diff --git a/whitepaper/demonstration/presentation.pdf b/whitepaper/demonstration/presentation.pdf index e7f98c3..a323499 100644 Binary files a/whitepaper/demonstration/presentation.pdf and b/whitepaper/demonstration/presentation.pdf differ diff --git a/whitepaper/demonstration/presentation.tex b/whitepaper/demonstration/presentation.tex index 51c3b45..73e1795 100644 --- a/whitepaper/demonstration/presentation.tex +++ b/whitepaper/demonstration/presentation.tex @@ -1,6 +1,8 @@ \documentclass{beamer} \usetheme{default} +\usepackage{tikz} + \graphicspath{.} \setbeamertemplate{frametitle}[default][center] @@ -46,18 +48,22 @@ \item Encourages user freedom. \end{itemize} \item \textbf{Security} \begin{itemize} - \item Constantly looking for ways to secure against threats specific to federated and decentralised infrastructures. + \item Constantly looking for ways to secure against threats specific to decentralised infrastructures. \item Security issues can be devastating even to decentralised infrastructures. \end{itemize} \end{itemize} \end{frame} -\begin{frame}{State of the art} +\begin{frame}{State of the field} \begin{itemize} - \item Private key encryption. - \item Signatures. + \item Private key encryption and signatures. \item Additive homomorphic encryption. - \item \textbf{Monero, Zcash}. Decentralised ledgers respectively using the \textit{Bulletproof} and \textit{ZK-SNARK} zero-knowledge proof systems. - \item \textbf{Web platform}. + \item \textbf{Monero, Zcash}. Decentralised ledgers respectively using the \textit{Bulletproof} and \textit{ZK-SNARK} zero-knowledge proof systems. \begin{itemize} + \item ZKP protocols exist for proving properties of Paillier cyphertexts (Ivan Damg\aa rd, Mads Jurik,, Jesper Nielsen). + \end{itemize} + \item \textbf{Web platform}. ECMAScript 2019+ \begin{itemize} + \item Web Locks API. + \item BigInt API. + \end{itemize} \end{itemize} \end{frame} \begin{frame}{Results} @@ -65,6 +71,32 @@ \end{frame} \begin{frame}{Results} Produce shared random values without beacons using commitment schemes. + + \begin{center} + \begin{tikzpicture}[ + every node/.append style={very thick,rounded corners=0.1mm} + ] + + \node[draw,rectangle] (A) at (0,0) {Peer A}; + + \node[draw,rectangle] (B) at (6,0) {Peer B}; + + \node[draw=blue!50,rectangle,thick] (NoiseA) at (0,-1) {Generate noise $N_A$, key $k_A$}; + \node[draw=blue!50,rectangle,thick] (NoiseB) at (6,-1) {Generate noise $N_B$, key $k_B$}; + + \draw [->,very thick] (0,-2)--node [auto] {$E_{k_A}(N_A)$}++(6,0); + \draw [<-,very thick] (0,-2.75)--node [auto] {$E_{k_B}(N_B)$}++(6,0); + + \draw [->,very thick] (0,-4)--node [auto] {$k_A$}++(6,0); + \draw [<-,very thick] (0,-4.75)--node [auto] {$k_B$}++(6,0); + + \node[draw=blue!50,rectangle,thick] (CA) at (0,-5.5) {Compute $N_A + N_B$}; + \node[draw=blue!50,rectangle,thick] (CB) at (6,-5.5) {Compute $N_A + N_B$}; + + \draw [very thick] (A)-- (NoiseA)-- (CA)-- (0,-5.5); + \draw [very thick] (B)-- (NoiseB)-- (CB)-- (6,-5.5); + \end{tikzpicture} + \end{center} \end{frame} \begin{frame}{Results} Generating large primes using ECMAScript \texttt{BigInt} and Rabin-Miller. @@ -82,6 +114,16 @@ \begin{frame}{Results} Implementation of Risk. \end{frame} +\begin{frame}{Next steps} + \begin{itemize} + \item Zero-knowledge system for fog-of-war. + \item Reduce issues of players halting play. \begin{itemize} + \item Handle disconnects. + \end{itemize} + \item Check for modular biases. + \item General analysis. + \end{itemize} +\end{frame} \begin{frame}{Citations} \textit{Image} Risk game board by CMG Lee, the asterisk denoting the missing link in the 40th Anniversary Collector's Edition, based on shapes from http://commons.wikimedia.org/wiki/File:Risk\_board.svg. 11 November 2008. CC-BY-SA 4.0 \end{frame} diff --git a/whitepaper/demonstration/speech.pdf b/whitepaper/demonstration/speech.pdf index b443582..d6423e2 100644 Binary files a/whitepaper/demonstration/speech.pdf and b/whitepaper/demonstration/speech.pdf differ diff --git a/whitepaper/demonstration/speech.tex b/whitepaper/demonstration/speech.tex index f1658c1..c14b6dd 100644 --- a/whitepaper/demonstration/speech.tex +++ b/whitepaper/demonstration/speech.tex @@ -89,7 +89,7 @@ My proposition is to play fog-of-war risk in an untrusted setup, for example in \subsection{slide4} -Besides cryptography and decentralised networks being of personal interest, there are further benefits to the expansion of cryptographic methods and