Category Archives: Blockchain

TIDALs: A New Digital Trust Infrastructure

  • Posted On
  • By One World Identity

With digital interactions continuing to consume an ever-increasing portion of our personal and professional lives, the ability to determine the validity and authenticity of data is of critical importance. This week on State of Identity I sit down with the founder of Intertrust’s new project that utilizes a combination of blockchain technology and trusted assertions to create a digital trust infrastructure capable of scaling globally to meet this incredible challenge.

TIDALs: A New Digital Trust Infrastructure

  • Posted On
  • By One World Identity

With digital interactions continuing to consume an ever-increasing portion of our personal and professional lives, the ability to determine the validity and authenticity of data is of critical importance. This week on State of Identity I sit down with the founder of Intertrust’s new project that utilizes a combination of blockchain technology and trusted assertions to create a digital trust infrastructure capable of scaling globally to meet this incredible challenge.

Celebrating Women in Blockchain

  • Posted On
  • By Phil Keys

Blockchain has been a buzzword here in Silicon Valley for a couple of years now and is now an integral part of many tech business discussions. Recently at a FinTech Silicon Valley meetup held in San Francisco, a panel of women gathered to discuss something different: the role women play in the blockchain and their experiences in the tech industry in general. The talent assembled on stage was impressive: Karen Hsu, Chief Revenue Officer of BlockCypher and co-inventor of five patents, Lily Liu, Co-founder Earn.com who also helped found China’s first international, private, mass market hospital(!), Shuonan Chen, Founding Partner IOVC/Agile VC with previous experience at Goldman Sachs and PwC, Jackie Hart, Founder ZeroPoint:Blockchain in Balance who can call upon over 20 years of project management and strategy with Fortune 500 software development projects, Audrey Chaing, Founder Blockchiang and co-founder of two companies, and of course Intertrust’s own Senior Cryptographer Vanishree Rao, a cryptographic researcher and one of the key members of the development team behind Intertrust’s own blockchain project, TIDALs.

Celebrating Women in Blockchain

Blockchain has been a buzzword here in Silicon Valley for a couple of years now and is now an integral part of many tech business discussions. Recently at a FinTech Silicon Valley meetup held in San Francisco, a panel of women gathered to discuss something different: the role women play in the blockchain and their experiences in the tech industry in general. The talent assembled on stage was impressive: Karen Hsu, Chief Revenue Officer of BlockCypher and co-inventor of five patents, Lily Liu, Co-founder Earn.com who also helped found China’s first international, private, mass market hospital(!), Shuonan Chen, Founding Partner IOVC/Agile VC with previous experience at Goldman Sachs and PwC, Jackie Hart, Founder ZeroPoint:Blockchain in Balance who can call upon over 20 years of project management and strategy with Fortune 500 software development projects, Audrey Chaing, Founder Blockchiang and co-founder of two companies, and of course Intertrust’s own Senior Cryptographer Vanishree Rao, a cryptographic researcher and one of the key members of the development team behind Intertrust’s own blockchain project, TIDALs.

Celebrating Women in Blockchain

From left to right: Karen Hsu, Lily Liu, Vanishree Rao, Shuonan Chen, and Jackie Hart

When asked about what attracted them to blockchain/distributed ledger technology, Hsu, who has experience working in the financial industry, mentioned that since blockchain based systems could eliminate the need for financial reconciliation, it made sense to her. “It did away with SWIFT which is wasteful and expensive,” (Hsu). Rao mentioned that her initial fascination about zero-knowledge proofs brought her into the world of cryptography and then blockchain. Hart mentioned her interest was piqued by discussions of how blockchain could potentially help the unbanked and Liu said that a poker game chat with friends in China had brought her into the world of blockchain.

It was agreed that while in general there is still a shortage of women in technology and blockchain, there were some signs that things were changing. Liu mentioned that she had recently attended the Cryptosprings conference and that about 85% of the speakers were women, despite it not being a women-focused blockchain event.

To help increase the number of women involved in blockchain, the question came up of experience with mentors. Rao said that through her studies at UCLA and her previous work at PARC, she had found mentors who would take time to help even when they were busy. At Intertrust, she particularly found her interaction with our Chief Scientist Robert Tarjan insightful. “You can talk to him for five minutes and it will be an extremely dense experience,” (Rao). She mentioned that her boss, Dave Maher, Intertrust’s CTO and and Bill Horne, VP of Intertrust’s Secure Systems mentor her in her professional development. Chaing mentioned that while the numbers of women in blockchain were not so many, “the women who are in it are doing amazing work and are very supportive of each other.”

