Slashdot Mirror
Blockchains Are Poised To End the Password Era (technologyreview.com)
schwit1 shares a report from MIT Technology Review: Blockchain technology can eliminate the need for companies and other organizations to maintain centralized repositories of identifying information, and users can gain permanent control over who can access their data (hence "self-sovereign"), says Drummond Reed, chief trust officer at Evernym, a startup that's developing a blockchain network specifically for managing digital identities. Self-sovereign identity systems rely on public-key cryptography, the same kind that blockchain networks use to validate transactions. Although it's been around for decades, the technology has thus far proved difficult to implement for consumer applications. But the popularity of cryptocurrencies has inspired fresh commercial interest in making it more user-friendly.
Public-key cryptography relies on pairs of keys, one public and one private, which are used to authenticate users and verify their encrypted transactions. Bitcoin users are represented on the blockchain by strings of characters called addresses, which are derived from their public keys. The "wallet" applications they use to hold and exchange digital coins are essentially management systems for their private keys. Just like a real wallet, they can also hold credentials that serve as proof of identification, says Reed. Using a smartphone or some other device, a person could use a wallet-like application to manage access to these credentials. But will regular consumers buy in? Technologists will need to create a form factor and user experience compelling enough to convince them to abandon their familiar usernames and passwords, says Meltem Demirors, development director at Digital Currency Group, an investment firm that funds blockchain companies. The task calls for reinforcements, she says: "The geeks are working on it right now, but we need the designers, we need the sociologists, and we need people who study ethics of technology to participate."
Public-key cryptography relies on pairs of keys, one public and one private, which are used to authenticate users and verify their encrypted transactions. Bitcoin users are represented on the blockchain by strings of characters called addresses, which are derived from their public keys. The "wallet" applications they use to hold and exchange digital coins are essentially management systems for their private keys. Just like a real wallet, they can also hold credentials that serve as proof of identification, says Reed. Using a smartphone or some other device, a person could use a wallet-like application to manage access to these credentials. But will regular consumers buy in? Technologists will need to create a form factor and user experience compelling enough to convince them to abandon their familiar usernames and passwords, says Meltem Demirors, development director at Digital Currency Group, an investment firm that funds blockchain companies. The task calls for reinforcements, she says: "The geeks are working on it right now, but we need the designers, we need the sociologists, and we need people who study ethics of technology to participate."
"The geeks are working on it right now, but we need the designers, we need the sociologists, and we need people who study ethics of technology to participate."
Sorry, ethics died a year ago.
... with, apparently, no experience:
... a startup that's developing a blockchain network specifically for managing digital identities.
It little behooves the best of us to comment on the rest of us.
is more psychological manipulation in society.
See subject
As someone who needs to sign in with a password to a server possibly a hundred times a day, this sounds like it could possibly be hell.
Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
Blockchain wallets have to be secured, else anyone can impersonate the user and do what they will with the contents. So what would a blockchain credential system be? An online password wallet, in effect, exactly as secure as the protection on the wallet... which is either going to be what you have (an app on your device) or what you know (a password).
If you're always signing into something like that, then you should have already setup a public/private key solution for yourself, fool.
Seriously. This is why our computing experience sucks; we've got fools like "fluffernutter" running things.
Work smart, not hard.
This is just public/private key authentication (and possibly encryption).
That's how MIT already requires its students to access web-based resources, anyway.
Here's the real reason passwords haven't yet gone away: They have been good enough.
Of course, now that scammers/"hackers" are so sophisticated, and computing systems so complex as to be stupidly designed, passwords might no longer be good enough.
If everyone uses one private/public key set for everything, then if that is compromised then the third party gets access to absolutely everything and can impersonate the user?
For those of us who use different usernames/emails/passwords from server to server that seems like a downgrade in security.
Tell me I'm wrong and I'm missing something. I've used PGP in the past and use keys for SSH logins but I've never used blockchain related stuff.
No, they are not. This isn't going anywhere.
Your talking about public and private usage, when the real discussion seems to be about "Single Sign-On", or SSO.
Otherwise what advantage does public and private keys for an individual offer over Kerberos NTLM authetication against a domain controller?
If you're talking about multiple servers on different domains, then you're actually talking about implementing a SSO configuration for multiple domains using pre-shared keys in place of pre-shared passwords.
Pre-shared keys require less typing, but are not always the ideal solution. How do you enable a more fine grained security approach to minimize the damage when a system is physically vulnerable? Say you turned your back and somebody tried to log into one of those server while you were working on another machine in the cubicle or office?
users can gain permanent control over who can access their data
So yea that's definitely not going to happen.
I browse on +1 so AC's need not respond, I won't see it.
Translation:
Lets take Public Key/Private Key (ie PGP) methods, combine it with "BlockChain CryptoCurrency" words, and then get suckers that have more money than brains (or tech knowledge) to fund a startup that goes nowhere.
With regard to Single Sign-On, that's just a matter of disparate servers having access to a copy of your public key. That's how this stuff works, folks. You publish your public key in any way that you choose, and then authenticate yourself via an asymmetric key cryptographic challenge.
How should this publishing be done? Well, that's up to the services in question; just upload a public key to them, I'd say. It's public information, by definition—it doesn't matter whether there's a centralized repository.
The private key must be encrypted, and decrypted for some suitable definition of a "session"; that way, the password database is locally controlled (and possibly quite decentralized), rather than centralized for easy access by malicious entities. If you leave your "session" available to someone else, well, there's no way to protect against stupidity without implementing Tyranny.
We already have certificate logins, which do everything they say they want to do, and actually do it efficiently.
Of course, nothing like that is true or even desirable. This story is utter nonsense. Credentials (whether passwords, certificates or seeds for OTP mechnisms) are under company control so their servers can access them easily and so they can revoke them fast. The blockchain has absolutely no place here. Incidentally, when it comes to public identities, the blockchain is about as useful as the PGP server network, albeit more complicated and more expensive, i.e. useless. The one thing that makes these identities worth more is signatures of (at least somewhat) trusted third parties on the public key, but only if they actually verified the identity.
Seriously, stop pumping Bitcoin with utterly stupid stories. Let it crash already and let those greedy and stupid enough to have bought late suffer.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
These days a single bitcoin transaction uses as much electricity as a home does in a week. How long before it requires a similar amount of computation, and by extension, energy, just to open a goddamn file?
So your describing it as part of a three factor authentication, where two factors are pairs of PGP keys, where both public keys are stored in publically accessible databases, and the third factor is a temporary secret?
Where does the audit trail of blockchain come into play?
Buddy, you're not as clever as you think you are.
Every private key is a password, but not every password is a private key.
The password would be a local matter, handled by the phone/device in question, not stored in a central repository with a million other people's credential data where it can be accessed with a single attack.
I'm not sure exactly why "Blockchain" is necessary, but public/private key is a great idea.
If you're always signing into something like that, then you should have already setup a public/private key solution for yourself, fool.
Seriously. This is why our computing experience sucks; we've got fools like "fluffernutter" running things.
Work smart, not hard.
Many systems don't support such a setup. Most systems (servers, networking gear, UPS, building/infrastructure management, etc.) still require a simple password as the lowest level authentication mechanism.
And how the FUCK would a key pair help? You still need to present the private key somehow. Carry it with you? Gee, better not carry it in plaintext, so you better encrypt it in some sort of reversible way. With a password.
DERP.
And finally, working smart doesn't mean you don't have to work hard. Why not work smart and hard?
As I understand it, blockchain is like a bunch of trees growing in synchonicity. Exact duplicates. If a tree doesn't grow exactly the same, it is considered defective and cut down.
A blockchain might function as a web accessible smart card or key fob which functions for all accessible websites. This keyfob would need to be protected in some way.
No, it's 1 factor. It relies on 1 thing you know (your private key) presented over a single channel (the internet).
This keyfob would need to be protected in some way.
While your picture is somewhat correct and somewhat wrong, this really is the key-point. Incidentally, this is already the key-point with a password, but there it is relatively easy to do. All those that got weakly protected customer passwords stolen in the last few years were just grossly incompetent in protecting them. It is well known (to experts) how to do that right: salt, hash, iterate and in newer times add a large-memory property. PBKDF2 was the standard since at least 2000 and and is still doing reasonably well with good parameters. Don't use it for new designs though. Argon2 is the new standard. Both are not hard to use, but you need to know about them and understand why they work and that relatively low level of expert knowledge was already not available in all these hacked companies.
So the blockchain really has no place here as it does not solve the problem, and it also does not make it easier to solve.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
It is either 1 or 2 "factors" depending on user choice. That it isn't obvious says a lot about the uselessness of that system for classifying authentication schemes.
I didn't really explain how the blockchain figured into it, but after that it is a textbook-standard public key authentication system with some dress-up for the web. We could do it today if we wanted to.
The blockchain part is for key management, also known as "the hard part of PKI". Basically, you only need to communicate one identifier to everyone you do business with. You don't need to tell them when you revoke a key and you don't need to trust them to keep your key safe. You could use the same key for everyone, or different keys, and it makes no difference.
