Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Blockchain solutions: the balance of safety an...

vixentael
October 18, 2017
Programming
2
620

Blockchain solutions: the balance of safety and efficiency, or just a trend?

Presented at UASC conference in Kyiv, Ukraine.

--------------------------------------
The security engineer's job is to choose the appropriate solutions for the problems and to apply them. Discussing blockchain regarding cryptography is rather boring: it is simple, and even some assumptions in high-level protocols do not cause protests.

I will talk about the other side - where blockchain looks like an optimal strategy, where it causes questions. We will walk through the risk&threats models, trust, and guarantees, to the experience of using blockchain in the real project (and what happened next).

--------------------------------------

Links to check:

Learn Blockchains by Building One
https://hackernoon.com/learn-blockchains-by-building-one-117428612f46

Blockchain & Cyber Security. Let’s Discuss
https://www2.deloitte.com/content/dam/Deloitte/ie/Documents/Technology/ IE_C_BlockchainandCyberPOV_0417.pdf

3 Ways Blockchain Is Revolutionizing Cybersecurity
https://www.forbes.com/sites/omribarzilay/2017/08/21/3-ways-blockchain-is- revolutionizing-cybersecurity/#6d43bcf4233

vixentael

October 18, 2017
Tweet

More Decks by vixentael

See All by vixentael
Using YubiKey and FIDO U2F for secure authentication
vixentael
0
1.8k
Data is a new security boundary
vixentael
0
6.2k
Cryptographic protection of ML models
vixentael
0
2.9k
e2ee != security != privacy
vixentael
0
2.2k
Maintaining cryptographic library for 12 languages
vixentael
1
4k
10 lines of encryption, 1500 lines of key management
vixentael
2
1.7k
Security, privacy and cryptography at WWDC19
vixentael
1
730
Data encryption: CyberKids edition
vixentael
0
650
"Defense in depth": trench warfare principles for building secure distributed applications
vixentael
3
920

Other Decks in Programming

See All in Programming
3 Effective Rules for Using Signals in Angular
manfredsteyer
PRO
0
100
Make Impossible States Impossibleを 意識してReactのPropsを設計しよう
ikumatadokoro
0
170
subpath importsで始めるモック生活
10tera
0
300
3 Effective Rules for Using Signals in Angular
manfredsteyer
PRO
0
110
Outline View in SwiftUI
1024jp
1
330
Enabling DevOps and Team Topologies Through Architecture: Architecting for Fast Flow
cer
PRO
0
320
LLM生成文章の精度評価自動化とプロンプトチューニングの効率化について
layerx
PRO
2
190
エンジニアとして関わる要件と仕様(公開用)
murabayashi
0
280
みんなでプロポーザルを書いてみた
yuriko1211
0
260
型付き API リクエストを実現するいくつかの手法とその選択 / Typed API Request
euxn23
8
2.2k
シールドクラスをはじめよう / Getting Started with Sealed Classes
mackey0225
4
640
どうして僕の作ったクラスが手続き型と言われなきゃいけないんですか
akikogoto
1
120

Featured

See All Featured
Navigating Team Friction
lara
183
14k
Bash Introduction
62gerente
608
210k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
25
1.8k
Raft: Consensus for Rubyists
vanstee
136
6.6k
Six Lessons from altMBA
skipperchong
27
3.5k
jQuery: Nuts, Bolts and Bling
dougneiner
61
7.5k
How STYLIGHT went responsive
nonsquared
95
5.2k
A Modern Web Designer's Workflow
chriscoyier
693
190k
It's Worth the Effort
3n
183
27k
The Cost Of JavaScript in 2023
addyosmani
45
6.7k
Bootstrapping a Software Product
garrettdimon
PRO
305
110k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
47
2.1k

Transcript

  1. Blockchain solutions: the balance of safety and efficiency, or just

    a trend?

  2. #uasc @vixentael Security instrument

  3. None

  4. Security instrument #uasc @vixentael counteracts specific risks

  5. #uasc @vixentael Blockchain: what data signature

  6. #uasc @vixentael Blockchain: what data signature data signature ] data

    signature ]

  7. #uasc @vixentael Blockchain: what linked list of blocks distributed database

    history of trans- actions each block contains meta-info data signature

  8. #uasc @vixentael Blockchain: decentralized

  9. #uasc @vixentael consensus problem Blockchain: decentralized

  10. #uasc @vixentael identity ownership resistance to the single point of

    failure transparency cannot modify transactions Blockchain: why these reasons are more valid than ‘everyone uses blockchain’

  11. #uasc @vixentael

  12. #uasc @vixentael crypto currency smart contracts voting systems digital identity

    Blockchain: where

  13. #uasc @vixentael https://www.ibm.com/blogs/insights-on-business/government/ten-things-blockchain-not/ replacement of distributed db secure messaging replacement

    high volume transactions anonymous Blockchain: is NOT

  14. Blockchain: is NOT #uasc @vixentael

  15. blockchain-based PKI #uasc @vixentael

  16. #uasc @vixentael Problem PKI == centralized trust

  17. #uasc @vixentael PKI is about registration verification revocation

  18. #uasc @vixentael PKI is about registration verification revocation CA

  19. CA #uasc @vixentael PKI is about registration verification revocation LET’S

    ADD BLOCKCHAIN!

  20. #uasc @vixentael PKI on blockchain key storage blockchain records about

    revoked keys blockchain

  21. #uasc @vixentael No need to trust one point key storage

    blockchain records about revoked keys blockchain key storage blockchain records about revoked keys blockchain key storage blockchain records about revoked keys blockchain

  22. #uasc @vixentael PKI on blockchain registration verification revocation key storage

    blockchain records about revoked keys blockchain

  23. #uasc @vixentael Pros vs Cons registration verification revocation

  24. #uasc @vixentael PKI on blockchain is cool, but cumbersome key

    storage blockchain records about revoked keys blockchain key storage blockchain records about revoked keys blockchain key storage blockchain records about revoked keys blockchain

  25. Blockchain-based solutions are not for everything #uasc @vixentael

  26. WHAT I THINK I LOOK LIKE WHEN I’M TALKING ABOUT

    BLOCKCHAIN WHAT I ACTUALLY LOOK LIKE TALKING ABOUT BLOCKCHAIN

  27. Home reading https://hackernoon.com/learn-blockchains-by-building-one-117428612f46 Learn Blockchains by Building One https://www2.deloitte.com/content/dam/Deloitte/ie/Documents/Technology/ IE_C_BlockchainandCyberPOV_0417.pdf

    Blockchain & Cyber Security. Let’s Discuss https://www.forbes.com/sites/omribarzilay/2017/08/21/3-ways-blockchain-is- revolutionizing-cybersecurity/#6d43bcf4233 3 Ways Blockchain Is Revolutionizing Cybersecurity

  28. @vixentael Tech Lead Feel free to reach me with any

    mobile security questions. I do check my inbox :)