Top 5 Crypto Regulatory Developments Of 2019 – Forbes

The digital currency space experienced several key regulatory developments in 2019. This article ... [+] narrows down the list to the five most important ones.

In recent years, the regulatory environment surrounding digital currencies and distributed ledger technologies (DLT) has been in a state of constant flux.

In the beginning, digital assets existed on the margins, with bitcoin being something that was advocated by technologists and Libertarians.

However, this changed over time, as cryptocurrencies and blockchain technology drew far greater interest, fueling a hype-driven bull market in 2017 and early 2018.

In 2019, lawmakers, industry representatives and government officials all continued to push for a more mature regulatory environment.

While there were many important developments, this article will highlight the top five.

[Ed note: Investing in cryptocoins or tokens is highly speculative and the market is largely unregulated. Anyone considering it should be prepared to lose their entire investment.]

1) China Leads The Way

China led the way last year, its president making headlines in October when he emphasized the many applications of blockchain technology and stated that it is it is necessary to seize the opportunity presented by this innovative distributed ledger.

The next day, Chinas parliament approved a cryptography law (scheduled to become effective Jan. 1, 2020) designed for regulating the utilization and management of cryptography, facilitating the development of the cryptography business and ensuring the security of cyberspace and information, according to the Constitution and Law Committee of the National People's Congress.

However, in November, Chinese city Shenzhen issued a warning or risk reminder, which emphasized that certain illegal crypto-related activities have been making a comeback.

The warning stated that with the promotion of blockchain technology, the hype of virtual currency has risen, and some illegal activities have shown signs of resurgence.

Shortly after, it was reported that government offices in Chinese city Shenzhen had been investigating virtual currency trading venues, finding a total of 39 businesses that were suspected of illegal virtual currency activities.

The crackdown on the digital currency space was not limited to government action, as Weibo, which has been referred to as Chinese Twitter, banned the accounts of major exchange Binance and platform Tron, according to Bloomberg.

These developments took place as China made steps toward issuing a central bank digital currency (CBDC). Some believe that the nations government enacted the new cryptography law to lay the foundation so the Peoples Bank of China (PBOC) could implement a digital fiat currency.

In December, it was reported that the PBOC was expected to test its CBDC in Shenzhen and Suzhou. The plan was to evaluate the digital currency to see how well it performed in real-world use cases like healthcare and transportation.

As a result of all this, it would seem that China made progress toward issuing its CBDC but also cracked down on digital currency activity.

Therefore, it looks like China is looking to benefit from blockchain technology and digital assets, but avoid the associated problems like speculation and illegal activity.

Multiple analysts weighed in on this situation.

In the same way that China is trying to remain communist in terms of government and become capitalist in terms of its economy, it is certainly trying to have its cake and eat it, too, with respect to crypto/blockchain, said Tim Enneking,managing director ofDigital Capital Management.

Josh Lawler, partner at Zuber Lawler & Del Duca LLP and technologist with an interest in blockchain and DLT, added the following:

China is historically very concerned with the flow of funds out of the country and would look at much of the cryptocurrency trading activity as a hole in their restrictive architecture.

Going forward, digital currency enthusiasts should watch for continued deliberate policy decisions that will facilitate use cases while minimizing speculation and currency movement outside of the country, said Lawler.

2) Libra Struggles With Intense Scrutiny

Facebook announced Libra, its proposed payment system, in June, quickly generating countless headlines. The project, which would allow participants to send each other money using a native digital currency, drew significant scrutiny from regulators.

Lawmakers in the House and Senate questioned David Marcus in June, voicing their concerns about the many potential risks associated with Libra.

In September, the governments of Germany and France voiced their concerns about the Libra project. We believe that no private entity can claim monetary power, which is inherent to the sovereignty of Nations, the two governments said in a joint statement.

Further, lawmakers on the House Financial Services Committee questioned Mark Zuckerberg later that month, highlighting Facebooks various challenges.

The intense scrutiny that Libra has encountered thus far illustrates the power of regulators.

While the digital currency space has repeatedly emphasized decentralization, decentralized systems may have a hard time operating if they are banned by the governments of major economies.

The Libra case is a perfect example that not all digital currencies are the same, and that the organizations and governance models around a digital currency are just as important as the technologies underpinning them, said Dan Simerman, head of financial relations for The IOTA Foundation.

Governments should be concerned about what sorts of actors are joining the space under the pretenses of decentralization and financial freedom, as Bitcoin is quite different from Libra in its makeup, he noted.

In order for digital currencies to become truly widespread, organizations need to work with the governments of the world rather than try to circumvent them, said Simerman.

3) The SEC Keeps Shooting Down Bitcoin ETFs

The U.S. Securities and Exchange Commission (SEC) continued to reject proposals that would allow bitcoin exchange-traded funds (ETFs).

In October, the government agency declined a proposal floated by financial services firm Bitwise Asset Management, emphasizing that it failed to meet the requirements surrounding market manipulation and illegal activities.

This was just the latest move by a government agency with a long history of rejecting proposals that would allow for bitcoin ETFs.

The first time the SEC shot down one of these proposed funds was 2017, a move that generated widespread media attention.

The government agency is unlikely to approve one of these funds soon, analysts predicted, noting that the SEC would require the exchanges involved to have surveillance sharing agreements.

A Bitcoin ETF is unlikely to be approved in the near future unless stakeholders can prove that price discovery is organic and authentic, and that would require increased SEC involvement with the top crypto exchanges involved in Bitcoin's price formation, said Joe DiPasquale, CEO of cryptocurrency hedge fund managerBitBull Capital.

The earliest time that such a fund would receive approval would be the end of this year, and even that is unlikely, stated Enneking.

Recent developments with futures markets (Bakkt, CME, etc.) actually increase the chances of an ETF being approved in the US, he noted.

What surprises me is that no other OECD country has approved an ETF to compete with any future US ETF and gain first-mover advantage, said Enneking.

I expect that to change this year.

4) The SEC Goes After Token Sale Issuers

The SEC settled in September with Block.One, the creator of EOS, regarding its unregistered token sale that raised more than $4 billion.

The company raised this money by conducting an initial coin offering (ICO) between June 2017 and June 2018, according to the SECs order, but did not register this token sale as a securities offering.

Further, Block.One did not attempt to obtain an exemption from federal securities laws.

To address this matter, the company agreed to settle with the regulatory agency by paying a $24 million fine, which is less than 1% of the money raised during the ICO.

The SEC sued Telegram, which previously raised $1.7 billion by selling TON tokens, receiving a temporary restraining order against two foreign entities that conducted the aforementioned ICO.

Telegram fought back, filing a motion requesting that the court dismiss the SECs claims.

The government agency also sued Kik Interactive Inc. for its $100 million sale of Kin tokens, claiming that the company held an unregistered securities offering.

At the time, the SEC claimed Kik Interactive held the aforementioned sale in 2017 to raise money and restore its financial situation, after spending years losing money on its sole product, an instant messaging app.

