Access Management , Identity & Access Management , Next-Generation Technologies & Secure Development

Using Blockchain for Authentication

Primechain's Rohas Nagpal Describes the Use Cases
Using Blockchain for Authentication
Rohas Nagpal, chief architect, blockchain, Primechain Technologies

Rohas Nagpal will be a featured speaker at ISMG's Security Summit in Mumbai, to be held on Nov.29. Get more details on the session, as well as other speakers at the Security Summit: Mumbai.

Blockchain is increasingly being used to support authentication without passwords, says Rohas Nagpal achief architect at Primechain Technologies, a startup company.

"When you onboard a user, his blockchain pubic key, private key and address gets generated and an RSA public key/private key gets generated," Nagpal explains in an interview with Information Security Media Group.

"The private key of the blockchain as well as the RSA will be stored on the users' device exclusively. The public key and the address will be stored on the blockchain. Now whenever this user makes a request to a website. The user basically sends her blockchain address and then the target system generates a random number ... and only the authorized user will be able to decrypt this, get the key, sign it using the elliptical curve digital signature, and send the signature back, which then can they be verified." (See: How IAM is Evolving in the Blockchain Era)

There are eight mature blockchain frameworks, each suited for a particular use, Nagpal says. "For example, if I was to design a solution around smart asset lifecycle management ... then the multichain [blockchain framework] would be the best to use. But if documents are being stored, then I would recommend a hyperledger."

In this interview (see audio link below image), Nagpal also discusses:

  • How banks in India plan to use blockchain;
  • The different blockchain frameworks;
  • Areas where blockchain is not relevant.

Nagpal is the chief blockchain architect at Primechain Technologies. He has more than 20 years of experience in cybercrime investigation and cybersecurity. He co-founded Asian School of Cyber Laws in 1999 and has investigated cybercrimes and data breaches for hundreds of organizations. He has assisted the government of India in framing draft rules and regulations under the Information Technology Act.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.