MEC.conf

MEC.conf

The Developer Conference

Nino Stephen Mathew

@ninostephen

Blockchain based e-Governance

Submitted Jun 20, 2019

In countries like India, to do various activities there are a lot of paperwork to be done and at times these can be really tiresome. It is widely known that people with power, especially politicians, can do much harm during the processing of an application. These include tampering, document hoarding, rejecting applications using false claims, delaying the process etc. The threat actor could be anyone ranging from an evil peon to a dishonest officials. This can take place even in cases where every document is either on paper or stored and processed digitally. In both cases, all the mentioned problems may arise.

              This is where the relevance of this project arises. The paper aims to solve this problems using blockchain. This is a proof of concept project that could prove that blockchain can be used meaningfully to solve the above mentioned problems that takes places every single day in our government and non-government institutions and organizations alike. The project was designed and developed on top of 3 fundamental philosophies : 
  1. Prove the involement of each party in the transaction.
  2. Exponentially harder for the threat actor to tamper a chain even if the blockchain is not distributed (distribution exist in the real application) and
    3.Reduce the time and other resources to verify the chain and/or transaction.
    These are achieved by using various techniques like using virtual subchain and Proof of Authority as consensus mechanism.

NB : This is not a DAO and certainly not based on Ethereum.

Outline

The project can be best explained with an example. Consider a government office. If someone wants to update the aadhaar or transfer ownership of his/her assets to someone else. The first step would be submitting a proposal which gets evaluated and verified by a government official. It is then signed and forwarded to another official with higher authority and the similar process continues till the final official which approves the request and all the work is done properly on time. This is how a typical government office works like ideally. But in reality there are other parties such as peons etc that gets hold of these proposals and documents. The documents may get tampered or get hoarded mid way or even get reject without proper reasoning. Even if the proposal and its transactions occur digitally, there is no or very few ways to prove that something went wrong. In such a case and there is certainly no way to prove the involvement of each party that played a role in the application life cycle.
The paper aims to shed some light on how to deal with such problems using the blockchain. There are various transactions that takes place during the life cycle of application. These starts from submitting the proposal to appoval of the same. Each transaction is treated as a block in the blockchain. There are two parts inside a block with multiple fields. The first field is the header part which consists of the unique identifiers of each participants, transaction timestamp, request ID etc. These serves multiple purposes such as identifying the participants of that transaction, uniquely identifying a block or a set of blocks which are related to each other etc. The second part is the transaction part which holds the hashs of 1) the curent transaction data, 2) previous related block and 3) the previous block. These are all signed using ECDSA. The chain formed can be verified similarly as a regular blockchain. The design is in such a way that a complete set of blocks related to a request can be verified independently without the need to verify the entire chain. This is done by using a virtual subchain. The virtual subchain is formed by adding blocks with same request ID one after the other. But the “hash of the previous block” part is excluded . Now this virtual chain can be verified as a seperate chain. This reduces the computational complexities and resource needs too. The tampering of each part of a block can be easily detected by verifying it with r and s values that was generated while signing the hash. Those values are also present in each of the fields of the transaction part of the block. The tampering of the chain is made exponentially harder to perform, even if the chain is not distributed, by encrypting the keys of each user and official with their own key phrase. Lastly the involvement of each party is proved by using the proof of authority consensus mechanism.

Thus we can actively defend against insider threat actors such as evil peons and dishonest employess and officials using the project.

Requirements

VGA to HDMI cable (If the projector only supports HDMI) and mic would be sufficient.

Speaker bio

Nino Stephen is an engineering graduate and was a part time security researcher intern at HackIT Technology & Advisory Services and an aspiring enterprenuer. Even though he is from a system administration and networking background, his interest revolves around malware analysis and authoring, hardware secuirty, IoT secuirty, vulnerability analysis, reverse engineering and exploit development, and android pentesting.

  • twitter.com/ninostephen
  • github.com/ninostephen/egov (project repo)

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Hosted by