Proof of personhood

Last updated

Proof of personhood (PoP) is a means of resisting malicious attacks on peer to peer networks, particularly, attacks that utilize multiple fake identities, otherwise known as a Sybil attack. Decentralized online platforms are particularly vulnerable to such attacks by their very nature, as notionally democratic and responsive to large voting blocks. In PoP, each unique human participant obtains one equal unit of voting power, and any associated rewards.

Contents

The term is used in for cryptocurrency and blockchains as a parallel to proof of work, proof of stake, and other consensus mechanisms which attempt to distribute voting power and rewards to participants proportionately to an investment of resources.

Background

The problem of Sybil attacks using many virtual identities has been recognized for decades as a fundamental challenge for distributed systems that expect each human user to have only one account or identity. [1] CAPTCHAs attempt to rate-limit automated Sybil attacks by using automated Turing tests to distinguish humans from machines creating accounts or requesting services. Even when successful in this goal, however, CAPTCHAs allow one human to obtain multiple accounts or shares of a resource simply by solving multiple CAPTCHAs in succession, and thus do not satisfy the one-per-person goal in proof of personhood. Aside from CAPTCHAs allowing people to obtain multiple users, there are additional complications. Many users who are visually impaired or have learning disabilities may struggle to complete the puzzles. Additionally, some recently developed AI has succeeded in solving the CAPTCHA issue. [2]

Distributed systems could require users to authenticate using strong identities verified by a government or trusted third party, using an identity verification service or self-sovereign identity system for example, but strong identification requirements conflict with the privacy and anonymity, and increase barriers to entry.[ citation needed ] One approach proposed to create anonymous but one-per-person credentials for use in distributed systems is pseudonym parties, in which participants gather periodically at in-person events and leverage the fact that humans can physically be in only one place at a time. [3]

In 2014, Vitalik Buterin proposed the problem of creating a "unique identity system" for cryptocurrencies, which would give each human user one and only one anti-Sybil participation token. [4] [ non-primary source needed ] In 2017, the term "proof of personhood" was proposed for an approach based on pseudonym parties. [5]

Approaches

A variety of approaches to implementing proof of personhood have been proposed, some in experimental deployment. [6]

In-person events

The approach originally proposed by Borge et al. was to use in-person pseudonym parties as a basis to create anonymous one-per-person tokens periodically without requiring any form of identity verification. [3] [5] The encointer project adapts this approach by asking participants to meet in small groups simultaneously at randomly-chosen places, to verify each other's physical presence. [7]

One drawback of this approach is the inconvenience to participants of going to designated physical locations at specific times, especially for participants with conflicting responsibilities at those times. Another issue is the challenge of organizing federated pseudonym parties in multiple locations simultaneously while allowing each group to verify that all other groups are organized honestly without inflating the number of digital credentials they issue.[ citation needed ]

Social networks

Another approach, related to the PGP Web of Trust, relies on users forming a social network to verify and attest to each other's identities. [8] UniqueID incorporates biometric verification into the social network approach. [9]

One criticism of the social network approach is that there is no straightforward way for a participant to verify that a social connection has not created other Sybil identities connected to and verified by other, disjoint sets of social contacts. A related challenge is that Sybil detection based on graph analysis make certain assumptions about the behavior of a Sybil attacker, and it is not clear that real-world social networks satisfy these assumptions. [10] Finally, graph-based Sybil detection algorithms tend to be able to detect only large, densely-clustered groups of Sybil nodes in a social network, leaving small-scale attacks difficult or impossible to distinguish by graph structure alone from legitimate users' connectivity structures.[ citation needed ]

Strong identities

Another approach requires participants to have verified identities, but to hide or anonymize those identities in subsequent use. One criticism of this approach is the privacy and surveillance risks inherent in such databases, especially biometric databases, and the level of trust users must place in the verification service for both Sybil protection and privacy of their identity information. Other critics highlight that facial recognition systems fail on a global scale due to insufficient facial entropy.[ citation needed ]

Apple, who are known for implementing a facial recognition feature into the iPhone, attempts to protect users' privacy with the Secure Enclave. The mathematical structure of a user's face captured by the TrueDepth camera does not leave the user's device, increasing the privacy and protection of personal information. [11] [12] However, some concerns have been raised in regards to the level of security of the facial recognision on the devices. For example, there have been cases where family members were mistakenly recognized as their siblings. [13]

Even with decentralized privacy protections, a criticism of this approach is the inconvenience and cost to users of verifying strong identities, and the risk of potential exclusion of users who do not readily have or cannot afford the requisite identity documents, are reluctant to participate due to privacy and surveillance concerns, or are wrongly excluded by errors in biometric tests. [14]

