apache milagro presentation at apachecon europe 2016
TRANSCRIPT
![Page 1: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/1.jpg)
Apache Milagro (incubating)
Brian Spector, Co Founder / CEO, MIRACLCo Founder, Apache Milagro (incubating)
![Page 2: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/2.jpg)
To Secure the Future of the Web
Apache Milagro: A Distributed Cryptosystem
![Page 3: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/3.jpg)
PKI and Certificates: Mainly used to secure
connection between different web browser manufacturers
and millions of web sites.
Today’s Security is PKI / Passwords / 2FA
3
Passwords and / or API Keys: Stored credentials sent from browser / client to back end
service to authenticate user or application.
Two-Factor Authentication: Additional authentication deployed in addition to
passwords to stop a compromise of account.
passwordsbrowser
Password database
2nd Factor of Authentication
Bob
Web / App server with domain certificate
UsernameBob28v.NoirAlice_467Sarah.h!Samsam10sunnykid1
Passwordsarahpassword123linkedinfacebook1helloPass1!
[email protected]@gS.hard@gSam@yahsunny@ma
2nd Factor AuthenticationDatabase of Keys orSeed Values
![Page 4: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/4.jpg)
Public Key Infrastructure (PKI) Refresher
4
Public / Private Key Pair
Public Key Private Key
What is encrypted with one key
Can be decrypted with the other
Can be decrypted with the other
What is encrypted with one key
Public / Private Key Refresher:Current state of the art is Asymmetric Encryption (Public and Private Keys)
![Page 5: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/5.jpg)
Public / Private Key RefresherCurrent state of the art with Alice and Bob example
5
Hello Bob! Encrypt Bob’s Public Key
As&*09sxx!jljsljslj7897 Alice uses Bob’s Public Key to encrypt information meant for Bob
DecryptHello Bob! Bob’s Private Key Bob’s Key Pair
Alice
Bob
Bob uses his Private Key to decrypt information
Public Key Infrastructure (PKI) Refresher
![Page 6: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/6.jpg)
An X.509 Digital Certificate is an electronic document used to prove the ownership of a domain, person, app or thing’s public key.
Digital Certificates Provide Identity for PKI
6
Example: Bob’s Public Key is binded to Bob’s Certificate by a Certificate Authority’s signature.
Bob’s Public
Key
Bob
The certificate includes information about its owner's identity, the public key and
the digital signature of a Certificate Authority that has verified the certificate's
contents are correct.
Certificate Authority
Identity Information CA’s SignatureCertificate with CA Signature
![Page 7: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/7.jpg)
PKI is Complex, Costly and Vulnerable
7
Alice
Certificate AuthorityRegistration Authority Recovery Server
CA’s Root & Public
Key
Their Private Keys
People / Apps / Things
OCSP Server
Their Public Keys and Certificates
HSMs store CA Root KeysDirectory Servers
![Page 8: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/8.jpg)
Today’s Security is Centralized
8
PEOPLE
THINGS
APPS
UsernameBob28v.NoirAlice_467Sarah.h!Samsam10sunnykid1
Passwordsarahpassword123linkedinfacebook1helloPass1!
[email protected]@gS.hard@gSam@yahsunny@ma
password123
Credentials sent over the Internet risk being stolen in transit
Most everything on the Internet uses some form of stored credential to authenticate and securely
communicate
Today’s Security stores authentication credentials in whole form, in one place, and is easy to compromise.
![Page 9: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/9.jpg)
Today’s Security Does Not Work
9
Since 2013: 5 Billion Data Records Breached
Credentials sent over the Internet risk being stolen in transit
Most everything on the Internet uses some form of stored credential to authenticate and securely
communicate
![Page 10: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/10.jpg)
10
The username / password database still exists, full of passwords,in whole form, in one place, ready to be hacked.
Two-Step and Two-Factor Don’t Remove the Threat
SMS
2FA
Username/PasswordDatabase still there
Two-Step
Two-Factor
UsernameBob28v.NoirAlice_467Sarah.h!Samsam10sunnykid1
Passwordsarahpassword123linkedinfacebook1helloPass1!
