RKVST Launches RKVST Free and RKVST Team SaaS Supply Chain Integrity, Transparency and Trust Solution – Business Wire

SANTA CLARA, Calif. & CAMBRIDGE, England--(BUSINESS WIRE)--RKVST, a leading provider of supply chain integrity, transparency and trust, announces a Free and subscription-based Team tier of its award-winning enterprise SaaS solution, allowing organizations of any size to collaborate on and share data in near real-time, confident in the trustworthiness of that data.

The RKVST platform removes the hassles, mistakes and risk associated with the manual processes and paperwork involved in sharing data across organizations, enabling all partners in the supply chain to collaborate and work with a single source of truth. RKVST does this by capturing the identity of sources and origin of data, enforcing sharing and visibility rules with strong cryptography, and underpinning that with distributed ledger technology that prevents forgery, back-dating or shredding of evidence. Together, provenance, governance and immutability bring the right level of trust in data for faster, confident decisions with lower business risk for organizations.

Jon Geater, chief technology and product officer at RKVST, says:

With the RKVST Free tier, we are making our award-winning enterprise blockchain accessible to the mainstream market. Delivering integrity, transparency and trust to digital supply chains is now available to everyone with a single API call or a single click. RKVST ensures that the right data gets to the right place at the right time, matching the speed and complexity challenges of todays digital infrastructure and delivering the continuous assurance required for zero trust architecture.

Cost and complexity have traditionally been barriers for unifying supply chain operations, making them the preserve of large government agencies and enterprises, and where small suppliers are often left out. This creates blind spots that increase security and business risks for the entire supply chain as well as significant amounts of human resource spent auditing and validating partner data. RKVST is changing all of that by delivering a range of service options to suit organizations of every size. RKVST Free provides DevOps and R&D professionals with a try-before-you-buy option, and a free-forever service for small businesses. RKVST Team employs a pay-as-you-grow model for increased asset capacity, more features and more users per account tenancy.

Green aerospace company SATAVIA is using RKVST to provide transparent continuous asset assurance for the complex and often opaque carbon offset market in the aviation industry. By enabling aircraft operators to forecast, prevent, quantify and offset surface warming caused by aircraft-generated condensation trails or contrails, aviations per-flight climate impact can be reduced by up to 60%. SATAVIA started out using RKVST Free, transitioning to RKVST Team as their user and asset capacity needs increased.

Dr Adam Durant, chief executive officer, SATAVIA, says:

SATAVIAs ClimateTech platform DECISIONX:NETZERO optimizes aircraft flight plans for contrail prevention and quantifies climate benefit in terms of avoided surface warming. Immutable storage of flight-by-flight data, with clear oversight of provenance and governance, is a central requirement of climate benefit accounting. Were pleased to be working with RKVST to solve these technical challenges, leveraging data integrity for climate-positive activity.

The launch of RKVST Free and RKVST Team comes at a time when the push to adopt solutions that build trust and transparency is moving with unprecedented speed. The U.S. Executive Order 14028 highlights the need to transition to a zero trust mindset with supply chain transparency and trust as major pillars. The Internet Engineering Task Force (IETF) has established a new working group focused on the issues of supply chain integrity, transparency and trust, and the latest cybersecurity review from the U.K.s National Cyber Security Centre highlights the serious threats posed by supply chain attacks.

About RKVST

RKVST enables organizations to collaborate confidently and securely with partners, tracking physical and digital assets, reducing operational costs and increasing business resiliency. Customers use RKVST to provide integrity, transparency and trust for digital supply chains, solving challenges ranging from nuclear waste tracking and compliance in construction and other industries, to zero trust connected devices and software bill of materials (SBOMs). The RKVST software-as-a-service (SaaS) captures the identity of sources and origin of data, enforces sharing and visibility rules with strong cryptography, and is underpinned by distributed ledger technology that prevents forgery, back-dating or shredding of evidence. This zero trust approach, continuously verifying then trusting data, enables organizations to make confident business decisions based on verifiable data with real-time context. To learn more, visit RKVST.com.

Here is the original post:
RKVST Launches RKVST Free and RKVST Team SaaS Supply Chain Integrity, Transparency and Trust Solution - Business Wire

$3.7 Billion Worldwide Blockchain in Retail Industry to 2027 – Featuring Cognizant, Infosys and Oracle Among Others – ResearchAndMarkets.com -…

DUBLIN--(BUSINESS WIRE)--The "Blockchain in Retail Market: Global Industry Trends, Share, Size, Growth, Opportunity and Forecast 2022-2027" report has been added to ResearchAndMarkets.com's offering.

The global blockchain in retail market reached a value of US$ 233.5 Million in 2021. Looking forward, the publisher expects the market to reach a value of US$ 3,731.75 Million by 2027, exhibiting a CAGR of 58.71% during 2021-2027.

Companies Mentioned

Keeping in mind the uncertainties of COVID-19, we are continuously tracking and evaluating the direct as well as the indirect influence of the pandemic. These insights are included in the report as a major market contributor.

Blockchain in retail refers to a disruptive technology that relies on cryptography to record digital transactions on a distributed ledger in the retail industry. It is a cost-effective solution as it automates the transactions and the interoperability of applications and eliminates the need for administration.

It assists businesses in tracking the product back to the supply chain, identifying suppliers, manufacturers, and batches to solve supply chain issues. It enables decentralized identity (DID), which helps retailers verify user identity and data when required. In addition, it streamlines administrative processes in the back offices of retailers, thereby allowing employees to focus more on value-added work.

The growing demand for transparent transactions in the retail industry to build trust between suppliers, companies, and customers represents one of the key factors driving the market. Moreover, there is a rise in investments by retailers in blockchain-based solutions to ensure quality, reliability, authenticity, and product safety. This, along with increasing technological advancements and international trade in the retail sector, is propelling the growth of the market.

