CryptoCoinsInfoClub.com

Blockchain Privacy

Security And Privacy In Blockchain Environments

Security And Privacy In Blockchain Environments

Security and Privacy in Blockchain Environments June 2017 - Blockchain | Cyber Security | Data Protection & Privacy | Encryption Security and Privacy in Blockchain Environments Matteo Cagnazzo and Chris Wojzechowski, both researchers at the Institute for Internet Security, explore how security and privacy can be enhanced by blockchain technology. Blockchain is currently one of the most-hyped technologies. In this short article we will try to show where current downsides in blockchain security and privacy are. We will explore how security and privacy can be enhanced by blockchain technology and outline the challenges ahead. Transactions are globally published and are not encrypted in most applications. If this data is personal data, for example medical or financial data, this leads to regulatory and legal problems, especially in Germany. One solution is to store only encrypted data in the blockchain, which leads to another problem: If the key to decrypt specific information is lost, the data may not be recovered accurately. Furthermore, if a key is stolen and published, all the data is forever decrypted in the blockchain since the data cannot be altered. However, blockchain can also help to improve defensive cybersecurity strategies, especially in terms of identity and access: One attack scheme for man-in-the-middle (MITM) attacks is to get the Certificate Authority (CA) to provide the user with forged public keys (Public-Key Substitution MITM attack). This can lead to the decryption of sensitive information. In a blockchain approach whereby users put their public keys in published blocks, the information is distributed over the participating nodes with links to previous and following blocks. This makes the public key immutable and it becomes harder for attackers to pub Continue reading >>

Monero - Privacy And Anonymity On The Blockchain | Cryptoslate

Monero - Privacy And Anonymity On The Blockchain | Cryptoslate

Fittingly, the exact origin story behind Monero is still somewhat mysterious. Like digital cash, its untraceable as it changes hands. The concept behind Monero was first published by Nicolas van Saberhagen. This name was later proven to be a pseudonym and can refer to either an individual creator or developing team. Monero was created to enhance the users anonymity, an issue that was increasingly experienced in the Bitcoin community. While Nicolas van Saberhagen came up with the idea behind the cryptocurrency, it was coded by a user simply known by their online pseudonym thankful_for_today. Monero was initially called Bitmonero, taking the monero part from Esperanto, where the term means coin. However, after a hard fork in 2014, the cryptocurrency evolved into the Monero that we know today. While users technically enjoy a degree of anonymity on the Bitcoin network, the network still allows transactions to be traced back to the accounts from which they originated. In addition, users on the bitcoin network can see each others total bitcoin holdings available in their accounts. While its relatively easy for bitcoin users to keep their real-life identities hidden on the Bitcoin network, it becomes difficult to do so once you engage in any Bitcoin deals that require you to use your name. After attaching your name to a deal, it becomes easy for other users to trace transactions back to you. While the regular user would not be too alarmed by this, those users who need bitcoin for not-so-legal activities obviously consider this a major issue. To address this, Monero uses several techniques to ensure anonymity on its network. All users are issued with stealth addresses. These unique addresses are encrypted which prevents any transactions from being traced back to its account of Continue reading >>

Privacy On The Blockchain: Where Are We Headed?

Privacy On The Blockchain: Where Are We Headed?

Privacy on the Blockchain: Where Are We Headed? Dec 27, 2017 at 20:55 UTC|UpdatedDec 29, 2017 at 00:02 UTC Arianna Simpson is the founder and managing director of Autonomous Partners, a fund focused on cryptocurrencies and digital assets. She is also a venture partner at Crystal Towers Capital, a venture capital fund, and previously spent time at Facebook and BitGo. The following article is an exclusive contribution to CoinDesk's 2017 in Review . For all the claims that have been made over the years about bitcoin being a safe haven for criminals, it's becoming increasingly clear that capital flows on the blockchain aren't private. Bitcoin itself indexes poorly on both the anonymity and confidentiality fronts, as addresses offer pseudonymity at best, and balances are completely public. Companies like Elliptic and Chainalysis are building businesses around blockchain forensics, and as the network increases in value, incentives to track flows of capital only become stronger. The rising tide of awareness about this is largely responsible for the growth in privacy coins in 2017, many of which experienced meteoric price and transaction volume increases. To those new to the field, getting up to speed can feel like an onerous task, but it's important to remember we're still in the early days, andcatching up on the cutting-edge is as easy as familiarizing yourself with a handful of key issues and projects likely to be of interest in the months and years ahead There's never a shortage of ideological differences in the world of cryptocurrencies. As it relates to privacy, one of the biggest is whether or not techniques that keep data from being shared should be default. Emblematic of this issue are two of the sector's biggest coins - monero and zcash. Of the two, monero offers pri Continue reading >>

