Universal P2P address book software using Namecoin

After having seen numerous social networks and blog hosts and personal website hosts go down over time and old accounts go abandoned, and after coming to the conclusion that the only method of long term addressing that seems secure and reliable has to be based on cryptographic public keys, I’ve thought up a type of address book software that would be independent of servers and yet could always stay up to date in sync, and work in a secure manner.

So lets introduce you to Namecoin. Some years ago a guy called Zooko, who is quite well known in the crypto community, minted the concept called Zooko’s triangle. The idea is that you could only have any two of three of globally unique nicknames, decentralization and rememberability. What he and most of the rest of the world at that point wasn’t yet aware of that you could achieve all three if only you can acheive a global concensus following the same set of rules. And the first system to achieve just that was Bitcoin, which uses a blockchain and proof-of-work to achieve a secure global consensus, used to establish ownership and transfers of tokens of value. And so a few years later Namecoin was born, in which anybody can register names of various types and assign data to them, and where each name only can be registered once, and where the entry owner (the first to register it) can use the same public key he used to register it in order to update it through digital signatures.

So what does that have to do with our address book software? Easy – in order to add your friends to your friend list you do NOT have to enter or remember or verify a long string of random characters (a public key) or trust a server to give you the correct key (GPG key servers, Facebook, blogs) while the username still can be unique. So when you want to add your friend all you need is his nickname, no different than what you’re used to when following somebody on Twitter, Tumbler, Facebook or Reddit or anywhere else. And you do not have to worry about any service shutting down, because the Namecoin blockchain is global and maintained by thousands of “miners” who adds more and more proof-of-work to the chain over time, for numerous reasons. So once you have registered your username, your friends can come back 20 years later and it will still be there, and you will still be able to update it.

So basically, the address book software would be a piece of software that holds a list of the Namecoin registered nicknames of your friends, and which on a regular basis fetches the latest data from the blockchain to look for updates from your friends. The file with this list of yours could also easily be synced between your devices, such as your laptop and phone, etc. This way you ALWAYS know which blog they’re currently using, their current email, which social media they use, etc, and can always contact them, and you won’t be affected by any servers going down. All the data wouldn’t have to be stored in the blockchain either, just an address to a place to fetch your full profile data, and the data there could be signed by the same key used to create the Namecoin registration so that the data can be authenticated (if the data is modified, the signature won’t validate).

(More updates coming later)

Bitcoin idea: Temporary notarized wallets – Secure zero-confirmation payments using temporary notarized P2SH multisignature wallets

One of the current problems with Bitcoin in physical commerce (payments in stores) is that due to how it solves the doublespend problem, which other decentralized digital currencies have had major issues with, means that unverified transactions are verified on average every 10 minutes through being included in the blockchain. Before a transaction is included in the blockchain it isn’t yet set in stone, and might not end up verified. That means that for transactions over a few dollars where you want to be able to finish the transaction in just seconds, the seller end up having to accept a transaction that where the buyer has a chance of invalidating your payment through pulling of a doublespend within that timeframe of up to 10 minutes on average, since nothing stops him from creating dozens of more transactions spending the same money up until one of them is included in the blockchain.

To be able to process transactions faster and not have to risk having the payment invalidated through the buyer trying to spend the same money in multiple places, some are relying on “green addresses”, which essentially are centralized services that hold the money of the users for them and imitates banks and credit card companies. They are trusted to not sign multiple transactions trying to spend the same money. This requires that you trust these companies to keep your money secure from hackers, and that they won’t run away with them or put restrictions on how you can use it.

