Bitcoin Forum
September 22, 2019, 11:21:37 AM *
News: Latest Bitcoin Core release: 0.18.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: [OLD] CRYPTOGRAPHIC PROOF OF ASSOCIATION  (Read 7558 times)
derrend
Hero Member
*****
Offline Offline

Activity: 707
Merit: 500



View Profile WWW
May 13, 2015, 09:58:14 AM
Last edit: August 09, 2016, 03:13:55 AM by derrend
 #1

New thread here.
1569151297
Hero Member
*
Offline Offline

Posts: 1569151297

View Profile Personal Message (Offline)

Ignore
1569151297
Reply with quote  #2

1569151297
Report to moderator
PLAY NOW
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1569151297
Hero Member
*
Offline Offline

Posts: 1569151297

View Profile Personal Message (Offline)

Ignore
1569151297
Reply with quote  #2

1569151297
Report to moderator
1569151297
Hero Member
*
Offline Offline

Posts: 1569151297

View Profile Personal Message (Offline)

Ignore
1569151297
Reply with quote  #2

1569151297
Report to moderator
1569151297
Hero Member
*
Offline Offline

Posts: 1569151297

View Profile Personal Message (Offline)

Ignore
1569151297
Reply with quote  #2

1569151297
Report to moderator
compmaster
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250


View Profile
May 14, 2015, 09:06:10 PM
 #2

Nice idea. I'm not into websites anymore though. I only trust decentralized blockchains. I'm excited for the day when blockchains can be searched instantly. I hope you move this project to a blockchain one day in the future.
BG4
Legendary
*
Offline Offline

Activity: 979
Merit: 1015


PaperSafe


View Profile WWW
May 14, 2015, 11:42:14 PM
 #3

This concept goes good with NFC tags for quick authentication...
derrend
Hero Member
*****
Offline Offline

Activity: 707
Merit: 500



View Profile WWW
May 15, 2015, 12:30:16 AM
Last edit: May 15, 2015, 12:47:42 AM by derrend
 #4

Nice idea. I'm not into websites anymore though. I only trust decentralized blockchains. I'm excited for the day when blockchains can be searched instantly. I hope you move this project to a blockchain one day in the future.
Since only the extended public key is submitted there is no trust involved because no private components are contained within the public key Smiley
compmaster
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250


View Profile
May 15, 2015, 07:22:31 PM
 #5

Nice idea. I'm not into websites anymore though. I only trust decentralized blockchains. I'm excited for the day when blockchains can be searched instantly. I hope you move this project to a blockchain one day in the future.
Since only the extended public key is submitted there is no trust involved because no private components are contained within the public key Smiley

What if someone hacked the website database and changed data? This is my #1 problem with all current websites. I will still support your project while its built with the traditional full-stack model. I hope you switch one day in like 2 or 3 years once blockchain tech is more advanced.
derrend
Hero Member
*****
Offline Offline

Activity: 707
Merit: 500



View Profile WWW
May 15, 2015, 10:13:18 PM
Last edit: October 02, 2015, 11:13:07 PM by derrend
 #6

What if someone hacked the website database and changed data? This is my #1 problem with all current websites. I will still support your project while its built with the traditional full-stack model. I hope you switch one day in like 2 or 3 years once blockchain tech is more advanced.
All websites are at risk of being hacked in one way or another, even the btc blockchain is not immune it's just unlikely but we take every precaution we can, hashed addresses etc.
Our database will be distributed across our servers but we probably wont ever store data in the blockchain.

We could register scans on the btc blockchain right now and just log the transaction numbers but then we would end up maintaining a database again, only now we are forcing btc node maintainers to store extra data unnecessarily and adding to a blockchain already over 30GB in size.

Being able to keep track of this information without burdening the blockchain is a feature of CPOP.
jdebunt
Legendary
*
Offline Offline

Activity: 1498
Merit: 1000


View Profile WWW
May 16, 2015, 08:24:16 AM
 #7

Congratz, let's see if the "real world" shows an interest in the campaign Smiley
btcdrak
Legendary
*
Offline Offline

Activity: 1064
Merit: 1000


View Profile
May 17, 2015, 02:24:10 PM
 #8

What if someone hacked the website database and changed data? This is my #1 problem with all current websites. I will still support your project while its built with the traditional full-stack model. I hope you switch one day in like 2 or 3 years once blockchain tech is more advanced.
I suppose all websites are at risk of being hacked in one way or another, even the btc blockchain is not immune it's just unlikely but we take every precaution we can, hashed addresses etc.
Our database will be decentralised across our servers but we probably wont ever store data in the blockchain.

