• cadekat
    link
    fedilink
    English
    arrow-up
    27
    arrow-down
    1
    ·
    2 months ago

    Cryptography and PKI makes it pretty feasible to authenticate digital documents.

    • Optional@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      5
      ·
      2 months ago

      When used completely and properly. Which rarely, if ever, happens because it requires end-users to know how to use keys and keep them offline somehow.

      • turmacar@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        ·
        edit-2
        2 months ago

        This system hasn’t lasted ~90 years because they just throw someone in a chair and let them figure it out on the job.

        Any reliable system, electro-mechanical or digital, needs thorough user training and checks.

        The worry with this one is it’s a single authoritative record with no easy way to backup or replicate it. They say there are non-authoritative (at least legally) digital versions of most(?) of the records. I hope/assume they’re actually more consistent with that than the video makes it seem because those are the only feasible off-site backups they really have. If not one fire is all it would take to wipe out an entire countries SSA program.

      • cadekat
        link
        fedilink
        English
        arrow-up
        5
        ·
        2 months ago

        This is a government office. A government should be able to build the technical knowledge required to keep a private signing key secure.

        I do agree that individual-to-individual cryptography is more difficult, but how often do you need to check the authenticity of a document from a friend or acquaintance, digital or otherwise?

        • Optional@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          2
          ·
          2 months ago

          Well, a bank. A financial transaction. Health records. Not just email to your friends.

          Government has the technical knowledge - heck many people here have that - but implementing a standard is a different problem, it’s a political problem. A pit full of vipers, in a sense. We’re unlikely to see standardized crypto signing anytime soon. At least IMO.

    • BakerBagel@midwest.social
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      8
      ·
      2 months ago

      So do authorized notaries and paper trails for physical documents. Everyone who had a wallet hacked that lost NFTs or currencies can tell you that crypto cant protect your assets.

      • ysjet@lemmy.world
        link
        fedilink
        English
        arrow-up
        10
        ·
        2 months ago

        Cryptocurrencies have absolutely nothing to do with cryptography, they just appropriated the name.

        • Txmyx@feddit.org
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          5
          ·
          2 months ago

          Uhm Actually 🤓 crypto is called crypto, because it is based on cryptograhy

          • ysjet@lemmy.world
            link
            fedilink
            English
            arrow-up
            6
            ·
            2 months ago

            It’s called cryptocurrency because Bitcoin used sha256 as it’s proof of work algorithm for funsies, but has no actual tie to cryptography. Proof of work is not cryptography.

            • Txmyx@feddit.org
              link
              fedilink
              English
              arrow-up
              2
              ·
              edit-2
              2 months ago

              Bitcoin (abbreviation: BTC; sign: ₿) is the first decentralized cryptocurrency. Nodes in the peer-to-peer bitcoin network verify transactions through cryptography Source

              But you’re kinda right with the proof-of-work. But I would consider sha256 as cryptography

              • ysjet@lemmy.world
                link
                fedilink
                English
                arrow-up
                3
                ·
                2 months ago

                That’s like saying that you’re a English lord because you watched a TV show involving the middle ages one time. Just because a concept contains, as one option amongst many, a thing, doesn’t make that concept the thing.

                The proof of work could be anything- sha256 was just something that happened to be picked. That doesn’t make it cryptography any more than you could call RCS cryptochat.

            • cadekat
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              2
              ·
              2 months ago

              I hate to be that guy, but Bitcoin uses elliptic curve cryptography to sign transactions, and SHA256 is definitely in the field of cryptography. While cryptocurrency isn’t purely cryptography, it is cryptography plus economics. Borrowing the “crypto” prefix, at least in my opinion, is reasonable.

              • ysjet@lemmy.world
                link
                fedilink
                English
                arrow-up
                2
                ·
                2 months ago

                It’s not borrowing, it’s attempting to entirely hijack and replace the prefix. This is already causing a massive loss in trust of the entire field of cryptography.

                As I said in another reply, just because it uses sha256 as it’s proof of work doesn’t make it crypto, as it was essentially picked out of a hat.

                And for the signing of transactions, are we going to start calling bank checks crypto? RCS being renamed crypto? Just because something tangentially has some sort of cryptographic signature tied into it does not make that object cryptography or related to cryptography- it just means that it has a signature enveloping that object.

                • cadekat
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  1
                  ·
                  2 months ago

                  Regardless of whether it’s eroding trust in cryptography today, I still assert it was a reasonable choice when the term was coined. Cryptocurrency depends fundamentally on cryptography.

                  just because it uses sha256 as it’s proof of work doesn’t make it crypto, as it was essentially picked out of a hat.

                  You could probably switch proof-of-work to use some non-cryptographic primitive with similar properties (maybe protein folding?) and it would still serve the same purpose, ignoring the economic problems. I will concede that point.

                  Bitcoin still cannot function without cryptography. Each UTXO is bound to a particular key pair. Each block refers to its parent using a hash. If either of those were switched to a non-cryptographic primitive, there would be no way to authenticate the owner of a UTXO, nor would there be a way to prove the ordering of blocks. Removing cryptography from cryptocurrency would make it entirely useless as a currency.

                  And for the signing of transactions, are we going to start calling bank checks crypto?

                  Banks existed for a thousand years without the existence of cryptography. If you removed cryptography from RCS, you’d still have the rest of the standard for messaging.

                  • ysjet@lemmy.world
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    2 months ago

                    But you wouldn’t be able to authenticate the bank transfers- or messages- as real. It’s the exactly same situation the so-called cryptocurrencies run in to, and why all three have added signatures onto it. That doesn’t make any of the three cryptography- just something that exists better with the support of cryptography.

                    A cryptocurrency can exist without the signature- it’s less useful, but ‘just trust me bro’ is basically THE underpinning for first currencies since the beginning, and the source of a lot of the problems with them.

      • daq@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        7
        arrow-down
        1
        ·
        2 months ago

        Nonsense argument. It is much easier to forge or steal a paper copy of a document that it is to do so with an equally well protected digital copy.

        Vast majority of digital theft is done via social engineering and not through some exploit in the underlying technology.

        • BakerBagel@midwest.social
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          4
          ·
          2 months ago

          If the local county records get broken into and every property deed gets stolen, the theif doesn’t have ownership of every property in the county. Anything that represents physical ownership of an item is way more secure with a physical paper trial than a digital one. I understand that cryptocurrencies are different than cryptography, but a physical copy of a record i own and an official copy that a relevant party owns, such as a local government, hospital, or bank will always be more secure than digital tokens of ownership.

          • daq@lemmy.sdf.org
            link
            fedilink
            English
            arrow-up
            1
            ·
            2 months ago

            That’s just demonstrably false. Lots of historical precedent for people losing property, access, etc due to lost or incorrectly filed documents, clerical errors, corruption and a billion other ways. None of this really affects digital assets.

        • zbyte64@awful.systems
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          5
          ·
          2 months ago

          Yeah, obviously it’s the user’s fault for not holding crypto correctly. This is why my crypto is stored on a floppy disk that can only be read by my 8086 computer with no Internet connectivity. If you loose money it’s always your fault for not being prepared.