Cryptography

ENCRY presents a new interactive identification protocol aimed at controlling the access of selected users to various resources.

Close your eyes and imagine Nice, a luxurious estate whose extravagant owner throws epic parties with jazz and fireworks every weekend.

To attend such a party is a lot of the elite. Invitations are sent out in advance, and guests do not know the names of other invited persons. The owner of the estate, the mysterious Jay Gatsby, an eager luxury-lover, values ​​privacy so much that he is not ready to entrust the list of invitees to anyone, not even his buttress. Moreover, the owner of the estate would like the guests not to reveal their names when entering the property. After all, there may be the mayor of the city, or the chief prosecutor among them, and they would like to keep their visit secret. Unfortunately, the owner of the estate himself is so busy that he cannot independently check each guest at the entrance, especially since there are several access roads to his house. How could he solve this problem?

Blockchain is a decentralized technology that maintains a record of all transactions occurring over a peer-to-peer network. Due to Blockchain's several different high-level use cases, numerous industries described Blockchain as the 'magic beans.' 

Blockchains store the record in a decentralized system that is interconnected. This technology lessens vulnerability and enhances transparency in all industrial sectors as information is stored digitally, and it does not have any centralized point to carry out the transactions.

Do You Know?

What is this article about?

In this article, I will tell about my participation in the first (out of two so far) Telegram blockchain contest. I didn't win any prize. However, decided to combine and share the unique experience from the start to finish line, so my observations could help anyone who is interested.

Since I didn't want to write some abstract code, instead make something useful. I created instant lottery smart-contract and website which shows smart-contract data directly from Telegram Open Network (TON) avoiding transitional storage.

The article will be particularly useful for those, who want to write their first smart-contract in TON but has difficulties where to start.

Using the lottery smart-contract as an example, I will show the path from the environment set up till publication of the smart-contract and its interaction. Moreover, I will create a website that will show smart-contract data.

This is a full disclosure of recent backdoor integrated into DVR/NVR devices built on top of HiSilicon SoC with Xiaongmai firmware. Described vulnerability allows attacker to gain root shell access and full control of device. Full disclosure format for this report has been chosen due to lack of trust to vendor. Proof of concept code is presented below.

There are numerous benefits provided by blockchain technology for sports betting software. The nine key benefits are detailed below.

Security of Blockchain

When this technology is integrated into sports betting software, there is a permanent and unchangeable record in the transaction ledger providing transparency. Sportsbooks must be certain their betting data is delivered safely with all bets resolved correctly and quickly. This technology provides significantly better protection through the use of smart contracts. Decentralized actors handle the wagers with the smart contracts being executed automatically. Publicly written data cannot be altered. The complex system of the past is simplified and performed for much less than the traditional costs. Blockchain Development Services, Blockchain Solutions are paramount not only in sports betting but every aspect of the new business world. Blockchain technology experts integrate cryptocurrency payment solutions, program smart contracts, and engineer blockchain networks and apps.

This provides better protection, flawless bet execution, enhanced data security, and complete information transparency. The use of cryptocurrency significantly decreases the fees for payment processing. This reduces the margins for the sportsbook while offering players an increased chance to win. Once the bets have been resolved with a smart contract, the funds will be in the wallet of the better for almost immediate withdrawal. Any issues for even larger amounts are eliminated due to cryptocurrency payouts.

A couple of reader alerts:

In order to (somewhat) simplify the description process and tighten the volume of the article we are going to write, it is essential to make a significant remark and state the primary constraint right away — everything we are going to tell you today on the practical side of the problematics is viable only in terms of TLS 1.3. Meaning that while your ECDSA certificate would still work in TLS 1.2 if you wish it worked, providing backwards compatibility, the description of the actual handshake process, cipher suits and client-server benchmarks covers TLS 1.3 only. Of course, this does not relate to the mathematical description of algorithms behind modern encryption systems.

This article was written by neither a mathematician nor an engineer — although those helped to find a way around scary math and reviewed this article. Many thanks to Qrator Labs employees.

(Elliptic Curve) Diffie-Hellman (Ephemeral)

The Diffie–Hellman legacy in the 21 century

Of course, this has started with neither Diffie nor Hellman. But to provide a correct timeline, we need to point out main dates and events.

There were several major personas in the development of modern cryptography. Most notably, Alan Turing and Claud Shannon both laid an incredible amount of work over the field of theory of computation and information theory as well as general cryptanalysis, and both Diffie and Hellman, are officially credited for coming up with the idea of public-key (or so-called asymmetric) cryptography (although it is known that in the UK there were made serious advances in cryptography that stayed under secrecy for a very long time), making those two gentlemen pioneers.

In what exactly?

The practical means of applying public key cryptography to secure network communications were introduced by Loren Kohnfelder in his MIT S.B. (BSCSE) thesis written in May 1978. After that, the public key infrastructure (PKI) has gone through several iterations of changes and updates, but it still preserves its traditional methodology. PKI requires implicit trust from a single entity or entities chain called a certificate authority (CA). This approach has led to a breakdown in confidence. However, through the years, having one root entity to control the way public key certificates are issued has shown that it can cause major complications with transparency and security.

In this article, we will once again dive deeper into the problems of PKI and consider the solutions being developed that can overcome existing shortcomings.

Earlier, I have introduced the Ontology Smart Contract in
Part 1: Blockchain & Block API and
Part 2: Storage API
Part 3: Runtime API
Today, let’s talk about how to invoke an Ontology native smart contract through the Native API. One of the most typical functions of invoking native contract is asset transfer.

Introduction

Earlier, I have introduced the Ontology Smart Contract in
Part 1: Blockchain & Block API and
Part 2: Storage API
Now when you have an idea about how to call the relevant API for persistent storage when developing Python smart contract on Ontology, let’s go on to Runtime API (Contract Execution API). The Runtime API has 8 related APIs that provide common interfaces for contract execution and help developers get, convert, and validate data. Here’s a brief description of these 8 APIs:

Digital certificates are one of the most commonly known auxiliary tools that help protect data across public networks. However, the key disadvantage of this technology is also commonly known: users are forced to implicitly trust certification authorities which issue digital certificates. Andrey Chmora, Technology and Innovations Director at ENCRY, suggested a new approach for building a Public Key Infrastructure (PKI) to eliminate the existing disadvantages using the distributed ledger (blockchain) technology.
Let's begin with the basics.

There’s a problem we needed to address in the course of developing our games. It’s complicated to generate a random number in a distributed network. Almost all blockchains have already faced this issue. Indeed, in networks where there is no trust between anyone, the creation of a random number solves a wide range of problems.

In this article, we explain how we solved this problem for our games. The first of these was Waves Xmas Tree.

Hello, dear Habr users! This article is about Web 3.0 — the decentralized Internet. Web 3.0 introduces the concept of decentralization as the foundation of the modern Internet. Many computer systems and networks require security and decentralization features to meet their needs. A distributed registry using blockchain technology provides efficient solutions for decentralization.

From idea to implementation: modifying the existing elliptic curve signature scheme to be deterministic and providing functions on it to obtain verifiable within the blockchain pseudorandom numbers.