Bitcoin and Cryptocurrency Technologies
1Qqc4BN
1Qqc4BN
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>and</strong> the engine to start based on the proximity of the fob to the car <strong>and</strong> potentially a user action such<br />
as pushing a button.<br />
To prevent an adversary from spoofing the car key, such unlocking mechanisms should use<br />
cryptography. While security researchers have found problems with many recently deployed locking<br />
protocols, it’s possible to get it right. Typically these algorithms employ symmetric key cryptography,<br />
but for the purposes of our example, consider one that uses a digital signature scheme, such as<br />
ECDSA, based on asymmetric cryptography.<br />
In this example, the car might store a copy of the public key(s) of the fob(s) authorized to open the<br />
doors <strong>and</strong> start the engine. When a fob requests access, the car sends a r<strong>and</strong>om challenge <strong>and</strong> asks<br />
the fob to sign it with the private key that it stores. If <strong>and</strong> only if the fob can respond with a proper<br />
signature on this challenge, the car authorizes access. So far this is not much of a departure from how<br />
locking mechanisms actually work, except that it uses heavier‐weight crypto that would be slightly<br />
more costly to deploy.<br />
Get Smart.The next iteration of designing a smart car is to assume that the public key that verifies the<br />
key fob is not hardcoded by the manufacturer directly. Instead, the car has the technical capability to<br />
constantly, wirelessly receive new blocks from a block chain such as <strong>Bitcoin</strong>’s. When the car is<br />
manufactured, the public key in the key fob of its first user (say a manager on the assembly plant) is<br />
added to the block chain in a special transaction, <strong>and</strong> the car is programmed with its transaction ID.<br />
The core idea is that as the car changes possession — it might go from an assembly line to quality<br />
control to a delivery person to a car dealership to its first owner — updates to the block chain will<br />
authorize each transfer. It is important to note that in this model, the authorized key fob does not<br />
travel with the car. Each person or entity has a pre‐existing key fob (or carries/wears technology<br />
suitable for implementing the functions of a key fob) with a unique signing key which is activated or<br />
deactivated based on transactions that occur on the block chain. Such a transaction would take the<br />
car’s most recent transaction ID as an input <strong>and</strong> designate a new public key as the output. It would be<br />
signed with the private key corresponding to the current owner.<br />
This is similar to the idea of smart property that we discussed in Chapter 9, but with a key difference.<br />
The block chain transaction doesn’t merely representa change in ownershipof the car: it additionally<br />
transfers actual physical control or possessionof the car. When a car is transferred this way the earlier<br />
owner’s key fob stops working <strong>and</strong> the new owner’s key fob gains the ability to open the locks <strong>and</strong><br />
start the engine. Equating ownership with possession in this way has profound implications. It enables<br />
a powerful kind of decentralization, but it is not obvious if this is a good idea. We’ll return to this<br />
question in the final section of this chapter.<br />
Secure exchange.Let’s consider the situation where Alice owns a smart car <strong>and</strong> wants to sell it to Bob.<br />
The ability to transfer control digitally opens up interesting possibilities. For example, Alice might be<br />
traveling overseas <strong>and</strong> to fund further travel expenses might want to sell her car, which is physically<br />
parked in her driveway back home. With an internet connection, Bob could pay Alice for the car with<br />
294