Fortunately that’s a problem that also can be avoided using some of Bitcoin’s lesser known features. Bitcoin already supports multisignature payments (multisig transactions) where the transaction only is valid if for example 2 of 3 chosen people have cryptographically signed the transaction. It also supports something called P2SH addresses. Normal addresses are just hashes of public keys from ECDSA sep256k1 cryptographic keypairs, and spending from a normal address requires creating a valid signature of the transaction using the private key that belongs to the public keys. That proves you have the authority to spend the coins. But P2SH addresses are hashes of scripts (“pay to script hash”), which means that to spend money from them you have to provide an input to the script in question that the script accepts, otherwise it’s invalid and won’t be accepted. One example could be to create a script that accepts payouts only to certain addresses, meaning that you only can issue payments from that P2SH address to those specific predetermined addresses. Another thing you can do is to set time limits, so that the coins can’t be spent until a certain time has passed. You can also do far more advanced things, but I won’t go into that now.

So how would we use P2SH to solve the zero-confirmation problem without trusting others with our money? You can do it by reducing the the “green address” companies to notaries. You can create a P2SH address created from a script that for the next 24 hours ONLY allows you to spend money from it if you AND a trusted notary have signed the transaction. After that period you can always send it back to your regular wallet without a signature from the notary (and this means that your money won’t be lost if the notary suddenly closes shop).

The notaries replaces green addresses, and the only job they have to do is to keep track of what transactions they have signed, and only sign transactions that attempts to spend money that no previous transaction has tried to spend.

Now, within that time frame, the merchants can see that the transactions have been signed by a trusted notary, which means they can be confident that NO OTHER transaction will be signed before the first transaction is set in stone in the blockchain, and thus the doublespend problem is essentially eliminated.

Proving that a notary is malicious is trivial – you only need to keep the transactions sent to you, and if one is invalidated to a doublespend it means that they signed two transactions claiming the same money, and then all you have to do is to show the world the two transactions at once with the two valid signatures from that one notary. From that point on the notary will no longer be trusted, and a subscription service that all merchants and clients use could distribute this proof of malice across the globe in seconds, which makes it nearly impossible for a notary to profit from malice through doublespends.

All a user have to do to create such a P2SH address is to use a wallet client that can create it from a template script, where the user only has to tell the client how much money they want to send to the temporary notarized wallet. If the merchant for some reason would only trust notaries that you haven’t listed in your wallet client, you could simply tell your wallet client to use it through scanning a Qr code as you enter the store (which still means it’s only two simple steps, scan the code and enter a sum of money), which works perfectly fine if you know you’re going to be in there for about 10 minutes or more as the transaction to your temporary notarized wallet likely will be set in stone before you go to pay for the goods. In supermarkets and similiar settings, many merchants could agree on the same list of notaries, so you could create this temporary wallet in advance or right away as you enter the building. And the best of all is that the users aren’t put at significant risk if the notary would be malicious, as the worst they can do is to refuse to sign your transactions for that 24 hour period. You’ll still be able to spend your money as usual afterwards.

The discussion threads on Reddit and Bitcointalk:



Update: There’s a new service that implements a variant of this. https://greenaddress.it is a wallet service that uses multisignature P2SH addresses (based on a deterministic seed for improved privacy), and which offers automatic nLockTime expiration for the multisig requirement for your coins, so that even if the service goes down you can recover your coins. Not exactly what I envisioned, but quite close (I would prefer to have a wallet that allow you to select what notary service to use).

Edited 2015-01-28: This scheme has now been improved upon by others in a version using two chained 2-of-2 multisignature transactions using collateral to assure the risk for the merchant is minimized (although this scheme is currently at risk of transaction malleability that could invalidate the collateral transaction, but hopefully that will be fixed sometime soon).

Link: https://github.com/baleato/bitcoin-hackathon

Edited 2020-11-09: found another related older post, a reference to “time limited transactions”; here Bytecoin describes a transaction that only can be claimed by the recipient until a later time when the block number reaches a certain value, after that the payer can take it back if not yet redeemed.


What I want in a smartwatch

With the smartwatch trend just starting, there’s a lot of interesting new things showing up now. The new devices includes the Pebble, Qualcomm Toq, Agent, Galaxy Gear, Metawatch, i’m Watch, Sony Smartwatch and their previous LiveView, and many more. I find these devices fascinating, and I hope that it really isn’t just a temporary fad that will pass since I think there’s quite a few things they could to that would be useful. So I’m going to write down what I’m looking for in a smartwatch, and explain what I think about the devices that are in the market now or coming soon. What I really hope is that somebody will release a smartwatch that simply gets it right, and that won’t just die out and be forgotten in a month, and I think that what I’m going to list here will be some of the things that will decide if a smartwatch will succeed or fail.

