The term Web3 was originally flooded by co -founder of Etherium Wooden gavin As a secure and decentralized and peer-to-peer version of the Internet. The idea was to create an internet based on Blockchain technology And a peer network, without the need for large data centers or third -party suppliers. These days, however, blockchain is the most famous as the tool allowing cryptocurrencies. RecentlyThe Trump administration has taken On a pro-Crypto-Monnaie position, stimulating the blockchain popularity and media importance.
Cryptography is at the heart of the blockchains’ functioning, whether for a decentralized web or for cryptocurrencies. Whenever a cryptocurrency transaction is initiated, all the parties involved in the transaction must prove in complete safety that they accept the transfer. This is done via a digital signature: a cryptographic protocol which generates a secret private key unique to each user and a public key that the user shares. Then the private key is used to generate a single signature for each transaction. The public key can be used to verify that indeed, the signature was created by the private key holder. In this way, web3 in each incarnation is strongly based on cryptography.
To learn more about the evolution of web3 and the role of cryptography, we met Riad WahbyDeputy Professor of Electrical and IT engineering at Carnegie Mellon University, Pittsburgh, and Co-founder and CEO of the web security platform supported by equipment Cubist.
Wahby explained what web3 was supposed to be, what has become of it and how the cryptography supported by the material will allow its future.
Web3 started as an answer to what came before
Spectrum ieee: What is web3?
Riad Wahby: This is the most difficult question that you will ask from afar, because I do not know how to answer them in a way that satisfies everyone.
The term web3 was invented around 2014, by people who examined the way the web had developed. Web 1.0 was the first web bubble, the points bubble. The roughly speaking web 2.0 is Google and Facebook and Microsoft and Apple and Netflix, etc. And perception, especially people who initially invented this term web3, was that these companies had essentially taken the web in the wrong direction, because your privacy has disappeared and you are the product, so to speak. You use Gmail for free, because Google uses your emails to sell things like better advertising. Web3 was originally a reaction to that. The first supporters of web3 essentially said: “We don’t want this. We want to regain control of our business. I want to have my own data, and maybe cryptocurrencies and blockchains are the path. ” It is therefore where the term originally comes from.
What does the term mean now?
Wahby: Now it means nothing at all. Now Web3 is the wider ecosystem around cryptocurrencies and blockchain-based technologies. And I think that, essentially, all this revolutionary spirit has disappeared in favor of the construction of financial products and a lot of money by doing so. As far as I know, the term really went from a reaction to a lack of intimacy and a lack of sovereignty in my own data to “hey, it is a technology that has something to do with blockchains”. You may be able to buy a kind of piece of speculative memes and earn a pile of money by doing so. So I don’t know, maybe it took a dark turn at the end. This is how things are happening.
How are these two definitions connected?
Wahby: Cryptography is really integrated into the revolutionary spirit, in the sense that people who want to reject the chains of things like Google and Facebook, one of the principles was: “The way we will do it is that we are going to build this technology which is a little incredible and which gives us all these great properties.” And they were going to do so using advanced cryptographic technologies. This is the reason why there are so many people who are cryptography researchers in universities who are also deeply involved in a kind of cryptocurrency. Because it is as if it is a sea change in the way cryptography is used in the world.
Twenty years ago, it was that if you really worked on any type of cryptography, whatever the theory or practice you wanted, you knew that one of this was really used in the world, unless it was extremely practical and extremely focused on solving an immediate problem. And before, it was the case that people were extremely conservative on the type of cryptography they used. Basically, everyone thought, “We don’t need these crazy things. This is the whole theory. No one cares about it. The only things we need is what allows you to connect to Amazon and buy things safely. ” The climb of cryptocurrencies has brought with it all this change in the way cryptography is deployed in the world, where now, if you can find interesting features that are activated by advanced cryptography, probably somewhere that someone will try to transform this into the product they can sell.
Web3 is both good and bad for cryptography
What effect did it have on the cryptographic community?
Wahby: It’s both good and bad. This is what it means that there is a lot of motivation to build interesting and cool stuff. And as a researcher in cryptography, I love it because it means that there are additional tons of the research paid in cryptography.
This is the right side. The wrong side is that the reason why people were so conservative to deploy a new cryptography is that it is easy to make a mistake of the security mechanism. The default state of cryptography is [to assume everything is] broken. You must be very, very careful that each modification you make does not return your cryptography to the default state. I’m not saying web3 people are not careful. They are. It’s just depending on the nature of things, because it is a much faster time, there is much more pressure to simply push things in production. And I think the disadvantage is that we have seen a little break. Hopefully this did not allow people to lose lots of money. And I think the historical file supports it: people lose heaps of money because other people are really dishonest, not because cryptography is broken for the most part. But cryptography can also be broken, and it can also be worrying. But I would say from the point of view of someone who research in cryptography, the impact of web3 on the cryptographic community was generally a good thing.
You now focus on hardware security. Can you explain what it is?
Wahby: Any cryptocurrency has this property if I hold a token, and I want to send it to someone else, the way I do it is producing a digital signature that says, I want to spend this token. The secret key is what allows you to generate a signature. So if you have 10 ethors [cryptocurrency coins]And they are all protected by this key, and someone takes a copy of your key, so life is bad.
With a digital signature key, it could simply be seated on your hard drive, then you get malware, and now someone has silently stole your key. There have been these large, largely targeted malicious software campaigns where millions and millions of people all stole their keys. So now, criminals are like sitting there all the money they have stolen, and there are no inversion transactions, unlike a bank.
Here is where the equipment comes into play. It is not really a web3 technology, it’s a bit old and good things. There are these devices called hardware safety modules, and they have been used for several decades. It is a physical device, and this device can execute certain cryptographic algorithms. And he knows enough that when you say: “Hey, please manage a key to me”, it can generate a key to you in complete safety. And when you say: “Please give me a signature”, it can give you a safe signature. But the important thing is the way it is designed, the key never leaves this material. It transforms what was a data element into a physical object. And we know how to secure a physical object.
You work on the extension of hardware security for more use cases. Can you explain what you are doing?
Wahby: There are two problems with the standard material safety module.
N ° 1, you need more cryptography support, so you should be able to apply digital signatures to transactions very quickly if you are actively negotiating. And n ° 2, you need a way to express that it is not only a key that can generate any signature. It is a key that has also attached a kind of policy that says that it is the types of signatures that are correct to generate, and everything else is not allowed, to add additional security. These are the two directions that we have that our technology allows in traditional material security modules.
We start with the security provided by the security module of traditional equipment, and we extend it using this, makes another trust material called the trusted execution environment. We extend it to support the real types of cryptography which are necessary for web3 and to support this rich layer of programmable policy which allows you to say: “This key is only intended for this specific type” or “whenever someone tries to make a payment from this key, I must first check if the recipient is subject to sanctions”, or to any other rule. So, in the end, we have not only a material security module, we also have this confidence execution environment and this layer of policy, and all these other cryptographic tricks which give us a material safety module that is really designed for the use of web3.
From your site items
Related items on the web
