commit 557c394716842e042661635acb7e9bbf6c2ed5ca Author: Jaromil Date: Mon Nov 12 10:08:51 2018 +0100 initiali import diff --git a/config.zsh b/config.zsh new file mode 100644 index 0000000..e08af85 --- /dev/null +++ b/config.zsh @@ -0,0 +1,38 @@ +# Writedown +# generic configuration defaults for rendered files +# to render, put the writedown directory here +# see: https://github.com/dyne/writedown + +WRITEDOWN_TITLE="D3.6 Smart Rules implementation, Evaluation of Prototypes and integration" +WRITEDOWN_AUTHOR="Denis Roio" +WRITEDOWN_AFFILIATION="Dyne.org Foundation" +WRITEDOWN_DATE="November 2018" +WRITEDOWN_TAGS="[language, DSL, crypto, integration, smart-contract]" + +# number for each section +WRITEDOWN_NRSEC=yes +# table of contents +WRITEDOWN_TOC=yes +# bibliographic citation style (see writedown/citstyle) +WRITEDOWN_CITSTYLE=harvard-kings-college-london +# font size +WRITEDOWN_FONTSIZE=14pt +# bibtex file for bibliographic sources +# WRITEDOWN_BIB=./views/references.bib +# latex template (header and footer) +#WRITEDOWN_LATEX_TEMPLATE=/usr/share/pandoc/data/templates/latex.tex + +WRITEDOWN_INPUT=gfm + +# different formats as supported by pandoc. +# to activate uncomment and fill, then use dash (-) as first argument +# i.e: ./writedown/render - +# WRITEDOWN_OUTPUT_FORMAT=epub +# WRITEDOWN_OUTPUT_EXTENSION=epub + +# default pandoc base command +# WRITEDOWN_PANDOC="pandoc --smart --standalone -f markdown + +# Experimental features are commented below + +# WRITEDOWN_ZOTERO="no" diff --git a/views/abstract.txt b/views/abstract.txt new file mode 100644 index 0000000..1b37687 --- /dev/null +++ b/views/abstract.txt @@ -0,0 +1 @@ +Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. diff --git a/views/auto/references.el b/views/auto/references.el new file mode 100644 index 0000000..db503d1 --- /dev/null +++ b/views/auto/references.el @@ -0,0 +1,10 @@ +(TeX-add-style-hook + "references" + (lambda () + (LaTeX-add-bibitems + "Ascott_1990" + "Diakopoulos_2016" + "Sassen_sovereignty" + "standing2014Monico")) + :bibtex) + diff --git a/views/ecqv.png b/views/ecqv.png new file mode 100644 index 0000000..5110fdc Binary files /dev/null and b/views/ecqv.png differ diff --git a/views/implicit_certificate.md b/views/implicit_certificate.md new file mode 100644 index 0000000..6b18af2 --- /dev/null +++ b/views/implicit_certificate.md @@ -0,0 +1,133 @@ +# Implicit Certificate + +This section will illustrate a Zencode implementation of the Elliptic Curve Qu-Vanstone implicit certificate scheme (ECQV) as described by the Standards for Efficient Cryptography 4 (SEC4, 2014). + +> The ECQV implicit certificate scheme is intended as a general purpose certificate scheme for applications within computer and communications systems. It is particularly well suited for application environments where resources such as bandwidth, computing power and storage are limited. ECQV provides a more efficient alternative to traditional certificates. + +The ECQV is identifiable as a simple yet important building block within DECODE, as it permits the efficient creation of certiciates that contain only the public reconstruction data instead of the subject’s public key and the CA’s signature, also resulting into a smaller payload than traditional certificates. + +ECQV relates well to those DECODE pilots in need to authenticate participants according to signed credentials, where the issuance of a public key is subject to the verification of certain conditions by a Certificate Authority (CA) capable of verifying and signing those conditions. This scenarios applies well to the pilot experimentations ongoing in Amsterdam for the DECODE project, where a certificate (and a keypair) is issued based on