In addition, blockchain offers enhanced cryptographic security for its databases and transactions that help in fraud reduction and sustainability of retailers. This, coupled with the increasing utilization of blockchain in retail for digital payment, online shopping, and risk and compliance, is positively influencing the market.

Besides this, the rising employment of blockchain in retail to monitor supply chain transactions for easy traceability of goods is offering lucrative growth opportunities to industry players. Additionally, the escalating demand for smart contracts to save time and cost of companies and remove merchants who charge extra for authenticating a transaction is bolstering the market growth.

Key Questions Answered in This Report:

Key Topics Covered:

1 Preface

2 Scope and Methodology

3 Executive Summary

4 Introduction

4.1 Overview

4.2 Key Industry Trends

5 Global Blockchain in Retail Market

5.1 Market Overview

5.2 Market Performance

5.3 Impact of COVID-19

5.4 Market Forecast

6 Market Breakup by Component

7 Market Breakup by Type

8 Market Breakup by Organization Size

9 Market Breakup by Application

10 Market Breakup by Region

11 SWOT Analysis

12 Value Chain Analysis

13 Porters Five Forces Analysis

14 Price Analysis

15 Competitive Landscape

15.1 Market Structure

15.2 Key Players

15.3 Profiles of Key Players

For more information about this report visit https://www.researchandmarkets.com/r/g7765l

Follow this link:
$3.7 Billion Worldwide Blockchain in Retail Industry to 2027 - Featuring Cognizant, Infosys and Oracle Among Others - ResearchAndMarkets.com -...

Research Fellow in Applied Cryptography And Data Security job with UNIVERSITY OF SURREY | 306274 – Times Higher Education

Computer Science

Location: GuildfordSalary: 33,314 to 42,155 per annumFixed TermPost Type: Full TimeClosing Date: 23.59 hours BST on Tuesday 20 September 2022Reference: 058222

The Department of Computer Science at the University of Surrey is seeking to recruit an outstanding Research Fellow in the field of applied cryptography and data security for a full-time position. This is a fixed-term appointment for 36 months. The expected start is October 2022 or as soon as possible thereafter.

The post holder will be contributing to two EU-funded research projects Continuous and Efficient Cooperative Trust Management for Resilient CCAM (the project short name is CONNECT) and Rewiring the Compositional Security Verification and Assurance of Systems of Systems Lifecycle (the project short name is REWIRE).

The main responsibility of the post holder will be in the design and development of new cryptographic protocols for trusted computing and secure systems, including attribute-based encryption and signatures, anonymous signatures, remote attestation, and distributed ledger technologies.

The Department of Computer Science within the Faculty of Engineering and Physical Sciences has an international reputation for research and teaching. Research in the department is focused on three main areas - Nature Inspired Computing and Engineering (NICE), Distributed and Networked Systems, and Secure Systems, with Surrey hosting UK Academic Centres of Excellence both in Research and in Education, both recognised by GCHQ.

The position offers the platform for the research fellow to develop skills to become an independent researcher. The successful candidate will work under the direction of Professor Liqun Chen and Dr Catalin Dragan. The research fellow will also work with the other colleagues of the Surrey Centre for Cyber Security and collaborate with the other partners of the CONNECT project consortium and the REWIRE project consortium.

We are looking for applicants that demonstrate strong research and protocol design skills, have strong communication skills, and have enthusiasm for developing their own research ideas. Applicants should have knowledge and experience in the design of cryptographic protocols for trusted computing and secure systems, and a good understanding of distributed ledger technologies. Skills in software engineering would be an advantage but being willing to learn how to develop a software prototype for demonstration is acceptable.

Applicants should have a PhD (or close to completing a PhD degree) in a relevant subject or equivalent professional experience.

For informal enquiries please contact Professor Liqun Chen atliqun.chen@surrey.ac.uk.

Please note, it is University Policy to offer a starting salary equivalent to Level 3.6 (33,314) to successful applicants who have been awarded, but are yet to receive, their PhD certificate. Once the original PhD certificate has been submitted to the local HR Department, the salary will be increased to Level 4.1 (34,308).

Furtherdetails:JobDescription

For more informationand to apply online, please download the further details and click on the 'apply online' button above.

In return we offer a generous pension, relocation assistance where appropriate, flexible working options including job share and blended home/campus working locations (dependent on work duties), access to world-class leisure facilities on campus, a range of travel schemes and supportive family friendly benefits including an excellent on-site nursery.

Click here to find out more about the benefits we offer to support you.

The University of Surrey is committed to providing an inclusive environment that offers equal opportunities for all. We place great value on diversity and are seeking to increase the diversity within our community. Therefore we particularly encourage applications from under-represented groups, such as people from Black, Asian and minority ethnic groups and people with disabilities.

See more here:
Research Fellow in Applied Cryptography And Data Security job with UNIVERSITY OF SURREY | 306274 - Times Higher Education

ASPG, Inc. Announces Release of CryptoZ, Innovative New z/OS Cryptography Reporting and Administration Sy – Benzinga

A unique cryptography reporting system made for organizations utilizing z/OS cryptography.

NAPLES, Fla., Aug. 22, 2022 /PRNewswire-PRWeb/ -- Advanced Software Products Group Inc. (ASPG, Inc.) has announced the release of CryptoZ, a unique cryptography reporting system made for organizations utilizing z/OS cryptography.

CryptoZ offers a behind-the-scenes look at an organization's Z-system cryptography. By having a better overview of operations, administrators can more accurately predict future events and take a proactive approach to data security.

