Topic: An idea; bitidentity, passwordless secure login (Read 1908 times)

Sources on github:

Sources on github:

https://github.com/Nite69/BitLogin
https://github.com/Nite69/BitcoinECKey
https://github.com/Nite69/CryptoIDDemo

Merry Christmas!

Hey there. I just came across this and I'd like to get your thoughts on using this with bitcoin addresses instead of bit-message addresses.

I finished a system for encrypting/decrypting using bitcoin addresses.:

https://bitcointalksearch.org/topic/ann-coinmessage-secure-messaging-with-bitcoin-addresses-374085

It seems to me that we could do the exact same thing you're doing with the bitcoin blockchain. I was planning to build something very similar (challenge-response login mechanism using QR codes on a phone), but I conveniently found this.

Let me know if you're interested in collaborating.

Use case 1: login to fusebook:

1) go to fusebook.com
2) Read the 2D QR code with your android application

Use case 2: register to embarrasingchatpage.com:
1) go to embarrasingchatpage.com
2) Click register, enter wanted username "Santaclaus"
3) Read the QR code with your android application

With this, instead of *typing* your usename and password (if you remember it..) you do one thing: read a barcode. You never need to enter a password, you only need to enter your username once, that's when you register in.

Server only need to have a public key connected to the username. Of course, it could also have email addresses etc., if the site likes to ask those..

Which do you lose more often: a password or your smartphone?

Would it be in the news, if adobe had lost 160 million *public keys* instead of 160 million passwords?

Try it on https://cave.dy.fi or http://cave.dy.fi

But about the question: difference is that in NameId, the identity is a kind of 'wordwide', if someone registers a name, it is reserved wordwide. With bitid, the identity is reserved for that site only (well, the comany behind the service could use the same userbase for other services also).

Search for SQRL, it is doing a similar work. This is quite much the same, but just done with bitcoin cryptography.

How is different from what NameId is supposed to be?

(not sarcastic, just want to know)

Well, here it is.

On 08.12.2013 00:24, Nite69 wrote:
> Hi all!
>
> First; I was really astonished when I read about SQRL from news; I
> have been working on very much similar QR code log in system for a
> couple of months.

This is getting quite much ready for tests and initial source code (it
is still quite ugly, will clean it up when I get a version control)
release. The source code can be found from following links:

BitLogin CryptoID Android client v0.1.0 (binary package):
https://mega.co.nz/#!hwpRnKiB!Nly8jTVhPgNlyurw6Pk1Y2IT1olDLvUcOvYxjp5h8xI

Source code for BitLogin CryptoID Android client v0.1.0 (binary package):
https://mega.co.nz/#!loQ20JrR!NKBT5hUKh46uqgBXcaWmNh-20UZ3nKlit8udP0MZlv4

Server source code (Java):
https://mega.co.nz/#!l8hGRTJB!d6fNhiDuNK2LXb-31GZshTf6N7xUmrEgxKvy4e92CkE

You also need this (BitcoinECKey, all code extracted from bitcoin java
sources):
https://mega.co.nz/#!0lp0Eb6R!NujAJiYXO8uA_OuPHTfHvRN7GA16dluOvodREih407A

Other libraries needed for compile:
- spongycastle crypto library
- zxinglib

This code is free to use (part of it might have some GPL licenses),
either for improving SQRL or used as is.

I will try to get a sample server running today.

The princible (and differencies) to SQRL are:
- server is identified by it's cryptography keys, the actual URL can
be anything (I think piratebay likes this  Good thing is that you
can use the same userbase on any number of servers/services. Bad thing
is that you *must not* lose the master key.
- master key is used to sign microcertificates (uCert). The sample
server creates a new uCert every 10 minutes.

- server offers a sessionid (server is free to generate timestamped
and/or SSLID etc sessionkey) for the client, client identifies the
user by signing the sessionkey with identity's secret key. Server
finds the public key from the signature and logs the user in.

- Client generates a new keypair for every server/username combination.

- Messages are very simple:
Login QR code:
bitid:192.168.7.15:8080/CryptoIDDemo/cid?id=l~B32CB9DE862FAC3D98A04621D605DA45~1PHDDf5b8rexRSyn2mvY5ziuSLPrXWGyQj
Where l=login, B32CB9DE862FAC3D98A04621D605DA45=sessionid,
1PHDDf5b8rexRSyn2mvY5ziuSLPrXWGyQj = server public key (format is
standard bitcoin address)

Reply:
192.168.7.15:8080/CryptoIDDemo/cid?id=l~B32CB9DE862FAC3D98A04621D605DA45&signature=IAiEp1YaQgKOYDyXFTiFCvp-iasTZszt2GFmDK6eQiSeRYpD-pwq3ZSj7s8x5xLP51qnOpf_mRIw-cgY6p8xOWs.

Server finds the identity's public key from the signature and logs the
user in.

Registering QR code:
bitid:192.168.7.15:8080/CryptoIDDemo/cid?id=c~873FEAA9328A766120BD861AF87D07C8~testuser~1PHDDf5b8rexRSyn2mvY5ziuSLPrXWGyQj

Response:
192.168.7.15:8080/CryptoIDDemo/cid?id=c~873FEAA9328A766120BD861AF87D07C8~testuser&signature=ILDIgZibEr9Onqm_q7yPNC0wgaBRTpFl8d_mDww_maOrOqELTUfCCyLovpj_uyqaDlVnJU0qZ4cTxxv8-hwaxgY.

When replying, server identifies itself with uCert (would make the qr
code very big, so it is sent back with http response):
{"message":{"20131215124151+0200~testuser~B32CB9DE862FAC3D98A04621D605DA45"},"signature":"H_lbcQSWrvkBhH09PII4pQmTKaIGHCn3HmzxkJZp8UerfLOLBFLCAaU6GD8U6tMzVPjRoAakNQlekLp KDeVltFE."},{"uCert":{"key":"1HWHJaisNUnm33EXtKJ5CM7KUrq9pDfEt9","expires":"20131215125151+0200"},"signature":"H0gdU_8FYaGNpCZncwcfws2XvL6PKe8AskJFeCia7-OTFliAAVi5eIkMIr2QUAqgM80XBSYzJVDQRZ1AcN2v-Kg."}
Logged in : testuser:14Gv4XffXoUnQ3sb4eNTgGu4fgjtTidqCu

From the message signature, client finds the server online public key,
1HWHJaisNUnm33EXtKJ5CM7KUrq9pDfEt9, which is certified in the uCert
with the server's master key (which matches the QR code server key).

best regards,
  Nite69

Well, I did according to these instructions:
http://dot-bit.org/BuildNamecoinQTFromSource

and true, it seems to compile version 0.3.64. How do I compile the latest version? checkout master does not seem to compile at all in linux?

Edit: Well, made git clone from another repository (https://github.com/namecoinq/namecoinq) and now I have 0.3.71 and also that missing addr tab. Thank you!

If you need connection to a blockchain (which you'll need I guess), make it possible via a lightwight client like multibit / electrum.

no one will ever use this if you have to download a full chain and keep it synched

old version like Phelix said..

in manage names there is an address field..
also you can use console window: name_show

when you do name_update the key for the name will change.. not sure if that effects what you are doing (probably not)

I think you are running an outdated version.

No I cannot. The key is not there. There is only "Name", "Value" and "Expires" tabs, but not the key which owns the name.

When namecoin makes NAME_FIRSTUPDATE transaction, it generates a new keypair (or uses previous generated) keys, *which you cannot access anywhere* from the client. As I said, the only way to find out what key was the owner of the identity was
1) check the name_firstupdate transaction id
2) browse the blockchain to find that transaction
3) copy the public address from the transaction output.

Use that copied key to sign the message (private key will be on your wallet).

The key must be somewhere in my wallet, but i cannot find or access it from the GUI. Neither is it anyway assosiated to the id which the key owns.

Well, you can go to the manage names tab and copy it from there before opening the sign dialog. I agree it would be nice to see the registered names displayed on the addressbook or be able to choose "sign message" directly from the manage names tab.

With the GUI, you can also use the GUI signing window :-): File - sign message.

But the window gives you two options to enter the signing key: either you can write the key on the text box OR you can choose it from your addressbook. Unfortunately generated addresses are not in addressbook, so you have to find the correct signing address from the blockchain and copypaste the key.

It should also give a listbox including only the keys that owns some id/ or d/ records.

With the GUI you can use the debug console's signmessage command.

Well, that's something what I had in mind..

I tried to create a nameid with my namecoin id (nite69 (I think we have exchanced some message?)), but without success.

Just wondering what did I do wrong? Your page just says incorrect signatuer. I assume you can see the logs from my attempts?

Edit: I think I can show these data:


Edit2: Let me guess; I should use some other key? I only have 2 keys on my wallet visible, but of course, the client might have generated some other keys for transaction change.
Maybe you should also show the key which should be used for the signature?

Edit3: browsed the blockchain, tried with both name_new and name_firstupdate transaction's keys, no luck :-(

Edit4: Ok, now it works. I had to sign with the key from the *output* of OP_NAME_FIRSTUPDATE . However, this key was not visible in namecoin-qt wallet, so I had to dig it from the blockchain based on the transaction id from my wallet. I suggest you display the key which should be used for the signature? At least namecoin-qt let me enter the key even if it was not visible.

Edit5: Actually, that makes sense. But the namecoin-qt should show that address as the 'owner' of the identity and should offer that key for signing.

In your public identity entry you can store your BTC or NMC (LTC and PPC are also supported) address which can be used to check if a message was created with the corresponding private key belonging to you.
Based on this identity check you could make login to any website(if implemented - actually nowhere supported).
A user friendly website identification system(an OpenID alternative) based on the Namecoin Identity is planned to be implemented.
https://nameid.org/?view=faq
https://nameid.org/?name=daniel

Yes, but that is a public identity (nickname connected to some connection info), not a login credentials.

With bitidentity you could securely log in to any supporting www-page without a password. And all those identities would be non-trackable, ie not connected to each other.

Namecoin already has an identity system implemented:
http://dot-bit.org/Namespace:Identity

Got this idea from bitmessage; these bitmessage addresses could be used for passwordless anonymous login to any system. Or there could be another blockchain delivering bitidentity messages..

Use case, bulletin board:
- user sends a identity request to the page's bitidentity address. For every bitidentity address, there will be a new private key.
- one gets a sessionkey as a reply (maybe direct https - link) which one could use to login to the page and configure nickname etc.

Very secure, no passwords, anonymous identity.