Logo

dev-resources.site

for different kinds of informations.

Key repudiation in a web of trust

Published at
1/30/2024
Categories
wot
p2p
web3
cryptography
Author
gift7
Categories
4 categories in total
wot
open
p2p
open
web3
open
cryptography
open
Author
5 person written this
gift7
open
Key repudiation in a web of trust

In a Web of Trust (WoT), your identity is a private key. If someone knows that key, they can impersonate you. And if you lose a key, you lose that identity. So what happens when your key gets lost or stolen?

It's possible to create and manage private keys in software like any other data, but for greater security, keys are also managed in secure hardware. These are dedicated chips often called a Trusted Execution Environment.

Apple implemented Secure Enclave

The Secure Enclave is isolated from the main processor to provide an extra layer of security and is designed to keep sensitive user data secure even when the Application Processor kernel becomes compromised. [... it has] an AES engine for efficient and secure cryptographic operations

Android introduced Secure Element

[it enables] tamper-resistant key storage for Android Apps using StrongBox. StrongBox is an implementation of the Keymaster HAL that resides in a hardware security module.

And Microsoft has its Trusted Platform Module

A TPM [is used to] securely create and store cryptographic keys.

The idea is that these dedicated hardware chips create and store cryptographic keys and never let them leave the chip. This is very secure.

With secure hardware, cryptography will revolutionize the way we log in, with FIDO and passkeys and hardware authentication devices like Yubikeys. This stuff also lets crypto hardware wallets keep large amounts of crypto safe from hackers, by storing private keys and never exposing them. There's a whole world of exciting technology here, all based on public-private key cryptography.

...But everything is hackable. Vulnerabilities may exist in both software and hardware (Like this trezor hack). On one hand, "a junior developer is born every minute", and on the other hand, hackers are determined. With physical access, with enough tools and skill, a hacker can read from a secure hardware module (for example, with a cold boot attack.

It's very unlikely for

p2p Article's
30 articles in total
Favicon
Como redes peer-to-peer funcionam?
Favicon
Stick your offer on the Globe bulletin board.
Favicon
Convenient "Bulletin Board on the Map"
Favicon
How to get a right peoples in your chat group?
Favicon
How to Make Your Offers being visible
Favicon
New free "Uber clone" service for all
Favicon
A New offers hosting place ->
Favicon
Tired of your offers getting lost in the online noise?
Favicon
Place for exchanging offers and services
Favicon
A place where, over time, you become more and more visible
Favicon
Кто будет посещать ваш вебсайт ?
Favicon
Who will visit your website?
Favicon
How to host your own radicle node. Contribute to decentralized source control. 🌌
Favicon
What is Infometka?
Favicon
Ditch the Server, Own Your Words: Building a Decentralized Blog with IPFS
Favicon
People around you service
Favicon
A service to find other people services
Favicon
Infometka: A place for Sharing and Discovery
Favicon
Infometka - Удобная платформа для обмена информацией об услугах
Favicon
Nexus: Genisis
Favicon
Nexus: Genisis
Favicon
What is a P2P (Peer to Peer) Network?
Favicon
P2P crypto exchange development: The ultimate guide for your business success
Favicon
Key repudiation in a web of trust
Favicon
A Comprehensive Guide to P2P Crypto Exchange
Favicon
Elevate Your Peer-to-Peer Marketplace with Expert Developers
Favicon
Decoding WebRTC Architectures: P2P, SFU, and MCU Simplified
Favicon
P2P Crypto Exchange Features that Businesses Must Know
Favicon
Wesh: Flight of a Byte
Favicon
Wesh App: Share Contact and Send Message

Featured ones: