Wednesday, December 7, 2016

Learning about encryption keys

From this guy, a technico working on ethereum,  

 Up to now I have left keys and encryption as a black box,but the patent trolls re catching up.

The point of departure for the secure card is two, biometric lock to the human, and the ability to hold a secret key and never reveal it, using it only for verification, or to unlock a small message.

Talk about the second problem, we would like a large group of cards to share some secret number for as long as two years. We say these cards have a daily limit of one grand.  There are a lot of traders here, a big parameter space for catching counterfeiters.  If the cards are hierarchical, higher security cards may carry multiples of these secret numbers, but they have more expensive security.  Then, another trader, keep multiple secret numbers out there, so any card may, on occasion need higher level verification when two transacting cards have no  common secret.  But, these two cards may have human to human verification, obviating the need for secret key checking.  Human biometrics is the ultimately determining factor.  Top security is the card that runs the fab.

This layered protection aids the hardware engineers who have freedom to mask, and the analysis we need is from them, how costly is it to reverse engineer a large gate array and to recover a key word hidden in noise keys. Add to the the after the fact sniffer bots that constantly look for consistency mis-matches.
Relative to the amount of theft and fraud the current system holds, even counterfeit cash still appears; against that background, credit card companies will say this is the best approach.

How about self verification of a biometric?

Sure, use  the method for recovering messages in in the reference above, and elsewhere, common encryption.  Any feature set has to be orthogonal in the sense each feature maximizes the spread among the population of features. If that is the case, then the feature set taken from one individual can be contracted down into a suitable, repeated and almost unique key, encrypted with the shared secret key and verified by any other card holding the secret key.

That biometrics algorithm, especially the optimum  spreading of features among the populations, contracted to  key value; that is the same technology used by the deep mind learning group.  Been around for a long time, I mentioned this a few times as an easy way to teach a bot how to drive.  Auto driving for bots becomes easier because he key, important features of traffic are increasingly processed by cheap senors on the car.  That means, a bit of pattern matching and you bot is driving like a teenager in no timer at all.  It really is, Pit.boss = Drive.  The pit boss organizes and trigger actions based on an organized queues of feature, and an organized queue factions.  The pit boss compresses the bets them, the more bit error it accumulates, the higher your bot insurance rates.

No comments: