[Cryptography] Crypto basic income

Guilherme Campos gpirescampos at gmail.com
Mon Sep 25 05:54:11 EDT 2017 

Thank you. That definitely makes a lot of sense.

So, taking into consideration that there will always be a need to generate
some sort of secret, thus a very specific point of failure, is it fair to
assume that the "security in depth" approach will always be present, for
ever and ever?

I know this might seem like a very naive question, just curious to get some
more points of view.

Regards,
Guilherme

Natanael <natanael.l at gmail.com> escreveu no dia domingo, 24/09/2017 às
23:40:

>
> Den 25 sep. 2017 00:15 skrev "Guilherme Campos" <gpirescampos at gmail.com>:
>
> I've written a "food for thought" kind of article around the usage of
> cryptocurrencies for universal basic income (
> https://medium.com/@guilhermepcampos/universal-crypto-basic-income-460fc46207f6).
> And, although this is not 100% on topic, I would definitely like some
> opinions around usage of biometrics for key generation. More precisely on:
>
>    - Do you think it will be possible, at some point, to have some sort
>    of biometric public key infrastructure, where public and private keys are
>    directly pegged to a persons biometric details?
>
> No, not unless you accept the use of schemes like Identity Based
> Encryption which invariably requires central servers (although there exists
> a few versions of these schemes where the server doesn't need to be trusted
> all that much).
>
> Just the biometric data alone in isolation is never good enough for
> cryptographic secrets.
>
>
>    - Could biometrics completely replace the need for passwords?
>
> No, not unless they're just used to identify cryptographic public keys
> where you hold the private key. Universal usernames, basically. I don't
> care if you surgically place your hardware authentication token in your
> skull or whatever to not need to remember to carry it with you, you just
> need some kind of digital secret.
>
>
>    - If compromise of biometric details occurs, how would one go around
>    to solve this, since it's not possible to, for example, create a new
>    fingerprint for a person?
>
> You don't. If they're your last line of defense, you've already lost if
> they're compromised. So don't make them your last line of defense.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170925/7e63c8af/attachment.html>

More information about the cryptography mailing list