Scroda busts the myth that public-key cryptography on the blockchain is more secure
Many blockchain users belive that the Public-key Cryptography that is used in blockchain is more secure than symmetric cryptography, which is false.
This is known as asymmetric cryptography, as it depends on a pair of keys linked together by cryptography. It is more secure than symmetric cryptography, where both sender and recipient use the same key.[1]
In all reality commonly used public-key cryptography is much weaker than symmetric encryption
Public-key cryptography, however, poses a much bigger problem, because of how the math works. The algorithms that are popular today, RSA, Diffie-Hellman and elliptic curve, all make it possible to start with a public key and mathematically compute the private key without trying all the possibilities[2]
While at the same time being restricted to a painfully slow verification process.
Still, elliptic curve signatures’ historically slow verification has kept these signatures out of protocols such as DNSSEC (though a draft is in progress [20]), and still makes them a difficult choice for less powerful systems such as embedded devices and smart phones[3]
So why do blockchains utilize public-key cryptography?
Well it can be said that the reason blockchains utilize public-key cryptography is because of the ease of being able to publicly transmit the public key along with the payment without having to worry about anyone with unauthorized access intercepting such payment by not having to publicly reveal the private key. When in comparison through the use of symmetric cryptography a extra security layer would have to be in place to prevent any malicious actors from intercepting payments on the network.
In this case, the key itself must also be transmitted along with the payment, which means an additional layer of security would be needed to protect the key.[1]
What solutions have been attempted before?
Bitcoin Core has attempted to find a better solution through implementing a ZKCP Protocol in where users transact in a
private, scalable, secure, and which doesn’t require trusting anyone[4]
So how does ZKCP work?
The buyer performs the trusted setup for the proof system and sends the resulting setup information over to the seller.
The seller picks a random encryption key and encrypts the information the buyer wishes to buy.
Using the ZKP system, the seller proves a composite statement:
Ex is an encryption of an input that satisfies the Buyer’s program.
Y is the sha256 hash of the decryption key for Ex.
The seller sends Ex, Y, the proof, and his pubkey to the buyer. Once the buyer’s computer verifies the proof, the buyer knows that if he learns the input to SHA256 that yields hash Y, he can decrypt his answer.[4]
In which requires a back-and-forth conversation between the seller and buyer just so that the buyer can learn the answer to decrypt such message thus causing major drawbacks in this protocol.
To avoid tying up the buyer’s funds forever, if the seller does not collect his payment within (e.g.) a day the buyer can reclaim the payment. As a result, when the seller collects his payment he is forced to reveal the information that the buyer needs in order to decrypt the answer. If he doesn’t, the buyer gets his funds back.[4]
What are the restrictions present in the ZKCP Protocol?
There are two primary restrictions of this approach. First, that it is interactive: the buyer can’t simply make a broadcast offer and have any interested seller accept the payment without back and forth communication. And second, that the ZKP system, while fast enough to be practical, is still not very fast.[4]
What is Scroda’s solution?
Plain and simple the answer is Two-Factor Proof-of-Knowledge, which allows secret keys to be safely transmitted on the Scroda Network in a sequence like manner.
In cryptography, a proof of knowledge is an interactive proof in which the prover succeeds in ‘convincing’ a verifier that the prover knows something.[5]
The formulas above is what is used in the Scroda network but might be a bit confusing for users who do not know what is going on so let’s break it down in order to provide a more user friendly explanation.
Taking a look we see that we have two equations in which are needing to be solved, we would have to take into account that Z is considered the user’s address and whoever prove’s to have knowledge of the answer is to be considered the rightful owner of such address.
Now you may be wondering what X+E=Y is for, to put it shortly it is to protect the sender from malicious actors. Let’s take a scenario where Alice send’s Bob some SCR, if we where to solely use a One-Factor Proof-of-Knowledge Protocol then Bob would send Alice Y=Z which is his address plus one part of the solution in which solves the problem to get to Z.
Once obtaining the following information from Bob, Alice would have to publicly provide the answer X to verificate the solution to get to her Z and prove ownership of her funds. In such a case Alice would have to trust that the Network Validators that transmit her transaction do not modify the transaction to just include their Z and not Bob’s as the validators now have knowledge of her X.
In order to prevent such attack we would have to take note of how Alice uses the Two-Factor Proof of Knowledge Protocol in order to safely send a payment to Bob and ensure that no malicious validators can modify the transaction to their advantage.
Taking a look above we can notice that X plays a important role in order to verify both problems, so we take this to our advantage by revealing it last.
Alice upon joining the Scroda Network provides E and Z in which Z pertains to her address in which she receives some freshly minted coins from the network, Alice now wishes to send Bob some SCR in which she has in her possession and provides the network with Y thus being one step closer in being able to prove ownership of her Z still she utilizes this to her advantage and while having provided her Y attaches along Bob’s E and Z in which she tells the network that she is preparing to send a transaction to Bob thus being sent to the mempool, after Alice confirms that the network has accepted her transaction on the Mempool she is now able to succesfully reveal X without having to worry of any malicious actors trying to use the fact that she revealed X to her advantage.
Conclusion:
Through the use of Scroda’s Two-Factor Proof-of-Knowledge, the network benefits from faster verification time on transactions in a private, scalable, and secure quantum-proof manner in which doesn’t require the need to trust anyone such as ZKCP tried to achieve, still without the drawbacks of needing back and forth communication from the seller and buyer as the buyer is only to provide the seller with E and Z while holding the knowledge of the answer for the two missing factors X and Y
Reference List:
[1]https://jaxenter.com/cryptographic-hashing-secure-blockchain-149464.html
[2]http://theconversation.com/is-quantum-computing-a-cybersecurity-threat-107411
[3]https://eprint.iacr.org/2012/309.pdf
[4]https://bitcoincore.org/en/2016/02/26/zero-knowledge-contingent-payments-announcement/