[email protected]@gS.hard@gSam@yahsunny@ma
![Page 11: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/11.jpg)
Our Ideal Security Architecture
11
• Centralized (enforced) Trust Authorities
• Single Points of Compromise (root keys)
• x.509 is required because the crypto is old
• Management is hard / revocation is broken
• Proprietary / hard to audit
VS
• Distributed Cryptosystem with Distributed Trust
• No Single Points of Compromise
• Identity is burned into the keys, no x.509
• Revocation works because less moving parts
• Open source / easily auditable
Today Tomorrow
![Page 12: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/12.jpg)
Multi-Factor Authentication and TLS
Extend Trust based on your needs
Revoke Trust based on your environments
Scale Trust to Mobile, IoT, and apps
Apache Milagro: A Distributed Cryptosystem
![Page 13: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/13.jpg)
Milagro Utilizes Pairing Cryptography
13
• Identity is “burned in” to the cryptographic keys removing the need for x.509 digital certificates and PKI
• Private Keys can be generated in “fractions” by different Private Key Generators called Distributed Trust Authorities
• Only the endpoint receiving the fractions knows the complete key
• The key is protected by splitting it into different identity factors that are local to the endpoint
• Identity factors are never stored, hence, the complete key is never stored
This makes the following possible:
![Page 14: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/14.jpg)
Milagro enabled apps and things receive their key shares, or fractions, from Distributed Trust Authorities.
Distributed Trust Ecosystem
D-TA 2
D-TA 3
D-TA 1
Keys have Identity ”burned in”
![Page 15: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/15.jpg)
Distributed Trust Authorities (D-TAS)
End Customer (Enterprise)
D-TA 1
D-TA 2
D-TA 3
Foundation
Cloud Provider
Milagro EnabledClients and Servers
Anyone or organization can become a Distributed Trust Authority
And run it in any geography or jurisdiction
There is no PKI ‘root’ – the future is decentralized
![Page 16: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/16.jpg)
Receiving Keys from D-TAs
FromD-TA1 FromD-TA2
D-TA 2
D-TA 3
D-TA 1
FromD-TA3
• Private Keys can be generated in “fractions” by different Private Key Generators called Distributed Trust Authorities
• Only the endpoint receiving the fractions knows the complete key
KeyID=AnyUniqueIDthatcanbeclaimedbytheendpointExample:[email protected] ORChipID#98934879847,etc.
![Page 17: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/17.jpg)
Protecting the Key for Storage (End User)
21
SoftwareToken
PIN3
Geo4 Biometric 5 Time
As part of establishing their identity, a user chooses a 4-digit PIN
(something they know)
A software token resides within the mobile application that the user employs to authenticate into a service
(something they have)
A specific location (employer) or series of locations can also become part of a user’s identity
(somewhere they are)
User can input a unique biometric (fingerprint) as part of their identity
(something they are)
Identities can be established for authorization only within certain time zones or windows
(in the right time)
NoKeyEncryptionKey(KEK)toprotectMilagroPrivateKeyrequired
![Page 18: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/18.jpg)
Protecting the Key for Storage (IoT)
21 KeyFragmentPUF
5 Time
A device can take advantage of using physically unclonable functions (PUF) known only to it as a PIN #(something it knows)
A software token resides within SVRAM or other voliatile or NV storage
(something it has)
Identities can be established for authorization only within certain time zones or windows
(in the right time)
NoTEEorTPMtoprotectMilagroPrivateKeyrequired
![Page 19: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/19.jpg)
Identity based cryptographic multi-factor authentication and digital signature protocol that replaces passwords.Milagro MFA runs entirely in software – it’s browser / app friendly.