One thing that is more important than ever for these devices are the interface. You can’t have too many buttons, you can’t have a touchscreen-only interface with a bunch of on-screen buttons (too hard to aim right, and you’ll cover the interface with your fingers), you can’t have a screen too small, you can’t have a screen too big, the buttons must be easy to press at all times (I’ve experienced watches with buttons you can’t access from certain common angles), the screen can’t really be curved (can be too hard to read) which can make it harder to design something that fits well, the watch can’t be too thick (so the electronics are very limited), etc…

As for the hardware, some of the things I want is a battery that lasts at least a full week (in combination with wireless charging such as with Qi), straps that can be replaced (and you should be able to put a clip instead of straps on it, if you want it somewhere else than on your arm), waterproof and minimal bezel. Maybe even a flashlight LED, but that’s probably a bit too much.

The basic look and interface I want is something that looks like Sony’s Smartwatch and LiveView, with something around a 2″ touchscreen, decent screen resolution, a capacitive “slider” below the screen like the volume control that Sony’s Bluetooth headset SE MW600 has which lets you feel approximately where along it your finger is and how far you’re moving it, and I’d want 3 buttons just below that “slider”. Most interactions would be composed of scrolling through the options with the slider, selecting options with the buttons and using swipes on the screen to bring up additional options. Basic text input could be performed with the slider by selecting groups of characters through sliding your finger left/right over it and picking a character from the visible group with the buttons and/or the screen (if somebody else can come up with a better suggestion, please explain it in the comments below).

I would absolutely NOT want a LED notification light, my phone’s LED is bothering me enough the few times I have it on my desk with unread notifications. What I’d rather want it to have is custom vibration patterns for different types of notifications so I know what kind of messages it is I haven’t read yet, and a screen that can be always on (like e-paper screens and the refractive Mirasol screen that Qualcomm developed) so that I can glance over it quickly. An optional feature could be to let the notification-dependent vibration patterns repeat if you shake the watch, so you don’t have to look at the screen to know if it’s a call or an email that you missed (like how phone LED:s can show different colors for different notifications).

One of the major things I want from a smartwatch is being able to work as a remote control. This both means controlling my phone over Bluetooth as well as controlling my TV via IR and really anything else via my phone’s network connection. I want music controls, I want to be able to mute my TV with it when there’s an incoming call, I want to be able to lock my laptop with it when I’m walking away from it, I want to be able to unlock my door with it, and much more. Via my smartphone I could trigger tasks in the app Tasker to do just about anything, including turning my lights and stereo on/off if I’ve got a home automation device or changing the profile on my phone to turn off the sound and switch wallpaper, or just about anything else.

Connectivity is also one of the most important part for a device like this. Since battery life is so important (and since a separate cell phone contract for it would be too expensive in many places), it will really have to depend on another device for internet connectivity and more. But it should still be able to work stand-alone. I don’t really see a need for it to have WiFi, since you’re going to want to use it wherever you want, and most places don’t actually have a WiFi network you can use. Chances are that Bluetooth tethering will be the best choice in most cases. You’re likely going to have your phone directly connected to the internet more often the watch (and the watch would likely not have as good antennas as the phone anyway). But what other kinds of connectivity would be useful in a smartwatch? I’ve already mentioned IR (and I’m hoping for full IrDA support which will be fast enough for small data exchanges over small distances without having to touch anything), but two things that really would be great is NFC and something that’s mostly unknown, often called electric field modulation or body area network (BAN) or personal area network (PAN). This type of wireless communication technology modifies the electric field of the body (that field is what makes half of all FM radios go crazy when you touch them) in order to send signals to objects you touch. And one of the more awesome things it can do is to act as a key, unlocking the door when you touch it’s handle, unlock your phone when you pick it up, unlock your laptop when you put your hands on it, and it can also let you exchange contact details when you shake hands, and much more. And NFC would mostly be used to link the smartwatch to all the devices such as smartphones already equipped with NFC, which makes pairing it easy (just let the devices touch and press a button on both to accept).