By holding this token sale, the company was able to raise more than $55 million from U.S. investors, but the SEC claimed that the tokens sold had lost significant value.

Kick Interactive opted to fight this in court, filing a response that denied the allegations brought forth by the SEC and requested a dismissal of the government agencys complaint.

Since the digital currency industry is still relatively new, and constantly changing, these legal developments might be a signal that businesses in the space will have a far easier time working with government agencies than fighting them.

Given how lenient the SEC has been with crypto companies, working with the regulatory body appears far more productive than fighting it, said DiPasquale.

Even Block.one, which raised over $4 billion had a relatively small fine ($24 million - less than 1%), he stated.

However, companies fighting back can also push the SEC to accelerate regulatory developments and set clearer guidelines for the future, emphasized DiPasquale.

5) Global Exchanges Pull Out Of Various Markets

In 2019, several exchanges announced plans to halt trading in markets around the world. In June, it was reported that Binances DEX was planning to have its website block users in 29 countries, including the U.S.

Later that month, Binance announced that it was creating Binance.US, designed specifically to offer crypto trading to those in the U.S.

The day after, Binance indicated that it would prevent users from depositing funds or trading if they failed to comply with the companys Terms of Use.

The day of the first announcement, Binance CEO Changpeng Zhao tweeted that some short term pains may be necessary for long term gains.

In November, Jeremy Allaire and Sean Neville penned a blog post revealing Circles plans to spin out Poloniex so it could operate as an independent company and enhance its user platform.

A separate announcement revealed that as that month, U.S. investors would not be able to trade using the platform. U.S. residents were given until Dec. 15 to withdraw their assets.

Later that month, U.S. exchange Bittrex announced it was leaving 31 markets due to regulatory uncertainty, indicating that it would pull out of these areas on Oct. 29th.

The simple fact that exchanges are making efforts to comply with existing regulations (or ceasing their offerings in the U.S. because of regulatory uncertainty) is a great example of how the regulations surrounding digital currencies and DLTs continue to evolve.

Further, it helps show that these exchanges are willing to work with regulators, according to analysts.

With the SEC actively taking note of digital assets and services available to US residents, crypto exchanges are beginning to take regulations more seriously, said DiPasquale.

He added that while their decision to pull out of various jurisdictions affects users, particularly from developing nations, it is a step that should motivate regulatory bodies around the world to reach consensus on the status of digital assets and guidelines governing their trading, usage, and taxation.

Disclosure: I own some bitcoin, bitcoin cash, litecoin, ether and EOS.

Read more from the original source:
Top 5 Crypto Regulatory Developments Of 2019 - Forbes

Whats the Difference between Blockchain and Distributed Ledger Technology… – Coinspeaker

Even in 2020, blockchain and distributed ledger technology (DLT) remain a black box to the majority of the world. In this article, we will explain all you need to know about the blockchain and the distributed ledger technology, and enough to get you into any conversation.

The blockchain has grown to be a far more popular term than the DLT itself, which of course is thanks in no small part to the rise of the Bitcoin and other digital currencies over the decade.

While blockchain is the spine of the major cryptocurrency, it, of course, has other use cases and applications with the potential of being implemented across diverse sectors other than finance, including health, agriculture, and countless other sectors that the blockchain itself might even redefine. Thus, what is it about blockchain that sets it apart as probably the most important innovation of the past decade?

The blockchain is, put simply, the sequences, and series of records that cannot be altered and is being managed by a large body of computers. Computers verifying transactions in a blockchain might be hundreds, thousands, or even in many practical cases, millions in numbers.

The blockchain, due to its immutability, security and lack of a central authority, has grown in popularity. By cutting away the need for a middle man, the blockchain allows products and prospective services to be rendered directly to the customers without the middleman.

Its like buying pizza without the delivery guy or paying client miles and oceans away from your country directly without any mediums such as Visa, or Paypal cutting in the deal. Blockchain has provided the ground for many smart protocols and contracts and is only going to get stronger and find more use cases.

The blockchain, modeled as a series of immutable records, is only secure because of the cryptography linking its blocks. This is where the concept of chain is derived.

There are two kinds of records in a blockchain system. The first is the Transaction, and the other is the Block. The transaction record stores time-stamped transactions over no transaction cost. The block records are secured by a cryptography hash, which has encoded information of the preceding block.

The blocks in a blockchain are time-stamped, recording the present state of the system cryptographically so that any future change would have to be verified by the majority of the network. This means the addition of a new block to the existing chain becomes harder and involves more processes. Each increase in block given each addition would have to be verified by the existing network.

Thus, the blockchain comes off more secure. By requiring the majority of the system to verify a change it eliminates the need for trust, simply giving authority to the majority. Kalle Alm, a Bitcoin Core developer, explained why this process is important. He stresses that verification eliminates the possibility of fraudulent transactions while still eliminating trust at the same time:

Blockchains alleviate the trust requirement in a shared time-stamped database, he commented. For a public cryptocurrency, this is obviously necessary or someone might just go and give themselves a million USD, but for a private database, especially when it is not a cryptocurrency but some more abstract form of smart contract platform, it starts to make less and less sense.

As hyped and known as the blockchain is, the blockchain is however just a type of distributed ledger. If a pencil is a writing material as well as a pen, then the blockchain is a very good pencil! This is a terrible over-simplification by the way, but the point remains that blockchain is a specific type of distributed ledger, and there could be other types of ledgers different from blockchain and with different use cases.

The distributed ledger is likewise a database that is public in nature. It requires many witnesses and is open to all participants. Like in the blockchain, the DLT does not require a middle man which makes the concept of distributed ledger technologies very alluring.

While the blockchain, of course, has stolen the march and grown into respectable popularity over the years, there is every possibility that other forms of DLTs would materialize in the very near future.

As James Wallis, Vice President of Blockchain Markets and Engagements for IBM explained, applications of DLTs in the future would come off in the most unlikely of ways and places.

You will see uses for DLT that you cant even think of today, he said. But that this will involve a level of sharing that hasnt really existed before.

As mentioned, the blockchain is only a type of DLT, and just so happens to be the one known to be underlying DLT technology in the world. However, other key differences set the blockchain apart from its parent term.

For one, the blockchain is a permissionless system while the DLT is not necessarily permissionless. In fact, a DLT is generally considered to require permission.

The underlying concept behind the blockchain is particular about the growth and openness of the network, thus, a blockchain is open to anyone. Meaning any party can create and verify nodes on the former while at the latter, it is not the case. According to the director of the ecosystem at Hyperledger, Marta Piekarska, this particular feature is probably the most important feature that separates the two. Explaining its corresponding impact on its application, he talked up Bitcoin:

First and foremost: one is permission less, the other is permissioned. This means that in the first case anyone can participate in the network, in the other: only chosen participants have access to it. This also determined the size of the network: Bitcoin wants to grow infinitely, while in a permissioned blockchain space, the number of parties is smaller.

Apart from this, not all DLT are cryptographically hashed: it is perhaps uncommon and unnecessary in the majority of other existing DLTs. These subtle differences contribute to other major differences that affect the performance of both subjects.

The blockchain, as known, is largely decentralized. However, while the DLT is shared by many participants, its database is majorly centralized. This, of course, leads to the issue of scalability. By decentralizing its entire network, the blockchain is generally slower in transactions than most DLTs, leading to significantly inferior scalability.

Nevertheless, the blockchain is here to stay, and its increasing use cases is more than enough proof. Other forms and applications of distributed ledger technologies would be emanating soon in the near future. We can only keep our fingers crossed and enjoy the unveiling evolution.

Excerpt from:
Whats the Difference between Blockchain and Distributed Ledger Technology... - Coinspeaker

‘Trust no one’ is good enough for the X Files but not for software devs: How do you use third-party libs and stay secure, experts mull on stage – The…

Enigma In a chilly conference room at the San Francisco's Hyatt Regency on Monday, legal and digital security pros convened at USENIX's Enigma conference to hold forth on security, privacy, and related matters.

Following a discussion panel on encrypted messaging, the talk turned to mitigating the risks that come with using third-party code, external vendors, and crowdsourced advice.

Those risks became more apparent in the security problems spotted in a series of software libraries over the past few years.

In August last year, a Ruby software package called rest-client was found to be sending credentials to a remote server. In November, 2018, the NPM module event-stream was modified to steal cryptocurrency. There were similar incidents in July last year involving the NPM module electron-native-notify and in September, 2017, when the PyPI, the repository for Python software packages, was found to be hosting malicious software libraries.

While in theory no one should use anyone else's code without a thorough security review, that's impractical in the open source software ecosystem, where so many applications depend on code libraries written and maintained by third-parties and those libraries, in turn, depend on still more third-party libraries.

So the presenters explored ways to deal with risky trust relationships.

Filippo Valsorda, a cryptography engineer on the Go team at Google, offered an overview of the Go checksum database, a system deployed last year to provide a central log of Go module checksums the values returned from a cryptographic hash function to verify the modules.

"We all use other people's code," he said. "Modern software development practices involve using third-party software that is made available through the open source ecosystem."

Valsorda explained that the Go team has attempted to design a system that ensures the integrity, availability, and provenance of third-party code. And he said the team had the benefit of seeing where other software repositories went wrong.

We all use other people's code...

Go developers can use the go command client to verify the log entries stored in the Go checksum database, which stored checksums for all publicly-available Go modules. This doesn't guarantee that a library is free of malicious code, but it does ensure that the library hasn't been altered without authorization from its author.

Valsorda pointed to the left-pad incident when the creator of an NPM module unpublished his code and mayhem ensured to emphasize why code availability matters.

"The Go solution here is that there is a proxy protocol specified that allows you to fetch modules," he said. "And as long as the license of a certain module allows for distribution, we will hold on to the contents so that even if they get deleted, they will still be available for you to build."

There are privacy implications in Google's oversight of the central Go module database. These involve the possibility of exposing the text of private module paths and exposing how developers use public modules. Google has tried to reduce these privacy consequences by supporting proxy servers that other organizations can run on their own.

Companies, he said, "can run their own proxy, which will cache everything that has ever been used an organization and guarantee within the organization that everything will still be available in the future for as long as the internal infrastructure is accessible."

In the presentation that followed, Sarah Harvey, a security engineer for payments biz Square, examined the workflows organizations can use when integrating third-party vendor systems to reduce the risk of bad outcomes. She pointed to the 2014 hacking of Target's payment system through credentials that had been granted to its HVAC contractor as an example of the potential consequences of a third-party with too much network access.

Harvey described the integration flow that third-party vendors go through to connect to Square's systems. It basically involves filling out online forms that specify contextual information about vendors and their products, descriptions of the data being transferred, and the network domains required to make the relationship work. That information must then be translated into network and policy rules.

Because forms of this sort introduce friction that could discourage thorough disclosure, Harvey said she did a lot of work on the UX and UI design to auto-populate many of the data fields.

"You have to be very calculated amount of friction you're you are introducing and try to reduce it as much as possible to get people through the system," she said.

The third presentation on the topic of third-party trust involved Felix Fischer, a security researcher at Technical University of Munich, delving into the ups and downs of Q&A site Stack Overflow as a source of code examples. Fischer and others have penned papers [PDF] on the security consequences of relying on community-contributed code, but he had more in mind than rehashing past findings about the problem with copying-and-pasting insecure snippets into apps.

"Ninety-seven percent of apps that reuse code from Stack Overflow applied insecure code," he said. On the other hand, he said, some 70 per cent of code examples from the Q&A site incorporated helpful advice that applied security best practices. So good advice is available on Stack Overflow. However, only 6 per cent of Google Play apps reuse those code examples.

The reason that bad advice becomes more popular than good advice, he explained, has to do with the incentive structure of Stack Overflow, where people to earn reputation points by duplicating popular answers and reposting them.

"What we found was that over a third of the so-called highly-trusted users, users with a particularly high reputation score, posted insecure code," he said. "So all the very meaningful indicators on Stack Overflow were indeed pointing in the wrong direction."

Denying developers access to Stack Overflow won't help and would probably make things worse, said Fisher. He argues that behavioral science can be used to guide UX and UI modifications to Stack Overflow that help nudge developers to make the right security choices without taking away their freedom.

"We developed a nudge system based on deep learning that knows what suggested code examples are about and whether they're insecure or not," he said.

One way this was tested involved having the nudge system re-rank search results on Stack Overflow to present the most helpful and secure advice first. The system also warned about insecure advice within discussion threads while also always offering safe alternative solutions.

"Our nudging interventions did not harm productivity and significantly increased code security," he said.

In short, third-party code, third-party vendor relationships, and third-party advice have the potential to be harmful, but they don't have to be that way.

Sponsored: Detecting cyber attacks as a small to medium business

Excerpt from:
'Trust no one' is good enough for the X Files but not for software devs: How do you use third-party libs and stay secure, experts mull on stage - The...

Quantum Cryptography in BFSI Market Growth & Demand by 2020-2027 | Anhui Qasky Science and Technology Limited Liability Company – VOICE of…

Quantum Cryptography in BFSI Market Market Research Report has been studied and presents an actionable idea to key contributors working in it. Report also analyzes noteworthy trends, emerging value of CAGR and present as well as future development. This report gives a broad understanding of market with accurate data covering all key features of the prevailing market, this report offers prevailing data of leading companies.

A detailed study of the competitive landscape of the Quantum Cryptography in BFSI Market Market has been given, presenting insights into the company profiles, financial status, recent developments, mergers and acquisitions, and the SWOT analysis. This study also provides an in-depth analysis of the market with future estimates to identify current trends and investment trends for the forecast year 2020-2027.