Namecoin allows decentralized registration of identities and allows people to publicly attach metadata to them. You register a name and you own it as long as you keep renewing it, which is dirt cheap and getting cheaper over time (which was by design). Any time you want to, you can update the metadata attached to it, which is a JSON structure of arbitrary complexity. No third party can take it from you, or override your choice of what data to attach to it.
See that "Preview" button?
mod parent up, though recursive/iterative hashing - 'hashchaining' - tends to be commonly useful
Makes sense, but still doesn't give me a complete picture.
The block chain stores your/my public keys, and I guess any public keys of entities you/I do business with.
Where do your/my private keys go? And how are they kept secured?
There is currently a technology out there right now that addresses all the problems inherent in profile/passwords, i.e. they get shared, lost, site must hold a secret for user. SQRL (https://www.grc.com/sqrl/sqrl.htm) handles all that and more so why not just implement that tech? Admittedly there is going to be some cost but when/if it scales up it will the answer to all of those questions.
You should be. The possibility of the ultimate loss of all privacy to the government should be scaring the bee-jeep-ers out of everyone!
Caution: Contents under pressure
How many times have we heard about some new technology that is going to obviate the need for the lowly password?
Well, a password can be a shared secret, so that's not a private key, even by your own sorry definition.
So, the Anonymous Coward is the one who's correct.
I don't see an advantage to blockchain in your comment. Blockchain is used to make PKI management eaiser? I can't visualize the entire concept, start to finish. In order to understand what advantage blockchain has over other options, or to understand where vulnerabilities might occur. I wouldn't know how to implement blockchain to manage PKI for my own use, not in a manner I trusted to be secure.
Another idiot who doesn't understand the tech proclaiming that it'll replace a tried and true standard when he doesn't really understand the scenarios where his product works or not.
Join the masses of idiots who said biometrics are going to replace passwords, among others.
Should've ignored it. Here's the red flag: "the geeks are working on it right now"
Proof of identity isn't the same as SSO. Whenever you access "https" the server is proving its identity to you, since you access its public key (certificate) and trace it up to the root certificate that you already have installed. The server does not "sign on" to your desktop to prove its identity or use some kind of password or login authentication.
The blockchain can eliminate the need for getting blessed by a root certificate like Verisign (Verisign is very expensive, at $400/yr). That can open the door to consumers self-signing their data (no sane consumer would pay $400/yr to Verisign), and eliminates the need for "logging in". Any server can verify your identity through your own digital signature the same way your browser verifies a server's identity through its digital signature.
If you've ever used kerberos or any other key management system, you'll realize that the password is only asked once when it has to read your password-protected private key from cold storage (disk) and thereafter it uses ephemeral keys stored in volatile memory and never bothers with asking for your password again until you reboot or shut down.
Yes, your private key is protected by a ... password. And nobody's ever had their bitcoin wallet hacked. I'm not saying blockchain technology brings nothing to the table, but it's certainly not a panacea.
"I have never let my schooling interfere with my education." - Mark Twain
Whenever someone says 'blockchain', they're almost certainly leading into selling you an inefficient solution that doesn't apply to the problem they think it does.
Just say 'no' to blockchains.
The problem is that passwords are now centralized.
Millions of people's authentication credentials (or information that is sensitively related such credentials) are stored in a single place that is very easy to steal through a single security breach.
In contrast, managing a private key, even with a password, decentralizes that information, and makes it the sole responsibility of the user who cares about it.
Not really sold on the verification by way of digital signature.
Blockchain seems like a good idea for maintaining the integrity of public information.
However I can't fathom a solution for a consumer for which blockchain provides sufficient security. Who or what is the ultimate authority? Is it turtles all the way down?
When people say "private key", they mean the kind of data that can be used in public–private key cryptography; that information is stored by the user who cares to keep it secret, not by some third-party.
Furthermore, sure, that "private key" is secured through a regular old password, but guess what? That password info is managed locally on just the computing systems of that one user; the password information isn't being managed in a centralized repository that holds the same sort of info for millions of other people. This decentralization of the password info makes it much harder for an adversary to gather and process it.
Get it, yet?
I have no idea.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
I'm not sure I do either, getting totally confused by this blockchain concept. I think my comment was intended for another poster who said the blockchain/wallet would act as some kind of PKI management database. Facilitating the use of public and private key pairs for the general public at a lower cost than the current going rates of SSL certificates. So if this thing works, SSL cert vendors might go out of business, as "root" authorities will no longer be required. The blockchain will be the root CA, in some fashion.
SSL public key signatures in blockchains are used as signatures in the history. Like a list of names and signatures on a title deed, it traces the ownership of the currency. There is little to be gained in breaching older segments of the block chain. The history of the chain is used for integrity verification and remidiation of theft attempts.
And that is how I view blockchain, a remidiation tool, not a preventative measure.
So in taking a blockchain which tracks the transfer of nothing, it would appear to reduce or eliminate the remidiation effect. Which leaves me befuddled as to what advantage this blockchain has over a database? Is this simply a peer 2 peer network of public key databases? Or is this a public profile of a person based on the companies they typically do business with?
Nope. I generally don't store my passwords in a centralized database. Merely a salted hash of the password using irreversible encryption. You know, a "public key".
"Not really sold on the verification by way of digital signature."
Me either. But surely it's good enough for sites like slashdot where I really don't much care if someone logs in as me.
You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
Generally...
I'm just passing here to say the previous AC is saying is right.
Even hashed and salted, a password scheme is still a shared secret.
A keypair of public and private key is a whole other beast.
(given the pain it is typing on a phone, I'll let to the interested reader the acquisition of various texts to educate himself)
People are going on and on about how blockchain is the answer to just about everything, even problems it has little to do with.
While it's definitely a useful engineering technique, people are starting to look at it as a hammer and every potential problem suddenly looking like a nail. There are a lot of problems it does not overcome, such as the fact that you need people willing to make up a network of nodes to process the blockchain in the first place. In some ways it's similar to "the cloud" in that way - you can build an in-house solution, but if not, ultimately you're using someone else's computer. Cryptocurrencies manage to justify this because of the potential payoff of running a node on their network, but a lot of potential applications for blockchain don't give that incentive. And quantum computing might render much of it completely useless, anyway. That isn't an unrealistic threat considering IBM has made a lot of progress with quantum computers lately.
See subject.
The whole point is to decentralization the management of passwords; rather than storing sensitive account-related information for millions of people in one centralized, easily hacked database, the responsibility for managing sensitive information is pushed out onto the people who really care to keep it secret, namely each user.
It's not about getting rid of passwords from the perspective of the user; it's about getting rid of passwords from the perspective of servers.
https... unless the certificate has been stolen. In which case you may get encryption, but you certainly don't get identity. Well, you may think you do, but of course it is false. Such theft happens often enough that it makes the whole identity thing moot; and the reason that happens is because idiots keep saying that https equals proof of identity, so others tend to rely on that, and eventually they get screwed when the cert's been compromised.
The entire idea that these things "prove" identity is false. They provide encryption, and they prove the cert is present - and that's all they prove. Well, that, and that tech people were gullible enough to let Network Solutions and its ilk rip them off for a huge amount of money for a very long time.
That doesn't verify your identity. It verifies that a machine with that data is connecting. It might be you - it might be your teenager, SO, or a visitor to your home or office.
The benefit of a password can be - if used properly - that it's *not* on the machine, and the only time you get to log in on a target system, hopefully via an encrypted channel, and hopefully one that's not been compromised by a stolen cert, is when you drag it out of your memory. Your memory, so far, is difficult to secretly compromise if you apply some discipline to your password choices and utilization. It protects you from the people around you using your "authorized" machine from logging into your stuff.
Blockchains will never replace password functionality for this very reason. Which is not to say that blockchains won't replace passwords - after all, the tech community embraced the fiction that certs provided identity, when of course, they don't. You can't fix stupid.
...lose everything WHEN - not "if" - it gets hacked or stolen.
The Stupid is strong in this one.
I secure my wallet with a password.
No. Just.... no.
Encryption without identity is vulnerable to a man-in-the-middle attack. The whole point of root certificates is verifying your identity and checking documentation of ownership of a website before they give you a certificate. If it were just encryption, sans identity, then https wouldn't accomplish anything, and any one in the middle can just encrypt with their own self-signed certificate and you haven't achieved a secure end-to-end session. A stolen certificate is rare, and when it does happen, there's a revocation process. This is similar to someone else finding out your password and you have to change the password.
Your illustrated problem of a teenager or someone else gaining access is not unique to digital certificates, the same is true with passwords, since passwords are generally used only once per session and the then the rest of the session assumes continuity of identity. If you go to the bathroom or leave your desk, those websites will assume whoever sits down next has the same identity. This is why most offices require employees to lock their terminal before going to the bathroom or leaving for a meeting.
In fact, passwords are generally considered less secure than crypto signatures due to the prevalence of keyloggers. Most secure websites generally recommend 2FA. You can essentially flip the precedence, so the primary login can be the crypto signature instead of the password, and the secondary authentication can be a pin, or mother maiden's name or any arbitrary security question & answer, only when you're doing some thing that requires 2FA like transferring money out of your bank account or changing the security settings.
