Tuxavant (OP)
|
|
January 06, 2012, 10:03:44 PM |
|
Has anyone discussed using the PKI of Bitcoin as an encryption and authentication method? Specifically, since it puts digital keys in the hands of every user, is it possible for a system to present a challenge string to a user, have them sign it with their "registered" key, and prove an identity? Can the Bitcoin keys be used to encrypt to public keys in the same fashion as PGP?
It seems like Bitcoin indirectly pushes a PGP type solution to end users in a way that can be intuitive for the average person if a client could accommodate this kind of feature.
|
|
|
|
Tuxavant (OP)
|
|
January 07, 2012, 08:59:43 AM |
|
I just had an epiphany... if traditional PKI could be performed with Bitcoin, then couldn't merchants require the association of a bitcoin address with an account and effectively render the multiple confirmation time problem null and void?
For instance, a user could setup an account with their public key with a merchant... then at the time of purchase, sign a challenge with the private key as a authentication to that account. If the user does do some kind of fraud, it's linked to an account for reporting to an authority (or whatever). With the authentication, the merchant could trust 0 confirmation transactions instantly.
|
|
|
|
phillipsjk
Legendary
Offline
Activity: 1008
Merit: 1001
Let the chips fall where they may.
|
|
January 07, 2012, 05:06:57 PM |
|
PGP is designed for secure communication, Bitcoin is designed for secure transactions.
While there is some overlap, using PGP will be better for secure communication. For example, it allows you to more easily change things like the encryption algorithm and keysize. If the encryption cryptographic authentication used by bitcoin fails, we will likely have to move to a new block-chain to fix the problem. Hopefull if (when) that happens, people will have enough notice for an orderly transition. It is only money after all.
I have a gut feeling that Bitcoin has actually compromized on security in order to keep the public addresses compact. While it is still secure, so long SHA-256 is not broken, it is something to keep in mind.
|
James' OpenPGP public key fingerprint: EB14 9E5B F80C 1F2D 3EBE 0A2F B3DE 81FF 7B9D 5160
|
|
|
notme
Legendary
Offline
Activity: 1904
Merit: 1002
|
|
January 07, 2012, 05:09:58 PM |
|
signmessage and verifymessage are already implemented in the standard client. Encrypt/decrypt might be accepted if you coded it up, but you might want to inquire on the mailing list or irc before putting in the work.
|
|
|
|
Tuxavant (OP)
|
|
January 07, 2012, 05:15:16 PM |
|
I'm starting to think this would be most beneficial for rapid micropayments with zero fraud or at least usable fraud mitigation.
|
|
|
|
paybitcoin
Member
Offline
Activity: 85
Merit: 10
1h79nc
|
|
January 08, 2012, 09:43:41 PM |
|
Yes, it is something I was hopefully going to put into place, to provide a better reputation service that goes way beyond the existing Web-of-Trust ratings and can provide for the fraud protection and rapid payments while using the existing Bitcoin network as-is. One of the major problems is that the default client doesn't allow sending from a specific address; better for the anonymity side, but worse for a PKI-including system. Anything like this would need to come with some sort of wallet-type system itself to guarantee a sending address or would be a patch to the client as a default sending address if it catches on.
|
|
|
|
Tuxavant (OP)
|
|
January 08, 2012, 11:05:18 PM |
|
Bitcoin is young. These are all things that can be addressed as developers and users understand new ways to use Bitcoin. Besides, there are currently plenty of ways to protect the keys beyond what the current client provides. PGP has actual working security when you type your passphrase into a shell with it it still keeps it hidden unlike the BTC implementation of it where the passphrase to encrypt the wallet for example is bleed into the shell for a simple history search to find it, so there is no comparing the joke of the security you get with BTC to the actual security you get with PGP.
|
|
|
|
Nesetalis
|
|
January 08, 2012, 11:52:38 PM |
|
Not to attack your idea, its not bad, but... PGP exists, it works well. There is no need to pollute bitcoin with bloat. Let it do one task and one task well.
now.. the client itself, if you want /it/ to do other things, thats another story, but leave the block chain alone. :p
|
ZOMG Moo!
|
|
|
Tuxavant (OP)
|
|
January 08, 2012, 11:57:18 PM |
|
There's no need to pollute Bitcoin... The keys and addresses books are already there. Just a dialog box or two to sign messages - or whatever depending on what kind of applications are innovated. PGP does work well, but hasn't it been like around since the dinosaurs and the average person still hasn't adopted it? If Bitcoin become ubiquitous as a currency, we've already pushed a huge portion of PKI to everyone in the world at that point. Just a few more dialogs boxes to go and everyone's using decentralized encryption and digital signatures. The thought of that makes me kinda wet. Doesn't it have the same effect on you? Not to attack your idea, its not bad, but... PGP exists, it works well. There is no need to pollute bitcoin with bloat. Let it do one task and one task well.
|
|
|
|
phillipsjk
Legendary
Offline
Activity: 1008
Merit: 1001
Let the chips fall where they may.
|
|
January 09, 2012, 08:32:42 AM |
|
PGP does work well, but hasn't it been like around since the dinosaurs and the average person still hasn't adopted it? If Bitcoin become ubiquitous as a currency, we've already pushed a huge portion of PKI to everyone in the world at that point. Just a few more dialogs boxes to go and everyone's using decentralized encryption and digital signatures.
PGP hasn't gained wide adoption because maintaining proper security is hard. Before signing somebody's key, you are supposed to meet them in person (or at least out-of-band) to exchange Public Key Fingerprints. You then use that fingerprint (hash) to verify that the published public key is correct. Most people are not in the habit of publishing their public bitcoin addresses because the information is so sensitive: the public transaction record would let you trace everything that they do. I am relatively new to PGP, so have not had to handle key management yet. Before your key expires (PGP keys expire, bitcoins don't), you have to generate a new key and sign it with your old one. That way, you don't have to go around in person to sign keys again. However, if you have received any encrypted messages, you should keep the old keys around for decryption purposes. If you old keys are later considered weak, you have to decide if you want to re-encrypt your old messages with your old keys. Doing so would likely invalidate any signatures from the sender. PGP's strength is that it has been tested and answering these questions for over a decade. Most people simply decide they don't really care that much about security. That may or may not change with Bitcoin, the balkanization of the DNS roots, the rise of oinion routing and mesh networking, etc. PS: PGP also supports key revocation in case it gets leaked. Bitcoin has no such mechanism other than spending the funds before the attacker does.
|
James' OpenPGP public key fingerprint: EB14 9E5B F80C 1F2D 3EBE 0A2F B3DE 81FF 7B9D 5160
|
|
|
Akemashite Omedetou
|
|
January 10, 2012, 03:05:17 AM |
|
Has anyone discussed using the PKI of Bitcoin as an encryption and authentication method? Specifically, since it puts digital keys in the hands of every user, is it possible for a system to present a challenge string to a user, have them sign it with their "registered" key, and prove an identity? Can the Bitcoin keys be used to encrypt to public keys in the same fashion as PGP? What would be the point? PGP also puts digital keys in hands of every user. Bitcoin IS using the very similar public key cryptography to what PGP is doing. Bitcoin does one thing, PGP does another thing, both using a lot of the same technology. What is wrong with them both doing the thing they were meant to do and nothing else? Is there something particular you don't like in how PGP operates?
|
Bitcoin Fog: Secure Bitcoin Anonymization
--- Creedy: Die! Die! Why won't you die?... Why won't you die? V: Beneath this mask there is more than flesh. Beneath this mask there is an idea, Mr. Creedy, and ideas are bulletproof.
|
|
|
Tuxavant (OP)
|
|
January 10, 2012, 07:21:18 AM |
|
What is wrong with them both doing the thing they were meant to do and nothing else? Is there something particular you don't like in how PGP operates?
The only problem I see is that PGP is, to the average user, this ominous, difficult to understand thing, that users have historically not taken part in.. Bitcoin, however, if it becomes ubiquitous, will automatically be in their hands because they are using Bitcoin. They will automatically have the technology to do digital signatures and possibly public key encryption through their Bitcoin keys - if the client can deliver a user friendly interface.
|
|
|
|
Nesetalis
|
|
January 10, 2012, 03:35:44 PM |
|
all that means, is that some one needs to write a better user interface
|
ZOMG Moo!
|
|
|
|