• PKI Decentralization: Proposed Approaches to Security Improvement

      After introduction at the dawn of the Internet, public key infrastructure (PKI) has gone through several iterations of changes and updates, but it still remains the traditional methodology for encrypting data and securing communication. PKI supports privacy and protection of data communication between browsers and servers, but it requires implicit trust from a single entity or entities chain called a certificate authority (CA) which has led to a breakdown in confidence. Through the years, having one root entity to control the way private keys are issued to the public has showed that it can cause major complications with transparency and security.

      In this article, we will once again dive deeper into the problems of the current system and consider the solutions being developed that can overcome existing shortcomings.
      Read more →
    • Tutorial For Creating Blockchain Solution on Hyperledger Composer



        Due to modern business demands, IBM joined hands with other companies to develop an open-source business blockchain network called Hyperledger Fabric project that is touching the sky. Due to modular architecture, digital keys, and on-demand data retrieval, hyperledger fabric is regarded as the base for the world’s future modular architecture blockchain-based apps. Further benefits of Hyperledger Fabric are given below to facilitate your interpretation.
        Read more →
      • DPKI: Addressing the Disadvantages of Centralized PKI by Means of Blockchain



          Digital certificates are one of the most commonly known auxiliary tools that help protect data across public networks. However, the key disadvantage of this technology is also commonly known: users are forced to implicitly trust certification authorities which issue digital certificates. Andrey Chmora, Technology and Innovations Director at ENCRY, suggested a new approach for building a Public Key Infrastructure (PKI) to eliminate the existing disadvantages using the distributed ledger (blockchain) technology.
          Let's begin with the basics.
          Read more →
        • 2019 National Internet Segments Reliability Research & Report



            This report explains how the outage of a single AS can affect the connectivity of the impacted region with the rest of the world, especially when it is the dominant ISP on the market. Internet connectivity at the network level is driven by interaction between autonomous systems (AS’s). As the number of alternate routes between AS’s increases, so goes the fault-resistance and stability of the internet across the network. Although some paths inevitably become more important than others, establishing as many alternate routes as possible is the only viable way to ensure an adequately robust system.

            The global connectivity of any AS, regardless of whether it is a minor provider or an international giant, depends on the quantity and quality of its paths to Tier-1 ISPs. Usually, Tier-1 implies an international company offering global IP transit service over connections to other Tier-1 providers. But there is no guarantee that such connectivity will be maintained. Only the market can motivate them to peer with other Tier-1’s to deliver the highest quality service. Is that enough? We explore this question in the IPv6 section below. For many ISPs at all levels, losing connection to just one Tier-1 peer would likely render them unreachable in some parts of the world.

            Measuring Internet Reliability


            Let’s examine a case where an AS experiences significant network degradation. We want to answer the following question: “How many AS’s in the region would lose connectivity with Tier-1 operators and their global availability along with it?”
            Read more →
          • Blockchain RSA-based random

              There’s a problem we needed to address in the course of developing our games. It’s complicated to generate a random number in a distributed network. Almost all blockchains have already faced this issue. Indeed, in networks where there is no trust between anyone, the creation of a random number solves a wide range of problems.

              In this article, we explain how we solved this problem for our games. The first of these was Waves Xmas Tree.



              Read more →
            • AdBlock has stolen the banner, but banners are not teeth — they will be back

              More
              Ads
            • Long journey to Tox-rs. Part 1

                Tox logo

                Hi everyone!


                I like Tox and respect the participants of this project and their work. In an effort to help Tox developers and users, I looked into the code and noticed potential problems that could lead to a false sense of security. Since I originally published this article in 2016 (in Russian), many improvements have been made to Tox, and I lead a team that re-wrote secure Tox software from scratch using the Rust programming language (check out Tox-rs). I DO recommend using tox in 2019. Let's take a look what actually made us rewrite Tox in Rust.


                Original article of 2016


                There is an unhealthy tendency to overestimate the security of E2E systems only on the basis that they are E2E. I will present objective facts supplemented with my own comments for you to draw your own conclusions.


                Spoiler: The Tox developers agree with my points and my source code pull request was accepted.

                Here go facts:
              • How to make possible micro-payments in your app

                This week I spent coding my very first public pet-app based on Telegram chat bot which acts as a Bitcoin wallet and allows to send and receive tips between Telegram users and other so-called “Lightning Apps”. I assume that you are familiar with Bitcoin & Telegram in general, i’ll try to post short and without deep jump into details. More resources about Bitcoin can be found here and Telegram is simply an instant messenger that allows you to create your custom apps (chat-bots) using their platform.


                What are the key points of such app?


                • Allows to rate other users ideas and answers with real value instead of
                  ‘virtual likes’. This brings online conversation to completely new level
                • Real example of working micro-payment app which can act with other entities
                  over internet using open protocol
                • All the modules are open-source projects and can be easy re-used and adjusted
                  for your own project. App does not relay on third-party commercial services.
                  Even it falls under e-commerce field, which is currently almost closed, the app
                  is based on open solutions.

                What are the use-cases?


                something like this…

                image
                Read more →
              • «Non-Blockchain Games Involving Money Must Die»



                  Dmitry Pichulin, known under the nick «deemru», won the game Fhloston Paradise, developed by Tradisys on the Waves blockchain.

                  The winner of Fhloston Paradise was supposed to be the player paying the very last stake during a 60-block period, before any other player could pay their stake and reset the counter to zero. The winner would collect all stakes paid by other players.

                  Dmitry's winning recipe was the bot Patrollo, which he created. The bot paid just eight 1 WAVES stakes for Dmitry and eventually won him 4,700 WAVES ($13,100). In this interview, Dmitry discusses his bot and prospects of blockchain games.

                  Read more →
                • You Do Not Need Blockchain: Eight Well-Known Use Cases And Why They Do Not Work

                    image


                    People are resorting to blockchain for all kinds of reasons these days. Ever since I started doing smart contract security audits in mid-2017, I’ve seen it all. A special category of cases is ‘blockchain use’ that seems logical and beneficial, but actually contains a problem that then spreads from one startup to another. I am going to give some examples of such problems and ineffective solutions so that you (developer/customer/investor) know what to do when somebody offers you to use blockchain this way.


                    Disclaimers


                    • The described use cases and problems occur at the initial stage. I am not saying these problems are impossible to solve. However, it is important to understand which solutions system creators offer for particular problems.
                    • Even though the term ‘blockchain use’ looks strange and I am not sure that blockchain can be used for anything other than money (Bitcoin), I am going to use it without quotes.

                    1. Supply chain management


                    Let’s say you ordered some goods, and a carrier guarantees to maintain certain transportation conditions, such as keeping your goods cold. A proposed solution is to install a sensor in a truck that will monitor fridge temperature and regularly transmit the data to the blockchain. This way, you can make sure that the promised conditions are met along the entire route.

                    Read more →