Privacy On The Blockchain

Privacy On The Blockchain

Blockchains are a powerful technology, as regular readers of the blog already likely agree. They allow for a large number of interactions to be codified and carried out in a way that greatly increases reliability, removes business and political risks associated with the process being managed by a central entity, and reduces the need for trust. They create a platform on which applications from different companies and even of different types can run together, allowing for extremely efficient and seamless interaction, and leave an audit trail that anyone can check to make sure that everything is being processed correctly. However, when I and others talk to companies about building their applications on a blockchain, two primary issues always come up: scalability and privacy. Scalability is a serious problem; current blockchains, processing 3-20 transactions per second, are several orders of mangitude away from the amount of processing power needed to run mainstream payment systems or financial markets, much less decentralized forums or global micropayment platforms for IoT. Fortunately, there are solutions , and we are actively working on implementing a roadmap to making them happen. The other major problem that blockchains have is privacy. As seductive as a blockchains other advantages are, neither companies or individuals are particularly keen on publishing all of their information onto a public database that can be arbitrarily read without any restrictions by ones own government, foreign governments, family members, coworkers and business competitors. Unlike with scalability, the solutions for privacy are in some cases easier to implement (though in other cases much much harder), many of them compatible with currently existing blockchains, but they are also much less s Continue reading >>

Why Blockchain Might End Up Eroding Your Online Privacy

Why Blockchain Might End Up Eroding Your Online Privacy

Why Blockchain Might End Up Eroding Your Online Privacy Answer by Stan Hanks , CTO of Columbia Ventures Corp, on Quora : The promise of the blockchain is that its immutable, and public, and distributed. Once a transaction is recorded, its there, forever. Think about your life and how you handle your bills - mortgage or rent, car payment, insurance, power, water, credit cards, etc. So, you have that in your head, right? Pretty good idea how that works, which ones get paid when, etc.? Add to that how you get paid - salary from your employer, fees for consulting, selling cans at the recycling center, whatever. Imagine this future in whichALL OF THATis on the blockchain, forever. Admittedly, theres this ambiguation component: the ID of a given wallet is used, and there is in theory no way to tie that to you, individually. Lets say that I develop a keen interest in what your financial life looks like. And I want to know your wallet ID. Simple enough: all I need to do is arrange to pay you, or be paid by you, and bingo, I have your ID. Now all I need to do is walk the blockchain looking for all instances, and Ill know what youre doing - where payments are sent and where inbound payments come from. Over a sufficiently long period - call it a year, probably less - of payment history, I can figure it out. That big one, thats probably your house. The next bigger one is your car. And utilities and credit card companies - they probably have a public wallet ID published for all inbound payments, so thats easy. With a modest amount of work, I can figure it all out. 80% or so will be trivial, the rest will take some work - and require that I am sufficiently interested to pursue it. Now, if Im careful and willing to run multiple wallets, and work hard to actively obscure what Im doing Continue reading >>

Enhancing Individual Privacy With Ibm Blockchain And Senzing Er

Enhancing Individual Privacy With Ibm Blockchain And Senzing Er

Enhancing Individual Privacy with IBM Blockchain and Senzing ER Data privacy protection is a critical requirement for organizations that store data about people and organizations. A tamper-resistant audit log should be included in every organizations comprehensive privacy and security architecture. When immutable audit logs are in place, user interactions are permanently recorded. Even administrators with the highest level of system privileges cannot alter these events. In 2012, when I was an IBM Fellow and chief scientist of IBM Entity Analytics, I co-authored a paper with Ann Cavoukian, the creator of Privacy by Design. The paper Privacy by Design in the Age of Big Data [1] addressed how privacy and responsibility can be advanced in the new era of big data analytics. One of the areas we covered was how to reduce the risk of users misusing the system: The question Who will watch the watchmen? remains as relevant today as when it was first posed in Latin two thousand years ago. People with access and privileges can, and do, occasionally look at records without a legitimate business purpose, e.g., an employee of a banking system looking up his neighbors account. Tamper-resistant logs make it possible to audit user behavior. Implementing them may decrease violations, because where employees know such audits are possible, they may be less likely to succumb to temptation. Its true. When immutable audit logs are in place, corrupt individuals are deterred from engaging in a range of bad behaviors, from peeping [2] to corporate espionage and identity theft. Data privacy has been a passion of mine for more than two decades. My team and I built Privacy by Design (PbD) into our Senzing ER entity resolution technology from the beginning. The details of how PbD is incorporated int Continue reading >>

