The slide deck from my session on "Privacy in the blockchain using homomorphic encryption" at blockchain conference (http://blockchainconf.tech).
Agenda:
1. Understand Privacy & Role of Homomorphic Encryption (HE)
2. Blockchain & Zero-Knowledge Proofs (zk-SNARKS)
3. Tools & Technologies
4. Demos (Healthcare & Identity)
6. Privacy | Encryption Challenge
At Rest In Motion In Memory
X?DE&7 X?DE&7 Razi
e.g – BitLocker e.g - TLS ?
7. Privacy | Encryption Solution
At Rest In Motion
X?DE&7 X?DE&7 X?DE&7
e.g – BitLocker e.g - TLS Homomorphic
Encryption
In Memory
8. Homomorphic Encryption (HE) - 101
Allows you to perform operations on encrypted data
Addition & Multiplication
Quantum Resistant*
Slow – Requires lot of compute power
10. Scenario | Healthcare
What's wrong with sending/sharing your blood results with the
3rd party (e.g. Research institutes, Law enforcement etc.)
Unnecessary exposure of data
Once results are shared they cannot be un-shared
Data breaches (you also don’t control data lifecycle)
Your DNA + PII = Ultimate Identity that can be tracked and use
with AI!
11. Scenario | Healthcare
Use Case
You want to participate in a healthcare research program that needs your
Glucose and Cholesterol levels
Problem
How to share data without revealing the actual values?
12. Scenario | Healthcare
Solution
1. Encrypt glucose and cholesterol levels on the client device (using
private key)
2. Send glucose and cholesterol levels (still encrypted) to the server
3. Processing is done by the server on encrypted values (using HE
and client’s public key)
4. Results are send back in encrypted format to the client
5. Client decrypt the values (using private key)
14. SDKs |Offchain
Microsoft | Simple Encrypted Arithmetic Library (SEAL)
https://www.microsoft.com/en-us/research/project/simple-encrypted-arithmetic-library
n1analytics
https://github.com/n1analytics/python-paillier
TFHE | Fast Fully Homomorphic Encryption Library over the Torus
https://github.com/tfhe/tfhe
More ..
15. Blockchain & Privacy Issues
Data on the blockchain is immutable
(write once– ready many)
PII (Personal Identifiable Information)
in plaintext should never be stored on blockchain
Solution?
16. Blockchain & Privacy
Store data off the chain (Database, IPFS etc.)
Step 1 - Encrypt Data (PII)
Step 2 - Hash Data
Step 3 – Store Hash on the chain
17. Blockchain & Privacy
Why not just store the encrypted data on the chain?
because..
Storage is expensive on the chain
Secret key exposure/hack will reveal encrypted data
Data storage is immutable
(so no turning back if data is exposed)
18. Scenario: Identity
What's wrong with the current Identity system?
It reveals too much information to 3rd party!
Lets take a closer look…
20. Scenario: Identity
As usual you showed your ID to the 3rd party
(3rd party is some one who you don’t trust with PII.
E.g. receptionist, security guard etc. )
22. Scenario: Identity
One Possible Solution
Step 1 – DMV issues you proof that you are over 21 and
create smart contract for 3rd party to verify it.
Step 2 – You send a signed transaction to smart contract
with encrypted input (only you and DMV knows private
values)
Step 3 – Smart contract verify your proof and either rejects
or accepts it.
Step 4 – Third party uses result of smart contract (step#3)
to verify if your are over 21 or not.
23. Zero-knowledge Proof
Benefits
Minimal/No data discourse
Blockchain is used to verify (and record results) but data
always stays encrypted
One time proof can be used for more sensitive
transactions*
High Level Definition
It’s a method by which one party (the prover
“Razi”) can prove to another party
(the verifier ”Security Guard”) that he knows a
value x (DOB, attested by the DMV), without
conveying any information apart from the fact
that he knows the value x.
24. zk-SNARKs
Zk-SNARK Zero-Knowledge Succinct Non-Interactive Argument of Knowledge
Zero-knowledge Allows prover to prove to the verifier that a statement is true
without revealing any information beyond the validity of the statement itself
Succinct Proof is short and easy to verify
Non-interactive Proof does not require back-and-forth interaction between the
prover and the verifier
Argument of knowledge Proof attests not just that the statement is true, but also that
the prover knows why its true
25. zk-SNARKs – How it works
2. key generator ( lambda , program/circuit ) proving
key (pk) , verification key (vk)
1. program/circuit has public input (x) and
private input (witness or w)
3. prover ( pk , x , w ) proof
4. verifier( vk , x , proof) { true | false }
Program written to work with
ZoKrates
26. DEMO | Identity
Using zk-SNARKs to proof age
https://github.com/razi-rais/blockchain-workshop/tree/master/zk-
SNARKs
27. Resources
Raziel: Private and Verifiable Smart Contracts on Blockchains
https://eprint.iacr.org/2017/878.pdf
Homomorphic Encryption Standard
https://projects.csail.mit.edu/HEWorkshop/HomomorphicEncryptionStandar
d2018.pdf
A Primer on Zero Knowledge Protocols
http://www.cs.ox.ac.uk/people/gerardo.simari/personal/publications/zkp-
simari2002.pdf
Notas do Editor
Facebook
https://www.theguardian.com/technology/2018/apr/08/facebook-to-contact-the-87-million-users-affected-by-data-breach
https://www.facebook.com/about/privacy
Google
http://privacy-violators.com/social-networking-news/us-fines-google-22-5-million-for-privacy-violations/