The kind of information I’d want to see on the screen is summaries of notifications (who called, how many unread emails are there, are there important news headlines, etc), who’s currently calling, unread text messages, music controls, and information from various phone apps. That info could be just about anything, including sports scores, game stats, comments on my blog, Reddit replies, and more. It would also be awesome in combination with navigation apps, with a compass + gyro + accelerometer combo you could put your phone back down in your pocket and let the smartwatch show you arrows for where to go and how many meters there are to the next turn, and other simple instructions – this would be amazing for everybody on a bike who sometimes have to rely on a map and be forced to stop to check it or wobble ahead with a paper map or their phone in their hands. Being able to use it for shopping checklists (and not have to unlock the phone every 3 minutes) would also be incredibly convenient, as well as using it for voice memos.

This thing would also be useful for two-factor authentication. If you’ve used the Google Authenticator app or one of those security tokens / one-time code dongles, you know what I’m talking about – let the device generate a one-time code based on a secret key, and enter that code on your computer (or smartphone app) to log in. In combination with a PIN on the smartwatch to be able to unlock the two-factor app, this would raise the security far above what most people currently are using to log in. Today most people are using passwords that are easy to guess, and even the hardest passwords are often snatched by spyware on the computer. With a PIN protected smartwatch, it’s faaar harder for an attacker to take control of your accounts.

The possibilities are endless, you just need to be a little creative to see them.

I have a lot more ideas and will update this post with them later on, but for now this will do.

Does Google Glass spell the end for mechanical lock security?

Here’s an interesting thought – the most widely used security system on earth might go down in flames this year because of a certain category of devices becoming much more common – personal cameras directly connected to computers, that can record things 24/7.

So what exactly is the big problem?

Most keys can be replicated from a single photo. So if your keyring ever end up in the viewpoint of somebody who uses Google Glass (or any other camera device that can capture images constantly), then most of your keys can be replicated in a matter of minutes.

To really show you what the problem is, some animations of how mechanical locks can help you to understand why avoiding it is hard.

Here is one video for one lock type; http://vimeo.com/20193459

And an animation of the most common type: http://1.asset.soup.io/asset/4011/5537_0d02.gif

As you can see very clearly, it is the outside of the keys that interact with the inside of the locks. And this outside can be caught on picture by all these cameras. So, how well can keys be reconstructed from photos? If it is hard, this isn’t much of a problem, right?

“Child’s play”. That easy. Source: http://www.guardian.co.uk/science/2008/nov/14/key-photograph-key-cutting

Edit: Original source: http://vision.ucsd.edu/~blaxton/sneakey.html

A pair of Google Glass, linked to a CNC machine that can cut out keys from a metal block, or even just a 3D printer that use plastic, is enough to quickly copy keys with minimal effort. Add image recognition directly in the glasses that even instructs you how to get a good view of the keys, and the user don’t even have to puch any buttons anymore, he just has to turn his head right.

So what can we do?

There are still a few types of lock types that in theory could be mostly safe. Round keys, that looks like hollow cylinders (if the key pattern is on the inside), could be safe from cameras, simply because it is hard to get a photo from the right angle and with the right light to replicate it. But due to how these locks are designed mechanically, they are often easy to “lock pick”, so you can unlock them without any key.

Then we have the digital locks. RFID locks (too many of these are insecure, Mifare RFID cards and others can be replicated, but some are secure), biometry (incredibly insecure in most cases, most types REQUIRES trained armed guards to be secure against “spoofing”), smartcards (generally pretty secure) and some more. The problem with many of them is that they are hard to use, run on batteries or stops working when there’s a blackout.

