1/21 Buckle up for some mind blowing cryptography updates by @dfinity! 🧵💥
Have you heard of Verifiably encrypted threshold key derivation (vetKD)?
If you missed the Community conversations with @gregoryneven and @aislingconn87 on the #IC.
Have you heard of Verifiably encrypted threshold key derivation (vetKD)?
If you missed the Community conversations with @gregoryneven and @aislingconn87 on the #IC.
2/21 Problems:
Managing user side encryption keys is hard, and easily/safely manage user side encryption keys limits cross-device syncing.
Managing user side encryption keys is hard, and easily/safely manage user side encryption keys limits cross-device syncing.
3/21 Solution:
Verifiably encrypted threshold key derivation (vetKD)
API Function:
derive_encrypted_key (master_key_id, transport_public_key, derviation_id) -> Encrypted Key
Verifiably encrypted threshold key derivation (vetKD)
API Function:
derive_encrypted_key (master_key_id, transport_public_key, derviation_id) -> Encrypted Key
4/21 Verifiably encrypted threshold key derivation interface, allows any canister to call "derive _encrypted_key".
Transforming any string into an encrypted key through an API.
Transforming any string into an encrypted key through an API.
5/21 But How Is this Possible?
DKG to generate master key and shares.
Derived Keys are BLS signatures.
Generate your BLS Signature on a subnet.
Threshold signed.
Identity based decryption scheme for asymetric use cases.
DKG to generate master key and shares.
Derived Keys are BLS signatures.
Generate your BLS Signature on a subnet.
Threshold signed.
Identity based decryption scheme for asymetric use cases.
6/21 Threshold BLS is a BLS digital signature aka Boneh–Lynn–Shacham (BLS) which allows a user to verify that a signer is authentic.
The scheme uses a bilinear pairing for verification, and signatures are elements of an elliptic curve.
The scheme uses a bilinear pairing for verification, and signatures are elements of an elliptic curve.
7/21 Steps
Front end generates a transport key pair
Canister calls derivation interface
Derives key in Encrypted form
Only thing canister, nodes see is encrypted key
Basically combining transport public key+derivation key into single key. Then use derived key to encrypt/decrypt
Front end generates a transport key pair
Canister calls derivation interface
Derives key in Encrypted form
Only thing canister, nodes see is encrypted key
Basically combining transport public key+derivation key into single key. Then use derived key to encrypt/decrypt
8/21 Identity Based Encryption:
9/21
Canisters can store end-to-end encrypted user data (e.g., storage, messaging, social networks) without having to rely on browser storage for user-side secrets.
Canisters can store end-to-end encrypted user data (e.g., storage, messaging, social networks) without having to rely on browser storage for user-side secrets.
10/21 Applications this enables:
Canisters or individual users can encrypt messages under the public key of the subnet, so that they can be decrypted by calling the threshold key derivation interface which is secret-shared among the replicas.
internetcomputer.org/live-sessions#…
Canisters or individual users can encrypt messages under the public key of the subnet, so that they can be decrypted by calling the threshold key derivation interface which is secret-shared among the replicas.
internetcomputer.org/live-sessions#…
11/21 Encrypted file storage
Drop encrypted files onto a storage canister.
User generates a transport key pair, sends ingress message to storage canister, returns key derivation.
User can encrypt file, and store encrypted document in ENCRYPTED storage canister.
Drop encrypted files onto a storage canister.
User generates a transport key pair, sends ingress message to storage canister, returns key derivation.
User can encrypt file, and store encrypted document in ENCRYPTED storage canister.
12/21 End to End Encrypted Messaging
Send encrypted message without first communicating with canister to derive key. Subnet derives encryption key, using asymmetrical decryption.
Send encrypted message without first communicating with canister to derive key. Subnet derives encryption key, using asymmetrical decryption.
13/21 End to end Encrypted Social Networks.
Wow this one is pretty cool:
All posts are encrypted in order to enforce access policy defined by user who posts content. All content posted is fully encrypted and only visible to specified users.
Wow this one is pretty cool:
All posts are encrypted in order to enforce access policy defined by user who posts content. All content posted is fully encrypted and only visible to specified users.
14/21 Trading applications: Preventing front running on exchanges.
Miner Extracted Value (MEV) is a term you've probably heard recently.
It's resulted in over $683m in lost funds since 2020 on Ethereum Dex's.
With on-chain encrypted DEX's, you can encrypt transactions.
Miner Extracted Value (MEV) is a term you've probably heard recently.
It's resulted in over $683m in lost funds since 2020 on Ethereum Dex's.
With on-chain encrypted DEX's, you can encrypt transactions.
15/21 cont'd MEV:
Decrypt sequenced transaction, and execute only when order is filled. This also enables secret bid auctions, Time lock encryption, and Dead man switches.
Decrypt sequenced transaction, and execute only when order is filled. This also enables secret bid auctions, Time lock encryption, and Dead man switches.
16/21 Other use cases:
- BLS Signatures
- Untraceable transactions. No big deal.
- BLS Signatures
- Untraceable transactions. No big deal.
17/21 Is this technology scaleable?
Threshold BLS is simpler then ECDSA, and can perform 1000's on encryptions per second depending on subnet size.
Threshold BLS is simpler then ECDSA, and can perform 1000's on encryptions per second depending on subnet size.
18/21 Encrypted Group chats are also possible depending on how derivation identities are chosen.
Encrypted email isn't really used frequently currently, but with this setup, it becomes much more feasible.
Encrypted email isn't really used frequently currently, but with this setup, it becomes much more feasible.
19/21 What are some limits to Threshold BLS?
BLS signatures are not quantum secure. Over the longer term—say, 2025–2030—STARK aggregation is expected to be a drop-in replacement for BLS aggregation.
BLS signatures are not quantum secure. Over the longer term—say, 2025–2030—STARK aggregation is expected to be a drop-in replacement for BLS aggregation.
20/21 What about Homomorphic encryption? The encryption techniques above are not fully homomorphic, but are big step.
Trusted hardware solutions are a good option, but are vulnerable to sidechannel attacks on SEV.
Trusted hardware solutions are a good option, but are vulnerable to sidechannel attacks on SEV.
21/21 I hope you've found this thread helpful.
Follow me @WeekInDfinity for more.
Like/Retweet the first tweet below if you can:
Follow me @WeekInDfinity for more.
Like/Retweet the first tweet below if you can:
https://twitter.com/WeekInDfinity/status/1599516658816602112
• • •
Missing some Tweet in this thread? You can try to
force a refresh
