A Technical Breakdown of MySky Seeds

This article was first published on Sia and Skynet Blog - Medium
-----

MySky uses seeds to authenticate users instead of a username and password construction. Seeds and passwords are very similar — the main goal of both is that they are difficult for an attacker to guess, and to provide a foundation for a user’s identity.

In the case of a typical password, the amount of randomness inside the password is left up to the user. The user chooses the phrase that they want as a password, and then the user and server both hope that the user was smart enough to pick a secure password. That password is then sent to the server, and the server has to be trusted to store the password safely.

In practice, it has been demonstrated that the average user cannot be trusted to create a secure password, and that the average server cannot be trusted to store the password securely. The standard advice from security experts is for users to use a completely different password for each service, and to have that password randomly generated by a computer.

We can do better by using seeds. A seed is a fixed amount of randomness, usually generated by a computer (though you can use techniques like coin flips to generate secure seeds as well). Enough randomness is used that no attacker could ever reasonably guess the seed, and then the seed is combined with cryptography to authenticate the user. A user can prove their identity to a server without ever sending the server their seed, which means the user can securely use the same seed for every website.

Security Thresholds

We call the guess-ability of a seed “entropy”. The amount of entropy in a seed is the logarithm of the number of guesses an attacker would have to make to be certain that they could guess your seed. A seed with ...

-----
To keep reading, please go to the original article at:
Sia and Skynet Blog - Medium

Comments (No)

Leave a Reply