We could register scans on the btc blockchain right now and just log the transaction numbers but then we would end up maintaining a database again, only now we are forcing btc node maintainers to store extra data unnecessarily and adding to a blockchain already over 30GB in size.

Being able to keep track of this information without burdening the blockchain is a feature of CPOP.

Sorry but this is handwaving away a serious objection. If you are calling something cryptographic proof-of-publication it really needs to have both cryptography and proof-of-publication as part of it's methodology.

There is no proof-of-publication in this scheme which would make data tamper-proof.
You are relying on a public key for validation but if the public master key is leaked then anyone can derive all the public keys/bitcoin addresses. The entire security of your system relies on your ability to not get hacked, and for the client to not reveal their public master key allowing anyone to generate addresses without anyone's knowledge. If this were cryptographically secure then it wouldn't matter if your database were hacked because no-one could derive the public bitcoin addresses anyway. If you were using real proof-of-publication then your data couldn't be tampered with.
btcdrak
Legendary
*
Offline Offline

Activity: 1064
Merit: 1000


View Profile
May 17, 2015, 02:58:25 PM
 #9

It's not 'publication' it's 'production' and you reveal no secrets when you divulge a public key (apart from its subkeys in this case).
'cryptographic probability of production' would be technically correct but since Heisenberg showed us that all certainty is a matter of likelihood I don't feel guilty about using the word 'proof' because a measure of likelihood is what it provides.

But it does matter because you are using the derives public keys/addresses as proof of knowing the public master. The scheme is not sound because a leak of your database leaks every possible key, allowing un-noticed forgery.
derrend
Hero Member
*****
Offline Offline

Activity: 707
Merit: 500



View Profile WWW
May 17, 2015, 03:18:31 PM
Last edit: October 02, 2015, 11:12:24 PM by derrend
 #10

It's not publication, it's production.
Publication suggests a way to derive if an object existed at a particular time which is not the case regarding CPOP because there is no blockchain involved.

If this were cryptographically secure then it wouldn't matter if your database were hacked because no-one could derive the public bitcoin addresses anyway. If you were using real proof-of-publication then your data couldn't be tampered with.
This is exactly the case with CPOP.

The scheme is not sound because a leak of your database leaks every possible key, allowing un-noticed forgery.
Not true, You're assuming we keep the public master on record which we do not.
We log the hashed versions of the subkey addresses so a database hack would be no use to forgers.

At no time is the master public key written to disk.
bitlover
Newbie
*
Offline Offline

Activity: 33
Merit: 0


View Profile
May 19, 2015, 01:59:46 AM
 #11

So you have master key from which unique baby public keys are created. Then someone registers their master-key in your system and, from then on, people can check how many times a related public key has been submitted before.

Right?

Now riddle me this:

1) what the hell does this have to do with bitcoin or any other cryptocurrency? It's just a centralized service that uses basic cryptography. Why would people trust your service? it can be hacked, your internal database modified, etc.

2) Are you seriously expecting people to print (and scan!) QR codes on individual pills?  Really?

3) Finally, what is stopping some asshole from taking a pill from a bottle and replacing it with another pill with the same code?

Like, I don't want to be mean, but this is among the dumbest ideas I've ever heard.
derrend
Hero Member
*****
Offline Offline

Activity: 707
Merit: 500



View Profile WWW
May 19, 2015, 02:15:11 AM
Last edit: May 19, 2015, 02:29:53 AM by derrend
 #12

1) what the hell does this have to do with bitcoin or any other cryptocurrency? It's just a centralized service that uses basic cryptography. Why would people trust your service? it can be hacked, your internal database modified, etc.
It's bitcoin addresses that are logged and so the association with cryptocurrency, we take every security precaution, master keys are not stored, subkey addresses are hashed, etc.

Quote
2) Are you seriously expecting people to print (and scan!) QR codes on individual pills?  Really?
No, that would be silly, the pills are so numerous for a start that people wouldn't bother to scan them on a regular basis. I suspect the bottle would be more sensible. The image gets the idea across quite nicely though.

Quote
3) Finally, what is stopping some asshole from taking a pill from a bottle and replacing it with another pill with the same code?
Well that's a murderer and there's no stopping him.

Quote
Like, I don't want to be mean, but this is among the dumbest ideas I've ever heard.
I think it could be useful actually for any business who cared to participate. Nobody can be forced to use the service.
bitlover
Newbie
*
Offline Offline

Activity: 33
Merit: 0


View Profile
May 19, 2015, 02:37:13 AM
 #13

It's bitcoin addresses that are logged and so the association with cryptocurrency, we take every security precaution, we dont store any master keys, the subkey addresses are stored as hashes, etc.

Just because you have a string of numbers in the form of a bitcoin address doesn't mean that you are actually using the cryptocurrency. They are just unique identifiers derived from a master key, it has nothing to do with cryptocurrencies. Can you prove ownership of the baby address inthe blockchain? nope. Do you use those addresses (to receive some dust, for instance) in any way? nope.

So what if you don't store any master keys? you are still a centralized point of failure. When you say that a certain address has not been submitted before, why should I trust you? (since the database that counts how many times it has been submitted can be altered)

Quote
No, that would be silly, the pills are so numerous for a start that people wouldn't bother to scan them on a regular basis. I suspect the bottle would be more sensible. The image gets the idea across quite nicely though.

Then what's the point of this? Just put a tamper-proof device in the bottle and be done with it. The image does get an idea across quite nicely, shame it is not actually the idea you have.

Like, if the image you are using to get your point across shows something that is, in your own words "silly" and you cannot even be bothered to put enough effort to a) show a proper representation of your idea and b) learn how to photoshop a QR code on top of an image. Why would anybody believe you are going to be acting professionally?

Quote
Well that's a murderer and there's no stopping him.

Well, you have convinced me of the usefulness of your system.
derrend
Hero Member
*****
Offline Offline

Activity: 707
Merit: 500



View Profile WWW
May 19, 2015, 02:51:48 AM
Last edit: May 19, 2015, 03:05:04 AM by derrend
 #14

They are just unique identifiers derived from a master key, it has nothing to do with cryptocurrencies.
Please realise these unique identifiers are valid addresses on the bitcoin blockchain.

Quote
So what if you don't store any master keys? you are still a centralized point of failure. When you say that a certain address has not been submitted before, why should I trust you? (since the database that counts how many times it has been submitted can be altered)
There are over two billion subkeys per master key, the website is based on the idea that your particular key has been manipulated is so unlikely that you can rationally trust the result.

Quote
put a tamper-proof device in the bottle and be done with it.
That is indeed an alternative solution.
bitlover
Newbie
*
Offline Offline

Activity: 33
Merit: 0


View Profile
May 19, 2015, 03:03:24 AM
 #15

Plase realise these unique identifiers are valid addresses on the bitcoin blockchain.

I realize it. Now, tell me, does anybody have the master keys for those unique addresses?  (not the master-key from which they were derived, but the actual key to spend any bitcoin inside them).
derrend
Hero Member
*****
Offline Offline

Activity: 707
Merit: 500



View Profile WWW
May 19, 2015, 03:06:59 AM
 #16

I realize it. Now, tell me, does anybody have the master keys for those unique addresses?  (not the master-key from which they were derived, but the actual key to spend any bitcoin inside them).
Yes, the holder of the master private key. Which isn't us because we never have access to that.
bitlover
Newbie
*
Offline Offline

Activity: 33
Merit: 0


View Profile
May 19, 2015, 03:14:55 AM
 #17

I realize it. Now, tell me, does anybody have the master keys for those unique addresses?  (not the master-key from which they were derived, but the actual key to spend any bitcoin inside them).
Yes, the holder of the master private key. Which isn't us because we don't have access to that.

Great, so what do they use those addresses for? Do they send/receive any bitcoin to it? Nope. You're not using the blockchain in any way, as you have already admitted, so what does this thing have to do with cryptocurrencies?

You could do the same using regular OpenPGP subkeys and registering them in your centralized system. People already use similar cryptographic solutions for all kinds of things (but not pills, because that's pretty silly) so why would they use your service?

derrend
Hero Member
*****
Offline Offline

Activity: 707
Merit: 500



View Profile WWW
May 19, 2015, 03:23:04 AM
Last edit: May 20, 2015, 12:52:43 PM by derrend
 #18

Great, so what do they use those addresses for? Do they send/receive any bitcoin to it? Nope.
No harm in giving them the option though.

Quote
You're not using the blockchain in any way, as you have already admitted, so what does this thing have to do with cryptocurrencies?
There would be no advantage to logging hits in the blockchain, you would still end up maintaining a database only you're needlessly impacting the blockchain now.

Quote
so why would they use your service?
We can discover the answer to that question by providing it in the first place Smiley.
bitlover
Newbie
*
Offline Offline

Activity: 33
Merit: 0


View Profile
May 19, 2015, 03:25:12 AM
 #19

We can discover the answer to that question by providing it in the first place Smiley.

Good luck.
UserVVIP
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


View Profile
October 01, 2015, 12:55:22 PM
 #20

So what exactly does this service do you?

I already have my private key encrypted.
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!