Request Sample Copy of this Report @: https://www.qyreports.com/request-sample/?report-id=81922

Key Strategic Players:

Anhui Qasky Science and Technology Limited Liability Company, D-Wave Systems Inc., Hamamatsu Photonics, IBM, ID Quantique, MagiQ Technologies, Microsoft Research, QCWare (develops platforms for cloud-based quantum computing), QuantumCTek Co. Ltd, Qubitekk, Quintessence Labs, Qutools GmbH

Study Objective of the Report:

To study and estimate the market size of Quantum Cryptography in BFSI Market, in terms of value.

To find growth and challenges for market.

To study worthwhile expansions such as expansions, new services launches in Quantum Cryptography in BFSI Market.

To conduct the pricing analysis for market.

To classify and assess the side view of important companies of Quantum Cryptography in BFSI Market.

Get Up To 40% Discount on this Premium Report @: https://www.qyreports.com/ask-for-discount/?report-id=81922

In terms of region, the Quantum Cryptography in BFSI Market market can be segmented into North America, Europe, Asia Pacific, Latin America, and Middle East & Africa. This market is evaluated on the basis of Value (USD Million) as well.

Finally, all the aspects of the Quantum Cryptography in BFSI Market Market are quantitatively as well qualitatively assessed to study the as well as regional market comparatively. This market study presents critical information and factual data about the market providing an overall statistical study of this market on the basis of market drivers, limitations and its future prospects.

Table of Contents:

Quantum Cryptography in BFSI Market Market Overview

Economic Impact on Industry

Market Competition by Manufacturers

Production, Revenue (Value) by Region

Production, Revenue (Value), Price Trend by Type

Market Analysis by Application

Cost Analysis

Industrial Chain, Sourcing Strategy and Downstream Buyers

Marketing Strategy Analysis, Distributors/Traders

Market Effect Factors Analysis

Quantum Cryptography in BFSI Market Market Forecast

For More Information: https://www.qyreports.com/enquiry-before-buying/?report-id=81922

*If you need anything more than these then let us know and we will prepare the report according to your requirement.

About Us Qyreports:

We at, Qyreports, a leading market research report published accommodate more than 4,000 celebrated clients worldwide putting them at advantage in todays competitive world with our understanding of research. Our list of customers includes prestigious Chinese companies, multinational companies, SMEs and private equity firms whom we have helped grow and sustain with our fact-based research. Our business study covers a market size of over 30 industries offering unfailing insights into the analysis to reimagine your business. We specialize in forecasts needed for investing in a new project, to revolutionize your business, to become more customer centric and improve the quality of output.

Contact:

QYReports

Jones John

(Sales Manager)

204, Professional Centre,

7950 NW 53rd Street, Miami, Florida 33166

+(1) 786-292-8164

sales@qyreports.com

http://www.qyreports.com

Jones John

View all posts byJones John

Read more here:
Quantum Cryptography in BFSI Market Growth & Demand by 2020-2027 | Anhui Qasky Science and Technology Limited Liability Company - VOICE of...

Mphasis and QEDIT Partner to Offer Privacy-Enhancing Technology Solutions on Blockchain to Enterprises – PRNewswire

NEW YORK, Jan. 23, 2020 /PRNewswire/ -- Mphasis(BSE: 526299; NSE: MPHASIS), an Information Technology (IT) solutions provider specializing in cloud and cognitive services, today announced its partnership with Israeli-based QEDIT, an enterprise solution provider that uses Privacy-Enhancing Technology and Zero-Knowledge Proof (ZKP) cryptography to help companies transact and leverage their business data in a privacy-compliant manner. Under this partnership, the two entities will co-innovate and develop ZKP solutions to enable enterprises to fight fraud, verify identities, and uphold compliance with local data privacy regulations. All this while preserving full control over proprietary and confidential information.

Blockchain is structured in a way that anyone with access to a blockchain transaction can view data provided across all nodes. This inherent principle of transparency is an obstacle for companies that wish to gain efficiencies using a shared ledger, but simultaneously need to protect confidential transactional details. QEDIT's Private Asset Transfer solutionemploys ZKPs, a cryptographic algorithm that enables Party A to share the proof of knowledge with Party B without sharing the underlying data itself.

This technique can be leveraged by Mphasis' clients in regulated industries, especially Financial Services. QEDIT's solution can be integrated into large application projects for Mphasis' Financial Services clients. ZKP solutions are slated to demand techniques that secure information further on blockchain and Mphasis believes ZKP will become that horizontal layer of security for digital identification.

"Blockchain is a critical technology that enterprises have been leveraging strategically; Mphasis continues to bring innovative solutions to customers from both within the organization as well as from the partner and start-up ecosystem," said Dinesh Venugopal, President - Mphasis Direct and Digital. "Through our collaboration with QEDIT, we aim to offer next-generation security applications on blockchain to our clients that enables them to authenticate asset transfers on a shared ledger without revealing any underlying, confidential, transactional information."

"Teaming up with Mphasis presents a phenomenal opportunity to advance a new category of technology based on cryptographically secure, privacy-enhancing techniques," said Jonathan Rouach, CEO and Co-Founder of QEDIT. "Together with Mphasis, we can accelerate our efforts to deliver innovative solutions that facilitate blockchain adoption and provide secure ways for companies to harness the full value of their data, without requiring them to expose or share private information. QEDIT's co-development collaboration with Mphasis was established in conjunction with the Consulate General of Israel to South India," he added.

Mphasis serves marquee customers across the globe including 6 top global banks, 11 out of 15 top mortgage lenders, and 3 top global insurance companies. Mphasis' global footprint will enable QEDIT to reach a broad array of industries ranging from trade finance, supply chain, payments, and insurance. Together, QEDIT and Mphasis will identify relevant use cases and tailor-design solutions that employ QEDIT's technology to solve core business problems.

About Sparkle Innovation EcosystemThe Sparkle Innovation Ecosystem is a conduit between enterprises, both legacy as well as digitally native and disruptive start-ups. It 'Applies Next' in the latest technologies by innovating bespoke custom-built hyper-personalized solutions and prototypes for Mphasis' clients.

About Mphasis Mphasis(BSE: 526299; NSE: MPHASIS) applies next-generation technology to help enterprises transform businesses globally. Customer centricity is foundational to Mphasis and is reflected in Mphasis' Front2Back Transformation approach. Front2Back uses the exponential power of cloud and cognitive to provide hyper-personalized (C=X2C2 TM=1) digital experience to clients and their end customers. Mphasis' Service Transformation approach helps 'shrink the core' through the application of digital technologies across legacy environments within an enterprise, enabling businesses to stay ahead in a changing world. Mphasis' core reference architectures and tools, speed and innovation with domain expertise and specialization are key to building strong relationships with marquee clients. Click hereto know more.

About QEDITQEDIT helps enterprises maximize the value of their data without sharing it through the use of privacy-enhancing technologies (PET). Founded by a world-class team of accomplished entrepreneurs, researchers, and developers, QEDIT enables companies to transact and leverage data with third parties, while preserving full control over confidential information and upholding compliance with local data privacy regulations. Through the use of Zero-Knowledge Proof (ZKP) cryptography and other cutting-edge, cryptographically secure techniques, QEDIT's suite of enterprise solutions removes data-driven barriers to industry-wide privacy challenges in the fields of finance, supply chain, insurance, and human resources. For more information, visithttps://qed-it.com.