Solving Blockchain's Privacy Problem

Solving Blockchain's Privacy Problem

An image of Bitcoin and US currencies is displayed on a screen as delegates listen to a panel of speakers during the Interpol World Congress in Singapore on July 4, 2017. Roslan Rahman/AFP/Getty Images This article was originally published on International Business Times . Read the original article . Richard Gendal Brown, the chief technology officer at R3, believes IBM should adopt Corda, the shared ledger platform his engineering team has built for its 80-plus member banks. Brown, who was formerly executive architect for banking and financial markets at IBM and worked there for over 15 years before joining R3, does not make this statement lightly; it follows a close examination of the latest version of Hyperledger Fabric, the open source consortium platform which is IBM's preferred blockchain. Asked directly about IBM's position in the blockchain space, Brown said: "I think they are actually exercising their strategy pretty well. From a strategic perspective, I think they are doing all the right things. It may well not succeed but it's hard to fault them on that. Geneva Motor Show 2018: From High Performance Supercars to Wacky Robo-Vehicles and Everything In Between "I just don't think the technology is the right architecture. Fabric's design works for some things but actually it's fundamentally flawed in other areas. What they should do of course is adopt Corda; and we will happily work with them on that." First generation enterprise blockchains have taken the underlying design of Bitcoin and Ethereum and been met with the thorny problem of data privacy. Brown says there are basically two distinct ways to solve this. One is the Corda approach, which is doing data distribution on a case by case basisindividual deal, trade, balance, loan agreement etcsent only to thos Continue reading >>

Ieee Security & Privacy On The Blockchain (ieee S&b)

Ieee Security & Privacy On The Blockchain (ieee S&b)

IEEE SECURITY & PRIVACY ON THE BLOCKCHAIN (IEEE S&B) AN IEEE EUROPEAN SYMPOSIUM ON SECURITY & PRIVACY AFFILIATED WORKSHOP 23 April 2018, University College London (UCL), London, UK Deadline for submission of research papers Acceptance notification and registration instructions sent University College London is hosting this workshop. Security & Privacy on the Blockchain (affiliated with Euro S&P ) Blockchains---the underlying technology of Bitcoin---have emerged as a promising instrument for transparency and integrity in a decentralized fashion, with an ever-increasing interest from popular media, research, and policy communities. As Bitcoin suffers from scalability and privacy issues that impede its wider adoption, many choose the spectrum of permissioned or a combination of public and private blockchains. With the Security on Blockchain Workshop we propose to look at the major issues in adopting blockchains---both permissioned and permissionless models---as a wide, secure and privacy preserving solution to contemporary problems in various fields: financial, authentication, access control, medical applications, fast data transactions, manufacturing processes, etc. This workshop focuses on the critical analysis of various implementations of blockchain solutions, and the security improvements brought by technologies built on top of blockchains such as Sidechains, Confidential Transactions, Hyperledger, Lightning Networks, and Smart Contracts, and their application to security and privacy in the field. 8:00 Registration open (Note registration is different than EuroS&P, please get new badge in morning for workshops) 9:15-10:30 Introductory Remarks and Keynote 9:15-9:30 Overview of Security and Privacy on Blockchain Workshop by Shehar Bano, Arthur Gervais and Marta Piekars Continue reading >>

Differentiating Between Privacy And Secrecy On The Blockchain

Differentiating Between Privacy And Secrecy On The Blockchain

Differentiating Between Privacy and Secrecy on the Blockchain There is a fair amount of confusion about the relationship between privacy and secrecy. This is especially true in the world of blockchain technology, where platforms like Bitcoin have traditionally been viewed as overly secretive. In reality, one of the greatest benefits of the blockchain is that it makes it easy to achieve privacy without secrecy. When leveraged the right way, blockchain technology can protect private data without requiring murky, secretive operations. Put simply, secrecy means withholding information, even from people who have a legitimate right to access it because it affects them. Secrecy can be a harmful quality. In contrast, privacy refers to the ability of an individual to control the sharing of information that they rightfully own. Privacy is a right that we should all enjoy. If you take the world of digital advertising as an example, its easy to see the difference between secrecy and privacy. Traditionally, the digital advertising industry has been highly secretive. Companies like Google collect information from users, then use proprietary algorithms to serve ads based on that information. Under this model, users have very little control over how their personal information is shared. In many cases, they do not even know how or when data collection takes place. Its all a secret. For their part, even content publishers and advertisers rarely know exactly what is happening in the secretive world of digital advertising. They rely on intermediaries to serve ads to the right users, and those intermediaries operate behind closed doors. This lack of transparency has led to disputes like the claim in The Guardian that digital advertisers collect secret commissions that harm publishers and a Continue reading >>

