Cryptosat, a startup creating satellites that beam cryptographic building blocks down to Earth, has raised $3 million from seed investors. The company aims to harden cryptographic applications by providing tamper-resistant trusted execution environments in space.
Trusted setups are vital to many areas of cryptography. A guaranteed absence of physical security vulnerabilities would improve the integrity of sensitive computations, which could benefit much of today’s blockchain industry and beyond.
Protocol Labs backs Cryptosat in $3 million raise
Cryptosat aims to launch multiple low-orbit satellites that will beam down building blocks for cryptographic systems — like securely generated random numbers — to applications back on Earth. This completely eradicates the physical attack vector, at least until technology improves to the point that some entity can scoop satellites out of space.
Cryptosat’s $3 million seed raise comes from some of the industry’s heavyweights. Joining open-source research and development specialists Protocol Labs are Inflection, GoAhead Ventures, DoraHacks and the founders of Phala Network.
With help from SpaceX, Cryptosat launched its first satellite, Crypto1, into orbit this May. The startup has also conducted experiments on the International Space Station. With its additional funding, Cryptosat’s self-described “root of trust” can expand, hastening the development of novel cryptographic concepts like ZK-SNARKs.
As cited in a press release detailing the seed raise, Yan Michalevsky, Cryptosat’s cofounder, stated:
“Cryptosat provides unprecedented integrity, confidentiality and authenticity guarantees for the most sensitive cryptographic operations by leveraging an environment that provides ultimate physical security: space.”
Protocol Labs is working with Cryptosat on space-hosted Verifiable Delay Functions and other time-based cryptographic primitives. The startup is also partnered with Velas, an EVM-compatible blockchain, for which Cryptosat is building a Random Beacon, capable of transmitting tamperproof random numbers when called by apps.
Farkhad Shagulyamov, the CEO of Velas, commented on the space-based Random Beacon:
“Random Beacons must be unpredictable and resistant to any manipulations. We believe that our partnership with Cryptosat will help us develop a top-quality Random Beacon, which has no analogues in the modern crypto industry.”
Tamperproofing crypto from space
A lot of cryptography relies on securely generated randomicity, key generation and other inputs. That opens the door open to physical attacks. If hardware is compromised, data meant to be secret could leak, rendering systems — often securing billions of dollars — vulnerable to exploitation.
Because of the challenges presented by cutting-edge cryptography and the science’s innate tendency toward privacy, many advanced proof constructions were only feasible for specific applications previously. This significantly hinders experimentation and, consequently, advancement in the field. If successful, Cryptosat’s solution could revolutionize cryptography by making previously challenging tasks as simple as making an oracle request.
A Medium article describes the project’s eventual capabilities. They include enhancements to Public Key Infrastructure systems, an unbiased source of randomness, verifiable event ordering, and elimination of “toxic waste” — the data that needs destroying when setting up ZK-SNARKs.
Brian Wang is a Futurist Thought Leader and a popular Science blogger with 1 million readers per month. His blog Nextbigfuture.com is ranked #1 Science News Blog. It covers many disruptive technology and trends including Space, Robotics, Artificial Intelligence, Medicine, Anti-aging Biotechnology, and Nanotechnology.
Known for identifying cutting edge technologies, he is currently a Co-Founder of a startup and fundraiser for high potential early-stage companies. He is the Head of Research for Allocations for deep technology investments and an Angel Investor at Space Angels.
A frequent speaker at corporations, he has been a TEDx speaker, a Singularity University speaker and guest at numerous interviews for radio and podcasts. He is open to public speaking and advising engagements.
Apparently, the idea is to not to generate random numbers, but to have an actual Certificate Authority in space. The satellite, once in orbit, generates a key pair and starts broadcasting the public key. Then it communicates with a number of ground stations which submit certificate signing requests, encrypted by the satellite’s public key. The satellite generates a signed certificate and updates an accumulator which represents the complete history of its signature requests, which must match the hash of the history of the certificates it has issued since it was launched.
The point of putting it in orbit is to make it expensive to access the device physically as well as to make it evident when someone tries to do so (they must do an orbital rendezvous with a 1 litre object in a well-known and often-tracked orbit.
Here (https://arxiv.org/pdf/1710.01430.pdf) is an article describing the functioning of the satellite.
“This completely eliminates the physical attack vector”.
So it eliminates physical access attack vectors such all the people who touched the satellite before it launched? And the people who built the satellite? And the technicians who loaded it on the rocket? And the programmer who wrote the software on it? And the IT guy who installed the OS and the software on it? And …
Don’t forget rubber hose cryptanalysis, I’m pretty sure it’s vulnerable to that, too.
I suppose this system could be *less* vulnerable than some, though there are still some obvious lines of attack, all of which would have to be pursued before the launch.
The fact that these random numbers can be eavesdropped on is so obvious that I assume the application they have in mind is not a simple one-time pad or similar.
I don’t know what the application is, but obvious flaw is obvious when it comes to the obvious application.
I don’t get it. You intercept the random keys as they are being transmitted to their intended targets. So you have a copy of the key and can decipher any message. After all, the satellite will have a fairly large radio cone back to earth. What am I missing here?
The chief issue I see is that guaranteed random seeds aren’t actually that great a contribution to cryptographic security if they can be intercepted.
Now, if you launched this thing with a huge one time pad that people could buy pages of, they might exchange keys without interception. But you’d risk the pad itself being copied in advance of the launch. Perhaps have it watched by multiple trusted actors?
The problem, I guess, is that SOME part of the system is at some point located on Earth, and subject to physical interrogation. At some point you can’t get around the requirement for trust. At least not so far as I know; My understanding of cryptography is seriously out of date.