By the way, if you are interested in things blockchain and are in Rome on Monday, October 29th, Intertrust and our partner LINE will be holding our 4th LINE x Intertrust Security Summit. David Maher, Intertrust’s CTO who works with Vanishree, will be moderating a panel entitled “Breaking Through the Block Chain” that will discuss blockchain with a number of experts. One of those experts will be Marta Piekarska, Director of Ecosystem Development at the Hyperledger blockchain project. Hope to see you there!

How to Trust a Digital Photo: A Blockchain Based Proposal

  • Posted On
  • By Phil Keys

With the ever-increasing sophistication of digital tools, it’s now possible to alter digital photographs or videos with enough sophistication that it’s often extremely difficult to tell if they’ve been tampered with. In 2018, eMarketer estimated that there will be 4.57 billion people with mobile phones, not to mention huge numbers of security cameras, laptops, etc., all with image sensors capable of taking and transmitting digital images to the Internet. In today’s world where random images can be instantly shared amongst millions of people, how can we trust what we see?

At a recent blockchain themed event in Silicon Valley, Intertrust’s CTO David Maher discussed an Intertrust R&D project that could be an answer. Code-named TIDALs (Trusted Immutable Distributed Assertion Ledgers), the project uses a combination of blockchain and trusted assertions to create the technical underpinnings of a digital trust infrastructure that could scale to meet this challenge. A self-proclaimed blockchain skeptic, Maher noted that “This is one area that I have been working in for 35 years and I think that blockchains can play a big role.”

Replacing Today’s Digital Certificates

Today’s digital trust infrastructure relies to a great extent on digital certificates, also known as certs. Dating back to the 1980s, digital certificates are widely used to authenticate devices and services such as SSL encrypted webserver traffic, encrypted e-mails, cable modems, set-top boxes, etc. While certs have played an essential role in the security of our digital world so far, to maintain the security of the vast number of connected devices as the “Internet of Everything” marches forward, Maher says that another technology is needed. Pointing out that as more and more IoT devices come online, he says that securing these devices at their expected scale will be difficult for current security techniques such as network security and certs.

Maher notes that while X.509 certs have worked well in his 35 years of experience in using them, they will have problems adapting to the scale and ubiquity of the expected tsunami of connected devices. Other issues with certs are that “they are hard to manage and once they are compromised, recovery is very hard” (Maher). At that point all the keys signed with that cert have now become untrustworthy and anything that uses them has to be recertified with new trusted certs.

Then there is the problem of relying on centralized cert management authorities that are mainly focused on key management. These organizations are not ideally set up for managing constantly changing attributes associated with the keys. One example that Maher brought up is a company might use a cert to authenticate an employee to perform a task one day but that employee may no longer be in that position the next day.

Moving to TIDALs

One thing that needs to be clear is that Maher isn’t calling for a quick retirement of the entire cert infrastructure but a gradual change to something more suited to the world of trillions of connected devices. As noted above, Maher is proposing TIDALs as an alternative. As he describes it, TIDALs are “assertion oriented blockchains.” In TIDALs, blocks in blockchains will contain hashed tags to data files that can assert for the provenance and authenticity of whatever the block is associated with.

For example, if the associated object is an image sensor, the tags could be point to the manufacturer of the sensor, the model type, firmware revision, device the sensor is built into, etc. These could be chained to other blocks that would be associated with image files recorded by the sensor and contain tags associated with the date and location stamps and even blocks with information on the owner of the device. Each of the hashed tags would be signed with a secret key issued by an authority to demonstrate that the assertion can be trusted. As Maher puts it, “The concept is having a universal oracle but it’s highly distributed and very heterogenous.”

The TIDALs project also includes the concept of TIDAL derivatives. These would be collections of assertions that would likely be constructed and maintained by organizations that are focused on a particular application type. These derivatives would typically be an ordered hash table pointing to a subset of records contained in the TIDALs blockchain. An example brought up by Maher would be a hash table of the web server bindings associated with all the world’s URLs. “You could have a 256-bit hash table of all the world’s URLs fit in 32 GB, basically half of your cell phone memory,” (Maher). According to Maher, looking up information from such a table would be “much much quicker than anything that’s done today.”

Maher’s description of TIDALs, once implemented, could create a broad and highly distributed trust infrastructure that could scale gracefully. Large numbers of organizations could act as authorities to build and maintain this blockchain and meet the challenge of bring trust to vast number of devices and quantities of information on the Internet. If you’re interested in finding more, feel free to download the presentation and get in touch.