How Blockchain Could Help Us Take Back Control Of Our Privacy

How Blockchain Could Help Us Take Back Control Of Our Privacy

How Blockchain could help us take back control of our privacy The Cambridge Analytica breaches show the dangers of leaking personal, sensitive data online but theres a way to avoid this Last modified on Sat 24 Mar 2018 22.56EDT Facebooks data centre in Prineville, Oregon. The company has suffered a major breach.Photograph: Facebook/EPA The Cambridge Analytica scandal poses some serious questions about the integrity of democracies in the information age. From Trump to Brexit , the dirty tricks apparently offered by CAs top executives should cause concern everywhere that elections happen. But the episode is also worrying because of its specific focus: data. We create reams of data every day every time we open a browser window and every time we make a contactless payment. We do this without thinking. The Cambridge Analytica news demonstrates the power that this data can have when we lose control of it. Facebook isnt the only huge data company to have suffered a major breach in recent years. In September it was revealed that 143 million Americans and 44 million Britons had sensitive information stolen from Equifax, the credit rating firm, including home addresses and social security numbers. The kicker in this case was that many of those affected had no idea the company was holding that information in the first place such is the staggering growth of data creation and collection, and the lack of controls enjoyed by consumers over who gets to keep it. Clearly, its time for a radical rethink about the data we are producing and the processes governing its collection and maintenance. The EU has already gone some way to addressing these questions through the introduction of General Data Protection Regulation , a set of new rules dictating how businesses can handle personal infor Continue reading >>

Dspace@mit: Invisible Ink : Blockchain For Data Privacy

[email protected]: Invisible Ink : Blockchain For Data Privacy

Other Contributors:Massachusetts Institute of Technology. Department of Architecture. Program in Media Arts and Sciences. Department:Massachusetts Institute of Technology. Department of Architecture. Program in Media Arts and Sciences. Publisher:Massachusetts Institute of Technology The problem of maintaining complete control over and transparency with regard to our digital identity is growing more urgent as our lives become more dependent on online and digital services. What once was rightfully ours and under our control is now spread among uncountable entities across many locations. We have built a platform that securely distributes encrypted user-sensitive data. It uses the Bitcoin blockchain to keep a trust-less audit trail for data interactions and to manage access to user data. Our platform offers advantages to both users and service providers. The user enjoys the heightened transparency, control, and security of their personal data, while the service provider becomes much less vulnerable to single point-of failures and breaches, which in turn decreases their exposure to information-security liability, thereby saving them money and protecting their brand. Our work extends an idea developed by the author and two collaborators, a peer-to- peer network that uses blockchain technology and off-blockchain storage to securely distribute sensitive data in a decentralized manner using a custom blockchain protocol. Our two main contributions are: 1. developing this platform and 2. analyzing its feasibility in real-world applications. This includes designing a protocol for data authentication that runs on an Internet scale peer-to-peer network, abstracting complex interactions with encrypted data, building a dashboard for data auditing and management, as well as building se Continue reading >>

Fin Identity, Privacy, And The Blockchain

Fin Identity, Privacy, And The Blockchain

In the offline world, identity and privacy are rather straightforward. Peoples identities are proven by simply being who they are, and privacy reflects the ability to control what others know about their identity. Occasionally, tangible objects such as drivers licenses or bills are required to verify identity with businesses or government entities. In the current interconnected and online world, we instead use various digital markers to demonstrate identity. These markers somehow prove we are who we say but are often only tangentially related to the service being accessed and require us to relinquish a significant amount of privacy. There are a number of problems with the current systems used as proxies for identity, but new technologies like blockchain might be able to help us reclaim our online (and offline) selves. Markers of identity are often required to be very personal pieces of data. Consider the litany of personal information collected when someone opens a checking account, such as street address and identification (drivers license or passport). Its easy to take these pieces of data for granted, as weve generally become accustomed to handing them over at the drop of a hat. But lets take a moment to consider what giving up these pieces of identity really means and whether its really necessary. In handing over a passport to a banker, a person gives the bank full permission to record not only their date and place of birth, but also everywhere he or she has traveled. This might not seem like a big deal, but what does place of birth really have to do with whether or not a bank allows someone to deposit money in their accounts? This isnt to say that banks shouldnt require identity verification; regulations like KYC and AML exist for a reason. However, because our cu Continue reading >>

