 What I want to do is to present this project, but I'm not alone. As Tavi mentioned, we are collaborating with people from the labs, from Paris, Nokia the labs officially right now. So this is the team that right now we are working on this project. Federico and Carla, as myself, from here and Roberto Di Pietro and Matteo Signorini from Paris. He is an alumni here at the UPF. He was with us six months ago defending his disease. So and I would like also to mention these two other people that also are from here from Pompeo Fabra. Rafael, as we probably will need to deal with machine learning staff, he's going to help us a little bit on that, especially because we already are collaborating in a project on a doctorate PhD with Alberto, that is the person on the top. So okay, this is the agenda for the next, for the talk. After introducing a little bit on Internet of Things, not that much, but I will try to emphasize if it's possible even more the security and privacy risk that it has. Elisa put me in a nice way to skip somehow this part. And then I will explain a little bit what blockchain technology is, explain a little some details, some building blocks. It is quite an involved protocol, so what I'm going to try to do is to give the main ideas that we need to understand our proposal. Our proposal is this AutoDapps project, but it comes from this, from a word, multi-layered blockchain for the IoT. So I will explain a little bit on that and then I will move on to the project. The project began two weeks, two months ago, so it's just the starting. So one big part would be to explain future work and what is what we are planning to do in the next few years. So nowadays everything is interconnected. Refrigerators, washing machines, everything is wired and interconnected. And the idea is that they make our lives a little bit easier. But because of that they deal with private data, and personal data, not only bank account numbers, but also health information, as Elisa mentioned. So it's something that we should take care about. Just to give you a few information, a few numbers, by 2020 it is expected that 26 billion of devices are connected forming this Internet of Things. This has data from some recent report from Gardner. And the revenue is expected to exceed 300 billion of dollars. So it's quite a bit about money. And to get an idea of how it is increasing, it is doubling what is expected in two years, so in 2018. And of course there will be a lot of devices, a lot of interconnections, and the risk of security issues increase a lot. These are some data to get an idea of the risk. This is some collected information for a recent report, where it's mentioned that 90% of devices collect private information, which is a lot, a big rate. 70% use kind of not properly, not good enough password votes, or not a good way to authenticate to the network. 70% of the devices use unencrypted data, and we should take in mind that 90% of them use personal data. Some other, like these 6 out of 10 devices are the user interface that uses, has some kind of vulnerability. So with that in mind, I would like to just use this nice written report by OWASP, a quite well-reputed open organization, where in 2014 listed the top 10 security risks. And if you have a look at it, it mentions a lot of scenarios where there might be some kind of risk, and they not only describe the scenario, but the potential risk that it's behind the Internet of Things. And some of them are quite well-known attacks. I'm not sure how familiar are you with security and attacks, but this I would say is one of the top 10 popular attacks, like SQL injection, hurt-lit, or cross-site scripting. So with that brief introduction to the Internet of Things, I would like to go into detail what blockchain technology is, but before that, please have a look at these pictures. Because somehow blockchain is behind it. On the left side, we have the Britannica and the Encyclopedia Britannica, with basically how it generates information. So they hire some people, and these people create content, they put all the content together, they sell and people that buy got the information. How it is done in Wikipedia? So in Wikipedia, content is created in a very distributed way. There is nobody managing how the information is created. So everything, there are like more than 20,000 people that are actively collaborating and creating the content on the Wikipedia. Not only that, but also I think it's 20,000, maybe I'm slightly wrong, but it's like a very number. The point is that not only that, so they create the content in a very distributed way, and also it's much more efficient. Here, there is really a surprise how if there is any change, here it's suddenly updated, whereas on the other hand, it's quite difficult to update. So with that in mind, basically I would say that Internet has allowed to use this kind of way to create content in a very distributed way using Wikipedia, and I would say that blockchain can do quite a lot of things for some other scenarios. What is a blockchain? Again, trying to skip a lot of details not to give the main ideas of what it is. In a blockchain, we have an action that we have to, that you want to perform, and we will manage to do it interacting once with, I mean interacting between different peers in a network, and in a network that potentially is unreliable and is not a trusted network. Somehow it can be seen as a huge document where the people can access and can guarantee some properties as integrity, authenticity, and special notes that will be called minors. I will go into details exactly what does it mean in a few minutes. We'll work together without having any idea of who we are, each other. Somehow this idea reminds again, I mean, it's quite similar to the Wikipedia case. I'm not sure how many people are familiar with blockchain, but I'm pretty sure that if I say Bitcoin, probably a lot of you know what Bitcoin is, this new cryptocurrency and this new way of payment that was invented a few years ago in 2008. And what it does behind the Bitcoin, behind the Bitcoin, there is the blockchain. Somehow the importance of the whole thing is the blockchain, especially designed for the Bitcoin. But this is what it's really behind this new currency. So before entering into the details, I would like to explain you a little bit on some building blocks on crypto, just because you get an idea exactly of what it is, the protocol by itself. So I'm trying to be, again, quite not entering into the deep detail, but just a little bit so to get an idea of what's the key issues of the blockchain. So the first thing is the cryptographic hash function. What is a cryptographic hash function? Basically it's a mathematical function that gets as inputs, can get any input of any size and produce an input of a fixed size. One of the important things is that this output is completely random. Or at least it looks like random. Of course it's not going to be random. And take in mind that we can have an input of any size and we are producing some input of maybe 256 bytes. So it's going to be like random, it's completely impossible. But it should be somehow, it should give you some kind of randomness. Another special, two other special properties. The first one is that should be one way. Meaning that it's easy to compute, but it's very difficult to invert. And the second one is this collision resistant. There are a lot of hash functions, a lot of them with different properties. But especially this property, this collision resistant property is especially interesting for us. What does it mean? It means for us in this context. It means that it is invisible to find two different outputs that give you the same output. So it is possible to find x1 and x2. In such a way that the hash function of x1 is equal to the hash function of x2. This is basically what we need to understand about the cryptographic hash function. Two things. Reminder that the output is going to be fixed length and especially it's going to be random, or looks like random at least. And this collision resistant property. We are not only going to deal with that. We are also going to deal with a lot of hashes. A lot of hashes put it in a tree as a tree extractor. This is what is called the Merkle tree. And it's a basic extractor just to check if any of the leaves are or not in a given extractor. Another thing that I would like to talk, just to know that everybody is familiar with this concept of digital signature is a mathematical protocol to produce a signature. What is called a digital signature. In such a way that it cannot be unforgeable. So this is really the signature that usually simulates this handwriting signature that you use on papers. So basically it has three protocols like the key generation protocol that produce two keys. One that is public and the other one that is the view cap. You should get secret. And then this signing and verification protocol. With the signing protocol what you do is you take your document, you produce a hash. This is for efficiency reasons. And then you use some mathematical protocol using your private key. So you produce this signature. Forget about what is inside this thing. The important thing is that you are able to produce a signature which is going to be a bunch of numbers that nobody else is going to be able to reproduce unless this person has the private key. Your private key. Then you attach this to your document and this is your signature. What can do people to check if this is a signature or not? Then these people can use your public key. It is public so anybody knows it and everybody can have and check if computing document, the hash. And then on the other hand the document, sorry, the signature. And then using the public key can check if both hashes are not the same. So basically there is a way to verify if this guy has signed this or not. That's important thing. On top of that what is used on blockchains is not... This is one of the most standards on digital signatures. And what is used on that is the an elliptic corp version of it. Meaning, what does it mean? It means that here when we usually, so if we skip this EC usually where we are adding numbers or we are multiplying, we are multiplying numbers. When we add this EC it means that we are not dealing with numbers anymore in the sense that we are not adding numbers, we are adding points of an elliptic corp. So anytime you want to add p and q that are numbers of an elliptic corp that we have some geometrical procedure to get the sum which is over here. Why am I explaining this? Because probably if some of you know a little bit about crypto then probably you would say, but come on, you need 1024 bits to create this long key so this is not possible for my device. The thing is that if we use elliptic curves the security just to be broadly speaking I would say that if you use elliptic curves then you get the same security but with a very, very, very small key. So even though instead of adding numbers we have to do a little bit more, this a little bit more is not that much but on the other hand we can use very nice size of keys and size of messages and size of habits so that everything fits much better than with the other things. So after this point let me explain you how the protocol goes. So to explain this I will use the Bitcoin even though again what I'm doing is trying to emphasize the use of the blockchain's block chain works but we need to put something to a change so money would be one of the options. Imagine that Alice wants to pay some money to Bob. What she should do in this blockchain with this new blockchain approach? First of all there is no Alice and Bob. There is a bunch of numbers. Actors, these numbers are deduced from these points of the elliptic curves but at the end of the day this is a bunch of numbers. Alice knows that she wants to pay something to this person. This is going to be the public key. The first thing she's going to do is to create a transaction record meaning that given some kind of format she's going to create some information saying that she's Alice, she has three Bitcoins and she wants to pay to Bob. Maybe some other technical stuff and put a digital signature on that say I'm Alice and I'm saying that I want to do this for Bob. That's the first step. On the second step this information is brought to all the network. So all the network receives this information and there will be some special notes, the miners, that will perform some operation on that. Up to now let's say they perform some operation. Then I will explain to you somehow what they had to do. So the idea is that they perform this operation and at some point there will be one of them that succeeds on the operation. So I will explain to you in the next slide what this operation means but it's something that is going to be really, really tough. So they are computing all the time. Actually they are usually computing because they get some rewards, some nice rewards from doing this work the whole day. So non-stop. Okay. So once every ten minutes, actually everything is somehow calibrated to have once every ten minutes, these notes collect not only the money from Alice but also the money from other peers that have tried to pay something in the last period of time, the last ten minutes. And they do these calculations, they do these calculations and mention that I got the solution so the rest of the peers check that the solution is there. And what they do is to agree on that. So they send some kind of confirmation that yes, I saw it and I think it is correct. So once this is done, what they do is create this transaction record that Alice has sent at the very beginning is added to what is called a block. And this block, which should be over here, is added to a blockchain meaning that is a chain of blocks that are related once after the others and that nobody can change. Once Bob has seen that there is quite a lot of people that confirm so that he accepts the money and gets this money as something that is correct. So zooming at some points that probably are a little bit confusing, this could be a block, this could be kind of a block. A block, remember, that is the information, so Alice sent some kind of transaction record that it would be like this, Alice, Bob, the address and some other information. And the nodes collect all the ones that have been sent in the last ten minutes and compute some extra information. And this timestamp, some kind of idea to have where everything has been, so some numbers that will allow us to say when this thing has happened and a block hash that will point to the previous block. So this allows us to create this blockchain and some nonce number. This nonce number is a random number that is, sorry, before this transaction route that would allow us to remember there are four transactions. So we have here these four transactions. So this is kind of the miracle tree that will allow us to check if this transaction is included or not in the block. With all this information, the block hash at the very beginning is computed, how it is computed, so this is what is called a proof of work and for me it's the key issue for the whole blockchain. The thing I just told you that the block hash is a hash of the nonce, the previous block hash, the transaction route and the timestamp. The point, remember that at some point in the protocol we have the sender, Alice, and we have Bob and in the middle one this information has been broadcast to the rest of the nodes. The rest of the nodes have to do some calculations and they have to do a lot of work on that calculation. Once every 10 minutes is supposed to have one is going to have the solution. What is just this calculation? The only thing that they have to do is to compute hashes, but a lot of hashes. A lot of hashes meaning that they have to compute this block hash and try to have, they have to put different random numbers, these different nodes, in such a way that the result that they want to have, this hash of the block header, should be that small, so it should have a lot of zeros and then some number. Depending on the number, usually 40 is like a 40 zeros and then something else, you get more, somehow the way the difficulty is established is playing with these zeros. Remember, and that's the reason I explained you before about the hash, I told you that hash was a way to put any input in a fixed number that looked random. So the point is that there is no way that the nodes, the minor nodes, know what should be the good nodes to produce such an output. So what they have to do is just brute force, there is nothing else. So they have to do, unfortunately there is nothing else. If there is something, then there is a way to cheat. So the nice thing is that the only thing that they can do, is the hash function is good enough, is brute force. And then with this brute force, once in a while, like once in every 10 minutes, there will be one, so this is kind of a statistic, so it can be computed and looked at the numbers, just to see that once every 10 minutes, assuming there is a lot of number, a lot of people, a lot of nodes computing these calculations, will get with the solution. So remember that there was the only thing that they had to go with the solution and say, hey, I have the solution, don't try to compute anything more, because this is the solution and the other thing that they have to do is just to check if it's correct or not. I don't know if, does anybody of you check the blockchain so how all this currency goes? So let me show you something that was the first time, it was a little bit, I thought that how, and this is kind of a life thing, so probably it's not going to change, it's going to work, but if you look at the, okay, I'm finishing, I saw it. So just to show you the picture of how are the transactions right now, so apparently it would be like, okay, I know this is Bitcoin, but for me, the first time I saw it was like, okay, maybe some people is using, I know there is some withdrawal here at Pompeo, but really there is a lot of information going around with this thing. And trying to be quick, let me, there is a lot of applications on these techniques, going from voting solutions that are something that was especially tricky for several things, Internet of Things also for health care, and let me go into the details of our proposal. We proposed to use a multi-layer blockchain to manage somehow the Internet of Things. So the idea was that you don't need to authenticate the case every time you try to do something, but you just go directly to the device that is using, that has used just this information. So I think it's really difficult to explain in five minutes, but in two, it's even more difficult. So I will go directly to saying that this information is probably Federico, so I agree with me that this somehow can be translated to a graph, and it is possible to study quite a lot of information on that. I would like also to say that this is the origin of the idea of the project. This is not Autodavs, but this is the very beginning of everything. This idea was presented to the CISCO IOT's grand security challenge, and it got awarded. And right now we are working on a paper or I would say the academic version of that. And again, this is the proposal. It is based on that with the idea of using this blockchain technology to detect malware. So not only malware, but also any anomaly that might happen in the Internet of Things. So for any kind of anomaly and using the graph, so there will be like this topology analysis for this graph, we will try to extract information and see if there is some malware or not between different layers that should be divided, and I'm not going to enter into the details. Right now, as it is the project, as I mentioned before, Federico just started two months ago trying to implement. First thing was to collect this data and put it in a graph, which should be a tool that we will be using through the rest of the project to skip smart contracts and everything. He's using this open platform called Coins. And this is the idea to continue. So the idea is basically this would be the steps that we plan to perform in immediate steps, I mean time, and these somehow like these midterm steps. Federico is joining us doing the PhD at PhD, and this would be like the first two things to look at it. And a part of this, there is like blockchain technology is something really new and applied to different contexts is not going to be an easy way, especially because this proof of work that I mentioned that the miners do is something that is not, it cannot be directly translated to other scenarios, so we should think about it a little bit more. Behind that there will be problems with privacy probably because everything is public, a part of the pseudonyms. Scaling is something to take care about. And then this thing as I mentioned, so for the point with the I mentioned at some point that the miners get some reward to doing these calculations all the time. So what should we do for other applications when there is no money behind? It's something that there should be, there is research to do it on that and actually there is, I know that Game Theory works working on that. So as I mentioned, this is the people that is behind this. Right now Mateo is helping to develop this tool to Federico and he is going to do his PhD under the supervision of Roberto and myself. Rafael is going to help us with machine learning and this proof of work and these photocryptographic techniques, probably Carla is going to help us as she is an expert on zero knowledge proof that somehow has some relation with what is going on behind that. We are planning also to ask for a joint PhD European industrial PhD in the next, I think the next call is going to be in January so that's the idea that we have in mind. And sorry for taking more time.