POC: Data Handshake

[maxvisser]

poc: Data Handshake

v0.1

Background / Context

Goal/user story: An identity or digital asset has properties that defines the identity/asset. For a person, a property could be age, length. These properties are sometimes sensitive and therefore can't be send to the blockchain or be stored there.

A data handshake is seed that two parties generate to encrypt the data. Who knows the seed can decrypt the data. More:

Hypothesis:

• Bob owns the asset X. He publishes some metadata and conditions on how to get X. A simple case would to set the price of the asset.
• Alice wants to access and read X. She reads the metadata and conditions about X, and she makes a payment (or whatever is needed) using the required fiat or crypto currency.
• Alice transfers her access token (in this case, a payment receipt) for X to Bob.
• Bob verifies that the access token is valid, and starts a handshake to create a shared session key with Alice.
• Alice participates in the handshake.
• Alice and Bob now have the same session key.
• Bob encrypts X using the previously calculated session key and shares it with Alice, either on- or off-chain.

Method

documentation/code https://github.com/bigchaindb/privacy-protocols

Result

present findings

Recommendation

write recomendation

[jamalv]

possibly related: https://github.com/teamforus/research-and-development/issues/38

[maxvisser]

@jamalv yes this issue is p2p and #38 is between webapp and the app Me.