Bitcoin Forum
November 18, 2024, 01:32:50 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 [3]  All
  Print  
Author Topic: Bitcoin's Decentralized PKI (Public Key Infrastructure)  (Read 7796 times)
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
July 11, 2012, 01:06:29 PM
 #41

Exactly my point actually.... Finger printing is flawed to authenticate identity.. It only shows "significant evidence" you are authenticating your identity with only fingerprint. AFAIK a true fingerprint system would incorporate a Fingerprint, Eye scan as well as a unique password that is unique to the identity but then again that’s for entering secure buildings by that method of authentication becuase as its easy to kill someone and take their fingerprints, eyeballs(eww) and beat the password outta them before you kill them its shouldn't be possible to enter a secure building with a bloddy finger, an eye ball(forget the password) llol

Ouch - am now having nightmare visions of people turning up to voting booths with bags of eyeballs and fingers.  Shocked

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
phelix
Legendary
*
Offline Offline

Activity: 1708
Merit: 1020



View Profile
July 11, 2012, 01:08:14 PM
 #42

Couldn't this be done with Namecoin? Namecoin is decentralized, cryptographically secure, and can be easily extended to have an ID or voting system.

http://dot-bit.org/Personal_Namespace
http://dot-bit.org/Namespace:Aliases
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
July 11, 2012, 01:11:44 PM
 #43

Couldn't this be done with Namecoin? Namecoin is decentralized, cryptographically secure, and can be easily extended to have an ID or voting system.

http://dot-bit.org/Personal_Namespace
http://dot-bit.org/Namespace:Aliases

Interesting stuff (and makes Namecoin look more relevant), however, the problem when it comes to voting is one can create multiple identities and AFAICT this is the #1 problem that is so far lacking a de-centralised solution (hence why I threw out the bio-recognition idea).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 686
Merit: 500


Wat


View Profile WWW
July 11, 2012, 01:18:30 PM
 #44

Couldn't this be done with Namecoin? Namecoin is decentralized, cryptographically secure, and can be easily extended to have an ID or voting system.

http://dot-bit.org/Personal_Namespace
http://dot-bit.org/Namespace:Aliases

Interesting stuff (and makes Namecoin look more relevant), however, the problem when it comes to voting is one can create multiple identities and AFAICT this is the #1 problem that is so far lacking a de-centralised solution (hence why I threw out the bio-recognition idea).


Politicians abuse this by getting dead people to vote. The diebold voting machines dont even use encryption. Heck i would be happy if the government sent me communications via gpg so all I had to do is gpg sign up at the voting booth.

CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
July 11, 2012, 01:25:23 PM
 #45

Politicians abuse this by getting dead people to vote. The diebold voting machines dont even use encryption. Heck i would be happy if the government sent me communications via gpg so all I had to do is gpg sign up at the voting booth.

Indeed that was my thinking behind having 2 private keys (one that only the actual person has) - also I guess a registry of dead identities would be required (yes rather impossible with fingerprints if they were burned beyond recognition - DNA?).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 686
Merit: 500


Wat


View Profile WWW
July 11, 2012, 01:35:12 PM
 #46

Politicians abuse this by getting dead people to vote. The diebold voting machines dont even use encryption. Heck i would be happy if the government sent me communications via gpg so all I had to do is gpg sign up at the voting booth.

Indeed that was my thinking behind having 2 private keys (one that only the actual person has) - also I guess a registry of dead identities would be required (yes rather impossible with fingerprints if they were burned beyond recognition - DNA?).



I dont know about that. But i do know Ive never been ripped off using bitcoin-otc.

CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
July 11, 2012, 01:45:35 PM
 #47

I dont know about that. But i do know Ive never been ripped off using bitcoin-otc.

Sure - the idea of identifying a person uniquely is very different concept from creating a WoT (although it may actually be possible to use the blockchain technology to do both things).

For sure a WoT is the key thing for doing trading with other entities.

Identifying individuals is only critical if we want to be able to support a democratic style of voting in a de-centralised manner (something I think would be an amazing feat to achieve).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
July 11, 2012, 01:48:52 PM
 #48

btw - in regards to WoT I had previously posted some thoughts regarding using the blockchain here: https://bitcointalk.org/index.php?topic=87339.0

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 686
Merit: 500


Wat


View Profile WWW
July 12, 2012, 02:14:56 AM
 #49

When there are numerous bitcoin-otc sites sharing trust metrics that will be a decentralized wot.

You simply need to define a sharing protocol between all the disparate sites.

Free market rating agencies ftw.

Elwar
Legendary
*
Offline Offline

Activity: 3598
Merit: 2386


Viva Ut Vivas


View Profile WWW
July 12, 2012, 06:13:33 PM
 #50

Perhaps your DNA sequence could be used.

Add an extra digit to distinguish between twins/triplets/etc (1 for first born,2 for second...)

First seastead company actually selling sea homes: Ocean Builders https://ocean.builders  Of course we accept bitcoin.
allten (OP)
Sr. Member
****
Offline Offline

Activity: 455
Merit: 250


You Don't Bitcoin 'till You Mint Coin


View Profile WWW
July 19, 2012, 11:59:28 PM
 #51

updated the OP (7/19/2012)

Updated the Title
Old Title: Decentralized Identity Management using the Block Chain

Thanks to all for the responses and resources. When I originally had this idea, I had no experience or knowledge of what already existed on the net.
Wasn't even sure what to call it. The Web of Trust was by far the closest to what I had envisioned.
(see http://privwiki.dreamhosters.com/wiki/Distributed_Web_of_Trust_Proposal_2)

My idea isn't new at all and there's are many similar applications and projects online.

I came across an article today that was a gold mine of information and the first part lay's the foundation to web of trust, decentralized ID system, and others.

Beyond “web of trust”: Enabling P2P E-commerce
http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=5&ved=0CFwQFjAE&url=http%3A%2F%2Fciteseerx.ist.psu.edu%2Fviewdoc%2Fdownload%3Fdoi%3D10.1.1.15.82%26rep%3Drep1%26type%3Dpdf&ei=lU4IUMPQGsXI2wWqyL3SBA&usg=AFQjCNEPBsAnoUQrgcd1Uj76DUbbVLLriw

I'm considering starting a github repository where the technical aspects of this PKI using the blockchain can start to be formed.

If this is conflicting with anyone's efforts, please let me know. Also, PM me if you would like to be part of the project.
Ichthyo
Hero Member
*****
Offline Offline

Activity: 602
Merit: 500


View Profile
July 20, 2012, 10:16:39 PM
 #52

Wow guys....

just came accross that thread, a lot of intriguing ideas.

Just the moment before, I stumbled over this thread and commented:
https://bitcointalk.org/index.php?topic=93848.msg1043586#msg1043586

Basically what I wrote there fully applies to this discussion here as well...


We should not try to develop "applications" or even "killer applications". This will just carry us away into diversification.

Rather, this topic should be approached similar to the layered network architecture, which was so successfull with the Internet.


Foundation layers.... pick as you see fit. Internet, cell phone, smoke signals, who cares... Wink
Network layer: Bitcoin network + namecoin network or a hybrid / linked approach
Transport layer: this is what we try to put together here

Application layer: basically any administrative / governmental protocol can be built on top.


What would be the service provided by this "transport layer"?  a timestamped, provable, irrevocable administrative act, linked to other prerequisite administrative acts. Note: the actual content and meaning of these administrative acts is application-dependant, just like the actual meaing and specific protocols in the internet are application-depentant.

Certifying trust would be an example for such an act. In most cases, such an act would not happen out of thin air. Rather, it would require some prerequistes, like some kind of "payment", or "title" or "approvement" or some other act provided in exchange.