Crypto-biometrics

To resolve the security concerns over using biometrics for proof of human existence, only encrypting the biometrics data through cryptographic models is not enough. For this purpose, a new technique is proposed to use homomorphic encryption along with zero-knowledge proof to encrypt biometrics data in a way that original biometrics data never leaves the device of the user. Instead, the decentralized network is provided only with the relevant information to verify if a person is a real human being through liveness detection and is registered on a network.[ citation needed ]

Online Turing tests

Another proposed class of approach extends the CAPTCHA principle of using Turing tests to the unique human verification problem. The Idena network, for example, assigns participants to verify each other using flip tests. [15] Criticisms of this approach include the inconvenience to users of solving Turing tests, and whether artificial intelligence and deepfake technologies will soon be able to solve such tests automatically or convince real participants that a synthetic user is human during a verification interaction.[ citation needed ]

Use cases

One proposed use for proof of personhood is to ensure that voting power in permissionless consensus algorithms is widely distributed, [5] and to avoid the re-centralization that has been observed in proof of work mining pools, [16] and predicted in proof of stake systems. [17]

Another proposed use is to facilitate democratic governance in decentralized online systems, including blockchains and cryptocurrencies, that wish to enforce a "one person, one vote" rule. [18]

See also

Related Research Articles

A CAPTCHA is a type of challenge–response test used in computing to determine whether the user is human in order to deter bot attacks and spam.

Proof of work (PoW) is a form of cryptographic proof in which one party proves to others that a certain amount of a specific computational effort has been expended. Verifiers can subsequently confirm this expenditure with minimal effort on their part. The concept was invented by Moni Naor and Cynthia Dwork in 1993 as a way to deter denial-of-service attacks and other service abuses such as spam on a network by requiring some work from a service requester, usually meaning processing time by a computer. The term "proof of work" was first coined and formalized in a 1999 paper by Markus Jakobsson and Ari Juels.

<span class="mw-page-title-main">Zooko's triangle</span> Trilemma in computer science concerning network naming schemes

Zooko's triangle is a trilemma of three properties that some people consider desirable for names of participants in a network protocol:

A fundamental problem in distributed computing and multi-agent systems is to achieve overall system reliability in the presence of a number of faulty processes. This often requires coordinating processes to reach consensus, or agree on some data value that is needed during computation. Example applications of consensus include agreeing on what transactions to commit to a database in which order, state machine replication, and atomic broadcasts. Real-world applications often requiring consensus include cloud computing, clock synchronization, PageRank, opinion formation, smart power grids, state estimation, control of UAVs, load balancing, blockchain, and others.

A Sybil attack is a type of attack on a computer network service in which an attacker subverts the service's reputation system by creating a large number of pseudonymous identities and uses them to gain a disproportionately large influence. It is named after the subject of the book Sybil, a case study of a woman diagnosed with dissociative identity disorder. The name was suggested in or before 2002 by Brian Zill at Microsoft Research. The term pseudospoofing had previously been coined by L. Detweiler on the Cypherpunks mailing list and used in the literature on peer-to-peer systems for the same class of attacks prior to 2002, but this term did not gain as much influence as "Sybil attack".

Private biometrics is a form of encrypted biometrics, also called privacy-preserving biometric authentication methods, in which the biometric payload is a one-way, homomorphically encrypted feature vector that is 0.05% the size of the original biometric template and can be searched with full accuracy, speed and privacy. The feature vector's homomorphic encryption allows search and match to be conducted in polynomial time on an encrypted dataset and the search result is returned as an encrypted match. One or more computing devices may use an encrypted feature vector to verify an individual person or identify an individual in a datastore without storing, sending or receiving plaintext biometric data within or between computing devices or any other entity. The purpose of private biometrics is to allow a person to be identified or authenticated while guaranteeing individual privacy and fundamental human rights by only operating on biometric data in the encrypted space. Some private biometrics including fingerprint authentication methods, face authentication methods, and identity-matching algorithms according to bodily features. Private biometrics are constantly evolving based on the changing nature of privacy needs, identity theft, and biotechnology.

Double-spending is a fundamental flaw in a digital cash protocol in which the same single digital token can be spent more than once. Due to the nature of information space, in comparison to physical space, a digital token is inherently almost infinitely duplicable or falsifiable, leading to ownership of said token itself being undefinable unless declared so by a chosen authority. As with counterfeit money, such double-spending leads to inflation by creating a new amount of copied currency that did not previously exist. Like all increasingly abundant resources, this devalues the currency relative to other monetary units or goods and diminishes user trust as well as the circulation and retention of the currency.

<span class="mw-page-title-main">Bitcoin</span> Decentralized digital currency

Bitcoin is the first decentralized cryptocurrency. Nodes in the peer-to-peer bitcoin network verify transactions through cryptography and record them in a public distributed ledger, called a blockchain, without central oversight. Consensus between nodes is achieved using a computationally intensive system based on proof-of-work called mining. Bitcoin mining requires increasing quantities of electricity and was responsible for 0.2% of world greenhouse gas emissions as of 2022.

<span class="mw-page-title-main">Bitcoin protocol</span> Rules that govern the functioning of Bitcoin

The Bitcoin protocol is the set of rules that govern the functioning of Bitcoin. Its key components and principles are: a peer-to-peer decentralized network with no central oversight; the blockchain technology, a public ledger that records all Bitcoin transactions; mining and proof of work, the process to create new bitcoins and verify transactions; and cryptographic security.

Zerocoin is a privacy protocol proposed in 2013 by Johns Hopkins University professor Matthew D. Green and his graduate students, Ian Miers and Christina Garman. It was designed as an extension to the Bitcoin protocol that would improve Bitcoin transactions' anonymity by having coin-mixing capabilities natively built into the protocol. Zerocoin is not currently compatible with Bitcoin.

Proof-of-stake (PoS) protocols are a class of consensus mechanisms for blockchains that work by selecting validators in proportion to their quantity of holdings in the associated cryptocurrency. This is done to avoid the computational cost of proof-of-work (POW) schemes. The first functioning use of PoS for cryptocurrency was Peercoin in 2012, although the scheme, on the surface, still resembled a POW.

A blockchain is a distributed ledger with growing lists of records (blocks) that are securely linked together via cryptographic hashes. Each block contains a cryptographic hash of the previous block, a timestamp, and transaction data. Since each block contains information about the previous block, they effectively form a chain, with each additional block linking to the ones before it. Consequently, blockchain transactions are irreversible in that, once they are recorded, the data in any given block cannot be altered retroactively without altering all subsequent blocks.

A decentralised application is an application that can operate autonomously, typically through the use of smart contracts, that run on a decentralized computing, blockchain or other distributed ledger system. Like traditional applications, DApps provide some function or utility to its users. However, unlike traditional applications, DApps operate without human intervention and are not owned by any one entity, rather DApps distribute tokens that represent ownership. These tokens are distributed according to a programmed algorithm to the users of the system, diluting ownership and control of the DApp. Without any one entity controlling the system, the application is therefore decentralised.

Proof of space (PoS) is a type of consensus algorithm achieved by demonstrating one's legitimate interest in a service by allocating a non-trivial amount of memory or disk space to solve a challenge presented by the service provider. The concept was formulated in 2013 by Dziembowski et al. and by Ateniese et al.. Proofs of space are very similar to proofs of work (PoW), except that instead of computation, storage is used to earn cryptocurrency. Proof-of-space is different from memory-hard functions in that the bottleneck is not in the number of memory access events, but in the amount of memory required.

<span class="mw-page-title-main">Verge (cryptocurrency)</span> Cryptocurrency

Verge Currency is a decentralized open-source cryptocurrency which offers various levels of private transactions. It does this by obfuscating the IP addresses of users with Tor and by leveraging stealth transactions making it difficult to determine the geolocation of its users.

A blockchain is a shared database that records transactions between two parties in an immutable ledger. Blockchain documents and confirms pseudonymous ownership of all transactions in a verifiable and sustainable way. After a transaction is validated and cryptographically verified by other participants or nodes in the network, it is made into a "block" on the blockchain. A block contains information about the time the transaction occurred, previous transactions, and details about the transaction. Once recorded as a block, transactions are ordered chronologically and cannot be altered. This technology rose to popularity after the creation of Bitcoin, the first application of blockchain technology, which has since catalyzed other cryptocurrencies and applications.

<span class="mw-page-title-main">Self-sovereign identity</span> Type of digital identity

Self-sovereign identity (SSI) is an approach to digital identity that gives individuals control over the information they use to prove who they are to websites, services, and applications across the web. Without SSI, individuals with persistent accounts (identities) across the internet must rely on a number of large identity providers, such as Facebook and Google, that have control of the information associated with their identity. If a user chooses not to use a large identity provider, then they have to create new accounts with each service provider, which fragments their web experiences. Self-sovereign identity offers a way to avoid these two undesirable alternatives. In a self-sovereign identity system, the user accesses services in a streamlined and secure manner, while maintaining control over the information associated with their identity.

Identity replacement technology is any technology that is used to cover up all or parts of a person's identity, either in real life or virtually. This can include face masks, face authentication technology, and deepfakes on the Internet that spread fake editing of videos and images. Face replacement and identity masking are used by either criminals or law-abiding citizens. Identity replacement tech, when operated on by criminals, leads to heists or robbery activities. Law-abiding citizens utilize identity replacement technology to prevent government or various entities from tracking private information such as locations, social connections, and daily behaviors.

Algorand is a cryptocurrency protocol providing proof-of-stake on a blockchain. Algorand's native cryptocurrency is called ALGO.

Proof of identity (PoID) is a consensus protocol for permission-less blockchains, in which each uniquely identified individual receives one equal unit of voting power and associated rewards. The protocol is based on biometric identification, humanity identification parties and additional verification parties.

References

  1. Douceur, John R (2002). "The Sybil Attack". Peer-to-Peer Systems. Lecture Notes in Computer Science. Vol. 2429. pp.  251–60. doi:10.1007/3-540-45748-8_24. ISBN   978-3-540-44179-3.
  2. "What is CAPTCHA? | IBM". www.ibm.com. Retrieved 2023-07-12.
  3. 1 2 Ford, Bryan; Strauss, Jacob (1 April 2008). An Offline Foundation for Online Accountable Pseudonyms. 1st Workshop on Social Network Systems - SocialNets '08. pp. 31–6. doi:10.1145/1435497.1435503. ISBN   978-1-60558-124-8.
  4. Buterin, Vitalik (25 Aug 2014). "Problems". GitHub .
  5. 1 2 3 Maria Borge; Eleftherios Kokoris-Kogias; Philipp Jovanovic; Linus Gasser; Nicolas Gailly; Bryan Ford (29 April 2017). Proof-of-Personhood: Redemocratizing Permissionless Cryptocurrencies. IEEE Security & Privacy on the Blockchain (IEEE S&B). doi:10.1109/EuroSPW.2017.46.
  6. Divya Siddarth; Sergey Ivliev; Santiago Siri; Paula Berman (13 Oct 2020). "Who Watches the Watchmen? A Review of Subjective Approaches for Sybil-resistance in Proof of Personhood Protocols". arXiv: 2008.05300 [cs.CR].
  7. Brenzikofer, Alain (14 January 2020). "encointer - An Ecological, Egalitarian and Private Cryptocurrency and Self-Sovereign Identity System" (PDF). GitHub .
  8. Gal Shahaf; Ehud Shapiro; Nimrod Talmon (October 2020). Genuine Personal Identifiers and Mutual Sureties for Sybil-Resilient Community Growth. International Conference on Social Informatics. doi:10.1007/978-3-030-60975-7_24.
  9. Mohammad-Javad Hajialikhani; Mohammad-Mahdi Jahanara (20 June 2018). "UniqueID: Decentralized Proof-of-Unique-Human". arXiv: 1806.07583 [cs.CR].
  10. Bimal Viswanath; Ansley Post; Krishna Phani Gummadi; Alan E Mislove (August 2010). "An analysis of social network-based Sybil defenses". ACM SIGCOMM Computer Communication Review. 40 (4): 363–374. doi:10.1145/1851275.1851226.
  11. "Apple has a lot to say to Al Franken about Face ID on the iPhone X". Mashable. 2017-10-17. Retrieved 2023-07-27.
  12. Etherington, Darrell (2014-02-26). "Apple Details Touch ID And The A7's Secure Enclave In Updated iOS Security Document". TechCrunch. Retrieved 2023-07-27.
  13. Times, The Brussels. "Improved facial recognition on phones still not 100% secure, say experts". www.brusselstimes.com. Retrieved 2023-07-27.
  14. Dixon, Pam (14 June 2017). "A Failure to "Do No Harm" -- India's Aadhaar biometric ID program and its inability to protect privacy in relation to measures in Europe and the U.S." Health and Technology. 7 (4): 539–567. doi: 10.1007/s12553-017-0202-6 . PMC   5741784 . PMID   29308348. S2CID   8874699.
  15. Idena. "How Idena works" . Retrieved 29 August 2021.
  16. Vorick, David (13 May 2018). "The State of Cryptocurrency Mining".
  17. Giulia Fanti; Leonid Kogan; Sewoong Oh; Kathleen Ruan; Pramod Viswanath; Gerui Wang (18 February 2019). Compounding of Wealth in Proof-of-Stake Cryptocurrencies (PDF). Financial Cryptography 2019.
  18. Ford, Bryan (December 2020). "Technologizing Democracy or Democratizing Technology? A Layered-Architecture Perspective on Potentials and Challenges". In Lucy Bernholz; Hélène Landemore; Rob Reich (eds.). Digital Technology and Democratic Theory. University of Chicago Press. ISBN   978-0-226-74857-3.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.