OK
●
Accessibility: None for now
– Trick: use Gevent to mix tests and event loop in main thread
●
Call recording: Restricted by OS
●
Background sensors: ?
●
Performance & battery drain: ?
19. Thanks for your attention!
●
Any questions?
●
Feedbacks/advices/contributions are welcome
https://github.com/WitnessAngel/
●
More information in website and initial essay:
https://witness-angel.prolifik.net/
https://medium.com/@pakaldebonchamp/the-witness-angel-concept-17c5a5f70e5b