SOURCE Mphasis

http://www.mphasis.com

Originally posted here:
Mphasis and QEDIT Partner to Offer Privacy-Enhancing Technology Solutions on Blockchain to Enterprises - PRNewswire

IIT Madras student to improve algorithms in lattice cryptography – Down To Earth Magazine

Shweta Agrawal from the Indian Institute of Technology, Madras, has become one of the 14 recipients of the Swarnajayanti Fellowship 2020. It wasinstituted by the Centre to commemorate the golfen jubilee of India's independence and is funded by the Department of abd Technology.

Agarwal said she would like to use the fellowship to conduct a deep study on one of the most promising approaches for post-quantum cryptography lattice-based cryptography to improve algorithms and understand gaps between theory and practice. Lattice-based cryptography, resistant to attack by both classical and quantum computers,is the leading candidate for post quantum cryptography and design of a cryptographic system for the future.

Cryptography is a branch of theoretical computer science that seeks to provide guarantees to the art of secret keeping. This field balances itself on the tightrope of mathematical beauty on one side, and practical importance on the other. The scientific charm of this field lies in the deeply paradoxical questions it poses.

The simplest goal of cryptography is to hide information so that learning a message from a cryptographically sealed envelope implies a solution to some well known mathematical problem. By suitably choosing the underlying mathematical problems to be difficult, we may rest assured that an attackers chances of learning secret information are extremely small.

Typically, an attacker is modelled as a classical computer. However, recent times have seen significant advances in the construction of quantum computers, which are based on the laws of quantum rather than classical physics. Most modern-day cryptography relies on the difficulty of problems which, while difficult for classical computers, are efficiently solvable by quantum computers. Thus, most modern-day cryptography breaks down if quantum computers are used by the attacker.

A few weeks ago, Google claimed to have demonstrated quantum supremacy by constructing a quantum computer that can experimentally demonstrate a massive speedup over a classical computer. Soon after, Chinese researchers claimed that they expect to demonstrate quantum supremacy by next year. Thus, the advent of quantum computers has crossed the realm of scientific fantasy and looms as a real threat in the near future. Therefore, it is imperative to redesign cryptography ground up to resist quantum computersthat is, to design post-quantum cryptography. This is the focus of Agrawals work. (DST media cell)

Developing expertise in post-quantum cryptography is of national importance. Aside from its practical importance, this is a rich and emerging area of cryptography, and construction of state of the art systems in this field can significantly enhance the visibility of India in the global arena. Not only does her proposed work help create intellectual property, but it also creates expertise within the country that will lead to intelligent post-quantum cryptography design for the use of our government, military, industry and society alike.

In her current work, Agrawal has provided constructions of advanced cryptographic protocols that are believed to be resistant to quantum computers. She has particularly focused on the emerging field of computing on encrypted data, which may allow (for instance), machine learning algorithms to be run on encrypted genetic data, leading to advances in the field of personalized medicine. Such algorithms, if realised efficiently, can have wide applications in areas as diverse as medicine, governance, social sciences, and many others, leading to an elegant synthesis of disparate sciences.

This is a young field, and there are significant gaps in the understanding of this area. Her research agenda is to tackle fundamental questions in lattice based cryptography, to endeavour to fill in these gaps. She hopes to create national expertise in lattice based cryptography that will benefit society by creating knowledge and applications alike.

We are a voice to you; you have been a support to us. Together we build journalism that is independent, credible and fearless. You can further help us by making a donation. This will mean a lot for our ability to bring you news, perspectives and analysis from the ground so that we can make change together.

Originally posted here:
IIT Madras student to improve algorithms in lattice cryptography - Down To Earth Magazine

Themes from Real World Crypto 2020 – Security Boulevard

Over 642 brilliant cryptographic minds gathered for Real World Crypto 2020, an annual conference that brings together cryptographic researchers with developers implementing cryptography in the wild. Overall, RWC 2020 was an impressive conference that demonstrated some amazing work. Here we explore three major themes that emerged:

Lets dig in!

Yet another Bleichenbacher attack was presented: The 9 Lives of Bleichenbachers CAT:

New Cache ATtacks on TLS Implementations. (Which brings us to a fourth theme: Cryptographers still love using tortured puns and silly acronyms.) The attack leverages Bleichenbachers attack on PKCS#1 v1.5 padding for RSA key exchanges. Specifically, the attack takes advantage of the fact that many companies reuse certificates across multiple servers, so the Bleichenbacher attack can be parallelized and thus completed before the 30-second session timeout occurs.

Unfortunately, this insecure padding scheme is still supported by ~6% of the internet; further, a man-in-the-middle downgrade attack can be performed, so any server that supports a vulnerable implementation can be broken 100% of the time (and this works even if the client does not support RSA key exchange).

Another talk, SHA-1 is a Shambles, discussed a chosen-prefix collision on SHA-1, and showed that SHA-1 can now be attacked in practice with affordable hardware. The authors used this vulnerability to perform an impersonation attack on PGP. This project was the culmination of several years of work, with theoretical attacks discovered in the early 2000s, and the first practical attack found in the 2017 paper, SHAttered. In other words, SHA-1 shall never be used again (ok, coming up with puns is harder than it looks).

Two different attacks on secure hardware were presented at RWC: one on a hardware security module (HSM) and another on a trusted platform module (TPM). The first attack targeted a specific HSM model and was able to (among other things) perform arbitrary code execution and decrypt all secrets. Although the attack itself was not heavily cryptographic, the talk demonstrated (yet again) that we cannot necessarily trust that our cryptographic secrets will be safe on HSMs. The second talk combined a timing side-channel attack with a lattice attack on ECDSA to recover the private signing key, demonstrating that TPMs are unfortunately not side-channel resistant.

Meanwhile, Pseudorandom Black Swans: Cache Attacks on CTR DRBG demonstrated that random number generators are also vulnerable to side-channel attacks. The cache attack leverages two problems with CTR_DRBG: Keys are not rotated fast enough, and adding more entropy is optional (and chosen by the API caller). This means keys can be compromised, and if inadequate entropy is used, an attack can then obtain all future states. These attacks were not a part of the previous standards threat model; fortunately, FIPS 140-3 updates this threat model.

From all of these attacks, the lesson is to involve more cryptographers and think about a variety of threat scenarios when designing your system (and in the case of the last talk, use Hash_DRBG). Several RWC 2020 presentations confirmed this. For instance, we saw how CRLite, a scalable system for TLS revocations, was achieved through academic and industrial collaboration. On the other hand, two different cryptographic reviews of e-voting systems and an analysis of the handshake protocol in WPA3 showed the dangers of too few cryptographic cooks.

CRLite, the system for TLS revocations, started as an academic design and Firefox extension proof of concept; from there industry improved on the scheme, taking into account infrastructure that exceeded the means of academia alone. Now there is a working prototype and development is progressing while academia continues to refine the protocol.

