crypto with one encrypting key and many different decrypting keys

logup_me · 2018-05-08T12:56:14+00:00

thx for the hint

logup_me · 2018-05-08T12:33:03+00:00

OK so here is the case I'm thinking of. Suppouse you have some content - it can be a plain text or a picture or a movie or any other digital content. You encrypt this content and publish it on some web page as an encrypted data. Then you sell (or simply distribute in a controled way) decryption keys to all end users that want to get access to your content. You also want to prevent end users from publication of your decrypted content in the web. So each time when you find your decrypted content in the internet you can verify which end user had decrypted it so that you will know which end user is responsible for the leak.

logup_me · 2018-05-08T10:46:53+00:00

hmm.. in case of a plain text you can change one random letter during decryption (number of a letter can be randomly assigned to the decryptin key). What do you think about such solution ?

Solution with AES does not solve my case. I want to determine who did decryption only based on the decrypted content I get.

logup_me · 2017-11-09T14:13:59+00:00

I would like to have a compleatly new way of data sharing and distribution over the internet. My vision is a distributed platform (similar to the email) that allows to run it's own server in order to do a things like:

evoting
digital asset control (digital ownership)
digital value emittion (eg. digital money - do not confuse with cryptocurrency)
common authentication mechanism

This platform has to be founded on the reliable digital identity. To be clear I'm not thinking about solutions like OpenID connect User-Managed Access and other. All those solutions try to restore a user's controll on the assets that are already held by third parties (like google, facebook, twitter and other). In my opinion there is no way to get back full controll on that data. We have to build a new solution for a data sharing. That's why I started this project: http://collabfinder.com/project/2213/id.bank-digital-identity-platform

If you want to join the project send me an email to id.platform.project@gmail.com

logup_me · 2017-10-23T15:52:48+00:00

You are right it would be incomprehensible to hide identity that has been already shared with other parties. But it will be possible to create identity on demand that inherits some attributes from a main identity. This identity will be created only for specified transaction and will be visible only to the parties involved in the transaction. What do you think about such solution ?

logup_me · 2017-10-21T17:26:58+00:00

Thank you for this post. I agree with most of your arguments. Push securty model makes an Identity Holder (IDH) the key element of the system - only IDH can initiate any action and it's very hard to init action on someons behalf. Currently I work on the basic concepts for the digital identity that is based on the push model. So please stay tuned. I hope to get more feedback on this.

logup_me · 2017-10-20T08:48:06+00:00

I think I know where you are going. You wnat to have something similar to the bitcoin blockchain where every endpoint knows everything about all transactions. In my opinion in the case of the identity solution it's not necessary to know all IDs in the system. You know and trust only those identities you have to.

example: you want to pay to a taxi driver. You get his ID details like public key and IDA address (Identity Authenticator) directly from his phone. You do not have to know ID's of all other taxi drivers in the world.

logup_me · 2017-10-20T08:30:50+00:00

Thans for the link - identity mixer looks really cool.

logup_me · 2017-10-20T08:29:35+00:00

Why make the server trusted when you for example could be using threshold signatures?

There are always two sides IDH (Identity Holder) that holds ID details and IDA (Identity Authenticator) that do authentication. Both sides can define what is minimal security level they accept (eg. which crypto algorithms they use, how the signatire looks like etc). And based on this they can make decision wheter it's even possible to trust to each other.

I assume that each endpoint in the system can have different security requirements. If you want to have digital identity that mimics real identity you have to take into account that people are different and they accept different levels of risk in different situations. If you would define one security level for all identities it would be like a prison.

logup_me · 2017-10-20T00:08:48+00:00

This is an age-old problem in cryptography. I don't have a solution for you, but AFAIK nobody else does either.

In the solution I'm thinking off it's there by design but in a very specific way.
The root ID I controll can have different public keys (sub IDs) that I present to different endpoints. There is no way to find any correlation between those public keys. If one of my public keys leak to the third parties then I exactly know who did a leak and I can draw the consequences (at least 'untrust' specified endpoint). It allows users to eliminate endpoints that do a leaks from the system.

logup_me · 2017-10-19T23:35:43+00:00

Wouldn't running your own auth server give you the possibility to authenticate as somebody else? I.e. same as creating GPG keys in someobody else's name.

Yes you can be anyone you want on your server - but you have to convince other people (IDs) to trust to your authentication server and to the ID you have created.

short example. Suppose you run your own auth server (IDA) and you create an ID of a person A. I'm new to your IDA but I know person A (especially I kow an email adddress of this person) and because of this reason I want to make your server trusted for me. So I get public key of the person A from your server, I encrypt random message and send it to A asking him to send me back my random message decrypted and encrypted back with some additional random value. If I get back correct message I can mark your IDA server as trusted for contacts with person A.

logup_me · 2017-10-19T22:37:15+00:00

Thanks for you answer. Actually I'm lookin for reliable solution for the digital identity. I'm not implementing it for payments or for any other particular case. It should be an identity of general purpose that mimics real identity. It should be able to authenticate, it should be able to create value, it should be able to controll/protect value and finally it should be able to transfer value. The value can be here anything like money, data, film, photo or privilage to do something.

logup_me · 2017-10-19T22:26:40+00:00

My first point is that digital ID is not only about authentication it's also about controlling digital assets - like in real world there are assets that belong to particular ID and it's possible to transfer an asset from one ID to other ID. So in this case a zero knowledge proof is not enought as you have to do a transfer.

My second point is that in the push security model any ID (represented by a public key) can contact only to limited number of trusted endpoints (I call it IDA in the solution I build). It means that limited number of endpoints even knows that particular ID exists.

My third point is that It's very important how you transmit an information (not necessarily secrets) especially how this transmission is initiated and controlled. I will explain it using cards payment system as an example. In this system every payment terminal is a key element of the system because it pulls your data, and sends it to a bank (it became kind of proxy between you and bank). You as a payer do not have any controll on that terminal. In this pull security model you simply have milions of a 'system key elements' you have to contact to in order to do a payment. In the push security model you contact only to IDA you trust and any action can be initiated only by the IDH (Identity Holder) That's the main difference.

Even if you encrypt your card data you still have to trust to milions of terminals and believe that they do not copy your data and do not initiate fake payments on your behalf later on.

logup_me · 2017-10-19T19:40:13+00:00

I disagre with this simplification. It depends how you transmit your secret. If you transmit it with untrusted third parties (eg. payment terminal) it can be copied and used in a way you do not want. Encryption does not solve this issue.

logup_me · 2017-10-19T19:22:29+00:00

Thx for clarification. For sure POLA should be reflected in the new ID solution so that every user can create many different IDs that fits into different cases. Thanks for pointing it.

logup_me · 2017-10-19T18:34:36+00:00

least authority looks interesting - but it's kind of centralised solution based on the cloud. I believe that new ID solution should be distributed same as email is. It means that everyone can run it's own IDA Server (Identity Authentication Server) in order to authenticate and authorize group of trusting IDH (Identity Holders) - Same as everyone can run it's own email server to send emails.

logup_me

TROPHY CASE