Keys aren't allowed in my environment, too easy for private keys to get out never to be changed.
Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
I've been intrigued by blockchain for months... but feel frustrated by the (lack of) technical material I can find on the subject.
I definitely want to use (something with what I understand to be the properties of) blockchain for a few different purposes:
For both of these use cases, it seems that BitCoin has already tackled the questions. While, I accept, I could review Bitcoin source code - that would be time-consuming and provide an insight into only one implementation of BlockChain technology.
I'd like to know: are there any good technical resources that tell me how BlockChain technology is implemented - in order that I can establish the effort required to adopt such a technology in the context of a specific application?
This from a guy with a deep, deep interest for that assertion to be true.
So you wouldn't care if Creimer cracked your PW, logged in as you, and posted his shitty affiliate links everywhere? Got it.
Go ahead Creimer. We got the go ahead from the man himself.
The server in question need not accept your authentication by a compromised certificate.
Truly, man, you're not thinking.
EACH person should have a certificate that authenticates THAT PERSON.
An employee leaves? Revoke his certificate; tell the server not to accept him.
Man, you need to stop talking out of your ass; if you don't understand something, then keep quiet.
If you want mine your own crypto currency, you need a motherboard with 19 PCIe 1X slots to plug in 19 GPUs and a couple of 1200W PSUs.
Neither. This is the literal idea of "throw X at problems until it sticks."
This is utterly useless for replacing passwords. Why?
Authentication is a centralized concept. There is an "authority" that vouches for the client, and those that respect that "authority" will honor it's response. By it's very nature, giving control of such trust to some random third party is ripe for abuse. No matter how hard you try to make abuse difficult.
In this case, you'd have a bunch of servers everywhere validating everyone's logins, each one verifying them and coming to a consensus, then giving the result to the system that asked for it. But even those these servers would be everywhere you have multiple problems:
1. Most current authentication methods assume local(ish) auth. Requiring internet access to verify a logon will break a lot of things (go ask any education IT staff about chromebooks and their internet logins.), further it adds complexity which gives more opportunity for hackers. Never mind the issues when internet access isn't available for whatever reason.
2. Remote auth is vulnerable to DNS poising, and server hijacking. If this were to ever take off, you'd have every alphabet soup agency in the world trying to get their fingers in it. (What better way to frame people or keep tabs on them than by just logging in as them?) Don't assume the server operators will be immune, they'll be the first targeted.
3. Blockchain isn't effective unless it only tracks the key changes. If it were to track every login attempt in the world, the resulting chain would quickly become too much for a local machine or individual server to verify. Leading to some other authority to be needed to verify everything back up to the current point in which the local machine / server can verify on it's own. Rendering the entire concept of using blockchain for verification pointless. Tracking only the key changes though does not prevent someone from obtaining and reusing them, nor does it permit for remediation should such a breach occur. Once again, this renders the concept pointless.
4. Should such a breach occur, you have no info about it. The most economical method for this doesn't tell you about login attempts it only verifies them. (You wouldn't have the processing power to check them all in a timely fashion anyway.) So the end result would be a breach could occur and you'd never have any info about it until well after the point that you could do anything about it. (Just look at all of the breaches involving user creds recently, how many of them were within 24 hours? Or hell even within a week? Turns out most external authentication providers love buying as much time as possible to cover their asses before telling you your info was stolen.)
5. External auth is vulnerable to human nature. There is nothing like the world turning on you because of a comment on social media. How many of these server operators could actually be neutral parties? Hell taking the US as an example, you'd outright require a majority of verification servers outside the US to avoid being locked out of everything due to social media outrage. We already have people who loose their jobs over crap they did on their days off, like speaking their minds, now imagine being locked out of your bank account if that happened. Could you imagine defaulting on loan payments because you couldn't access your own money to pay them?
In the end the best thing for authentication is rolling your own SSO, and keeping the authority in-house. Using someone else to verify it, has already been done miserably, we call it HTTPS.
Indeed. I can actually not see any added value compared to a simple distributed database, like the PGP key servers. To me, it seems that the efforts to justify the value of the blockchain for _something_ are getting more and more desperate. A typical hype-cycle.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
If you want mine your own crypto currency, you need a motherboard with 19 PCIe 1X slots to plug in 19 GPUs and a couple of 1200W PSUs.
> the sole responsibility of the user
My mom just called me because she lost "her yahoo" again. Tell me again about people being responsible for their private key infrastructure again?
- For the complete works of Shakespeare: cat
[nt]
File under 'M' for 'Manic ranting'