SlideShare uma empresa Scribd logo

Improving privacy in blockchain using homomorphic encryption

R
Razi Rais

The slide deck from my session on "Privacy in the blockchain using homomorphic encryption" at blockchain conference (http://blockchainconf.tech). Agenda: 1. Understand Privacy & Role of Homomorphic Encryption (HE) 2. Blockchain & Zero-Knowledge Proofs (zk-SNARKS) 3. Tools & Technologies 4. Demos (Healthcare & Identity)

Tecnologia
1 de 27
Improving Privacy in Blockchain using Homomorphic Encryption Razi Rais | https://razibinrais.com
Who am I? www.linkedin.com/in/razirais
Agenda  Understand Privacy & Role of Homomorphic Encryption (HE)  Blockchain & Zero-Knowledge Proofs (zk-SNARKS)  Tools & Technologies  Demos (Healthcare & identity)
Privacy http://faculty.uml.edu/sgallagher/Brandeisprivacy.htm • Freedom from intrusion - being left alone • Control of information about oneself • Freedom from surveillance (from being followed, tracked, watched, and eavesdropped upon)
Privacy | Encryption to Protect Data Razi X?DE&7 Plaintext Encrypted
Privacy | Encryption Challenge At Rest In Motion In Memory X?DE&7 X?DE&7 Razi e.g – BitLocker e.g - TLS ?
Privacy | Encryption Solution At Rest In Motion X?DE&7 X?DE&7 X?DE&7 e.g – BitLocker e.g - TLS Homomorphic Encryption In Memory
Homomorphic Encryption (HE) - 101 Allows you to perform operations on encrypted data Addition & Multiplication Quantum Resistant* Slow – Requires lot of compute power
Homomorphic Encryption - Applications HomomorphicEncryption.org http://homomorphicencryption.org/white_papers/applications _homomorphic_encryption_white_paper.pdf
Scenario | Healthcare What's wrong with sending/sharing your blood results with the 3rd party (e.g. Research institutes, Law enforcement etc.) Unnecessary exposure of data Once results are shared they cannot be un-shared Data breaches (you also don’t control data lifecycle) Your DNA + PII = Ultimate Identity that can be tracked and use with AI!
Scenario | Healthcare Use Case You want to participate in a healthcare research program that needs your Glucose and Cholesterol levels Problem How to share data without revealing the actual values?
Scenario | Healthcare Solution 1. Encrypt glucose and cholesterol levels on the client device (using private key) 2. Send glucose and cholesterol levels (still encrypted) to the server 3. Processing is done by the server on encrypted values (using HE and client’s public key) 4. Results are send back in encrypted format to the client 5. Client decrypt the values (using private key)
DEMO | Healthcare Improve Privacy using HE https://github.com/razi-rais/homomorphic-encryption
SDKs |Offchain Microsoft | Simple Encrypted Arithmetic Library (SEAL) https://www.microsoft.com/en-us/research/project/simple-encrypted-arithmetic-library n1analytics https://github.com/n1analytics/python-paillier TFHE | Fast Fully Homomorphic Encryption Library over the Torus https://github.com/tfhe/tfhe More ..
Blockchain & Privacy Issues Data on the blockchain is immutable (write once– ready many) PII (Personal Identifiable Information) in plaintext should never be stored on blockchain Solution?
Blockchain & Privacy Store data off the chain (Database, IPFS etc.) Step 1 - Encrypt Data (PII) Step 2 - Hash Data Step 3 – Store Hash on the chain
Blockchain & Privacy Why not just store the encrypted data on the chain? because.. Storage is expensive on the chain Secret key exposure/hack will reveal encrypted data Data storage is immutable (so no turning back if data is exposed)
Scenario: Identity What's wrong with the current Identity system? It reveals too much information to 3rd party! Lets take a closer look…
Scenario: Identity Scenario You need to proof that you are over 21 years of age
Scenario: Identity As usual you showed your ID to the 3rd party (3rd party is some one who you don’t trust with PII. E.g. receptionist, security guard etc. )
Scenario: Identity What information was needed? DOB Picture What information was revealed? Address, Sex Height Eye Color Etc.
Scenario: Identity One Possible Solution Step 1 – DMV issues you proof that you are over 21 and create smart contract for 3rd party to verify it. Step 2 – You send a signed transaction to smart contract with encrypted input (only you and DMV knows private values) Step 3 – Smart contract verify your proof and either rejects or accepts it. Step 4 – Third party uses result of smart contract (step#3) to verify if your are over 21 or not.
Zero-knowledge Proof Benefits Minimal/No data discourse Blockchain is used to verify (and record results) but data always stays encrypted One time proof can be used for more sensitive transactions* High Level Definition It’s a method by which one party (the prover “Razi”) can prove to another party (the verifier ”Security Guard”) that he knows a value x (DOB, attested by the DMV), without conveying any information apart from the fact that he knows the value x.
zk-SNARKs Zk-SNARK  Zero-Knowledge Succinct Non-Interactive Argument of Knowledge Zero-knowledge  Allows prover to prove to the verifier that a statement is true without revealing any information beyond the validity of the statement itself Succinct  Proof is short and easy to verify Non-interactive  Proof does not require back-and-forth interaction between the prover and the verifier Argument of knowledge Proof attests not just that the statement is true, but also that the prover knows why its true
zk-SNARKs – How it works 2. key generator ( lambda , program/circuit )  proving key (pk) , verification key (vk) 1. program/circuit has public input (x) and private input (witness or w) 3. prover ( pk , x , w )  proof 4. verifier( vk , x , proof)  { true | false } Program written to work with ZoKrates
DEMO | Identity Using zk-SNARKs to proof age https://github.com/razi-rais/blockchain-workshop/tree/master/zk- SNARKs
Resources Raziel: Private and Verifiable Smart Contracts on Blockchains https://eprint.iacr.org/2017/878.pdf Homomorphic Encryption Standard https://projects.csail.mit.edu/HEWorkshop/HomomorphicEncryptionStandar d2018.pdf A Primer on Zero Knowledge Protocols http://www.cs.ox.ac.uk/people/gerardo.simari/personal/publications/zkp- simari2002.pdf

Recomendados

Brief Introduction to Blockchain Security
Brief Introduction to Blockchain SecurityBrief Introduction to Blockchain Security
Brief Introduction to Blockchain SecurityJohnson, Chuan Zhang CISM CCSK OSCP
 
Webinar: Enterprise Blockchain Radically Simplified with Truffle and Kaleido
Webinar: Enterprise Blockchain Radically Simplified with Truffle and KaleidoWebinar: Enterprise Blockchain Radically Simplified with Truffle and Kaleido
Webinar: Enterprise Blockchain Radically Simplified with Truffle and KaleidoKaleido
 
Hashgraph as Code
Hashgraph as CodeHashgraph as Code
Hashgraph as CodeCalvin Cheng
 
Smart Contract Testing
Smart Contract TestingSmart Contract Testing
Smart Contract TestingDilum Bandara
 
Challenges of Blockchain Technology for the Enterprise
Challenges of Blockchain Technology for the EnterpriseChallenges of Blockchain Technology for the Enterprise
Challenges of Blockchain Technology for the EnterpriseEugene Aseev
 
Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...
Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...
Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...Edureka!
 
Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...
Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...
Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...Edureka!
 
IDC - Blockchain Threat Model
IDC - Blockchain Threat ModelIDC - Blockchain Threat Model
IDC - Blockchain Threat ModelPeteLind
 

Recomendados

Brief Introduction to Blockchain Security
Brief Introduction to Blockchain SecurityBrief Introduction to Blockchain Security
Brief Introduction to Blockchain SecurityJohnson, Chuan Zhang CISM CCSK OSCP
 
Webinar: Enterprise Blockchain Radically Simplified with Truffle and Kaleido
Webinar: Enterprise Blockchain Radically Simplified with Truffle and KaleidoWebinar: Enterprise Blockchain Radically Simplified with Truffle and Kaleido
Webinar: Enterprise Blockchain Radically Simplified with Truffle and KaleidoKaleido
 
Hashgraph as Code
Hashgraph as CodeHashgraph as Code
Hashgraph as CodeCalvin Cheng
 
Smart Contract Testing
Smart Contract TestingSmart Contract Testing
Smart Contract TestingDilum Bandara
 
Challenges of Blockchain Technology for the Enterprise
Challenges of Blockchain Technology for the EnterpriseChallenges of Blockchain Technology for the Enterprise
Challenges of Blockchain Technology for the EnterpriseEugene Aseev
 
Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...
Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...
Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...Edureka!
 
Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...
Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...
Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...Edureka!
 
IDC - Blockchain Threat Model
IDC - Blockchain Threat ModelIDC - Blockchain Threat Model
IDC - Blockchain Threat ModelPeteLind
 
Security Model of Blockchain
Security Model of BlockchainSecurity Model of Blockchain
Security Model of Blockchainsaficus
 
[JSDC 2021] Blockchain 101 for Frontend Engs
[JSDC 2021] Blockchain 101 for Frontend Engs[JSDC 2021] Blockchain 101 for Frontend Engs
[JSDC 2021] Blockchain 101 for Frontend EngsLucien Lee
 
Alternative Consensus & Enterprise Blockchain
Alternative Consensus & Enterprise BlockchainAlternative Consensus & Enterprise Blockchain
Alternative Consensus & Enterprise BlockchainTobias Disse
 
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...eraser Juan José Calderón
 
Security in the blockchain
Security in the blockchainSecurity in the blockchain
Security in the blockchainBellaj Badr
 
Hyperledger whitepaper
Hyperledger whitepaperHyperledger whitepaper
Hyperledger whitepapermustafa sarac
 
Blockchain for Graduates | Technical Explanation
Blockchain for Graduates | Technical ExplanationBlockchain for Graduates | Technical Explanation
Blockchain for Graduates | Technical ExplanationAkshansh Chaudhary
 
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...SecuRing
 
Blockchain workshop 101
Blockchain workshop 101Blockchain workshop 101
Blockchain workshop 101Karthikeyan VK
 
OSCON 2018 Getting Started with Hyperledger Indy
OSCON 2018 Getting Started with Hyperledger IndyOSCON 2018 Getting Started with Hyperledger Indy
OSCON 2018 Getting Started with Hyperledger IndyTracy Kuhrt
 
Testing in the blockchain
Testing in the blockchainTesting in the blockchain
Testing in the blockchainCraig Risi
 
Next-generation enterprise Ethereum managed services
Next-generation enterprise Ethereum managed servicesNext-generation enterprise Ethereum managed services
Next-generation enterprise Ethereum managed servicesEugene Aseev
 
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan George
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan GeorgeHyperledger Aries: Open Source Interoperable Identity Solution – Nathan George
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan GeorgeSSIMeetup
 
The Blockchain and the Future of Cybersecurity
The Blockchain and the Future of CybersecurityThe Blockchain and the Future of Cybersecurity
The Blockchain and the Future of CybersecurityKevin Cedeño, CISM, CISA
 
Building a dApp on Tezos
Building a dApp on TezosBuilding a dApp on Tezos
Building a dApp on TezosTinaBregovi
 
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDFDEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDFGokul Alex
 
Blockchin architecture & use cases -part-2
Blockchin architecture & use cases -part-2Blockchin architecture & use cases -part-2
Blockchin architecture & use cases -part-2Mohammad Asif
 
Privacy-preserving techniques using zero knowledge proof in public Ethereum
Privacy-preserving techniques using zero knowledge proof in public EthereumPrivacy-preserving techniques using zero knowledge proof in public Ethereum
Privacy-preserving techniques using zero knowledge proof in public EthereumNagib Aouini
 
Federated and legal identities in industrial and financial applications
Federated and legal identities in industrial and financial applicationsFederated and legal identities in industrial and financial applications
Federated and legal identities in industrial and financial applicationsPeter Waher
 
The future of data security and blockchain
The future of data security and blockchainThe future of data security and blockchain
The future of data security and blockchainUlf Mattsson
 
Encryption Primer por Cathy Nolan
Encryption Primer por Cathy NolanEncryption Primer por Cathy Nolan
Encryption Primer por Cathy NolanJoao Galdino Mello de Souza
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 

Mais conteúdo relacionado

Mais procurados

Security Model of Blockchain
Security Model of BlockchainSecurity Model of Blockchain
Security Model of Blockchainsaficus
 
[JSDC 2021] Blockchain 101 for Frontend Engs
[JSDC 2021] Blockchain 101 for Frontend Engs[JSDC 2021] Blockchain 101 for Frontend Engs
[JSDC 2021] Blockchain 101 for Frontend EngsLucien Lee
 
Alternative Consensus & Enterprise Blockchain
Alternative Consensus & Enterprise BlockchainAlternative Consensus & Enterprise Blockchain
Alternative Consensus & Enterprise BlockchainTobias Disse
 
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...eraser Juan José Calderón
 
Security in the blockchain
Security in the blockchainSecurity in the blockchain
Security in the blockchainBellaj Badr
 
Hyperledger whitepaper
Hyperledger whitepaperHyperledger whitepaper
Hyperledger whitepapermustafa sarac
 
Blockchain for Graduates | Technical Explanation
Blockchain for Graduates | Technical ExplanationBlockchain for Graduates | Technical Explanation
Blockchain for Graduates | Technical ExplanationAkshansh Chaudhary
 
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...SecuRing
 
Blockchain workshop 101
Blockchain workshop 101Blockchain workshop 101
Blockchain workshop 101Karthikeyan VK
 
OSCON 2018 Getting Started with Hyperledger Indy
OSCON 2018 Getting Started with Hyperledger IndyOSCON 2018 Getting Started with Hyperledger Indy
OSCON 2018 Getting Started with Hyperledger IndyTracy Kuhrt
 
Testing in the blockchain
Testing in the blockchainTesting in the blockchain
Testing in the blockchainCraig Risi
 
Next-generation enterprise Ethereum managed services
Next-generation enterprise Ethereum managed servicesNext-generation enterprise Ethereum managed services
Next-generation enterprise Ethereum managed servicesEugene Aseev
 
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan George
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan GeorgeHyperledger Aries: Open Source Interoperable Identity Solution – Nathan George
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan GeorgeSSIMeetup
 
The Blockchain and the Future of Cybersecurity
The Blockchain and the Future of CybersecurityThe Blockchain and the Future of Cybersecurity
The Blockchain and the Future of CybersecurityKevin Cedeño, CISM, CISA
 
Building a dApp on Tezos
Building a dApp on TezosBuilding a dApp on Tezos
Building a dApp on TezosTinaBregovi
 
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDFDEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDFGokul Alex
 
Blockchin architecture & use cases -part-2
Blockchin architecture & use cases -part-2Blockchin architecture & use cases -part-2
Blockchin architecture & use cases -part-2Mohammad Asif
 
Privacy-preserving techniques using zero knowledge proof in public Ethereum
Privacy-preserving techniques using zero knowledge proof in public EthereumPrivacy-preserving techniques using zero knowledge proof in public Ethereum
Privacy-preserving techniques using zero knowledge proof in public EthereumNagib Aouini
 
Federated and legal identities in industrial and financial applications
Federated and legal identities in industrial and financial applicationsFederated and legal identities in industrial and financial applications
Federated and legal identities in industrial and financial applicationsPeter Waher
 
The future of data security and blockchain
The future of data security and blockchainThe future of data security and blockchain
The future of data security and blockchainUlf Mattsson
 

Mais procurados (20)

Security Model of Blockchain
Security Model of BlockchainSecurity Model of Blockchain
Security Model of Blockchain
 
[JSDC 2021] Blockchain 101 for Frontend Engs
[JSDC 2021] Blockchain 101 for Frontend Engs[JSDC 2021] Blockchain 101 for Frontend Engs
[JSDC 2021] Blockchain 101 for Frontend Engs
 
Alternative Consensus & Enterprise Blockchain
Alternative Consensus & Enterprise BlockchainAlternative Consensus & Enterprise Blockchain
Alternative Consensus & Enterprise Blockchain
 
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
 
Security in the blockchain
Security in the blockchainSecurity in the blockchain
Security in the blockchain
 
Hyperledger whitepaper
Hyperledger whitepaperHyperledger whitepaper
Hyperledger whitepaper
 
Blockchain for Graduates | Technical Explanation
Blockchain for Graduates | Technical ExplanationBlockchain for Graduates | Technical Explanation
Blockchain for Graduates | Technical Explanation
 
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...
 
Blockchain workshop 101
Blockchain workshop 101Blockchain workshop 101
Blockchain workshop 101
 
OSCON 2018 Getting Started with Hyperledger Indy
OSCON 2018 Getting Started with Hyperledger IndyOSCON 2018 Getting Started with Hyperledger Indy
OSCON 2018 Getting Started with Hyperledger Indy
 
Testing in the blockchain
Testing in the blockchainTesting in the blockchain
Testing in the blockchain
 
Next-generation enterprise Ethereum managed services
Next-generation enterprise Ethereum managed servicesNext-generation enterprise Ethereum managed services
Next-generation enterprise Ethereum managed services
 
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan George
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan GeorgeHyperledger Aries: Open Source Interoperable Identity Solution – Nathan George
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan George
 
The Blockchain and the Future of Cybersecurity
The Blockchain and the Future of CybersecurityThe Blockchain and the Future of Cybersecurity
The Blockchain and the Future of Cybersecurity
 
Building a dApp on Tezos
Building a dApp on TezosBuilding a dApp on Tezos
Building a dApp on Tezos
 
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDFDEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF
 
Blockchin architecture & use cases -part-2
Blockchin architecture & use cases -part-2Blockchin architecture & use cases -part-2
Blockchin architecture & use cases -part-2
 
Privacy-preserving techniques using zero knowledge proof in public Ethereum
Privacy-preserving techniques using zero knowledge proof in public EthereumPrivacy-preserving techniques using zero knowledge proof in public Ethereum
Privacy-preserving techniques using zero knowledge proof in public Ethereum
 
Federated and legal identities in industrial and financial applications
Federated and legal identities in industrial and financial applicationsFederated and legal identities in industrial and financial applications
Federated and legal identities in industrial and financial applications
 
The future of data security and blockchain
The future of data security and blockchainThe future of data security and blockchain
The future of data security and blockchain
 

Semelhante a Improving privacy in blockchain using homomorphic encryption

6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
The Time-Consuming Task Of Preparing A Data Set For...
The Time-Consuming Task Of Preparing A Data Set For...The Time-Consuming Task Of Preparing A Data Set For...
The Time-Consuming Task Of Preparing A Data Set For...Kimberly Thomas
 
Cryptographic Agility in Corda
Cryptographic Agility in CordaCryptographic Agility in Corda
Cryptographic Agility in CordaGuy Hochstetler
 
Domain 9 of CEH Cryptography.pptx
Domain 9 of CEH Cryptography.pptxDomain 9 of CEH Cryptography.pptx
Domain 9 of CEH Cryptography.pptxInfosectrain3
 
You may be compliant...
You may be compliant...You may be compliant...
You may be compliant...Greg Swedosh
 
You may be compliant, but are you really secure?
You may be compliant, but are you really secure?You may be compliant, but are you really secure?
You may be compliant, but are you really secure?Thomas Burg
 
BCS_PKI_part1.ppt
BCS_PKI_part1.pptBCS_PKI_part1.ppt
BCS_PKI_part1.pptUskuMusku1
 
Ethical hacking and cyber security intro
Ethical hacking and cyber security introEthical hacking and cyber security intro
Ethical hacking and cyber security introAbhilash Ak
 
Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...IOSR Journals
 

Semelhante a Improving privacy in blockchain using homomorphic encryption (20)

Encryption Primer por Cathy Nolan
Encryption Primer por Cathy NolanEncryption Primer por Cathy Nolan
Encryption Primer por Cathy Nolan
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Blockchain and Cryptocurrency for Dummies
Blockchain and Cryptocurrency for DummiesBlockchain and Cryptocurrency for Dummies
Blockchain and Cryptocurrency for Dummies
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
Super1
Super1Super1
Super1
 
Documentation20
Documentation20Documentation20
Documentation20
 
Pki Training V1.5
Pki Training V1.5Pki Training V1.5
Pki Training V1.5
 
The Time-Consuming Task Of Preparing A Data Set For...
The Time-Consuming Task Of Preparing A Data Set For...The Time-Consuming Task Of Preparing A Data Set For...
The Time-Consuming Task Of Preparing A Data Set For...
 
