SDL Episode41

From Paul's Security Weekly
Jump to: navigation, search

Secure Digital Life #41

Recorded on November 14, 2017 at G-Unit Studios in Rhode Island!

Episode Audio

Coming soon!

Hosts

  • Doug White
    Cybersecurity professor, President of Secure Technology, and Security Weekly network host.
  • Russell Beauchemin
    Cybersecurity & Network Security Program Advisor and Director of Instructional Support & Learning Innovation at Roger Williams University.
  • Jimi's Guitar and Blockchains

    • The barter economy
    • The need for intermediaries and trust
    • Ledgers and centralized validation
    • So, I have this guitar which "belonged" to Jimi Hendrix.
    1. Could this be a fake or maybe I am lying?
    2. Do you trust me?
    • What if it's just a grainy picture of some guy holding a guitar?
    • What if Gruhn's guitars (intermediary) maintained the ledger and has every owner with a picture?
    • This is an example of a centralized authority. What if Gruhn's burns down and the records are los?.
    • So what if a group of guitar stores around the world agree that they will create a "ledger" and every single guitar transaction will be entered in the ledger and a copy of the entire ledger will be stored at every store?
    • Now, M & M guitar in Topeka shows this guitar was owned by Jimi Hendrix but all the other shops show it was owned by Jimmy Henderson. If > 50% of the shops agree, then M&M gets removed as a "trusted" authority.
    • Centralized vs decentralized trust.
    1. Example of the Army
    2. The crooked town clerk
    • So, basically, every time a change occurs a new block in the guitar chain is created and this is validated by all the other systems. This block would be a ledger of the owners of all the guitars.
    • Now, how can I sell the guitar?
    1. Old school, you hand me a bag of gold, I hand you the guitar
    2. Later, you give me a credit card number, an intermediary validates the card, I send you the guitar with a letter of authenticity from Gruhns.
    3. OW. I share the private key of the guitar to prove it's provenance which can be checked with any public key. This results in an update to the ledger of all guitars and you now add it to your private key stash and are the new owner in the blockchain.
    • Couldn't I fake this ownership?
    1. Well, every transaction for this guitar is in the block chain so if I don't own the guitar, then the transaction wouldn't be valid and the overall network would reject the fake change.
    2. Remember, now, I also have to deal with the fact that all of the nodes have the records, not just one centralized ledger so cheating gets harder.
    • Who is threatened?
    1. Intermediaries like banks, stock traders, the dmv, you name it. Think about how much of our economy is just "intermediary".
    • Next Time! BITCOIN on a special Thanksgiving Episode of SDL.