The Internet Computer is a revolutionary blockchain computer created by a network of independent data centers running an advanced decentralized protocol, enabling developers, organizations, and entrepreneurs to build and deploy secure applications and autonomous software programs.
Unlike typical cloud-based or distributed architectures that run on proprietary infrastructure or specific hosting services, the Internet Computer provides an open platform where software and services run directly on the open Internet.
The decentralized Internet Computer Protocol (ICP) creates this secure network by implementing advanced cryptography.
In a decentralized distributed system, various problems arise. At the peer-to-peer level, how do we propagate artifacts between nodes in this hostile open environment? How do we do this in the most efficient way? How do we define the most appropriate network topology?
Next, there is a consensus protocol where the main problem is ensuring that the right transactions are verified and processed in the right order without a central authority.
At the DFINITY Foundation, there is no distinction between R&D and the public platforms we create.
Our R&D team members regularly implement new technologies and see how their ideas pan out in real-world applications.
A great example of this being implemented at a cryptographic level is the Internet Computer’s Non-Interactive Distributed Key Generation (NIDKG) protocol — the first release of novel core cryptography technology by the Foundation.
Introducing non-interactive DKG
End users of applications or services running on the Internet Computer interact with the software containers and do not directly see the advanced cryptography used to build this decentralized development platform.
The Internet Computer defines a simple and clean interface that specifies how containers work, enabling a software ecosystem where different applications can communicate with each other and use each other's APIs.
Further research revealed the use of digital signatures, which allow Internet computers to authenticate and verify outputs.
Digital signatures were part of the dawn of modern cryptography, appearing in the seminal works of Diffie-Hellman and RSA in the late 1970s.
End users and containers talking to other containers need information for authentication.
However, on the Internet Computer, containers are hosted in subnets that are run by a collection of nodes around the world.
Therefore, nodes must run a distributed protocol to reach consensus and sign the output of the Internet Computer.
Threshold signatures enable nodes on a subnet to collaboratively sign data, and if enough nodes cooperate, then the signature can be obtained.
On the other hand, there is no way some malicious node could deviate and sign unauthorized messages.
So far, so good, but there's a twist.
On the Internet Computer, the set of nodes running a subnet will change, and nodes can join and leave their respective subnets.
The set of nodes running a subnet will change over time depending on the needs and requirements of the network, the desired level of security, available capacity in data centers, random hardware failures, etc., which means that the set of threshold signers will evolve over time.
The impact of this is that it becomes logistically complex to continue to generate, register, and distribute new public keys among the ever-changing nodes within the subnet.
As an alternative solution, if the same subnet could always be referenced by a static public key, even if the nodes that make up the subnet are in a constantly changing state, this would greatly simplify key management.
Fortunately, public key preservation has cryptographic solutions and keys can be re-shared.
Through these key re-sharing schemes, one set of signers participating in a threshold signature scheme can transfer the threshold signing capability to another set of signers.
Existing key redistribution schemes have many benefits, but they have a limitation: they are interactive, which raises the asynchrony problem.
If a message from a node is missing, it is unclear whether the message is merely delayed or if the node has crashed or is otherwise compromised.
The DFINITY R&D team has invented a new non-interactive key re-sharing protocol where each old signer only needs to broadcast a message to the new signer.
To ensure this is done securely, many concepts from advanced cryptography are used, including encryption using forward secrecy and non-interactive zero-knowledge proofs.
Because it is non-interactive, the key re-sharing protocol operates in a way that is well suited to asynchronous environments, with benefits including key preservation.
A single public key is known throughout the life of the subnet, and other parties on the internet computer do not have to keep track of changing public keys.
Looking at the different stages of subnet key management, the protocol first applies to initial key generation.
The Internet Computer can use the NIDKG protocol to launch a new subnet and provide threshold signing keys to the initial nodes without having to involve the initial nodes in the setup process.
Nodes simply learn that they have been assigned to a subnet, can infer their secret share of the signing key, and then begin running that subnet.
While the subnet is running, a distributed key re-sharing protocol is used to register new joining nodes.
There is no need for a lengthy registration process, as the subnet simply leaves encrypted key material to the joining nodes.
What is expected to happen most often is that a group of nodes will rekey themselves, which sounds counterintuitive since the nodes already have the threshold signing key.
However, this idea stems from the concept of active safety.
The problem is that over time, nodes can become compromised.
Imagine a subnet run by the same nodes for a certain length of time, which provides an attacker with a time window during which they can somehow learn the node's threshold share of the signing key.
Proactive security provides a solution by continuously refreshing the threshold share of the signing key, which means that the nodes re-share the key to obtain a new threshold secret share of the signing key.
Afterwards, they delete their old shares, which means that even if an attacker learns a few shares from each node over time, the threshold signing key will still be secure as long as only a few shares from any given epoch are known at any given time.
NIDKG is one of many innovations spearheaded by the DFINITY R&D team as its grand vision of the Internet Computer to renew the Web’s innovative capabilities is steadily becoming a public reality.
We look forward to welcoming developers to explore the capabilities of the network and create the applications and services of the future.
Join our developer community and start building at forum.dfinity.org.
IC content you care about
Technology Progress | Project Information | Global Activities
Collect and follow IC Binance Channel
Answer your questions at any time