Whatever we switch to must be easy to use and work reliably and securely. Personally I am biased towards digital locks, but I know there are plenty of obstacles before we can use them everywhere.

Some thoughts about steganography

Here’s a steganography method I’ve been thinking about today: 

Let’s say you have plaintext A to hide. You have something to hide it in, we’ll call it medium B (preferably lossy, but hiding it in audio WAV audio files works just fine while JPG images often might be preferred).
You generate key C to protect it. You do this by picking a strong password and running this trough a one-way checksum generator. SHA256 is a good choice if you’re going to use AES with 256 bit encryption.
If A is a text file, you should compress it. Bzip2 is a good choice, IMHO. Then you encrypt it with key C and a symmetric encryption algorithm like AES, giving you the ciphertext.
Then you generate an error correction code for the encrypted data becaue it makes it a bit more resistant against modifications.
Then you encrypt the error correction code with the same key C. (Yes, this means that if there’s damage to the error correction code in the image you have lost the ability to get easy verification.)
Now you append the the encrypted error correction code to the ciphertext.
This is then hidden in your medium B using key C as a key, once again. Yes, this means that if you use a poor steganography algorithm that the key can be extracted from if all you got is the medium, then your encryption method is broken too. 

When extracting the data you use the same key C to get the ciphertext and encrypted error correction code. Then you decrypt the error correction code and verify the ciphertext. Then you decrypt the ciphertext and get the hidden data. 

If you used an encryption algorithm that does not have a “waterfall effect” on the error correction data, you would not loose the entire error correction data due to a small error in it.
(This would mean not using AES, but potentially just XOR:ing the error correction data with the key. Beware of any encryption method that is weak to cryptoanalysis! Also, beware of steganography methods that let attackers calculate your key!)
If using an encryption method where bits are encrypted one by one or only in small chunks that doesn’t effect the rest of the encrypted data, it could allow a JPG image to be recompressed and the data would be recoverable, despite being encrypted and seemingly random to begin with. Depending on the sixe of the image and the data, the data could survive almost unimaginable alterations. With 1000% error correction data (10 bits of reduntant data for every bit of actual data – Qr codes use 30%, 3 extra bits per 10 bits of data) and a 20 megapixel image, a couple of lines of text could easily be hidden and survive many recompressions and alterations. The data could potentially be recoverable if you printed the picture and took a photo of it and then tried to recover the data from that.
Encrypting the error correction code prevents an attacker from being able to easily confirm if he has found the hidden ciphertext or not in an image. 

So what’s the point with all this? Nothing, really. It’s just interesting to me. I’d like to try implementing this myself some day (with existing algorithms of course, sine I’m lazy ;).
It would be fun to print an image and take a photo of it and still be able to recover he hidden data.

Turning Torso photo


I really wish I had a better camera. Maybe a Nokia N8 (those phones have amazing cameras). I should get a proper quality camera some day. I know I can find some pretty good angles for photos, but with the cameras I have access to it's rarely worth it.

– Sent from my phone

Quick review: Tesla Plushies (Android game)

There you have the intro video for this fun and challenging Android game. I have beaten all levels except level hard #13. It often takes several tries to figure out how to make the plushies behave the way you want.

Once you have learned the game physics it becomes more of a fun challenge and spare time killer then a plain frustrating time waster.

If you have an Android, try it out now!


Quick Mirror’s Edge review

Mirror’s Edge is one of those great games that faaar to few people understand and appreciate. I recently found the game for 99 SEK, so I bought it and I loved it.

It is fun to play it a second time when you have learned how you play it. Everything goes much faster the second time, and you also find a lot of new paths and learn how to reach some of the paths you never thought you’d reach.

Like when you find out how to run right past by some cops in 5 seconds when it used to take over a minute to beat them up (one by one as always) or you’d got shot down.

Wall running and big jumps are always fun, which ME has a lot of. :)

Unfortunately my computer crashed recently, so I can’t give you any of my screen shots.

%d bloggers like this: