Posted on

Bank of America Applies for Blockchain-Based Encrypted Crypto Storage System Patent

The U.S.’s second-largest bank, Bank of America (BofA), has applied for another blockchain patent on the development of a secure crypto storage system, according to a patent document published by the U.S. Patent and Trademarks Office (USPTO) August 23.

The patent, entitled “Block Chain Encryption Tags,” describes a system of recording and storing cryptocurrency-related transactions that are handled by enterprises. In short, the invention offers a system of data security for blockchain networks by implementing encryption and linking data units to the blocks of a certain blockchain.

In the patent document filed on April 18, 2018, the North Carolina-based bank introduced a system that includes a device with a processor that first receives a set of data elements, and then acquires an encryption key prior to encrypting the elements within the first block on a blockchain.

The device further combines the encryption key with the generated encrypted element map in order to create and then encrypt the “creator tag,” which is then further embedded and published within the first block of the blockchain.

According to the document, the recent patent application by BofA is a reproduced version of a U.S. non-provisional application filed in 2014 by James G. Ronca and titled “Cryptocurrency Online Vault Storage System.”

BofA has previously taken steps for adopting blockchain technology, having filed nearly 50 blockchain-based patents as of June 2018, making it reportedly the largest holder of blockchain-related patents among all companies, even beating the tech giant IBM.

While BofA is one of the leading companies that promotes innovation in the blockchain sphere, the bank is still sceptical towards cryptocurrencies, despite having acquired a patent on the development of a digital currency exchange system in December 2017. In May, BofA reiterated its negative stance toward crypto, calling it “troubling” and confirming its decision to ban clients from buying crypto with their credit cards.

However, earlier this year, the bank had admitted to U.S. regulators that it may be “unable” to compete with the growing use of cryptocurrency, claiming that the inability to adapt “services and products to evolving industry standards and consumer preferences” can harm its business.

Posted on

Research: Telegram Passport Is Vulnerable to Brute Force Attacks

The recently released personal identification authorization tool Telegram Passport from messenger app Telegram is vulnerable to brute force attacks, according to an Aug. 1 report by cryptographic software and services developer Virgil Security, Inc.

On July 26, Telegram announced the launch of Telegram Passport designed to encrypt users’ personal ID information and let them share their ID data with third parties such as initial coin offerings ICOs, crypto wallets, and anyone complying with know your customer (KYC) regulations.

Users’ data is kept on the Telegram cloud using end-to-end encryption, subsequently moved to a decentralized cloud, which cannot decrypt personal data as it is seen as “random noise.” However, in their recent research Virgil Security raised concerns about password protection in the service.

According to Virgil Security, Telegram uses SHA-512, a hashing algorithm that is not meant to hash passwords. This algorithm reportedly leaves passwords vulnerable to brute force attacks, even if it’s salted. In cryptography, a salt is random data added as an extra secret value to the end of the input, which extends the length of the original password, providing some additional protection.

When a user encrypts personal data, it is reportedly uploaded to the Telegram cloud, and when a user needs to confirm authenticity on a third party service, they decrypt that data and re-encrypt it for that service’s credentials. All these factors reportedly contribute to potential exposure of a user’s password hash table to very efficient hacker attacks. The firm further explains:

“The security of the data you upload to Telegram’s Cloud overwhelmingly relies on the strength of your password since brute force attacks are easy with the hashing algorithm chosen. And the absence of digital signature allows your data to be modified without you or the recipient being able to tell.”

In March, founders of Telegram, Pavel and Nikolai Durov reported they had raised $850 million in the second round of their ICO aimed at the development of the Telegram messenger app and its own blockchain platform Telegraph Open Network (TON). Later in May, Telegram’s plan to launch an ICO was canceled due to the fact that the messaging app had attracted enough funds during their two private ICO rounds.

Posted on

Telegram Reveals Personal ID Verification Tool for Sharing Data with ‘Finance, ICOs’

The crypto and blockchain industry’s go-to encrypted messenger app Telegram has released a personal identification authorization tool, according to an official statement published July 26.

The tool, dubbed Telegram Passport, reportedly encrypts a user’s personal ID information and let’s users securely share their ID data with third parties, which the Telegram post elaborates on as “finance, ICOs, etc.”

According to the post, users’ ID data will currently be stored on the Telegram cloud, but “In the future, all Telegram Passport data will move to a decentralized cloud.”

The new tool is currently integrated with digital payment operator ePayments, which Telegram refers to in their post as the “first electronic payments system to support registration and verification” via the new tool. EPayments confirmed the integration on its Telegram channel, noting that “verification can be achieved in just a few clicks.”

Recently, CEO and founder of Telegram Pavel Durov was featured in Fortune’s “40 Under 40” annual rankings as one of the most prominent disruptors of global business. Before creating Telegram, Durov founded social media website VK.com.

This March, Telegram completed two $850 million closed funding rounds via the sale of the platform’s pending cryptocurrency TON, bringing its total funding to $1.7 billion. In late May Telegram’s plans to launch a public ICO were been reportedly disrupted due to the fact that the company had raised enough money via the two private ICO rounds.

Launched in 2011, ePayments says it provides payment services to more than 500,000 freelance customers and 1,000 companies worldwide. The London-based digital payment service supports transactions in cryptocurrencies, such as Bitcoin (BTC), Ethereum (ETH), Bitcoin Cash (BCH), Litecoin (LTC) and others.

This week Tokyo-headquartered tech conglomerate Hitachi and telecoms giant KDDI announced the trial of a retail coupon settlement system using blockchain technology to authenticate biometric data.

Posted on

Geopolitical Analyst Believes Blockchain Will Become ‘Obsolete’

Geopolitical analyst George Friedman says that blockchain technology will one day become “obsolete,” CNBC reported June 15.

Friedman is a founder of Geopolitical Futures, an online publication dedicated to predicting the future course of international affairs, and author of “The Next 100 Years: A Forecast for the 21st Century.” He told CNBC that he has “never known any encryption technology not to be broken,” and that he doubts “between Russia, China, U.S. intelligence services” that blockchain cannot be decrypted. He added:

“It’s useful. It’s visible, at some point it’ll be obsolete.”

Friedman said that blockchain is “one of those hypes. People are profiting from it, making extraordinary claims about it.”

In January, the Federal Bureau of Investigation (FBI) director Christopher Wray announced statistics regarding encryption and information security at the International Conference on Cyber Security. According to the provided data, the FBI was unable to crack over 7,800 devices that contained information the FBI considered vital to ongoing investigations from 2016-2017. Wray also said that half of the devices safeguarded by encryption had been inaccessible.

In March, Cointelegraph reported that the US National Security Agency (NSA) is ostensibly able to locate users of Bitcoin (BTC) around the world, as classified documents provided by Edward Snowden revealed. The NSA supposedly managed this by creating a system for harvesting, analyzing, and processing raw global internet traffic using a program disguised as a popular anonymizing software.

A secret internet surveillance program reportedly represented a range of covert corporate partnerships that enabled the agency to monitor communications and pull data directly from the fiber optic connections that form the internet undergird.

Posted on

Mastercard Files Patent for Blockchain System to Secure Card Payments

Financial services provider Mastercard has filed a patent for a blockchain system to provide faster and more secure payments on their cards, according to US Patent and Trademark Office USPTO patent filing released June 7.

The patent application dubbed “Method And System For Payment Card Verification Via Blockchain” describes a public blockchain-assisted conveyance and retrieval of payment processes to verify and secure users’ information.

In the document, Mastercard noted the vulnerability of existing means of “wireless transmission of payment credentials,” claiming that they can be “subject to intercept.” By implementing a blockchain, the company aims to enable a secure way of conveying payment credentials that also involves “minimal participation by the consumer.” The recent blockchain application from Mastercard intends to solve the technical challenge of providing both security and convenience:

“Thus, there is a need for a technological solution to enable the conveyance of payment credentials to a point of sale device that requires minimal participation by the consumer, while still maintaining a high level of security, particularly against skimming.”

“Skimming” is a practice that ”enable[s] a nefarious actor to pull the payment credentials from a payment instrument, even when securely located in the consumer’s wallet or purse, or to intercept the payment credentials as they are being wirelessly transmitted to the point of sale device.”

According to the patent document, the encryption process encodes the cards information and stores it on the blockchain, after which two keys are issued, a public and a private key. When the card is used to make a purchase, a retrieval request is made, after which the system will use the keys to decode and verify the card information. 

Earlier this week, Mastercard’s vice chair Ann Cairns said at the Money20/20 conference that the company has “built a Blockchain that can run the whole [network].” She stated that the company decided to apply blockchain integration “at scale” while noting the need to identify “real use cases.” Cairns explained that firms cannot just “replace existing technology with blockchain because [they] may not create a better user experience.”

Posted on

Russian Gov’t Blocks 20 Mln IP Addresses To Ban Telegram, App Still Operational

After announcing the ban of encrypted messenger Telegram last Friday, Russian telecommunications watchdog Roskomnadzor (RKN) began blocking the app Monday, April 16.

In order to ban access to the messenger, the authority has blocked nearly 20 mln Google and Amazon Internet Protocol (IP) addresses as of April 17, but Russia’s Telegram users say that the app still works without applying any additional means of circumventing the block, such as proxy and VPN services.

While the crypto community’s go-to messenger app is still operating in Russia, the users of dozens services, which are not related to Telegram, have complained about crashes associated with blocked IP addresses. Viber messaging app experienced connectivity problems, which affected calls shortly after RKN began blocking.

Edward Snowden, world-famous advocate for user data security and anonymity, expressed outrage over RKN’s activity in April 17 tweet, considering the move as a “morally and technically ignorant censorship effort,” that has “broken Russia’s internet.”

According to local news outlets TJournal and Mediazona, the users reported crashes of various services such as Microsoft and Windows updates; gaming platforms like Nintendo Switch, Playstation Network, Blizzard, and Xbox-Live; online games Wargaming and Guild Wars 2; Android apps client APK Mirror; video streaming services Netflix and Twitch.tv; online retailers, and many others.

Local media reported that RKN’s blocking activity affected its own website. RKN denies its involvement in network crashes of third-party Internet resources.

Some services could suffer considerable losses due to network crashes allegedly caused by RKN. Skyeng online school could lose up to 30 mln rubles or $480,000 in one evening due to network failures. According to local media outlet Meduza, about 60 local businesses including proxy services have sought legal assistance on the matter.

According to the head of RKN Aleksandr Zharov, the authority has managed to block 30 percent of Telegram networks, and the amount of complaints from services that have suffered as a result of the ban is “quite low.” RKN has also issued warnings to proxy and VPN service owners about upcoming bans citing “extremism and calls for mass disturbances.”

Meanwhile, Telegram’s creator Pavel Durov posted on his Vk.com social media profile that he is giving donations in Bitcoin (BTC) to proxy and VPN administrators in order to support the resistance. Durov claims he is “happy to donate millions of dollars of personal funds” to protect digital freedoms and progress.

Posted on

The Winklevoss Brothers Receive Patent For Digital Transaction Security System

Winklevoss IP, owned by brothers Cameron and Tyler Winklevoss, has been granted a patent for a system to enhance the security of digital transactions, according to a patent document published by the US Patent and Trademarks Office (SPTO) April 10.

According to the patent, the new system is an “improvement to computer security technology” that seeks to embrace a “system, method, and program product for processing secure transactions within a cloud computing system” implementing common cryptographic encryption principles.

As the authors claim in the patent, the system would provide a secure means of data verification in order to prevent “unauthorized access of information over external data connections.”

According to the patent’s abstract, the described computing sub-system would operate the first electronic processing request, then verify and decrypt the first signed data before producing the second processing output that would be encrypted and transmitted to a second sub-system involving a second private key.

“The present invention can provide verification that a user is authorized or that a user session is authorized, such as having valid user credentials and the session not having timed out. The authenticity of any client request received from a user device, or configured to appear as if it originated from a user device, can be confirmed by the computing system. In other embodiments, communications among sub-systems of a computing system can be verified using the trust chain verified computing methods of the present invention.”

The cloud computing security system patented by the Winklevoss twins may be applied to their cryptocurrency exchange Gemini, which is set to start offering cryptocurrency block trading with large amounts of Bitcoin (BTC) and Ethereum (ETH) outside of their regular order books starting April 12.

Posted on

Easy as Chat? Stellar Invests in OKCupid Founders' Crypto Quest

Settling a tab in crypto tokens?

While the idea may seem far from mainstream, it’s actually at the center of a deal that finds the non-profit behind the world’s eighth-largest blockchain, the Stellar Development Foundation, funding the co-founders of OKCupid and their new cryptography-centric startup, Keybase.

Revealed exclusively to CoinDesk, Keybase has accepted an undisclosed investment from Stellar. But while the terms of the deal aren’t known, the startup wasn’t shy in boasting about the alleged size. Stellar was so keen on the concept, the company now says it won’t need to pursue a Series B round at all.

And that’s no small feat. Founded in 2014, Keybase is built around improving end-to-end encryption, a goal for which it has secured $10.8 million in venture funding in a round led by Andreessen Horowitz.

Thursday’s deal, however, isn’t a typical VC round. (As evidence, Stellar isn’t taking a seat on the Keybase board.) “It’s a very friendly and mutually beneficial arrangement. It’s significantly less formal than a traditional venture round,” Keybase co-founder Chris Coyne explained.

But if the idea and its participants sound surprising, Coyne, who helped launch the well-known U.S. dating aggregator in the 2000s, sees it as a continuation of years of interest in cryptocurrencies.

In fact, near the end of his time at the matchmaking giant, Coyne and his partners made OKCupid one of the first well-known tech companies to accept bitcoin payments.

Conye recalls:

“What I realized while this integration was happening was that people had to go through this huge effort to acquire this bitcoin, and then we were just taking it from them. It never felt like anything was really happening on the consumer side.”

Now as a co-founder at Keybase (alongside another OKCupid cofounder, Maxwell Krohn), Conye believes that his company has built an infrastructure that could accelerate person-to-person payments through work with stellar and the use of its cryptocurrency.

To begin, Keybase is accepting the funds in what it jokingly called “dirty fiat,” though over time, it indicated it will enable customers to hold value in Stellar’s cryptocurrency, lumens.

Product ahead

Circling back to the big idea, though, it’s easy to see the fit for both parties.

Since even before OKCupid’s bitcoin integration, Coyne and his partners have been excited about the potential of crypto, but disappointed to see it even still largely used as a store of value or for speculation.

“It feels like we’ve almost given up on this story of people sending cryptocurrency to each other,” Coyne said. “What excites me about Stellar is that it’s insanely fast, transaction fees are close to zero and the low energy consumption is exciting to a lot of people on our team.”

But there’s more the ideology supporting the deal.

The heart of Keybase’s technology is a central repository of public keys, so that data can be encrypted to all of a user’s devices without any need for them to handle cumbersome PGP keys (or even see them).

Keybase already allows users to send encrypted chats, files and even run encrypted Slack-like collaborations, all end-to-end encrypted, across multiple devices for each user. Private keys stay on each device that generated it, so the user never has to trust Keybase itself.

In this way, whatever Stellar is investing in Keybase to build for the lumens ecosystem, Coyne seems to hint that the idea is bigger than a mere wallet.

He said:

“There will be a reveal later this year when the product launches. We will definitely make person-to-person cryptocurrency transactions a lot easier.”

Lumens’ features

Still, Stellar’s lumens could bring additional advantages to Keybase users.

One feature of lumens the team likes is its ability work as IOUs for fiat, backed by institutions (such as banks) that can be transferred between users.

Using blockchain, these fiat-backed lumens could easily cross borders, so a French user could pay in euros to a British user who would receive pounds, all for tiny fees subtracted from the transaction.

But while most tech companies would have a hard time backwards-engineering a crypto integration effectively, Keybase can, and the reason goes back to the early interest of the founders in its core ideas.

“Back then, I imagined this world where people had wallets, cryptocurrency wallets, and we would send small amounts of money to each other,” Conye told us, concluding:

“It’s always felt like something we could do a very good job on.”

Payment app photo via Shutterstock.

The leader in blockchain news, CoinDesk is an independent media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. Interested in offering your expertise or insights to our reporting? Contact us at news@coindesk.com.

Posted on

Encryption Becoming 'Public Safety Issue' – FBI

Encryption technology has reached a stage where even government agencies like the FBI don’t have the technology to unlock hidden data. In fact, it’s mathematically impossible to break many advanced forms of encryption, regardless of technology or available budget.

While the world’s most well-known investigation authority is tasked with providing the US government with crucial intelligence information, it is struggling to follow up on investigations due to advances in data encryption.

As reported by Reuters this week, the FBI was unable to crack over 7,800 devices that contained information the FBI considered vital to ongoing investigations from 2016-2017. The agency has been given legal authority, by the courts, to try and access the data on these devices, but they were simply unable to do so because of the high-level encryption used to protect the information.

FBI director Christopher Wray delivered these statistics in an address at the International Conference on Cyber Security.

While unpacking the challenges facing the bureau, Wray maintained that the FBI supports advances in encryption and information security. However, that has become a double-edged sword that is making the FBI’s life increasingly difficult:

“We face an enormous and increasing number of cases that rely heavily, if not exclusively, on electronic evidence.”

Making progress in this regard will take “significant innovation,” according to Wray, but the FBI head does not consider it impossible. To date, half of the devices safeguarded by encryption have been inaccessible, Wray said in his address.

Goes both ways

While the FBI’s sentiments relate directly to investigations where they have been given legal access to try and break through encryption to unlock information, both state and public individuals have vested interest in encryption technology.

Messaging apps that utilize encryption technology have become all the rage, allowing people to communicate without fear of being spied on- for whatever reason. Encrypted communication platforms have become vital in repressive nations like Iran, for instance.

Nevertheless, governments around the world have pushed for regulation that allows widespread surveillance of the public. The United Kingdom has done so in a number of instances.

No such thing as soft encryption

The FBI faces an uphill battle against encryption technology and there seems to be no middle ground in this regard. The essence of encryption is to safeguard information by granting access to authorized parties only.

Whether or not agencies like the FBI have been given legal authority to decode encrypted data, they are still deemed unauthorized by the encryption itself.

The irony here is that modern-day encryption technology stems from developments made primarily by military operations decades ago. The need to protect sensitive information being sent during war times can be attributed to the development of various encryption technologies, which are now widely available to the general public.

Once software developers got their hands on the basic code, like the so-called cypherpunks who laid the foundation for the cryptography that powers Bitcoin and other cryptocurrencies, massive strides were made.

In the quest to safeguard information, encryption developers weren’t about to create a backdoor for the FBI and other security agencies to make use of. That would defeat the point and create an entry point for nefarious entities to get their hands on important information.

The most likely course of action will be the development of better decryption methods. It’s highly unlikely that software engineers will be making less powerful encryption technology in years to come.

Posted on

Breaking: Researchers Reveal First-Ever Complete Quantum Chip Architecture

Researchers at the University of New South Wales have revealed an architectural structure that solves some of the stability issues that are facing quantum computing scientists, according to a recent report.

The new architecture, which the report compared in significance to landing a man on the Moon, utilizes currently available processors to organize how each ‘spin qubit’ is kept stable and interacts with those around it.

By building a grid of silicon transistors to control the spin and interaction of each qubit (qubits are the building block of a quantum computer), the researchers have been able to stabilize interactions between them, the sticking point of quantum computing to date. The author, Menno Veldhorst, says:

“By selecting electrodes above a qubit, we can control a qubit’s spin, which stores the quantum binary code of a 0 or 1. And by selecting electrodes between the qubits, two-qubit logic interactions, or calculations, can be performed between qubits.”

While the research moves the technology forward, the report indicates that there is still more to do to create a commercially viable technology.

Quantum Blockchain security

According to researchers at Carnegie Mellon, quantum computing could theoretically be used to break through the encryption mechanism of Blockchain technology, putting the security of the network at risk.

The risks associated with the quantum computing, however, are somewhat distant, potentially giving researchers time to build encryption ‘patches’ that will handle the quantum computing risks.