More promising news came from model-checking 5G security: Our tools are sufficiently advanced that standardization now can and should be accompanied by formal models and analysis. This idea was pioneered by the symbolic analysis of TLS 1.3, and its great to see the trend continuing. These types of analysis are very powerful for protocols and standards, as they ensure that security goals are clearly stated and achieved by the protocol.

In the case of 5G, the security goals were not clearly stated in the initial conception of the protocol. The RWC 2020 presentation, A Formal Analysis of 5G Authentication, specified the security goals more clearly, which led to the discovery that 5G does not achieve untraceability (perhaps this is bad after all!). Nevertheless, this work serves as an important demonstration and should be replicated for future standardization efforts.

Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd makes a pretty compelling case for involving cryptographers in protocol design. WPA2 is vulnerable to offline dictionary attacks, and WPA3 was proposed as the improvement. However, Dragonblood found that WPA3 is vulnerable to side-channels, and, according to the authors of the paper, WPA3 does not meet the standards of a modern security protocol. To make matters worse, the countermeasures are costly and may not be adopted. Worst of all, as the authors state, these issues could have been avoided if the protocol design process was open to more cryptographers.

Theres plenty of ugliness in the world of e-voting, as the talks at RWC 2020 confirmed. In one analysis of the Moscow internet voting system, two significant breaks to the encryption scheme were found within a somewhat constrained time frame. For example, the first break resulted from an insecure variant of ElGamal dubbed Triple ElGamal, which attempted to achieve 768-bit security, but actually achieved three separate instances of 256-bit security, which can be broken in under 10 minutes using CADO-NFS.

Both breaks cited were fixed; however, the fixes to the second break were published only two days before the election, and the technology was still deployed. The general impression of the presenter was that the voting scheme achieved no privacy, very partial verifiability, no coercion resistance, and no protection against vote-buying. Although the Russian government should be commended for opening their source code, it is clear that more cryptographers should have been involved in this entire process.

Similar work on the Switzerland internet voting system led to the discovery of some significant cryptographic bugs. The protocol uses a zero-knowledge proof system to achieve both privacy and verifiability; however, due to a flaw in their Fiat-Shamir transformation, none of the zero-knowledge proofs were sound. Further, parameters were generated incorrectly in a way that could allow for votes to be modified. Even worse, statements were malformed for their zero-knowledge proofs, which broke their security proofs. This result is not ideal. However, to be fair, it is great to see cryptographers involved, as critical issues were spotted before deployment in Switzerland (and revealed similar issues to non-public systems in other countries).

Its not all bad; our cryptographic capabilities are growing quickly! And RWC 2020 displayed some fascinating efforts to apply cryptography to real world problems.

Earlier this year, Apple released a new Find My feature in iOS 13 that allows offline devices to be located while protecting privacy of both the owner and the finder of the device. Previously, similar features like Find My Phone required the device to be online, a serious limitation, particularly for devices like MacBooks which are typically offline. The cryptography behind this feature was presented at RWC 2020. Apple sought a protocol that achieved the following goals:

To achieve this, the protocol calls for offline devices to broadcast public keys via Bluetooth. Active devices become finders, and when other offline devices are discovered via Bluetooth, the finder encrypts its location using the offline devices public key and sends it to the cloud. This way, even the server does not know the locationhowever, IP-based information does leak to the server, and Apples only promise is that they do not store logs of this information.

The owner can then access the time and location of their offline device whenever there is an active device in its vicinity. (There are more subtleties to the protocol to achieve the remaining security goals, such as key rotation). In summary, Apple specified rigorous security and privacy goals, and constructed a novel design in their attempt to achieve them.

Protocols for Checking Compromised Credentials presented a formal security analysis of two protocols for checking compromised credentials: HaveIBeenPwned (HIBP) and Google Password Checkup (GPC). These protocols aim to alert users if their credentials have been breached and shared across the web. GPC maintains an active database of username and password pairs for users to query. HIBP, on the other hand, only maintains passwords.

Since these databases contain hundreds of millions of records, both protocols implement a bucketization strategy, where hash values corresponding to records are sorted into buckets, based on their hash prefix. This allows users to query the database with a hash prefix, receive a bucket of hash values, and check if their credentials have been compromised, without revealing their entire hash of their secret to the server. The study presented at RWC 2020 demonstrated that each protocol leaks noticeable information about user secrets due to their bucketization strategiesboth protocols leak information for different, subtle reasons. Luckily, the study also produced mitigation strategies for both protocols.

RWC even included some cryptographic applications that are out of this world. Galileo is a global navigation satellite system (like GPS) used by the European Union. As discussed at RWC, these navigation systems are a critical part of our infrastructure, and spoofing location is actually fairly easy. Luckily, so far, this spoofing is mostly used for playing Pokemon Go; however, spoofing attacks on these satellite systems are real. To protect against potential future attacks, Galileo will offer a public navigation message authentication service.

The final talk at RWC discussed using multi-party computation to detect money laundering. Financial regulators impose large fines on banks if they allow money laundering activities, so these banks are incentivized to detect illegal activities. However, collaboration between banks is difficult because transaction data is private. Fortunately, multi-party computation can facilitate this collaboration without violating privacy. Overall, this effort achieved promising results by applying a graph-based approach for modeling transactions and algorithms specialized for multi-party computation for efficient, collaborative analysis between various banks.

RWC 2020 made it clear that involving cryptographers in the design and implementation of your novel protocols will save you both time and money, as well as keeping everyone safer. If youre involved in this type of work encourage everyone involved to open-source your code, publish your protocols for review, and hey, talk to the Trail of Bits cryptography team!

*** This is a Security Bloggers Network syndicated blog from Trail of Bits Blog authored by James Miller. Read the original post at: https://blog.trailofbits.com/2020/01/23/themes-from-real-world-crypto-2020/

Read more:
Themes from Real World Crypto 2020 - Security Boulevard

"Perfect Secrecy" Encryption Technology, Invented by U.S.-Based CUP Sciences and Partners, Set to Transform Cybersecurity – Yahoo Finance

Groundbreaking Invention Introduced in Nature Communications

CUP Sciences to Lead Commercialization

In the 100-plus years since the concept of "perfect secrecy" in cryptography was first proposed in 1917, no organization has been able to implement perfect secrecy that can operate on classical communication networks, until now. Nature Communications recently published a paper from the Center for Unconventional Processes of Sciences (CUP Sciences) working with the University of St. Andrews and King Abdullah University of Science and Technology (KAUST) that details their working chip-based prototype of "perfect secrecy" and demonstrates that it is unbreakable, no matter how computational power evolves in the future.

Authors from the three institutions stated, "We have rigorously demonstrated a protocol for a perfect secrecy cryptography that uses CMOS-compatible silicon chips, which transmit information on a public classical optical networkCombined with the technological maturity, speed and scalability of classic optical communications, the results shown open a pathway towards implementing perfect secrecy cryptography at the global scale with contained costs."

The "perfect secrecy-on-a-chip" technology was not developed with traditional engineering and is unbreakable under any condition. Using chaos theory and the second law of thermodynamics, the chip transmits and measures signals at the speed of light and has an almost unlimited capacity of generating signals for each communication.

In traditional hacking, the objective is to obtain the key, which with enough time and effort can be obtained, providing access to the communication. Keys generated by the "perfect secrecy" chip, which unlock each message, are never stored or communicated with the message and cannot be recreated, even by the users themselves. The silicon chips contain complex structures that are irreversibly changed for each communication, sending information in a one-time key that can never be intercepted by an attacker.

A review of the invention in Optics and Photonics News, published by the Optical Society of America (OSA), stated that "The eavesdropper, attempting to hack into the communication with complete knowledge of the system and using all of the same equipment, obtained only white noise in her decoded image."

World-Class Team Behind the Invention

U.S.-based CUP Sciences is responsible for coordinating the next steps of development of the technology among the inventing institutions and for the commercialization of technologies resulting from it. The company was co-founded by co-inventor of the technology Dr. Aluizio M. Cruz, who brought the conceptual approach to the project, with the other institutions developing the theory, fabricating the technology, and testing it.

Dr. Cruz has been working with complexity for decades, since the age of 17. Prior to founding CUP Sciences, he worked as chief industrial engineer on large-scale multi-government projects in Japan and Europe. Over the years, he developed several inventions related to new concepts for data communication and energy. Together with co-founder, attorney and entrepreneur Quelita Moreno, he formed CUP Sciences to apply these inventions towards commercialization to address the challenging and critical issues of society, such as energy, water and pollution.

"We have successfully reimagined an entirely new way to develop technology, working in concert with the inherent principles operating in the laws of physics and randomness. Because of this, our technologies scale exponentially, rather than linearly, creating breakthroughs in efficiencies of energy and cost," said Dr. Cruz.

"With the advent of more powerful quantum computers, all current encryptions will be broken in very short time, exposing the privacy of our present and, more importantly, past communications, unless we think differently," says Andrea Fratalocchi, Associate Professor of Electrical Engineering at KAUST, and leader of the study.

"Our solution can protect communications exchanged by users separated by any distance and is based on a mature and fully scalable technology which is ready to deploy," said Professor Andrea Di Falco of the School of Physics and Astronomy at the University of St. Andrews, first author of the study.

Story continues

Companys First Technology Focused on Cybersecurity

A recent report by Cybersecurity Ventures estimates that global damages from cybercrime will rise to $6 trillion annually by 2021. To address this, CUP Sciences first technology is focused on security, anticipating applications ranging from the financial industry, protecting ecommerce and banking, to energy, supporting smart grids and cities.

"Our microchip providing perfect secrecy will be the first of a host of complexity-based technologies that we will move toward commercialization, validating our disruptive approach," said Ms. Moreno. "CUP Sciences partner, PERA Complexity, will contribute with go-to-market strategy and commercialization. We look forward to identifying additional partners and investors who will work with us to bring this and other important technologies to the world."

If you are interested in getting involved in the development and commercialization of CUP Sciences technologies, please contact the company at ac.qm@cupsciences.net.

About CUP Sciences

Los Angeles-based CUP Sciences is pioneering the commercialization of an entirely new field of hardware-based, software-embedded technologies based on complexity that address critical global challenges of sustainable development. The companys upcoming technologies will be new concepts for clean energy generation and storage, and carbon reduction with the potential to revolutionize the clean energy sector, and are expected to create dramatic efficiencies and cost savings over traditional technologies.

View source version on businesswire.com: https://www.businesswire.com/news/home/20200123005209/en/

Contacts

Michelle McAdamChronic Communications, Inc.michelle@chronic-comm.com (310) 902-1274

Continued here:
"Perfect Secrecy" Encryption Technology, Invented by U.S.-Based CUP Sciences and Partners, Set to Transform Cybersecurity - Yahoo Finance

Perfect Secrecy Encryption Technology, Invented by U.S.-Based CUP Sciences and Partners, Set to Transform Cybersecurity – Business Wire

LOS ANGELES--(BUSINESS WIRE)--In the 100-plus years since the concept of perfect secrecy in cryptography was first proposed in 1917, no organization has been able to implement perfect secrecy that can operate on classical communication networks, until now. Nature Communications recently published a paper from the Center for Unconventional Processes of Sciences (CUP Sciences) working with the University of St. Andrews and King Abdullah University of Science and Technology (KAUST) that details their working chip-based prototype of perfect secrecy and demonstrates that it is unbreakable, no matter how computational power evolves in the future.

Authors from the three institutions stated, We have rigorously demonstrated a protocol for a perfect secrecy cryptography that uses CMOS-compatible silicon chips, which transmit information on a public classical optical networkCombined with the technological maturity, speed and scalability of classic optical communications, the results shown open a pathway towards implementing perfect secrecy cryptography at the global scale with contained costs.

The perfect secrecy-on-a-chip technology was not developed with traditional engineering and is unbreakable under any condition. Using chaos theory and the second law of thermodynamics, the chip transmits and measures signals at the speed of light and has an almost unlimited capacity of generating signals for each communication.

In traditional hacking, the objective is to obtain the key, which with enough time and effort can be obtained, providing access to the communication. Keys generated by the perfect secrecy chip, which unlock each message, are never stored or communicated with the message and cannot be recreated, even by the users themselves. The silicon chips contain complex structures that are irreversibly changed for each communication, sending information in a one-time key that can never be intercepted by an attacker.

A review of the invention in Optics and Photonics News, published by the Optical Society of America (OSA), stated that The eavesdropper, attempting to hack into the communication with complete knowledge of the system and using all of the same equipment, obtained only white noise in her decoded image.

World-Class Team Behind the Invention

U.S.-based CUP Sciences is responsible for coordinating the next steps of development of the technology among the inventing institutions and for the commercialization of technologies resulting from it. The company was co-founded by co-inventor of the technology Dr. Aluizio M. Cruz, who brought the conceptual approach to the project, with the other institutions developing the theory, fabricating the technology, and testing it.

Dr. Cruz has been working with complexity for decades, since the age of 17. Prior to founding CUP Sciences, he worked as chief industrial engineer on large-scale multi-government projects in Japan and Europe. Over the years, he developed several inventions related to new concepts for data communication and energy. Together with co-founder, attorney and entrepreneur Quelita Moreno, he formed CUP Sciences to apply these inventions towards commercialization to address the challenging and critical issues of society, such as energy, water and pollution.

We have successfully reimagined an entirely new way to develop technology, working in concert with the inherent principles operating in the laws of physics and randomness. Because of this, our technologies scale exponentially, rather than linearly, creating breakthroughs in efficiencies of energy and cost, said Dr. Cruz.

With the advent of more powerful quantum computers, all current encryptions will be broken in very short time, exposing the privacy of our present and, more importantly, past communications, unless we think differently, says Andrea Fratalocchi, Associate Professor of Electrical Engineering at KAUST, and leader of the study.

Our solution can protect communications exchanged by users separated by any distance and is based on a mature and fully scalable technology which is ready to deploy, said Professor Andrea Di Falco of the School of Physics and Astronomy at the University of St. Andrews, first author of the study.

Companys First Technology Focused on Cybersecurity

A recent report by Cybersecurity Ventures estimates that global damages from cybercrime will rise to $6 trillion annually by 2021. To address this, CUP Sciences first technology is focused on security, anticipating applications ranging from the financial industry, protecting ecommerce and banking, to energy, supporting smart grids and cities.

Our microchip providing perfect secrecy will be the first of a host of complexity-based technologies that we will move toward commercialization, validating our disruptive approach, said Ms. Moreno. "CUP Sciences partner, PERA Complexity, will contribute with go-to-market strategy and commercialization. We look forward to identifying additional partners and investors who will work with us to bring this and other important technologies to the world.

If you are interested in getting involved in the development and commercialization of CUP Sciences technologies, please contact the company at ac.qm@cupsciences.net.

About CUP Sciences

Los Angeles-based CUP Sciences is pioneering the commercialization of an entirely new field of hardware-based, software-embedded technologies based on complexity that address critical global challenges of sustainable development. The companys upcoming technologies will be new concepts for clean energy generation and storage, and carbon reduction with the potential to revolutionize the clean energy sector, and are expected to create dramatic efficiencies and cost savings over traditional technologies.

Read more:
Perfect Secrecy Encryption Technology, Invented by U.S.-Based CUP Sciences and Partners, Set to Transform Cybersecurity - Business Wire

Dfinity launches an open-source platform aimed at the social networking giants – TechCrunch

When Dfinity raised $102 million in funding in 2018 at a $2 billion valuation in a round jointly led by Andreessen Horowitz and Polychain Capital, it was thought of as a step change in the world of blockchain technology. In an area that was synonymous with generating a lot of headlines around cryptocurrency speculation, this was a shift in focus, looking instead at the architecture behind Bitcoin, Ethereum and the rest, and how it could be used for more than just mining, distributing and using new financial instruments with a major, mainstream VC backing the idea, no less.

Dfinity launched with a very lofty goal: to build what it called the Internet Computer: a decentralized and non-proprietary network to run the next generation of mega-applications. It dubbed this public network Cloud 3.0.

Now, it looks like this Cloud is now about to break.

In Davos this week, Dfinity launched the Bronze edition of its Internet Computer, a limited release that takes the startup one step closer to its full commercial release, expected later this year.

And to prove out the concept of how an application would run on its new network, Dfinity today demonstrated an open social network called LinkedUp.

The startup has rather cheekily called this an open version of LinkedIn, the Microsoft-owned social network for professionals. Unlike LinkedIn, LinkedUp, which runs on any browser, is not owned or controlled by a corporate entity.

LinkedUp is built on Dfinitys so-called Internet Computer, its name for the platform it is building to distribute the next generation of software and open internet services.

The software is hosted directly on the internet on a Switzerland-based independent data center, but in the concept of the Internet Computer, it could be hosted at your house or mine: the compute power to run the application LinkedUp, in this case is coming not from Amazon AWS, Google Cloud or Microsoft Azure, but is instead based on the distributed architecture that Dfinity is building.

Specifically, Dfinity notes thatwhen enterprises and developers run their web apps and enterprise systems on the Internet Computer, the content is decentralised across a minimum of four or a maximum of an unlimited number of nodes in Dfinitys global network of independent data centers.

And while the company initially was described as a blockchain-based system, thats also had some refinement. A spokesperson describes the Internet Computer as a next-generation distributed computing system similar to its Mainframe, Client Server, and Public Cloud predecessors that is based on cryptography.

WhileDFINITYis not building a traditional blockchain/smart contract platform, it uses advanced cryptographyin its consensus layer [of the Internet Computer stack] to ensure apps and workloads have the same security guarantees as Bitcoin or Ethereum, the spokesperson added, but its network of independent data centres ensures the speed and scale required by corporates and entrepreneurs. The Internet Computer also has governancetokens to ensure the ownership of the technology is distributed, he said.

LinkedUp is a test case for all of this, and soDfinity is open-sourcing LinkedUp for developers to create other types of open internet services on the structure it has built.

This open social network for professional profiles suggests that, on Dfinitys model, one could create an Open WhatsApp, Open eBay, Open Salesforce or Open Facebook.

(Good news, since LinkedIn might not be so happy about a lookalike service with a name and layout that also looks very familiar, were it to go much further as a commercial endeavor. While we cant comment specifically on any proposed trademark, LinkedIn does monitor and take action as necessary to protect our trademarks, a spokesperson said.)

Big tech has hijacked the internet and stifled innovation by owning the proprietary infrastructure and user relationships, said Dominic Williams, founder and chief scientist at Dfinity in a statement. As a result, a handful of for-profit companies have created a monopolistic and closed internet. The Internet Computer provides a means to rebuild internet services in open form.

So perhaps what we should be calling this is not LinkedUp, but more a new sort of Linux for the cloud.

Dfinity claims the application was built by 1.5 engineers in three weeks, thus demonstrating how easy the infrastructure is to use.

The tools include a Canister Software Developer Kit and a simple programming language called Motoko that is optimized for Dfinitys Internet Computer.

The Internet Computer is conceived as an alternative to the $3.8 trillion legacy IT stack, and empowers the next-generation of developers to build a new breed of tamper-proof enterprise software systems and open internet services. We are democratizing software development, Williams said. The Bronze release of the Internet Computer provides developers and enterprises a glimpse into the infinite possibilities of building on the Internet Computer which also reflects the strength of the Dfinity team we have built so far.

Dfinity says its Internet Computer Protocol allows for a new type of software called autonomous software, which can guarantee permanent APIs that cannot be revoked. When all these open internet services (e.g. open versions of WhatsApp, Facebook, eBay, Salesforce, etc.) are combined with other open software and services it creates mutual network effects where everyone benefits.

We quizzed Dfinity a little more on all this and asked whether this was an actual launch.

A spokesperson told us: Since our first major milestone of launching a terminal-based SDK and new programming language called Motoko by the co-creator of WebAssembly on 1 November, DFINITY has released 13 new public versions of the SDK, to our second major milestone [at WEF Davos] of demoing a decentralized web app called LinkedUp on the Internet Computer running on an independent data center in Switzerland. Subsequent milestones towards the public launch of the Internet Computer will involve (1) on-boarding a global network of independent data centers, (2) fully tested economic system, and (3) fully tested Network Nervous Systems for configuration and upgrades.

It also looks like Dfinity will not be raising more money just yet.

But the question is how they plan to woo people to it? Dfinity has been working with a select group of Fortune 500 companies, strategic consultancies, systems integrators, venture capitalists, and universities, the company said.

We are not sure that will quite suffice to take out Facebook, LinkedIn and all the other tech giants, but were fascinated to see how this plays out.

See the original post:
Dfinity launches an open-source platform aimed at the social networking giants - TechCrunch