Milagro Multi-Factor Authentication
![Page 20: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/20.jpg)
Milagro TLS Library
The same protocol run interactively creates an authenticated key agreement between client & server or peer to peer
![Page 21: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/21.jpg)
21
Apache Milagro is Built for Internet of Things
Alice
are verified by independent
Identity Providers
Milagro Private Key
People / Apps / Things
secured with local Identity Factors
Something you have you know you are It is
to obtain key ‘shares’ from Distributed Trust
Authorities
![Page 22: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/22.jpg)
Milagro Ecosystem
DISTRIBUTED TRUST AUTHORITIES issue shares of keys in the identity of and to a Person /App /Thing
DISTRIBUTED TRUST AUTHORITIES register proof of existence / create verifiable audit trails on BLOCKCHAIN
PEOPLE / APP / THING REQUESTS SHARES OF KEYS FROM DISTRIBUTED TRUST AUTHORITIES
companycompanycompanycompany
xx xx-x-xx-x xx-x-xx-x xx-x-xx-x xx-x-xx-xxx xx-x-xx-x xx-x-xx-x xx-x-xx-xxx xx-x-xx-x xx-x-xx-x xx-x-xx-xxx xx-x-xx-x xx-x-xx-x
IDENTITY PROVIDERS vouch for the identity of people, apps, things to the distributed trust authorities
![Page 23: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/23.jpg)
Apache Milagro (incubating) Roadmap
23
Development of Ecosystem (2017)
• Multi-Factor Authentication for Web and Mobile (completed)
• Distributed Trust Authorities (independent keys): Milagro D-TA code, Milagro blockchain client
• Identity Providers: Miladro IdP code, Milagro blockchain client
• Internet Of Things: IoT SDKs
• Blockchain: Milagro Proxy for blockchain and IoT
Development of Enabling Protocols
• Milagro MFA mobile SDKs for iOS / Android (completed)
• Milagro 1-pass protocol for authentication and digital signature, released in Milagro MFA Mobile SDKs, Server and JavascriptClient
• OpenID Connect Web SDKs for Milagro MFA federation
Goal - To quickly and collaboratively enable an independent security paradigm that provides strong authentication and cybersecurity across the web, over the Internet of Things, or on
the Blockchain.
![Page 24: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/24.jpg)
![Page 25: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/25.jpg)
25
A Distributed Identity Based Cryptosystem for IoT and Blockchains
Blockchain Problem 1: Confidentiality and Transparency
Cryptocurrency transactions do not have enough privacy, nor the verification of identity, necessary to be compliant with banking regulatory requirements that deal with customer privacy and AML / KYC regulations.
![Page 26: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/26.jpg)
26
A Distributed Identity Based Cryptosystem for Blockchains
Blockchain Problem 2: Speed and Scalability
Cryptocurrency transactions by design can not be instantaneous. There is no way to create a capability to rival Visa’s transaction network on Bitcoin’s Blockchain (or any
Proof of Work based Blockchain) without modifying the protocol itself.
![Page 27: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/27.jpg)
27
A Distributed Identity Based Cryptosystem for Blockchains
Blockchain Solution: Apache Milagro provides confidentiality, identity integrity and instantaneous transactions for P.O.W. based cryptosystems
Among transaction participants, identity integrity is assured. Outside of the transaction, the transaction information is private.
Among all participants, the transaction is instantaneous, even if the underlying cryptocurrency is Proof of Work based.
![Page 28: Apache Milagro Presentation at ApacheCon Europe 2016](https://reader030.vdocument.in/reader030/viewer/2022032611/58836de21a28ab536b8b69ed/html5/thumbnails/28.jpg)
28
Apache Milagro: How it Works
D-TA 1
D-TA 2
D-TA 3
a) Distributed Trust Authorities are ‘anchored’ into the Blockchain and create a ‘partition’, which is a transaction ecosystem (merchant, vendor, individual, thing, etc.)
b) D-TA’s provide shares of ID based cryptographic keys (Milagro crypto tokens) to people, apps or things depending on ecosystem and use case within the partition.
c) Milagro tokens deliver identity integrity for participants within the partition (people, apps or things) and enable instant transactions within the partition.
d) Within the D-TA triangle, all transactions can meet KYC and AML requirements and are instant.e) Outside of the D-TA triangle, all transactions are confidential and appear uniform.