Using the NFC chip of the Passport to do Proof-of-Work

[uboid]

Finding ASIC, FPGA and GPU resistant hashing algorithms to perform a more equitable proof-of-work that would even let Smartphones participate on an equal level with computers has been a long term problem and so far there are no good solutions to it.
I myself didn’t believed there could be a solution until very recently when I got an epiphany while working with the “active authentication” feature of the passport.
Let me explain, biometric passports have been equipped with an NFC chip since their introduction 15 years ago.
Many of these passports have a feature called “active authentication” that verifies if the NFC chip has been cloned or not.
To do so the verification terminal sends a challenge to the NFC chip, a private key contained in the chip then signs the challenge and returns the signature.
It is also noteworthy that the NFC chip’s private key cannot be extracted from it, at least not easily and that it’s public key is signed by a Document Signing Certificate from the government.
So how could this help with POW?
Well, signing a challenge with a private key is similar to using sha256 or any other hashing algorithm in the sense that it will create an unpredictable and unique output for any provided input.
In this scenario passports would try to mine a block by signing it, until they find a signature that matches a certain difficulty requirement just like it is the case with the classical POW.
It is to assume that passport chips are similar enough so that they would provide a similar signing rate per second. Making it probably the most egalitarian POW mechanism that could exist.

Here is the link to the article: https://medium.com/@janmoritz_48488/using-the-nfc-chip-of-the-passport-to-do-proof-of-work-b77e1a5343a1

What do you think?

[calmstorm]

The passport NFC chip is just a smart card with a crypto engine to perform private key signing. One can run a smart card simulator on a computer to simulate the passport chip, and is significantly faster:
https://github.com/OpenSC/OpenSC/wiki/Smart-Card-Simulation

People can run a farm of these computers to easily out-perform the actual passport chips.

[btctaipei]

to actually implement PoW scheme like shamir signatures, merle-tree based algorithms requires alot of memory and data lines that those NFC chips lacks.  I believe mining community here can pitch in the details on this.

[baro77]

I think computers simulating cards are not a TECHNOLOGICAL problem, because:

1) trust model relies on the fact the passport chip cannot be tampered, so the private key cannot be stolen to be used into a simulator/emulator
2) consensus should provide for Document Signing Certificate of the public key to be checked, so you cannot use a fake private key in the simulator because its public key wouldn't own a valid certificate (the only valid keys would be the passport ones)

I like this proposal because it remember me the Satoshi's one-cpu-one-vote idea

BUT

point 2) above introduces its biggest problem... it relies on a centralized authority,  the one distributing passports (or, equivalently for us now, the private/public keys pairs): stating passport issues are a nation-level affair, the nation could 51%-attack the network.

So I guess there's more to work on (or trim down the applicability context), but I repeat, i really like the idea of a "cartel-resistant mining"

[uboid]

There were quite interesting discussions about it on Hacker News:
 - https://news.ycombinator.com/item?id=23072416
 - https://news.ycombinator.com/item?id=23066477