Cryptography plays a vital role in protecting today's organizations. CryptoZ has been designed with this in mind. Designed to display critical behind-the-scenes information, it is the ideal tool for enterprise data centers that make an everyday use of cryptography who are seeking more in-depth information about their cryptography operations. CryptoZ enables users to protect critical data while reducing daily costs and remaining operationally efficient.

CryptoZ v2.0.0 offers a new metadata display, providing administrators with the ability to view and modify KDSL records, and see additional data and archiving details. Users also have the ability to display keys in the KDS with or without Read authority, aiding in further flexibility. An enhanced ICSF options display also assists in additional ICSF functions for accessing these services directly. A new TKDS Status Panel displays the current status of token data sets (TKDS) and allows users to examine attributes of current or alternate TKDS.

Built with a variety of selections available, users can review the active status of ICSF, CPACF, Integrated Coprocessors, PCI Coprocessors, the CKDS, PKDS, security exceptions and concerns, and the current users of cryptography.

An essential tool for security administrators, CryptoZ's innovative ICSF commands services provide a unique interface for invoking ICSF services for operating and evaluating ICSF facilities. Users can interactively query ICSF services, generate keys and tokens, add or delete records from the PKDS or CKDS, and much more.

The CryptoZ support team is available 24 hours a day, 7 days a week. Interested parties may read more about CryptoZ via ASPG's website at http://www.aspg.com/CryptoZ. Free trials of the software are also available. To learn more, contact the ASPG sales team by phone at 800-662-6090 (toll-free) or 239-649-1548 (US/International) or email at aspgsales@aspg.com.

ABOUT ADVANCED SOFTWARE PRODUCTS GROUP ASPG is an industry-leading software development company with IBM, Microsoft and GSA certifications. For nearly 30 years, they have been producing award-winning software for data centers and mainframes, specializing in data security, storage administration, and system productivity, providing solutions for a majority of the global 1000 data centers.

Media Contact

Advanced Software Products Group, Inc., Advanced Software Products Group, Inc., 800-662-6090, aspgmarketing@aspg.com

SOURCE Advanced Software Products Group, Inc.

Read the original post:
ASPG, Inc. Announces Release of CryptoZ, Innovative New z/OS Cryptography Reporting and Administration Sy - Benzinga

UN: monitoring the use of cryptography can make the Internet safer – The Cryptonomist

UN executive Ghada Waly spoke about crypto at the World Economic Forum, saying that monitoring the use of cryptography can make the Internet more secure.

Ghada Waly, executive director of the United Nations Office on Drugs and Crime, spoke at the World Economic Forum yesterday, saying that monitoring cryptography can make the Internet safer.

JUST IN: United Nations executive says monitoring how crypto is used can safeguard the future of the internet.

Waly focused his talk on the importance of the ways in which digital assets are used illegally, so as to understand how they are exploited.

Specifically, Waly said:

Theres an element of capacity building and national regulation but theres also investigation collecting evidence. Theres this whole story of cryptocurrencies and how some users on the internet utilize them in an illegal form. These are small interventions where a lot of investment needs to happen in infrastructure in capacity building in the cyber security space.

Basically, the focus should first be on controlling the use of cryptocurrencies at the national level.

Waly referred to cryptography and cryptocurrencies for use in illegal activities such as money laundering and theft.

In this regard, the recent case of Tornado Cash, the crypto-mixer that was blacklisted by the US Treasury Department in early August for allegedly laundering more than $7 billion in crypto.

Specifically, the Office of Foreign Assets Control (OFAC) allegedly sanctioned Tornado Cash for being used to steal $455 million by the state-sponsored Democratic Peoples Republic of Korea (DPRK) hacker group Lazarus Group. In addition, the platform was used to launder another $96 million in funds from malicious cyber actors.

Soon after, the Dutch agency arrested Tornado Cash developer Alexey Pertsev and punished him for creating a tool to commit criminal acts.

Related postsMore from author

Continue reading here:
UN: monitoring the use of cryptography can make the Internet safer - The Cryptonomist

Keyfactor Named to the 2022 Inc. 5000 List for Third Consecutive Year and Recognized as the Fastest Growing PKI and Cryptography Leader in America -…

INDEPENDENCE, Ohio--(BUSINESS WIRE)--Keyfactor, the machine and IoT identity platform for modern enterprises, has been recognized on the 2022 Inc. 5000 list as one of the fastest growing private companies in America. The list represents a one-of-a-kind look at the most successful companies within the economys most dynamic segment independent businesses.

We are proud to be recognized by Inc. as a fast-growing company for the third consecutive year, said Jordan Rackie, Chief Executive Officer at Keyfactor. The global growth weve witnessed over the last year is a testament to our companys outstanding culture, technology innovation and ability to meet the growing needs in todays complex enterprise ecosystem. Id like to personally thank the entire Keyfactor team for another year of hard work, determination and market leadership.

Over the past 18 months, Keyfactor has witnessed exponential growth marked by significant milestones and corporate achievements:

Companies on the 2022 Inc. 5000 are ranked according to percentage revenue growth from 2018 to 2021. To qualify, companies must have been founded and generating revenue by March 31, 2018. They must be U.S.-based, privately held, for-profit, and independentnot subsidiaries or divisions of other companiesas of December 31, 2021. (Since then, some on the list may have gone public or been acquired.) The minimum revenue required for 2018 is $100,000; the minimum for 2021 is $2 million.

Complete results of the Inc. 5000, including company profiles and an interactive database that can be sorted by industry, region, and other criteria, can be found at http://www.inc.com/inc5000. The top 500 companies are featured in the September issue of Inc. magazine, which will be available on August 23.

To learn more about Keyfactor, please visit: https://www.keyfactor.com/

About Inc.