How to Trust a Digital Photo: A Blockchain Based Proposal

  • Posted On
  • By Phil Keys

With the ever-increasing sophistication of digital tools, it’s now possible to alter digital photographs or videos with enough sophistication that it’s often extremely difficult to tell if they’ve been tampered with. In 2018, eMarketer estimated that there will be 4.57 billion people with mobile phones, not to mention huge numbers of security cameras, laptops, etc., all with image sensors capable of taking and transmitting digital images to the Internet.

Dave Maher speaking at Block World

With the ever-increasing sophistication of digital tools, it’s now possible to alter digital photographs or videos with enough sophistication that it’s often extremely difficult to tell if they’ve been tampered with. In 2018, eMarketer estimated that there will be 4.57 billion people with mobile phones, not to mention huge numbers of security cameras, laptops, etc., all with image sensors capable of taking and transmitting digital images to the Internet. In today’s world where random images can be instantly shared amongst millions of people, how can we trust what we see?

At a recent blockchain themed event in Silicon Valley, Intertrust’s CTO David Maher discussed an Intertrust R&D project that could be an answer. Code-named TIDALs (Trusted Immutable Distributed Assertion Ledgers), the project uses a combination of blockchain and trusted assertions to create the technical underpinnings of a digital trust infrastructure that could scale to meet this challenge. A self-proclaimed blockchain skeptic, Maher noted that “This is one area that I have been working in for 35 years and I think that blockchains can play a big role.”

Replacing Today’s Digital Certificates

Today’s digital trust infrastructure relies to a great extent on digital certificates, also known as certs. Dating back to the 1980s, digital certificates are widely used to authenticate devices and services such as SSL encrypted webserver traffic, encrypted e-mails, cable modems, set-top boxes, etc. While certs have played an essential role in the security of our digital world so far, to maintain the security of the vast number of connected devices as the “Internet of Everything” marches forward, Maher says that another technology is needed. Pointing out that as more and more IoT devices come online, he says that securing these devices at their expected scale will be difficult for current security techniques such as network security and certs.

Maher notes that while X.509 certs have worked well in his 35 years of experience in using them, they will have problems adapting to the scale and ubiquity of the expected tsunami of connected devices. Other issues with certs are that “they are hard to manage and once they are compromised, recovery is very hard” (Maher). At that point all the keys signed with that cert have now become untrustworthy and anything that uses them has to be recertified with new trusted certs.

Then there is the problem of relying on centralized cert management authorities that are mainly focused on key management. These organizations are not ideally set up for managing constantly changing attributes associated with the keys. One example that Maher brought up is a company might use a cert to authenticate an employee to perform a task one day but that employee may no longer be in that position the next day.

Moving to TIDALs

One thing that needs to be clear is that Maher isn’t calling for a quick retirement of the entire cert infrastructure but a gradual change to something more suited to the world of trillions of connected devices. As noted above, Maher is proposing TIDALs as an alternative. As he describes it, TIDALs are “assertion oriented blockchains.” In TIDALs, blocks in blockchains will contain hashed tags to data files that can assert for the provenance and authenticity of whatever the block is associated with.

For example, if the associated object is an image sensor, the tags could point to the manufacturer of the sensor, the model type, firmware revision, device the sensor is built into, etc. These could be chained to other blocks that would be associated with image files recorded by the sensor and contain tags associated with the date and location stamps and even blocks with information on the owner of the device. Each of the hashed tags would be signed with a secret key issued by an authority to demonstrate that the assertion can be trusted. As Maher puts it, “The concept is having a universal oracle but it’s highly distributed and very heterogenous.”

The TIDALs project also includes the concept of TIDAL derivatives. These would be collections of assertions that would likely be constructed and maintained by organizations that are focused on a particular application type. These derivatives would typically be an ordered hash table pointing to a subset of records contained in the TIDALs blockchain. An example brought up by Maher would be a hash table of the web server bindings associated with all the world’s URLs. “You could have a 256-bit hash table of all the world’s URLs fit in 32 GB, basically half of your cell phone memory,” (Maher). According to Maher, looking up information from such a table would be “much much quicker than anything that’s done today.”

Maher’s description of TIDALs, once implemented, could create a broad and highly distributed trust infrastructure that could scale gracefully. Large numbers of organizations could act as authorities to build and maintain this blockchain and meet the challenge of bringing trust to a vast number of devices and quantities of information on the Internet. If you’re interested in finding out more, feel free to download the presentation and get in touch.