Privacy On The Blockchain

Privacy On The Blockchain

co-founder @scalarcapital, burner, #bitcoin enthusiast, previously growth eng @coinbase Privacy in an open society requires anonymous transaction systems. Until now, cash has been the primary such system An anonymous system empowers individuals to reveal their identity when desired and only when desired. Co-founder of the cypherpunk movement, UC Berkeley mathematician Financial matters are often ill-suited for public attention Theres a popular misconception that Bitcoin is anonymous and untraceable. Its an understandable mistake given Bitcoins first popular use case was the infamous Silk Road a market known for dealing in illicit substances. The truth is that Bitcoin is pseudonymous and fully traceable. In fact, every transaction in Bitcoin maps inputs to outputs, allowing anyone to follow the money trivially. Satoshi even went so far as defining a bitcoin literally as a history of its custody: We define an electronic coin as a chain of digital signatures. Bitcoins transactions are tracked as a graph that resides on the blockchain permanently. If someone learns of information that links your identity to your bitcoin address, they can learn a ton about you. Its possible to infer your spending patterns (where you spend, how much, how often), your wealth and income, whom you associate with. How do you feel knowing those whom you transact with may be able to learn so many personal facts about you? There are countless ways that identities can be linked to a wallet address. Some people share their address publicly. The exchange you bought your bitcoin from has both your identity and your addresses. Merchants you pay can make the association. Two companies, Elliptic and Chainalysis , are in the business of linking identities to addresses, and compiling all their insights into Continue reading >>

Blockchain Will Rewire Security, Privacyand Business

Blockchain Will Rewire Security, Privacyand Business

Blockchain will rewire security, privacyand business Blockchain, the distributed-ledger technology behind cryptocurrencies including Bitcoin, is changing the concept of online security so profoundly that it will revolutionize the way we use the Internet, says Alex Tapscott, coauthor ofBlockchain Revolution. Rather than an "internet of information," the online world will become an "internet of transactions," in which security and authentication methods based on blockchain allow the automatic, secure exchange of information and money and the execution of contractswithout a bank, credit card company, or other intermediary to confirm identities and handle the money, said Tapscott. The lead author ofBlockchain Revolutionis his father,Don Tapscott, author of along listof future-shaping analyses of the potential for new technology, includingThe Digital Economy(1994) andParadigm Shift(1993). Blockchain allows identities to be confirmed and things of value, such as contracts or units of cryptocurrency, to be identified with records that can be easily audited to ensure they're authentic. Because of this, its influence will extend far beyond the market for Bitcoin, where it started, or the financial services markets, which are undergoing dramatic changes due to blockchain and cryptocurrencies , Tapscott said. Tamper-proof public databases that can confirm a document's authenticity without a notary involved, and the ability to avoid having to use and reconcile transactions through intermediaries, could save banks $20 billion per year by 2022, according to a recent report from the venture capital analyst arm of international banking conglomerateSantander. "On the Internet, when I send information, I'm not sending the actual document, I'm sending a copy of that document," Tapscott t Continue reading >>

Blockchain Is On A Collision Course With Eu Privacy Law

Blockchain Is On A Collision Course With Eu Privacy Law

Blockchain is on a collision course with EU privacy law Those who have heard of blockchain technology generally know it as the underpinning of the Bitcoin virtual currency, but there are myriad organizations planning different kinds of applications for it: executing contracts , modernizing land registries , even providing new systems for identity management . Theres one huge problem on the horizon, though: European privacy law. The blocs General Data Protection law, which will come into effect in a few months time, says people must be able to demand that their personal data is rectified or deleted under many circumstances. A blockchain is essentially a growing, shared record of past activity thats distributed across many computers, and the whole point is that this chain of transactions (or other fragments of information) is in practice unchangeable this is what ensures the reliability of the information stored in the blockchain. For blockchain projects that involve the storage of personal data, these two facts do not mix well. And with sanctions for flouting the GDPR including fines of up to 20 million or 4 percent of global revenues, many businesses may find the ultra-buzzy blockchain trend a lot less palatable than they first thought. [The GDPR] is agnostic about which specific technology is used for the processing, but it introduces a mandatory obligation for data controllers to apply the principle of data protection by design, said Jan Philipp Albrecht, the member of the European Parliament who shepherded the GDPR through the legislative process. This means for example that the data subjects rights can be easily exercised, including the right to deletion of data when it is no longer needed. This is where blockchain applications will run into problems and will proba Continue reading >>

More in ethereum