The worlds most trusted business-media brand, Inc. offers entrepreneurs the knowledge, tools, connections, and community to build great companies. Its award-winning multiplatform content reaches more than 50 million people each month across a variety of channels including websites, newsletters, social media, podcasts, and print. Its prestigious Inc. 5000 list, produced every year since 1982, analyzes company data to recognize the fastest-growing privately held businesses in the United States. The global recognition that comes with inclusion in the 5000 gives the founders of the best businesses an opportunity to engage with an exclusive community of their peers, and the credibility that helps them drive sales and recruit talent. The associated Inc. 5000 Conference & Gala is part of a highly acclaimed portfolio of bespoke events produced by Inc. For more information, visit http://www.inc.com.

About Keyfactor

Keyfactor is the machine and IoT identity platform for modern enterprises. The company helps security teams manage cryptography as critical infrastructure by simplifying PKI, automating certificate lifecycle management, and enabling crypto-agility at scale. Companies trust Keyfactor to secure every digital key and certificate for multi-cloud enterprises, DevOps, and embedded IoT security.

Original post:
Keyfactor Named to the 2022 Inc. 5000 List for Third Consecutive Year and Recognized as the Fastest Growing PKI and Cryptography Leader in America -...

Cryptography 101: Giving a framework to the brimming blockchain businesses of India – Times of India

A centralized approach to a decentralized sector

2020 was the crypto summer that led to a spurt in the global number of jobs in the cryptocurrency, and NFTs arena. In India, Blockchain and crypto-related jobs grew by 804% between April 2020 to April 2022, according to a report by American consulting firm Gartner, despite a bearish market and stringent regulations by the Indian government.

As web 3.0 is pacing up, the services providing built-in bases for businesses to foray into the Blockchain, NFT, DeFi, and DAO space are becoming an inevitable enabler of modern-day tech and a vital source of employment for the generation. But here is the bottleneck to the blockchain business; it is still in its preliminary stages in India. Developing a web 3.0 platform required industry expertise and engineering maturity. The gap is being filled by Web 3.0 Infrastructure companies offering Whitelabel solutions to entrepreneurs who are keen to step into the space. They are helping other companies create top-tier platforms to grow their establishments and expand in the emerging NFT space and Metaverse. The deployment of BaaS can help the brand foray into the world of NFT & Metaverse by having an online presence thats not just diverse but also advanced. Companies can leverage create and leverage virtual assets made by using white-label solutions.

When the first wave of simple networked web culminated in the 80s and 90s, there was a barrage of rules and community-controlled internet protocols, limiting the Internets acceleration to a great extent. By the second internet evolution, restrictions eased, allowing user-driven creativity to flourish and industrial innovation to take over. Then Google, Amazon, Facebook, and Apple came in.

Now that we are in the midst of the third web transition, i.e., Web 3.0, take over, decentralization is taking center stage. The walls of imposed rules are breaking down, and users are looking for more open and sophisticated services. Multi-functional ledgers of white label solutions, quick turnaround timing, and lesser engineering requirements are taking over.

Leveraging decentralization as their core Blockchain-as-a-Service solutions, BaaS developers are stepping in to provide cost-effective, customized ready-to-be-branded Web 3.0 NFT Blockchain infrastructures for businesses. Several Indian players in this sector, like Seracle, have been leveling the playing field for big businesses, creators, and communities by assisting them in creating robust crypto networks and viable marketplaces tailored to the organizational need.

With community-governed ethos, advanced modern functionality, and white label solutions like Crypto Exchange, DeFi-DAO platforms, NFT Marketplace, and Metaverse, Blockchain is taking over enterprises, in turn, can focus on delivering innovative solutions to their customers. Instead of hiring newer resources to aggregate such services, costs accrued by businesses are being cut down by these platforms that offer culminated Web 3.0 solutions.

With the NFT and DeFi marketplace values soaring over 340 billion USD globally, the need for unanimous global regulations in the blockchain sector remains high. A platform functioning within regulatory compliance is essential to maintain algorithmic stability and reduce the chances of data mismanagement, a common shortcoming of any software-based product. Blockchain-based services are unique asset classes based on a unique technology that aims for resolutions to bring down such mismanagement.

Hailed as the next game-changer by critics, experts, and influencers alike blockchain has the potential to do what the internet did for finance, art, or any other enterprise of 21 st century. Blockchain technology can unequivocally upscale the finance system through DeFi, DAO, and Cryptocurrency.

Some might dismiss this as another tech fad, but at least for 2022, DeFi platforms have already racked up over 200 billion dollars of remunerations in value. In parallel, the global blockchain market is also growing to touch a 163.83 billion dollar valuation as a market by 2029.

The key differentiator between any DeFi, blockchain, and traditional service is the De in the name. Services can exist in a decentralized manner without the need for an intermediary. Tamper-proof, virtual, and global, BaaS can redefine how businesses carry transactions in Web3.0.

Views expressed above are the author's own.

END OF ARTICLE

View original post here:
Cryptography 101: Giving a framework to the brimming blockchain businesses of India - Times of India

Godfather of Crypto expresses concerns over current state of blockchain privacy – CryptoSlate

The crypto industry is often referred to as being in its infancy with the were still early meme popular within the community. However, digital cash is not a new concept, as anyone with knowledge of David Chaum will confirm. Chaum is known as the Godfather of Crypto, as he published a paper on digital cash almost 40 years ago.

In his 1983 paper, Blind Signatures for Untraceable Payments, Chaum suggested a new type of cryptography that would give digital currency the properties of privacy, proof of payment, and freezing of funds. He feared that electronic payment systems could have a substantial impact on personal privacy as well as on the nature and extent of criminal use of payments.

Chaums suggestion of Blind Signatures was later referenced by Vitalik Buterin in The Ethereum Whitepaper as Chaumian Blinding in 2014. CryptoSlate spoke exclusively to Chaum during our Twitter Space with XX Network, Chaums most recent project. The entire recording is available in the first reply to the below tweet.

Our first question to Chaum was to ask what his 1983 self would have thought had he been shown a crystal ball with a look into the state of crypto in 2022. His response stated that he would have realized that he had a lot more work to do and been slightly disappointed.

Chaum declared that what he originally proposed had privacy integrated, and he had hoped that the paper would have triggered an expectation for privacy as a standard. Further, he believes the failure to adhere to the privacy standards he set out almost 40 years ago led to issues well outside of crypto, such as the manipulation of elections and the shredding of social coherence.

The conversation would later develop into a discussion around the Cambridge Analytica scandal and its clear privacy violations. Chaum is passionate about privacy and sees the potential for blockchain-style cryptography to solve issues at a socio-economic level. Throughout the discussion, his frustration with the evolution of the internet and the lack of protection for users data is evident.

Chaum also stated that the idea of an autonomous computation that no one can tamper with was part of his early vision, which was referred to as a chain of blocks. In 1994 Chaum launched DigiCash, the worlds first digital currency utilizing cryptographic proofs. DigiCash was custodial in nature as a central bank held it, but Chaum asserted that the bank could not know who had which money.

While Chaum may have his reservations regarding the state of the blockchain industry in 2022, ultimately, he declared that

it is extraordinarily great that Bitcoin has raised the profile [of his vision] to the extent that it cannot be ignored by the powers that be and thats game changing.

He sees plenty of opportunity and room for growth concerning blockchain. However, the current state of privacy is his primary concern.

When asked about his views regarding the sanctioning of Tornado Cash and Circles move to blacklist related addresses from using USDC, he noted that it is quite disturbing. Chaum then claimed that it was a little outside of [his] scope, yet, in reality, he has a deep understanding of the underlying technology.

According to Chaums website, he is also the inventor of mixing, a cryptographic technique similar to those used in protocols such as Tornado Cash. The technology was initially designed to ensure the privacy of email and digital pseudonyms and was presented in his 1981 paper, Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms.

Since the late 70s, Chaum has been dedicated to using cryptography to give people their power over their own data. However, he admitted in the Space that it is pretty tricky to know how you can protect privacy and still let all the stuff that needs to get done, get done efficiently.

Chaum declared that he does not like to get involved in what he called the crypto wars regarding policy and politics. However, the general thread of his contribution to the conversation was one of frustration and that privacy is not a more significant part of our everyday lives. In contrast, some technology that improves privacy is being banned.

The Twitter Space moved on to the topic of the state of blockchain as it is today. Chaum was asked his thoughts on industry leaders within the Space, to which he replied,

Im a big fan of the of the community and all the energy around it. But if you really had X-ray vision and you could see through with the technology, I dont think the emperors wearing any clothes you know.

He continued to refer to some project leads as amateur cryptographers, admitting that he hasnt been impressed by much of what hes seen. The XX Network, co-founded by Chaum, was created to address what Chaum feels is lacking within the Space.

According to Chaum, the XX Network team has showcased 3,500 quantum-resistant transactions per second while also launching a P2P messenger called Elixxir built on top of the network. Elixxir utilizes dark nodes to route messages through a decentralized network allowing for the privacy of both messaging and network routing.

Chaum declared that XX Network is now ready for use by the general public, and Elixxir is the first point of contact for those wishing to test out Chaums version of blockchain.

To listen to the whole conversation covering Elixxir, quantum resistance, Apple, Google, and private community management, visit the tweet at the top of the article or click here. Follow CryptoSlate on Twitter to be notified when we go live with more Spaces in the future.

Become a member of CryptoSlate Edge and access our exclusive Discord community, more exclusive content and analysis.

On-chain analysis

Price snapshots

More context

Visit link:
Godfather of Crypto expresses concerns over current state of blockchain privacy - CryptoSlate

Nine Benefits of FIDO Authentication | HYPR – Security Boulevard

Identity and access management (IAM) is undergoing a significant paradigm shift in response to constantly evolving threat actors and regulatory demands around user and data safety. The world is transitioning away from traditional IAM methodologies that rely on shared secrets and centralized passwords. Even the more recent upgrade, multi-factor authentication in the form of SMS and one-time passwords (OTPs), is being phased out.

In its place, authentication systems are being hardened with passwordless security built on biometrics, decentralized authentication and public key infrastructure (PKI). A true sea change, however, requires a foundation of free, open, rigorous standards. Open standards are easier to understand and audit, offer flexibility and interoperability, and avoid the lock-in of proprietary models.

Fast Identity Online (FIDO) authentication standards have been named the gold standard for secure passwordless authentication for good reason. Here we look at what FIDO authentication is and its benefits for your organization.

FIDO is a set of open authentication standards developed by the FIDO Alliance. The Alliance comprises leading technology firms such as Apple, Google, Microsoft and HYPR, financial organizations such as Bank of America, Mastercard and Visa, and regulatory bodies such as NIST. Its stated mission is to build authentication standards that help reduce the worlds reliance on passwords.

FIDO authentication protocols use public key cryptography to strengthen authentication and attestation. Public key cryptography is more secure than passwords, SMS or OTPs and makes authentication easier for customers and service providers. Heres how it works with FIDO:

By leveraging different authentication factors simultaneously, such as possession (device) and inherence (biometrics), one of the core benefits of FIDO authentications login process is that it satisfies multi-factor authentication requirements without using passwords and without inconveniencing the user.

