- This event has passed.
Privacy Preserving Blockchains
November 29, 2018 @ 6:30 pm - 8:30 pm
Do you REALLY know what a blockchain is? Come and learn the ins-and-outs of blockchain from the ground up, with a focus on blockchain and privacy (a crucial portion of an appsec strategy).
This presentation describes blockchains constructed using the SignedData Cryptographic Message Syntax (CMS) data type standardized by IETF, X9.73 and RSA PKCS#7. SignedData serves as a container for the block header and data content components of the blockchain blocks. The described blockchain and each of its blocks can be distributed, allowing each block to be managed in a different security zone and to reside at a different physical location on the internet of things (IoT).
SignedData blockchains can be embedded in the records of other storage system types, such as blockchain, distributed ledger, and database systems. An extended hash pointer that links the series of SignedData blocks together, is applied to create sidechains that can be added to or deleted from any block to address privacy concerns such as right-to-be-forgotten and to link other object types to a SignedData block. A tokenization manifest is presented that supports ‘off-chain’, field level data confidentiality of block content. When these techniques are combined with digital signatures, confidentiality, data integrity, and origin authenticity can be provided to entire blocks, transactions, or transaction fields within a block.
Phillip Griffin — Phillip is a CISM and ISSA Fellow with over 20 years of information assurance experience. He has served as a trusted security adviser, security architect, and consultant with leading corporations, and acted as committee chair, editor, and head of a delegation in the development of US national and international security standards. Phil currently serves on the ISSA Educational Advisory Council and the ISSA Journal Editorial Advisory Board, and actively participates in ITU-T SG17 Security, ISO TC68/SC2 Security, ISO/IEC JTC1/SC27 Security techniques, and X9 Financial Services standards development. His current work encompasses encryption technologies, access control, and biometric information security management. Phil has 12 U.S. patents and over 30 patents pending at the intersection of biometrics, cryptography, RFID, and information security. He has a number of academic and professional technical publications and he has spoken at leading security conferences around the world.