their applications to federated platforms. +Besides cryptography and decentralised networks being of personal interest, there are further benefits to the expansion of cryptographic methods and their applications to decentralised platforms. decentralised platforms offer many benefits to their users, such as longer lifespans due to being community-ran. A good example of this is networks such as usenets and IRC outlasting many social media platforms, as they still have a community backing them. @@ -101,17 +101,17 @@ However, decentralised platforms are exposed to a unique set of challenges than For example, Tor experienced unique attacks against its infrastructure, including denial-of-service against old tor v2 addresses, causing the network to go offline for many users. -To mitigate security risks, platforms such as torrents revert to centralisation in the form of trackers to validate file chunks being sent via peers. The idea is that we want to avoid this centralisation as much as is possible. +To mitigate security risks, platforms such as torrents revert to centralisation in the form of trackers to validate file chunks being sent via peers. The idea is that we want to avoid this centralisation as much as possible. \subsection{slide5} -To achieve this, I will be using many of the standard cryptographic protocols such as AES and RSA, but along with the Paillier cryptosystem and zero-knowledge proofs, which are some newer and less appreciated cryptographic schemes. +To achieve this, I will be using many of the standard cryptographic protocols such as AES and RSA, but along with the Paillier cryptosystem and zero-knowledge proofs, which are some less appreciated areas of cryptography. -The reason i will be using Paillier is that it has an interesting additive homomorphic property, where manipulating cyphertexts actually manipulates the underlying plaintexts. +Paillier is of interest as it has an interesting additive homomorphic property, where manipulating cyphertexts manipulates the underlying plaintexts in predictable ways. -Zero-knowledge proofs are currently in use in the blockchain ledgers monero and zcash. They use bulletproofs and zksnarks respectively to obfuscate transaction amounts, recipients and senders. +Zero-knowledge proofs are currently in use in the blockchain ledgers monero and zcash. They use bulletproofs and zksnarks respectively to obfuscate transaction amounts, recipients and senders. I will be using a scheme described by Damgard et al, which allows construction of ZKPs for a cyphertext being non-zero -My implementation targets the web out of simplicity. This has caused some challenges that I will address however. +On a more practical note, my implementation is targetting the browser. This is of interest purely as it applies some particularly new APIs such as weblocks and bigint. \subsection{slide6} @@ -137,9 +137,9 @@ Finally, I have a P2P implementation of standard risk. The map is reduced to mak The next steps for the implementation are to blend the paillier cryptosystem with the game itself to get the fog-of-war variant. This requires the implementation of a zero-knowledge proof scheme that is described by INSERT REFERENCE. -I also want to improve the implementation somewhat to reduce other more general attack surfaces. For example, preventing players from stopping play by not responding to messages, which is currently an effective strategy for a losing player. There is also some cases of modular bias that need to be removed in the dice rolling scheme. +I also want to improve the implementation somewhat to reduce other more general attack surfaces. For example, preventing players from stopping play by not responding to messages, which is currently an effective strategy for a losing player. This also means gracefully handling disconnects. -Further analysis is also necessary of the optimisations I made to the paillier cryptosystem, as certain computations were subtly changed to ensure that the size of intermediary values didn't exceed the upper limit on big integers. +Further analysis is also necessary of the optimisations I made to the paillier cryptosystem, as certain computations were subtly changed to ensure that the size of intermediary values didn't exceed the upper limit on big integers. This may have introduced a modular bias, which would be breaking. Following this, I plan to do a more general analysis of the system to check its security and benchmark.