There are numerous other benefits of FIDO authentications application in authentication processes, so lets look at the most important ones.

As a board-level member of the FIDO Alliance, HYPR is committed to improving authentication security across the world. Our Passwordless MFA solution delivers a seamless MFA login flow from desktop to cloud and integrates with all major SSO providers. It is also the only solution that is FIDO Certified on all components, and its multi-device flexibility eases the user experience by allowing secure login on their terms.

Download our passwordless evaluation guide to learn more about what to look for in a passwordless solution, or schedule a demo to see how HYPR works for yourself.

*** This is a Security Bloggers Network syndicated blog from HYPR Blog authored by HYPR Team. Read the original post at: https://blog.hypr.com/benefits-of-fido-authentication

See more here:
Nine Benefits of FIDO Authentication | HYPR - Security Boulevard

Now That Authorities Have Sanctioned Tornado Cash, Is Bitcoin Next? – Bitcoin Magazine

Despite being an automated, decentralized version of a typical cryptocurrency mixer, Tornado Cash was sanctioned by the U.S. government last week as the Treasury Departments Office of Foreign Assets Control (OFAC) added Ethereum addresses associated with the tool to its specially designated nationals and blocked persons (SDN) list.

Much has been written about the legal aspects of the Treasury Departments move. Instead of embarking on arguably much needed advocacy to dispute the legal grounds of such a move, this article seeks to objectively explore the technical intricacies of Tornado Cash and its sanction, as well as evaluate potential risks that could bleed into Bitcoin in the future.

At its core, a mixer receives users cryptocurrency deposits, which it pools or tumbles together before enabling each user to withdraw the same amount of coins it deposited. By doing so, users receive fresh coins that arent related to the ones they deposited, which can offer them a great deal of forward-looking privacy.

Most mixers are centralized, run by an entity or business that collects fees for the aforementioned services.

Tornado Cash, on the other hand, is a cryptocurrency mixer deployed as a smart contract on the Ethereum blockchain. Hence, it is more akin to a robot than an entity it can be thought of as an automated version of a typical cryptocurrency mixer. It still works like a regular mixer, though. Users deposit cryptocurrency into the Tornado Cash contract, which pools the funds and enables withdrawals unlinked to the deposits.

Tornado Cash ensures privacy and enables trustless user withdrawals by leveraging robust cryptography techniques, with proofs known as zero-knowledge succinct non-interactive argument of knowledge (zk-SNARK) is at its core.

In essence, zk-SNARK and zero-knowledge proofs in general allow an entity to prove a statement about a secret without revealing the secret. In the context of Tornado Cash, it allows the user to prove they are entitled to withdraw a certain amount of coins from the smart contract without handing out information about their deposits.

SNARKs in the context of Tornado Cash allow depositors to move money into the pool and have an off-chain deposit note they can use to withdraw it to any other account, Michael Lewellen, security solutions architect at smart contract security firm OpenZeppelin, told Bitcoin Magazine. The fact that the deposit note has zero ties to the deposit account is where the SNARKs are used to ensure privacy.

Beyond the privacy benefits, the deposit note also allows a greater level of security and control for the user as it enables them to trustlessly withdraw their funds from the mixer at any time. This feature makes Tornado Cash akin to a non-custodial service, as these redeemable notes function as cryptographic keys that unlock the users funds.

I think its still fair to call it non-custodial, Lewellen said. Youre essentially given a new cryptographic key proof related to that specific deposit that can then be used by the withdrawing account to pull the money out.

Cryptocurrency mixers have for years been targeted by the U.S. government and its enforcement agencies. One would think that Tornado Cash, being a piece of code autonomously living on a blockchain instead of a centrally-run business, would be immune to such targeting. Still, OFAC came after it.

The idea that the U.S. Treasury Departments can sanction a smart contract cryptocurrency mixer like Tornado Cash seems far fetched and odd.However, it sits at the intersection of the departments previous sanctions of cryptocurrency mixers (in reasoning) and blockchain addresses (in approach).

The sanctioning of Tornado Cash represents OFACs second-ever sanction on a cryptocurrency mixer. The first, on Blender, happened in May 2022.

OFAC said in a statement that Tornado Cash has been used to launder more than $7 billion worth of virtual currency since its creation in 2019, highlighting the alleged funneling of over $455 million stolen by the Democratic Peoples Republic of Korea (DPRK)-sponsored Lazarus hacking group, which was sanctioned by the U.S. in 2019.

More specifically, the statement details:

Tornado is being designated pursuant to E.O. 13694, as amended, for having materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services to or in support of, a cyber-enabled activity originating from, or directed by persons located, in whole or in substantial part, outside the United States that is reasonably likely to result in, or has materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States and that has the purpose or effect of causing a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain.

According to the U.S. Treasury Departments website, Executive Order (E.O.) 13694 focuses on harms caused by malicious cyber-enabled activities, which it judges as any act that is primarily accomplished through or facilitated by computers or other electronic devices. It directs the Secretary of the Treasury to impose sanctions on the persons he or she determines to be responsible for, or complicit in, the activities leading to those harms.

Blenders sanction was also pursuant to E.O. 13694. Tornado Cashs situation, however, raised some eyebrows because of the many nuances involved in its sanction.

Tornado Cash is a mixer, and the Financial Crimes Enforcement Network (FinCEN) considers mixers to be money transmitters hence being susceptible to regulations and enforcement. At the same time, however, Tornado Cash is open-source code, and the U.S. ruled in Bernstein v. Department of Justice in the 1990s that code is speech. Hence the paradox.

Putting the paradox and legal nuances aside, things which might take years to dispute, in practice OFAC might have simply looked at a cryptocurrency mixer being used to launder illegal funds and decided to crack down on it regardless of the distributed nature of the tool.