To repeat my example of the "Anonymous insurance".
You pay and acquire insurance tokens in return.
Some incident happens, forcing you to draw on your insurance: now you contact a survey report service, which confirms the incident/damage and signs a sufficient amount of insurance tokens. These signed insurance+survey tokens now allow you to receive payment by a cooperating payout settlement service.

Note: none of the involved entities need to know and store the full disclosure of what happened.
  • the insurance company can do the bookkeeping, keep the balances sane and calculate the insurance rates, without needing to know anything about what happened to you. It just sees the signed insurance tokens sent back from the payout settlement serivce
  • the survey report service doesn't need to know anything about your finnancial situation. In fact, it doesn't even need to know which is the inssurance company, nor does it need to judge the finnancial consequences of its reports. Yet, the survey service gets its payment, based on the signed insurance tickets
  • similar situation for the payout service. It doesn't even need to know that you get an payout due to an insurance relevant incident. It just does payouts in exchange for signed administrative-act tickets

only you as the customer link together these parts and drive the process. You remain in control. Obviously, these cooperating parts need to trust each other. And this way we're entering recursion....


Hopefully you get my point: any administrative or governmental act could be done in such a peer-to-peer fashion. And the necessary techincal infrastructure is allready there....



allten (OP)
Sr. Member
****
Offline Offline

Activity: 455
Merit: 250


You Don't Bitcoin 'till You Mint Coin


View Profile WWW
July 24, 2012, 05:40:30 PM
 #53

Update OP: 7/24/2012
 
Still Playing around with the title. Now, the name is just right IMO in describing where I hope this thread and project will go. I had debated about using the word "decentralized" since the name Bitcoin already implies this; however, the implementation of this PKI compared to the majority out there is decentralized in so many ways that I decided it had to be there.

Here's some good material of the technology already out there.
http://highsecu.free.fr/db/outils_de_securite/cryptographie/pki/publickey.pdf
http://en.wikipedia.org/wiki/Public_key_infrastructure
http://en.wikipedia.org/wiki/Digital_signature


allten (OP)
Sr. Member
****
Offline Offline

Activity: 455
Merit: 250


You Don't Bitcoin 'till You Mint Coin


View Profile WWW
August 10, 2012, 12:11:35 AM
 #54

Update OP: 8/09/2012

Looking into the more technical aspect of how to store data on the block chain; so far, I've found these two methods:

1) Uses multiple outputs to send a message (store data). Each output address is data; therefore, the coins are destroyed.
https://en.bitcoin.it/wiki/Block_chain_message_service

2) Transaction with a message inside the script
https://en.bitcoin.it/wiki/Script#Transaction_with_a_message

Mike Hearn makes some good points about the first method that I believe also applies to second.
https://bitcointalk.org/index.php?topic=47283.msg607667#msg607667

Also, if I understand correctly, there are other ways to embed messages(data) into the transaction that are less likely to be (pruned) and deleted, but I'm still leaning towards #1.
Here's my reasoning:

* It requires more bitcoin to add data into the block chain when using the addresses in the outputs. Because of all the costs, it should satisfy any naysayer because the creator of the transaction "paid for it". Even if someone doesn't agree with the blockchain being utilized this way; well, who cares, those users burning their coins are making the rest of us more wealthy.

*When the question is asked "What uses does bitcoin have beyond just financial transactions?", you will now have an additional reason to give: pay miners to add data in the most distributed, secure, and accessible database in the world.

*Also, it would still be friendly to those that only want to manage a pruned/trimmed blockchain. As Michael Hearn pointed out, transaction outputs that will clearly never be spent can be deleted with no worry of anyone spending them.

I've also been thinking about adding in the technical document that all the coins used on undependable outputs for "Bitcoin's Distributed PKI" will be available for miner rewards once all the block rewards are finished. A new type of generation transaction could be created that would allow miners to collect those coins based on certain rules. This would give incentive to maintain all the unspendable outputs used in the PKI in the block chain database.
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!