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)
 
Cryptographic Agility in Corda
Cryptographic Agility in CordaCryptographic Agility in Corda
Cryptographic Agility in Corda
 
Domain 9 of CEH Cryptography.pptx
Domain 9 of CEH Cryptography.pptxDomain 9 of CEH Cryptography.pptx
Domain 9 of CEH Cryptography.pptx
 
You may be compliant...
You may be compliant...You may be compliant...
You may be compliant...
 
You may be compliant, but are you really secure?
You may be compliant, but are you really secure?You may be compliant, but are you really secure?
You may be compliant, but are you really secure?
 
BCS_PKI_part1.ppt
BCS_PKI_part1.pptBCS_PKI_part1.ppt
BCS_PKI_part1.ppt
 
Cryptocurrencies
CryptocurrenciesCryptocurrencies
Cryptocurrencies
 
Public Vs. Private Keys
Public Vs. Private KeysPublic Vs. Private Keys
Public Vs. Private Keys
 
Iss lecture 5
Iss lecture 5Iss lecture 5
Iss lecture 5
 
Ethical hacking and cyber security intro
Ethical hacking and cyber security introEthical hacking and cyber security intro
Ethical hacking and cyber security intro
 
Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...
 

Último

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Último (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Improving privacy in blockchain using homomorphic encryption

  • 1. Improving Privacy in Blockchain using Homomorphic Encryption Razi Rais | https://razibinrais.com
  • 3. Agenda  Understand Privacy & Role of Homomorphic Encryption (HE)  Blockchain & Zero-Knowledge Proofs (zk-SNARKS)  Tools & Technologies  Demos (Healthcare & identity)
  • 4. Privacy http://faculty.uml.edu/sgallagher/Brandeisprivacy.htm • Freedom from intrusion - being left alone • Control of information about oneself • Freedom from surveillance (from being followed, tracked, watched, and eavesdropped upon)
  • 5. Privacy | Encryption to Protect Data Razi X?DE&7 Plaintext Encrypted
  • 6. Privacy | Encryption Challenge At Rest In Motion In Memory X?DE&7 X?DE&7 Razi e.g – BitLocker e.g - TLS ?
  • 7. Privacy | Encryption Solution At Rest In Motion X?DE&7 X?DE&7 X?DE&7 e.g – BitLocker e.g - TLS Homomorphic Encryption In Memory
  • 8. Homomorphic Encryption (HE) - 101 Allows you to perform operations on encrypted data Addition & Multiplication Quantum Resistant* Slow – Requires lot of compute power
  • 9. Homomorphic Encryption - Applications HomomorphicEncryption.org http://homomorphicencryption.org/white_papers/applications _homomorphic_encryption_white_paper.pdf
  • 10. Scenario | Healthcare What's wrong with sending/sharing your blood results with the 3rd party (e.g. Research institutes, Law enforcement etc.) Unnecessary exposure of data Once results are shared they cannot be un-shared Data breaches (you also don’t control data lifecycle) Your DNA + PII = Ultimate Identity that can be tracked and use with AI!
  • 11. Scenario | Healthcare Use Case You want to participate in a healthcare research program that needs your Glucose and Cholesterol levels Problem How to share data without revealing the actual values?
  • 12. Scenario | Healthcare Solution 1. Encrypt glucose and cholesterol levels on the client device (using private key) 2. Send glucose and cholesterol levels (still encrypted) to the server 3. Processing is done by the server on encrypted values (using HE and client’s public key) 4. Results are send back in encrypted format to the client 5. Client decrypt the values (using private key)
  • 13. DEMO | Healthcare Improve Privacy using HE https://github.com/razi-rais/homomorphic-encryption
  • 14. SDKs |Offchain Microsoft | Simple Encrypted Arithmetic Library (SEAL) https://www.microsoft.com/en-us/research/project/simple-encrypted-arithmetic-library n1analytics https://github.com/n1analytics/python-paillier TFHE | Fast Fully Homomorphic Encryption Library over the Torus https://github.com/tfhe/tfhe More ..
  • 15. Blockchain & Privacy Issues Data on the blockchain is immutable (write once– ready many) PII (Personal Identifiable Information) in plaintext should never be stored on blockchain Solution?
  • 16. Blockchain & Privacy Store data off the chain (Database, IPFS etc.) Step 1 - Encrypt Data (PII) Step 2 - Hash Data Step 3 – Store Hash on the chain
  • 17. Blockchain & Privacy Why not just store the encrypted data on the chain? because.. Storage is expensive on the chain Secret key exposure/hack will reveal encrypted data Data storage is immutable (so no turning back if data is exposed)
  • 18. Scenario: Identity What's wrong with the current Identity system? It reveals too much information to 3rd party! Lets take a closer look…
  • 19. Scenario: Identity Scenario You need to proof that you are over 21 years of age
  • 20. Scenario: Identity As usual you showed your ID to the 3rd party (3rd party is some one who you don’t trust with PII. E.g. receptionist, security guard etc. )
  • 21. Scenario: Identity What information was needed? DOB Picture What information was revealed? Address, Sex Height Eye Color Etc.
  • 22. Scenario: Identity One Possible Solution Step 1 – DMV issues you proof that you are over 21 and create smart contract for 3rd party to verify it. Step 2 – You send a signed transaction to smart contract with encrypted input (only you and DMV knows private values) Step 3 – Smart contract verify your proof and either rejects or accepts it. Step 4 – Third party uses result of smart contract (step#3) to verify if your are over 21 or not.
  • 23. Zero-knowledge Proof Benefits Minimal/No data discourse Blockchain is used to verify (and record results) but data always stays encrypted One time proof can be used for more sensitive transactions* High Level Definition It’s a method by which one party (the prover “Razi”) can prove to another party (the verifier ”Security Guard”) that he knows a value x (DOB, attested by the DMV), without conveying any information apart from the fact that he knows the value x.
  • 24. zk-SNARKs Zk-SNARK  Zero-Knowledge Succinct Non-Interactive Argument of Knowledge Zero-knowledge  Allows prover to prove to the verifier that a statement is true without revealing any information beyond the validity of the statement itself Succinct  Proof is short and easy to verify Non-interactive  Proof does not require back-and-forth interaction between the prover and the verifier Argument of knowledge Proof attests not just that the statement is true, but also that the prover knows why its true
  • 25. zk-SNARKs – How it works 2. key generator ( lambda , program/circuit )  proving key (pk) , verification key (vk) 1. program/circuit has public input (x) and private input (witness or w) 3. prover ( pk , x , w )  proof 4. verifier( vk , x , proof)  { true | false } Program written to work with ZoKrates
  • 26. DEMO | Identity Using zk-SNARKs to proof age https://github.com/razi-rais/blockchain-workshop/tree/master/zk- SNARKs
  • 27. Resources Raziel: Private and Verifiable Smart Contracts on Blockchains https://eprint.iacr.org/2017/878.pdf Homomorphic Encryption Standard https://projects.csail.mit.edu/HEWorkshop/HomomorphicEncryptionStandar d2018.pdf A Primer on Zero Knowledge Protocols http://www.cs.ox.ac.uk/people/gerardo.simari/personal/publications/zkp- simari2002.pdf

Notas do Editor

  1. Facebook https://www.theguardian.com/technology/2018/apr/08/facebook-to-contact-the-87-million-users-affected-by-data-breach https://www.facebook.com/about/privacy Google http://privacy-violators.com/social-networking-news/us-fines-google-22-5-million-for-privacy-violations/
  2. https://github.com/n1analytics/python-paillier
  3. https://github.com/n1analytics/python-paillier
  4. https://github.com/n1analytics/python-paillier
  5. https://github.com/n1analytics/python-paillier
  6. https://github.com/n1analytics/python-paillier