Even though OFACs SDN list is more often than not leveraged for persons or entities, the Treasury Department has, since 2018, spelled out that it can and will add cryptocurrency addresses to the list as it deems necessary to protect U.S. national security interests.

To strengthen our efforts to combat the illicit use of digital currency transactions under our existing authorities, OFAC may include as identifiers on the SDN List specific digital currency addresses associated with blocked persons, per the Treasury Department website. OFAC may add digital currency addresses to the SDN List to alert the public of specific digital currency identifiers associated with a blocked person.

Counterintuitively, and heres the hard truth, the transparent nature of blockchains more broadly along with specific characteristics of the Ethereum blockchain facilitated the Treasury Department to overextend its authority and mingle reasoning and approach to add Tornado Cash to the SDN list.

Ethereum leverages a model based on accounts. According to the Ethereum foundation, an account is an entity with an ether (ETH) balance that can send transactions on Ethereum and it can be either user-controlled or a smart contract. Accounts can receive, hold and send ETH and tokens on the Ethereum blockchain as well as interact with smart contracts.

As a default, deployed smart contracts on Ethereum have a fixed address which other accounts, owned by users or other contracts, can interact with. Therefore, since OFAC can sanction blockchain addresses through its SDN list, it was trivial for the enforcement body to sanction Tornado Cash.

So, is it then just a matter of time until OFAC or similar organizations begin coming after tools in Bitcoin land?

There is arguably little limit to what enforcement agencies such as OFAC can do to reach their objectives, as evidenced by the Tornado Cash case. But many decentralized tools were built in response to the states overarching control in the first place and are designed to prevent such actions.

Does that mean Bitcoin is immune to the threats that the Ethereum ecosystem is currently facing? Not necessarily.

As explained above, and judging by the Treasury Departments statements and guidelines, OFACs sanction on Tornado Cash appears to have been a coupling of two of the agencys practices: the goal of cracking down on virtual currency mixers facilitating money laundering and its ability to add blockchain addresses to its SDN list. Bitcoin is well positioned to mitigate against the former, and while the latter poses a real threat, this is where Nakamotos design proves more resilient. Heres why.

Bitcoin privacy tools, namely CoinJoins, are also leveraged by criminals to launder money which also puts them on the radar of regulators.

Earlier this year, the U.K.s National Crime Agency (NCA) called for the regulation of Bitcoin CoinJoins, erroneously calling them decentralized mixers and citing Samourai and Wasabi wallets as two well-known mixers, per a report by the Financial Times. The agency claimed that such tools allow users to disguise transactions that are otherwise traceable on blockchains.

The NCA said regulation would force mixers to comply with money laundering laws, with an obligation to carry out customer checks and audit trails of currencies passing through the platforms, per the report.

As highlighted on Samourai Wallets follow-up blog post, there should be a clear distinction between a mixer and a CoinJoin as they are different tools.

While a mixer functions in the typical depositpoolwithdraw format, a CoinJoin is nothing more than a Bitcoin transaction. It differs from typical Bitcoin transactions because CoinJoins are really large ones with a specific format, but software like Samourai and Wasabi enable only the coordination of users to form that same transaction. In other words, there is no deposit, pooling or withdrawal of funds.

In fact, the EUs most prominent law enforcement agency, Europol, makes a clear distinction between mixers and CoinJoins. In its latest two Internet Organized Crime Threat Assessment (IOCTA) reports, Europols flagship strategic product that provides a law enforcement-focused assessment of evolving threats and developments in the area of cybercrime, the agency did not bundle mixers and CoinJoins into the same basket.

Criminals are increasingly converting their illicit earnings made in Bitcoin using cryptocurrency obfuscation methods like swapping services, mixers and coinjoins, it said in its 2021 IOCTA report. ...In the last few years, many different obfuscation methods have gained popularity, such as mixers, CoinJoin, swapping, crypto debit cards, Bitcoin ATMs, local trade and more.

Furthermore, in a 2020 report on Wasabi, Europol stated that users who download the wallet store all bitcoins locally, which means that the AML legislation including Europes latest AMLD5 (the 5th anti-money laundering directive) does not apply to this service.

Therefore, at the present time, it seems rather unlikely that the Treasury Department or other enforcement agencies would crack down on Bitcoin CoinJoins as cryptocurrency mixers and add them to the OFAC SDN list. But lets entertain the possibility that said agencies choose to do so.

Assuming that enforcement agencies can extend their authority to fit their needs, CoinJoins can come under sanctioning threats. But how could that be done? While there are no clear answers to that question, some possible scenarios do emerge.

The first natural scenario is an enforcement agency banning CoinJoins altogether. However unlikely, and while it would actually mean banning multiple-party Bitcoin transactions, such an action can in theory still be done. This threat, however, is sentient and the same threat that existed and arguably still exists for Bitcoin at large.

Perhaps a more down-to-earth scenario would be the sanctioning of CoinJoins coordinators instead. While this isnt applicable to JoinMarket in a straightforward way, given its maker and taker structure, in the cases of Samourai and Wasabi there are central coordinators that facilitate the CoinJoin transaction that is performed between the transacting parties. (This type of sanction is still unlikely given the structure of CoinJoins and as evidenced by Europols statement saying that AML rules dont apply to these tools. But, again, lets suppose the contrary.)

The action of sanctioning coordinators could be similar to the sanctioning of Tornado Cash in theory, but its very different in practice.

While OFAC, for instance, could simply add a CoinJoins coordinator to its SDN list, there is no single blockchain address it could use to represent that coordinator. As a gift from Bitcoins unspent transaction output (UTXO) model, coordinators change their address each round. This means that with Bitcoin CoinJoins there is no single point of contact to the Bitcoin blockchain and therefore this poses a key difference to Tornado Cashs smart contract structure based on Ethereums account based system.

In practice, OFAC would need to continuously analyze the blockchain to spot Bitcoin CoinJoins and retroactively add addresses to the SDN list. (There is one aspect that washes OFACs hands in this case it makes it clear that the SDN list is not exhaustive, meaning that if an address thats not listed is found to belong to an entity that is on the list, the sanction would still apply.)

Beyond the retroactive enforcement of such rules, the enforcement body would also need to know the identities of the Bitcoin users leveraging the services. While it is true that Bitcoin transactions and addresses arent anonymous, Bitcoins UTXO model increases robustness and resilience against this as well and most of the chain analysis work relies on (sometimes educated) guesses. This would be truly effective only if the addresses going in are either publicly known (for example from known hacks or hackers) or KYCd (known to exchanges and therefore law enforcement).

However, the fact that there is no direct or reliable way to tell which coordinator was used in a given CoinJoin round poses further challenges. While it can often be plausible to assume that the default coordinator was used in a round, such a statement cannot be reliably used against users because nothing prevents users from creating and using different coordinators, with the only obstacle being liquidity which can be solved with time.

If legislation turns around and decides CoinJoins should fall under the same rules as mixers despite their striking differences, and the above actions by enforcement agencies turn out to be successful or at least effective enough there are still a couple of possible nonexclusive avenues that hold the potential to bring about an outcome different than what Tornado Cash is facing.

First, business entities running the coordinators could attempt to prevent illegal funds to be CoinJoined. Wasabi Wallet is seeking such a reality with its zkSNACKs coordinator, according to an announcement from earlier this year. It isnt clear whether Wasabi has implemented this feature yet. (This is a complicated and hardly positive path for the ecosystem as a whole, however, because it enables regulatory overreach on tools that are not money transmitters and which regulators and enforcement agencies themselves realize at present should not be subject to AML rules.)

A second and arguably better option would be leveraging even more decentralized CoinJoin tools such as JoinMarket. Even though it isnt a perfect implementation, as highlighted by Shinobi in this article, JoinMarket presents a great option for Bitcoin users to embark on CoinJoins in a catastrophic scenario such as the above. It is even more resilient than centrally-coordinated CoinJoins, meaning it would amplify all the enforcement challenges posed by the likes of Samourai and Wasabi, and spotting JoinMarket CoinJoin transactions on-chain is in and of itself already more challenging and can lead to false positives.

On a different note, OFACs sanction of Tornado Cash has also created additional problems in a cascading effect that are worth considering when it comes to potential sanctions on Bitcoin. One of the contributors to the Tornado Cash open-source code was arrested following the sanction; Tornado Cashs GitHub account and of some of its developers were shut down; and the website for Tornado Cash was taken down.

It isnt yet clear why the developer was arrested, but Bitcoin Magazine contacted GitHub to learn more about the accounts shutdown.

Trade laws require GitHub to restrict users and customers identified as Specially Designated Nationals (SDNs) or other denied or blocked parties, or that may be using GitHub on behalf of blocked parties, a GitHub spokesperson told Bitcoin Magazine. At the same time, GitHubs vision is to be the global platform for developer collaboration. We examine government sanctions thoroughly to be certain that users and customers are not impacted beyond what is required by law.

Bitcoin Magazine inquired further but received the same response as above.

Therefore it is clear that Bitcoin, and any open-source project for that matter, may suffer from the same GitHub accounts shutdown in the event of an OFAC sanction. However, as highlighted by the community in forums and Twitter, some options also exist to mitigate this threat such as self-hosted GitLab instances.

Still, another difference between Bitcoin and Ethereum also plays a role here. While in the ecosystem of the latter centralized tools play a bigger role in its decentralized offerings for example Infura, which powers most of the Ethereum apps, wallets and services and is susceptible to sanctions and censorship the former is better positioned to sustain similar threats.

In sum, Bitcoin is arguably the most well-prepared network to withstand nation-state attacks given the intricacies of its design, some of which were explored in-depth in this article. Moreover, challenges to the enforcement of possible sanctions on Bitcoin privacy tools make such an action not only unlikely but seemingly futile to be undertaken as its efficacy might simply not be amplified compared to what is done today regarding money laundering with Bitcoin and CoinJoins. Finally, the unlikelihood of such an event is further exacerbated by the unique characteristics of CoinJoins and the structural differences their implementation poses to mixing.

This article mainly focuses on the probable reasoning behind OFACs sanction on Tornado Cash to imagine how such a sanction could be ported onto Bitcoin and its tools. But it wouldnt be fair to leave out a commentary on what has likely been an overextension of regulatory oversight.

As highlighted by several industry players and businesses, the sanction of open-source code might be an infringement on the Constitutional First Amendment, which protects freedom of speech, and, as mentioned previously, code has been established as speech under U.S. law. Moreover, any attack on open-source code is an attack on Bitcoin.

Additionally, the sanctioning of Tornado Cash altogether has negative implications to law-abiding citizens that leveraged the tool to protect their legitimate privacy interests, as explained by Seth Hertlein, global head of policy at hardware wallet maker Ledger.

All in all, as already mentioned, while regulators shouldnt overextend their statutory authority, litigation can take years. Furthermore, given that legislation is dependent on jurisdiction, what is legal or illegal is geographically subjective. Consequently, decentralized systems should be designed from the ground up to withstand capture or overreach with unstoppable, uncensorable networks.

More:
Now That Authorities Have Sanctioned Tornado Cash, Is Bitcoin Next? - Bitcoin Magazine