EMC or "emercoin" (lower case) is the monetary unit of account used for financial transactions on the Emercoin blockchain, and for Emercoin blockchain services. An EMC cent (EMc) is 0.01 EMC.
The infrastructure sits on the Emercoin cryptocurrency blockchain, using the blockchain as a decentralized trust store of hash sums for client SSL-certificates. Certificates can be generated by clients locally, without any central authority, and quickly replaced as needed. This makes the system effective both for scheduled replacement and rapid recall of compromised certificates.
The uniqueness of the proposal is in the complete decentralization of the system, i.e. the lack of a group of servers running under a single authorization (as used in the systems of Kerberos, OpenID, TeddyID and the like). As a result, it is not possible for EMCSSL to suffer system-wide service disruption either due to technical failure or malicious attack upon authorization servers. In addition, it is not possible for a user to have their accounts globally suspended at the whim of a single authority.
Also outlined is InfoCard - a decentralized distributed "business card" system that complements EMCSSL's passwordless logins by allowing website profiles to be automatically populated. InfoCard has the ability to organize information in a hierarchical structure, which can be useful for quick content updates to all cards within companies or other organizations.
The Current Status
In today's internet, the main way for a server to authenticate a client is a password system. The idea is that you have a secret password, created when first using a site, which confirms your identity on subsequent visits. While it looks simple on the surface, this system has a number of disadvantages:
Weak password. Creating the password is normally the responsibility of the user, who often chooses a password that is too easy to guess, such as a simple dictionary word, or a dictionary word with a slight variation.
Complex passwords. To avoid weak passwords, many sites force users to invent complicated passwords that contain a combination of characters, numbers, and symbols; even the password «mWxbq7LECJ7m4Gtu95L» would be considered weak on sites with strict password requirements because it contains no symbols like @!$. As requirements are not standardized, a password may be rejected for any number of other reasons - e.g. the password above would be rejected by some sites because its length exceeds a 16 character limit.
The complexity of password management. Since there is no uniform standard for passwords, it is impossible to create a universal password generator that could create passwords to suit all sites. As a result, a number of "Password Keeper" tools have been invented - where a password-protected database contains all the other passwords. In addition, many sites require passwords to be changed regularly, and after a password change, users worried about forgetting their new password will simply write it down somewhere. Needless to say, recording passwords in plain text is a direct path to the passwords being compromised.
The need for a unique password for each site. When passwords are presented for login it is possible for them to be intercepted in transit, and in some cases, passwords can also be stolen as a result of a site hack. If the same password is used for different sites, such password leaks can be disastrous - the owner of the compromised password has to frantically recall every use of the password and urgently change passwords on every site - before the attacker does!
Recovering forgotten and lost passwords. Surely many people have encountered the procedure of trying to prove their identity to a site in the event of a lost or forgotten password, where failing to complete the process has resulted in the loss of the account.
Introducing EMCSSL
EMCSSL is based on client SSL-certificates, but as well as client authentication, it also provides a secure encrypted channel of communication with the server, all in a single package. Unlike other SSL systems, there is no trusted CA - the role of CA is performed by the blockchain of the decentralized cryptocurrency Emercoin. Thus, the client SSL-certificates can be generated and updated completely on the client side without restrictions or need for interaction with another party.
In EMCSSL, the client SSL-certificate can be reused for authentication on multiple servers without sacrificing security. For normal internet use the user (you) would have just one single certificate, which radically simplifies the support of a large group of accounts, and eliminates the need for tens or hundreds of passwords. The option exists to use several certificates at a time, but this would not be needed to enhance security. Several certificates would only be needed if a user wished to maintain some "masks" i.e. different accounts.
In addition, EMCSSL does not permit "man in the middle" attacks as described above, since the server checks on the EMC blockchain whether it is a real certificate from the client, or fake (see below).
How it works in practice
To generate client certificates with EMCSSL, download the toolkit for your operating system from https://pool.emercoin.com/emcssl, and unzip to any directory. The toolkit consists of three *.sh scripts for Unix-type operating systems. The Windows-based version also has a set of win-bash OpenSSL utilities and *.bat files. No installation is required, you simply run the appropriate script. The site also contains a link to a test page that prints the contents of your EMCSSL certificate and InfoCard, if present.
More info :
https://emercoin.com
https://t.me/emercoin_official
SUPPORT@EMERCOIN.COM
https://emercoin.com/files/pdf/en/whitepaper.pdf
No comments