Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Witness Angel Initiative (PyConFr 2019)

13 vues

Publié le

The Witness Angel is your judicial testimony, irrefutable and inviolable.
It acts like a digital memory, but which can never be accessed outside a proper judicial complaint.
Thanks to its innovative write-only encryption, it overcomes the opposition between protection of privacy and recording of judicial proofs.
Discover here how it works, with some technical details on its first implementation.

Publié dans : Technologie
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Witness Angel Initiative (PyConFr 2019)

  1. 1. Witness Angel Initiative PYCONFR 2019
  2. 2. Unsatisfying Society Invariants ● Lies (often) overpower Truth ● « It's your word against theirs »™ ● France: – 2% of 75k yearly rapes obtain justice – 20% of female employees were sexually harassed – 30% of all employees were morally harassed – Rise of #METOO & other Twitter Justices ● Memories are incomplete, biased, alterable
  3. 3. "Solutions" bringing problems ● Blind trust in forensic technicians – See 1141 victims of Dookhan Scandal ● Cameras, trackers & spies everywhere – Watch live on www.insecam.org ● Conflict: Privacy vs Security – Weird results ● Opacity for governments and global corporations ● Transparency for harmless citizens
  4. 4. An appeal for subsidiarity ● Smartphone recordings ● Car dashcams (popular in Russia) ● Body worn video (police, firefighters) All still dangerous and one-sided
  5. 5. Beyond dilemmas ● What do we really want? – WRITE-ONLY recordings ● How do we do it? – Asymmetric cryptography & Trusted third-parties ● When do we want it ? – ASAP
  6. 6. New roles ● Key Guardians – Global, diverse & independant entities – Provide unique padlocks for data containers – Certify and timestamp the containers (blind signatures) ● Witness Angel Devices – Record data (gps, audio, video, heartbeats...) – Encrypt data into write-only containers ● Revelation Stations (at the tribunal) – Query all parties for authorizations – Decrypt only the officially requested chunk of data
  7. 7. RPG-Style Overview Player’s Familiar Neutral Divinities
  8. 8. So much work... ● Technical: – Cryptographic utilities everywhere – Webservices and data storage – Mobile apps with sensors/recorders – Revelation station – Container management and verification software (later) ● Non-technical: – Legal evolutions to regulate the system – Partnerships with enterprises and associations – Public awareness regarding "write-only" concept
  9. 9. ... and so little workforce ● Do not reinvent the wheel ● Be robust as heck ● Be cross-platform from the start ● Explore and make Proofs of Concept
  10. 10. I choose you... PYTHON ● Not a "by default" choice ● Good interoperability – With operating systems – With other langages ● Good for webservices ● Good for cryptography ● Good for… smartphones?
  11. 11. WA-Cryptolib ● Pycryptodome has it (almost) all – Symmetric ciphers: AES & Chacha20 – Asymmetric ciphers: RSA – PSS & DSS signatures – Shamir’s shared secrets (yummy!) ● Compiled C/C++ extensions: FAST ● We only need thin wrappers, to check permissions and enforce high security settings
  12. 12. WA-Escrow (trusted third-party) ● No time for SOAP/REST : Json-RPC all the way – Use django-json-rpc bridge – See « Rest is the new Soap » on the Web ● No time for custom serialization of bytes, dates etc. – PyMongo's Extended Json ● No time for 0xab179e101 errors – Error Slugs ("error->functional->unknown_uuid") ● No time for handmade storage – SQL tables with django-cryptography fields
  13. 13. WA-Client (mobile app) ● Here begins the fun (and hazard) ● No money for a custom smartwatch (yet) ● What our prototype needs – Native app on Android (but portable to iOS someday) – Full access to sensors/media/web – Compatible with C/C++ extensions – Runnable as a background service – Launchable at boot (someday) – With a nice GUI to manage it
  14. 14. Meet Kivy
  15. 15. Kivy features ● Cross-platform – Windows/Linux/Mac/iOS/Android... ● Widgets based on OpenGL (3D-enabled) ● Access to native APIs – Via Pyjnius (for Android) and Pyobjus (for iOS) ● Access to C/C++ extensions – Via Android NDK and iOS Objective-C
  16. 16. Kivy Limits & Challenges ● Build complexity: ...acceptable ● App size & launch time: OK ● Accessibility: None for now – Trick: use Gevent to mix tests and event loop in main thread ● Call recording: Restricted by OS ● Background sensors: ? ● Performance & battery drain: ?
  17. 17. Some screenshots...
  18. 18. Thanks for your attention! ● Any questions? ● Feedbacks/advices/contributions are welcome https://github.com/WitnessAngel/ ● More information in website and initial essay: https://witness-angel.prolifik.net/ https://medium.com/@pakaldebonchamp/the-witness-angel-concept-17c5a5f70e5b

×