attributes that are certified by the municipal register and then used for authentication procedures operated by third parties and based on those attributes. + +The limit of this implementation is the lack of decentralization, a problem that will be solved by the Coconut [cit] implementation in Zencode language, which is still a work in progress. + +## Differences with traditional certificates + +To justify the implementation and adoption of ECQV in place of traditional certificates, here are quickly listed three salient characteristcs, closely referring to the documentation offered by the SEC4-1.0 document. + +With traditional certificates, when an entity U requests a traditional certificate for a public key, U should prove to the CA it knows the corresponding private key. This is to prevent U from choosing an arbitrary public key, that may already belong to another user, and have it certified. This situation is clearly undesirable (and may even lead to security problems). With implicit certificates this proof is unnecessary, as there is no public key before the certificate is issued. Further, U has no control over the final value of his public key, due to the CA’s contribution, making it impossible for U to cause the confusion described above. + +Unlike traditional certificates, an implicit certificate does not contain a digital signature. In fact, one could simply choose an arbitrary identity I and a random value to form a certificate. Together with the public key of a CA, this generates a public key for the entity identified by I. However, if one constructs an implicit certificate in such a way, i.e., without interacting with the CA, it is infeasible to compute the private key that corresponds to the public key generated by the certificate. + +Another difference between traditional certificates and implicit certificates is that when presented with a valid traditional certificate, one knows that the certificate belongs to someone. A valid certificate containing the certificate data string IU is a proof that the CA signed this certificate for U , and also that U knows the private key corresponding to the public key included in the certificate. One does not have this guarantee with implicit certificates, satisfying certain privacy conditions made evident by the GDPR. + +## Zencode Implementation + +This section will demonstrate the Zencode implementation in four +steps, covering all the transformations into a human-readable language +from the mathematical formula to the implementation capable of being +executed in the Zenroom VM without any external dependency. + +The first step is the mathematical formula for ECQV as explained in +the SEC4 document. + +![Mathematical formulation of the ECQV implicit certificate scheme](ecqv.png) + +The second step is the implementation of this formula into the machine +language executed by the Zenroom VM (a dialect of LUA). + +```lua +-- Zenroom 0.8.0 +-- setup +random = RNG.new() +order = ECP.order() +G = ECP.generator() +-- make a request for certification +ku = INT.new(random, order) +Ru = G * ku +-- keypair for CA +dCA = INT.new(random, order) -- private +QCA = G * dCA -- public (known to Alice) +-- from here the CA has received the request +k = INT.new(random, order) +kG = G * k +-- public key reconstruction data +Pu = Ru + kG +declaration = { public = Pu:octet(), + requester = str("Alice"), + statement = str("I am stuck in Wonderland.") } +declhash = sha256(OCTET.serialize(declaration)) +hash = INT.new(declhash, order) +-- private key reconstruction data +r = (hash * k + dCA) % order +-- verified by the requester, receiving r,Certu +du = (r + hash * ku) % order +Qu = Pu * hash + QCA +assert(Qu == G * du) +``` + +The third step is the improvement of the previous implementation using +meaningful variable and function names. + + +```lua +-- Zenroom 0.8.1 +-- setup +random = RNG.new() +order = ECP.order() +G = ECP.generator() +-- typical EC key generation on G1 +function keygen(rng,modulo) + local key = INT.new(rng,modulo) + return { private = key, + public = key * G } +end +-- generate the certification request +certreq = keygen(random,order) +-- certreq.private is preserved in a safe place +-- certreq.public is sent to the CA along with a declaration +declaration = { requester = str("Alice"), + statement = str("I am stuck in Wonderland") } +-- Requester sends to CA --> +-- ... once upon a time ... +-- --> CA receives from Requester +-- keypair for CA (known to everyone as the Mad Hatter) +CA = keygen(random,order) +-- from here the CA has received the request +certkey = keygen(random,order) +-- certkey.private is sent to requester +-- certkey.public is broadcasted +-- public key reconstruction data +certpub = certreq.public + certkey.public +-- the certification is serialized (could use ASN-1 or X509) +certification = { public = certpub, + requester = declaration.requester, + statement = declaration.statement, + certifier = str("Mad Hatter") } +CERT = sha256(OCTET.serialize(certification)) +CERThash = INT.new(CERT, order) +-- private key reconstruction data +certpriv = (CERThash * certkey.private + CA.private) % order +-- CA sends to Requester certpriv and CERThash +-- eventually CA broadcasts certpub and CERThash +-- ... on the other side of the mirror ... +-- Alice has received from the CA the certpriv and CERT +-- which can be used to create a new CERTprivate key +CERTprivate = (certpriv + CERThash * certreq.private) % order +-- Anyone may receive the certpub and CERThash and, knowing the CA +-- public key, can recover the same CERTpublic key from them +CERTpublic = certpub * CERThash + CA.public +-- As a proof here we generate the public key in a standard way, +-- multiplying it by the curve generator point, then check equality +assert(CERTpublic == G * CERTprivate) +print "Certified keypair:" +I.print({ private = CERTprivate:octet():base64(), + public = CERTpublic:octet():base64() }) +``` + +At last, the implementation in Zencode follows + +``` +-- Zenroom 0.8.1 +``` + + diff --git a/views/index.txt b/views/index.txt new file mode 100644 index 0000000..9f66e09 --- /dev/null +++ b/views/index.txt @@ -0,0 +1,6 @@ +introduction.md +# bdd.md +# asymmetric_crypto.md +# elgamal_vote_tally.md +implicit_certificate.md +# conclusion.md diff --git a/views/introduction.md b/views/introduction.md new file mode 100644 index 0000000..b77c7a0 --- /dev/null +++ b/views/introduction.md @@ -0,0 +1,25 @@ +# Introduction + +This deliverable consists of the implementation of smart-rules effectively executing cryptographic operation and data transformations using a human readable language modeled according to the taxonomy expressed in DECODE's deliverable D3.5 "Initial definition of Smart Rules and Taxonomy". + +Since DECODE project's inception, reaching this point of development has been my personal ambition and it is perhaps the most important practical realization of a solution for some of the techno-political implications I've illustrated in my Ph.D thesis "Algorithmic Sovereignty". + +## For the awareness of algorithms + +The goal of this task is ultimately that of realizing a simple, non-technical, human-readable language for smart-rules that are actually executed in a verifiable and provable manner within the Zenroom controlled execution environment. + +To articulate the importance of this quest and the relevance of the results presented, which I believe to be unique in the landscape of blockchain smart-contract languages, is important to remind us of the condition in which most people find themselves when participating in the regime of truth that is built by algorithms. + +As the demand and production of well-connected vessels for the digital dimension has boomed, machine-readable code today functions as a literature informing the architecture in which human interactions happens. The telematic condition is realised by an integrated datawork continuously engaging the observer as a participant. Such a “Gesamtdatenwerk” [@Ascott_1990] may seem an abstract architecture, yet it can be deeply binding under legal, ethical and moral circumstances. + +The comprehension of algorithms, the awareness of the way decisions are formulated, the implications of their execution, is not just a technical condition, but a political one, for which access to information cannot be just considered a feature, but a civil right. It is important to understand this in relation to the "classical" application of algorithms executed in a centralized manner, but even more in relation to distributed computing scenarios posed by blockchain technologies, which theorize a future in which rules and contracts are executed without requiring any human agency. + +The legal implications with regards to standing rights and liabilities are out of the scope here, while the focus is on ways humans, even when lacking technical literacy, can be made aware of what an algorithm does. Is it possible to establish the ground for a shared language that informs digital architects about their choices and inhabitants about the digital territory? Going past assumptions about the strong role algorithms have in governance and accountability [@Diakopoulos_2016], how can we inform digital citizens about their condition? + +When describing the virtualisation of economic activity in the global context, Saskia Sassen describes the need we are observing as that of an analytical vocabulary: + +> The third component in the new geography of power is the growing importance of electronic space. There is much to be said on this issue. Here, I can isolate one particular matter: the distinctive challenge that the virtualization of a growing number of economic activities presents not only to the existing state regulatory apparatus, but also to private-sector institutions increasingly dependent on the new technologies. Taken to its extreme, this may signal a control crisis in the making, one for which we lack an analytical vocabulary. [@Sassen_sovereignty] + +The analysis of legal texts and regulations here shifts into an entirely new domain; it has to refer to conditions that only algorithms can help build or destroy. Thus, referring to this theoretical framework, the research and development of a free and open source language that is intellegible to humans becomes of crucial importance and, from an ethical standing point, DECODE as many other projects in the same space cannot be exempted from addressing it. + +When we consider algorithms as contracts regulating relationships (between humans, between humans and nature and, nowadays more increasingly, between different contexts of nature itself) then we should adopt a representation that is close to how the human mind works and that is directly connected to the language adopted. In this thesis I interpret algorithms as the systemic product of complex relationships between contracts and relevant choices made by standing actors [@standing2014Monico]. The ability to verify which algorithms are in place for a certain result to be visualised, to understand and communicate what these algorithms do, to describe and experiment their repercussions on reality is in fact conditioning the very choices standing actors will make. diff --git a/views/references.bib b/views/references.bib new file mode 100644 index 0000000..68ac3cb --- /dev/null +++ b/views/references.bib @@ -0,0 +1,41 @@ + @Article{Ascott_1990, + author = {Ascott, Roy}, + title = {Is There Love in the Telematic Embrace?}, + year = 1990, + volume = 49, + number = 3, + pages = 241, + issn = {0004-3249}, + journal = {Art Journal}, + publisher = {JSTOR} + } + + @Article{Diakopoulos_2016, + author = {Diakopoulos, Nicholas}, + title = {Accountability in algorithmic decision making}, + year = 2016, + volume = 59, + number = 2, + month = {Jan}, + pages = {56–62}, + issn = {0001-0782}, + journal = {Commun. ACM}, + publisher = {Association for Computing Machinery (ACM)} + } + + + @Book{Sassen_sovereignty, + author = {Saskia Sassen}, + title = {Losing Control? Sovereignty in an Age of Globalization}, + year = 1996, + publisher = {Columbia University Press} + } + + + @article{standing2014Monico, + title={Premesse per una costituzione ibrida.: la macchina, la bambina automatica e il bosco}, + year={2014}, + author={Monico, Francesco}, + publisher={Il Saggiatore}, + journal={Aut/Aut, La condizione postumana} + } diff --git a/views/template.tex b/views/template.tex new file mode 100644 index 0000000..9387e0f --- /dev/null +++ b/views/template.tex @@ -0,0 +1,177 @@ +\documentclass[a4paper]{extarticle} +\usepackage{lmodern} +$if(fontsize)$ +\usepackage[$fontsize$]{extsizes} +$endif$ +\usepackage{fullpage} +\usepackage{longtable} +\usepackage{booktabs} +\usepackage{amssymb,amsmath} +\usepackage{ifxetex,ifluatex} +\usepackage{fixltx2e} % provides \textsubscript +\ifnum 0\ifxetex 1\fi\ifluatex 1\fi=0 % if pdftex + \usepackage[T1]{fontenc} + \usepackage[utf8x]{inputenc} +\else % if luatex or xelatex + \ifxetex + \usepackage{mathspec} + \else + \usepackage{fontspec} + \fi + \defaultfontfeatures{Ligatures=TeX,Scale=MatchLowercase} +\fi +% use upquote if available, for straight quotes in verbatim environments +\IfFileExists{upquote.sty}{\usepackage{upquote}}{} +% use microtype if available +\IfFileExists{microtype.sty}{% +\usepackage{microtype} +\UseMicrotypeSet[protrusion]{basicmath} % disable protrusion for tt fonts +}{} +\usepackage{hyperref} +\hypersetup{unicode=true, + pdftitle={$title$}, + pdfauthor={$author$}, + $if(keywords)$ + pdfkeywords={$for(keywords)$$keywords$$sep$; $endfor$}, + $endif$ + pdfborder={0 0 0}, + breaklinks=true} +\urlstyle{same} % don't use monospace font for urls +\usepackage{xcolor} +$if(listings)$ +\usepackage{listings} +\lstset{ + basicstyle=\ttfamily, +% numbers=left, + numberstyle=\footnotesize, + stepnumber=2, + numbersep=5pt, + backgroundcolor=\color{black!10}, + showspaces=false, + showstringspaces=false, + showtabs=false, + tabsize=2, + captionpos=b, + breaklines=true, + breakatwhitespace=true, + breakautoindent=true, + linewidth=\textwidth +} +$endif$ +\usepackage{color} +\usepackage{fancyvrb} +\newcommand{\VerbBar}{|} +\newcommand{\VERB}{\Verb[commandchars=\\\{\}]} +\DefineVerbatimEnvironment{Highlighting}{Verbatim}{commandchars=\\\{\}} +% Add ',fontsize=\small' for more characters per line +\newenvironment{Shaded}{}{} +\newcommand{\KeywordTok}[1]{\textcolor[rgb]{0.00,0.44,0.13}{\textbf{{#1}}}} +\newcommand{\DataTypeTok}[1]{\textcolor[rgb]{0.56,0.13,0.00}{{#1}}} +\newcommand{\DecValTok}[1]{\textcolor[rgb]{0.25,0.63,0.44}{{#1}}} +\newcommand{\BaseNTok}[1]{\textcolor[rgb]{0.25,0.63,0.44}{{#1}}} +\newcommand{\FloatTok}[1]{\textcolor[rgb]{0.25,0.63,0.44}{{#1}}} +\newcommand{\ConstantTok}[1]{\textcolor[rgb]{0.53,0.00,0.00}{{#1}}} +\newcommand{\CharTok}[1]{\textcolor[rgb]{0.25,0.44,0.63}{{#1}}} +\newcommand{\SpecialCharTok}[1]{\textcolor[rgb]{0.25,0.44,0.63}{{#1}}} +\newcommand{\StringTok}[1]{\textcolor[rgb]{0.25,0.44,0.63}{{#1}}} +\newcommand{\VerbatimStringTok}[1]{\textcolor[rgb]{0.25,0.44,0.63}{{#1}}} +\newcommand{\SpecialStringTok}[1]{\textcolor[rgb]{0.73,0.40,0.53}{{#1}}} +\newcommand{\ImportTok}[1]{{#1}} +\newcommand{\CommentTok}[1]{\textcolor[rgb]{0.38,0.63,0.69}{\textit{{#1}}}} +\newcommand{\DocumentationTok}[1]{\textcolor[rgb]{0.73,0.13,0.13}{\textit{{#1}}}} +\newcommand{\AnnotationTok}[1]{\textcolor[rgb]{0.38,0.63,0.69}{\textbf{\textit{{#1}}}}} +\newcommand{\CommentVarTok}[1]{\textcolor[rgb]{0.38,0.63,0.69}{\textbf{\textit{{#1}}}}} +\newcommand{\OtherTok}[1]{\textcolor[rgb]{0.00,0.44,0.13}{{#1}}} +\newcommand{\FunctionTok}[1]{\textcolor[rgb]{0.02,0.16,0.49}{{#1}}} +\newcommand{\VariableTok}[1]{\textcolor[rgb]{0.10,0.09,0.49}{{#1}}} +\newcommand{\ControlFlowTok}[1]{\textcolor[rgb]{0.00,0.44,0.13}{\textbf{{#1}}}} +\newcommand{\OperatorTok}[1]{\textcolor[rgb]{0.40,0.40,0.40}{{#1}}} +\newcommand{\BuiltInTok}[1]{{#1}} +\newcommand{\ExtensionTok}[1]{{#1}} +\newcommand{\PreprocessorTok}[1]{\textcolor[rgb]{0.74,0.48,0.00}{{#1}}} +\newcommand{\AttributeTok}[1]{\textcolor[rgb]{0.49,0.56,0.16}{{#1}}} +\newcommand{\RegionMarkerTok}[1]{{#1}} +\newcommand{\InformationTok}[1]{\textcolor[rgb]{0.38,0.63,0.69}{\textbf{\textit{{#1}}}}} +\newcommand{\WarningTok}[1]{\textcolor[rgb]{0.38,0.63,0.69}{\textbf{\textit{{#1}}}}} +\newcommand{\AlertTok}[1]{\textcolor[rgb]{1.00,0.00,0.00}{\textbf{{#1}}}} +\newcommand{\ErrorTok}[1]{\textcolor[rgb]{1.00,0.00,0.00}{\textbf{{#1}}}} +\newcommand{\NormalTok}[1]{{#1}} +\usepackage{graphicx,grffile} +\makeatletter +\def\maxwidth{\ifdim\Gin@nat@width>\linewidth\linewidth\else\Gin@nat@width\fi} +\def\maxheight{\ifdim\Gin@nat@height>\textheight\textheight\else\Gin@nat@height\fi} +\makeatother +% Scale images if necessary, so that they will not overflow the page +% margins by default, and it is still possible to overwrite the defaults +% using explicit options in \includegraphics[width, height, ...]{} +\setkeys{Gin}{width=\maxwidth,height=\maxheight,keepaspectratio} +\IfFileExists{parskip.sty}{% +\usepackage{parskip} +}{% else +\setlength{\parindent}{0pt} +\setlength{\parskip}{6pt plus 2pt minus 1pt} +} + +% previously included by writedown in options.sty +\setlength{\parindent}{1.25em} +\setlength{\parskip}{.2em} +\usepackage{etoolbox} +\AtBeginEnvironment{quote}{\parskip 1em} + +\setlength{\emergencystretch}{3em} % prevent overfull lines +\providecommand{\tightlist}{% + \setlength{\itemsep}{0pt}\setlength{\parskip}{0pt}} +\setcounter{secnumdepth}{0} +% Redefines (sub)paragraphs to behave more like sections +\ifx\paragraph\undefined\else +\let\oldparagraph\paragraph +\renewcommand{\paragraph}[1]{\oldparagraph{#1}\mbox{}} +\fi +\ifx\subparagraph\undefined\else +\let\oldsubparagraph\subparagraph +\renewcommand{\subparagraph}[1]{\oldsubparagraph{#1}\mbox{}} +\fi +% END OF CONFIG ------------------------------------------ + +% START OF CONTENT ------------------------------------------ + +\title{$title$} +$if(subtitle)$ +\providecommand{\subtitle}[1]{} +\subtitle{$subtitle$} +$endif$ +$if(author)$ +\author{$for(author)$$author$$sep$ \and $endfor$} +$endif$ +$if(institute)$ +\providecommand{\institute}[1]{} +\institute{$for(institute)$$institute$$sep$ \and $endfor$} +$endif$ +\date{$date$} +$if(logo)$ +\logo{\includegraphics{$logo$}} +$endif$ + +\begin{document} + +\maketitle + +\begin{abstract} +$abstract$ +\end{abstract} + +\providecommand{\keywords}[1]{\textbf{\textit{Keywords---}} #1} +$if(keywords)$ + \keywords{$for(keywords)$$keywords$$sep$; $endfor$} +$endif$ + +\pagebreak[4] +{ +\setcounter{tocdepth}{3} +\tableofcontents +} +\pagebreak[4] + +$body$ + +\end{document}