The Role of Cryptography in Procurement and Supply Chain
This series will be a look into the underlying technologies of the popular blockchain with an eye towards applications in procurement and supply chain.
While blockchain is currently revolutionizing many industries as well as public psychology, it is important to note that it is actually a collection of existing technologies and methods used in a revolutionary way. Once we look at and understand these sub technologies, finding innovative applications in procurement and supply chain can be extremely beneficial.
Cryptography
Cryptology, and specifically the use of encrypting data, has become increasingly popular as we have shared more and more data over open networks through the use of the Internet.
Where we used to share bank statements from our personal study to our CPA in a one on one meeting, we started sending these documents digitally. This produced great time saving benefits and more efficient ways of processing the data, but it also created a way for thieves, or “man-in-the-middle” attacks, to steal and look at your data — by intercepting those network lines. Encryption is a way to scramble the data in a way that it could not be read unless someone knows the secret key.
Encryption is not the only use of codes and keys. The main uses for cryptography include:
- Authentication — SSL Certifications are a great example of this. These certifications authenticate a site you visit on a web server to make sure it is the real server. When visiting your bank to check your balance, you want to make sure
- It is the bank’s website and
- Any data you send to or receive from the bank is encrypted.
- Non-Repudiation — When a user makes a request of some consequence, say transfer the balance of their account to another account; you don’t want them to be able to say at some point “I never asked them to do that!” and sue for the balance. Cryptography is way to stamp a transaction as real and authorized, and thus enable non-repudiation.
- Confidentiality — Similar to the encryption examples above when transferring data to your accountant, cryptography can scrambled a message giving a would-be attacker great difficulty in learning what that message said.
- Integrity — Cryptography can maintain the integrity of any piece of data that is transmitted, namely using something called a hash. I will touch on this briefly below as well as in more detail later on in the series. Any single item that is altered with any digital document or piece of information can be instantly seen when using a hash via cryptography.
Cryptographic systems can provide one or more of the [above] four services. It is important to distinguish between these, as some algorithms are more suited to particular tasks, but not to others. — owasp.org
It is important to note that there are various algorithms and cryptographic systems. Understanding your goal and the priority of multiple goals is essential in choosing which algorithms you use to carry out the varied purposes.
Cryptographic algorithms
While there are many cryptographic systems and algorithms, they fall under two main categories for our purposes.
- Symmetric — Under a symmetric system, both parties reading an encrypted message have the same key to read the message. Both can encrypt and decrypt the message as needed.
- Asymmetric — As can be assumed in contrast to Symmetric, Asymmetric uses two keys. Only one key can encrypt, and either key can decrypt.
Asymmetric cryptography is where things get really interesting and innovative possibilities begin to open up. The two keys, often referred to as private and public keys enable much of the purposes of cryptography including some crucial uses such as digital signing and digital asset ownership.
We’ll take a quick look at Asymmetric cryptography, also known as Public Cryptography, so that we can understand it usefulness, specifically as it relates to supply chain functions.
Public Cryptography
Public/Private Key Cryptography has two keys, one pubic, the other private. The two keys are connected, and one can only be used with the other. They are issued in what are called key pairs.
The public key is widely distributed while the private key must be kept a secret by the encryptor. Both keys can decrypt a message, however only the private key can encrypt it.
A basic scheme might look like this for Alice & Bob:
- Alice wants to send Bob a message
- Alice asks for Bob’s public key
- Alice encrypts with Bob’s public key
- Alice sends the encrypted message to Bob
- Bob uses his private key to decrypt and read the message
Because Alice used Bob’s public key to encrypt, his private key is the only key that can decrypt the message.
The above scheme known as Enveloped Public Key Encryption (EPKE) does a great job at keeping confidentiality; however it does not allow for non-repudiation as anyone with the public key could have sent the message to Bob.
Digital Signatures
Enter Digital Signatures.
Digital signatures are a way to prove who sent something. The sender “signs” the message being sent. In this way, we know that
- No one else but Alice sent the message
- The message was most assuredly sent by Alice.
Point one fulfills our authentication and point two fulfills non-repudiation. Alice cannot later say she didn’t send the message because she signed it.
There are three different algorithms that are used to perform a digital signature
- One algorithm generates the keys
- A second algorithm signs the message
- The third algorithm verifies the message and the signature
The scheme works like this:
1. Generate Key Pair Generation
First a key pair is generated. This means a private and public key are generated. In simple terms
- The private key can encrypt
- The public key can decrypt
The only way this works is if you keep your private key truly private. By being the only one to have this private key, you are the only one who can properly “sign” digital assets.
2. Put the message through a Hash Function
Next you take the message and create a unique hash with it.
Think of this as a fingerprint. Like a fingerprint it is completely unique. Also like a fingerprint you cannot figure out what a person looks like just from the print.
So if I sent you a fingerprint over an email, and told you it was Charlie Delta’s print, you could easily identify everything Charlie touched. You would not know what color Charlie’s hair was, how tall he was, or what his face looked like though.
Also similar to a fingerprint, it is always the same size. Whether Charlie is 6 foot or 5,4”, his finger print is going to be the same size. Likewise, no matter the size or length of the message we feed to a Hash Function, the output will be the same size. This has immense value as we’ll dive into in future posts in the series.
Hashes perform these functions on any digital input whether it is a song, picture, documents, email, voice recording, or website. A Hash is completely unique, but from it you cannot see what the original message was.
By hashing a document, we preserve confidentiality, but also can prove that it is the original document and unaltered (which fulfills the integrity use of cryptography).
3. The hash is encrypted using the private key
Next Alice uses her private key to encrypt the message fingerprint (hash). This is the digital signature. It is unique combination that can only be
- That specific document
- Signed by that specific private key
Once this is done she can then send Bob the both the encrypted message (which contains her signature and the original hash) and the public key.
4. Identify verification
Bob can use the public key to decrypt the message. If Bob uses Alice’s public key, and it works, it tells Bob that it was truly encrypted using only a key that Alice has, and thus it must have been sent by Alice.
After decryption, he can also compare the hash of the document he decrypted with the original document hash sent in the message. If both are identical, then the document is un-altered
Potential in Procurement
Given the number of agreements both implied and explicitly signed, digital signing will play a huge part in the future of procurement and supply. From VMI contracts, to smart contracts based on quality objectives being met, non-repudiation and authentication in agreements will pave the way for a more balanced relationship between supplier and customer.
The relationship will become more based on performance rather than intimidation or threat of business & supply.
Hashes
While we briefly touched on hashes above, I’d like to mention them again to make sure they are, at a base level, understood. The power of hashes in the digital age is amazing. Once you grasp how they work, you will be able to think of infinite uses for this technology.
The Open Web Application Security Project puts it plainly
Hash functions take some data of an arbitrary length (and possibly a key or password) and generate a fixed-length hash based on this input.
…beyond that…
Hash functions used in cryptography have the property that it is easy to calculate the hash, but difficult or impossible to re-generate the original input if only the hash value is known.
There are some great benefits to Hash Functions.
Irreversible
From looking at a hash, it is impossible to tell what the original file was or even what it resembled.
Follow the below for an example of the SHA-256 hash function.
- Goto a SHA-256 Calculator
- Type in the following: “Hello Bob, this is Alice.” Exactly as it is between the quotes
- You should get the following Hash: 2930f1078a91b53a0d2be8d9b6e9290ba68cccf77768c2a48e1c38e1558c2e96 or in bit by bit format 29:30:f1:07:8a:91:b5:3a:0d:2b:e8:d9:b6:e9:29:0b:a6:8c:cc:f7:77:68:c2:a4:8e:1c:38:e1:55:8c:2e:96
Deterministic
The other thing to notice above is that when you type the same sentence I typed, as I typed it, you will get the same hash. This is an important property, that if we hash the same input, we continually get the same output. This is what makes verification possible.
Not Guessable
By this I mean that similar inputs do not yield similar outputs. For example:
- Go back to your SHA-256 Calculator
- This time, type in the same message with one small variation, take out the period: “Hello Bob, this is Alice”
- You should get a completely different Hash equaling 76144e9ec33f3ad0a342c2181b14b25758716b264a09977b15d03cce7ecd581a
Quick to calculate
The computation power required to calculate a hash for any document is extremely small giving way to scaling it without time becoming a factor.
Quick to verify
Because the hash is deterministic as well as randomized from small input changes (Not guessable as stated above), it becomes very quick and easy to verify a hash for document integrity or changes.
With this type of function, the use cases tend to be infinite. If you are still somewhat fuzzy on these functions, take a look at Kahn Academy’s video.
We will cover more on Hash Functions and their applicability to Procurement and Supply Chain later in this series.
Homomorphic Encryption
Now that we understand the basics of Cryptography, Hashes, and Public/Private Keys, we can move on to an extremely interesting application in procurement and supply chain — the Homomorphic Encryption scheme.
In plain English, this is when we encrypt data, but the encrypted data holds some of the properties of the original data without being able to know the original data.
I think it is best to start with a use case to understand Homomorphic Encryption.
Medical Data and Learning
In a data filled world, breakthroughs are made as we find patterns in data, and those breakthroughs are verified by using with forward-looking data.
The more data, the more learning and breakthroughs we can achieve.
However, much of our medical data is silo’d due to private research, medical record privacy laws, and other requirements. This prevents the mass collection and sharing of large datasets of similar data for the use of finding medical breakthroughs and improving patient diagnosis.
However, what if we could share all of our medical data with everyone else working on similar problems or diagnosis while simultaneously keeping back exactly what the data is, or even what you are trying to solve for?
That is what homomorphic encryption allows!
People such as Doyel Pal are working on linking medical data without sharing specifics such as patient identification and other private data.
Numerai and Stock Market Prediction
An even more interesting example is that of Numerai. They have developed a homomorphic encryption setup whereby they share various market data and have data scientists compete to predict the outputs.
Let’s say I am looking to develop a model to predict the movement of utility stocks. I have a theory that the following inputs will help predict this market sector:
- Interest rates
- 6 month weather temperature forecasts
- Migration patterns to Florida and California
- Past 6 Month movement of the S&P
I would take a historical record of the above 4 numbers along with what the Utility sector performance was and put them into a sheet like below:
My issue is that if I shared this with an intelligent data scientist that figured out a great AI model to predict the returns, he might take my idea, use it, and never tell me.
So how do I outsource this type of work without loosing intellectual property?
I send it to them encrypted.
It might look something like the below:
In the case of Homomorphic Encryption, any models they build with the encrypted data will also work with the original data.
[It] allows computation on ciphertexts, generating an encrypted result which, when decrypted, matches the result of the operations as if they had been performed on the plaintext. Homomorphic Encryption — Wikipedia
They would not know what they were predicting, only that it worked. Thus the model could be sent back to Numerai, and the scientist rewarded, all without risking IP loss.
This use is known as Secure Multi-Party Computation and defined as
a subfield of cryptography with the goal of creating methods for parties to jointly compute a function over their inputs while keeping those inputs private
And…
Unlike traditional cryptographic tasks, where the adversary is outside the system of participants (an eavesdropper on the sender and receiver) the adversary in this model controls actual participants Multi-Party Secure Computation
What makes it so interesting is that an attacker can actually participate in it and yet still not understand and use the data. Eavesdropping no longer matters.
Voting Tallies and Anonymity
Let’s look at a more concrete example of mathematical operations on encrypted data.
Let’s say we have a number of voters which want to remain private as to who they voted for. So each voter (V) places a vote for a candidate (X, Y, or Z)
Above, 1 is a vote, and 0 is a non-vote
We can publicly show all encrypted votes and who placed the encrypted votes, yet thanks to hashes not being guessable (as stated above), we would not be able to see who they voted for. Picture this as below
All of the votes are now encrypted and we cannot tell what they are. Each vote is a unique combination of the voter (V1, V2, or V3), votee (X,Y,Z), and a vote (0,1). So we cannot simply look in a row and see a duplicate encrypted message and know that it is a 0. The hashes for a tuples
t1 = (V1, X, 0) and
t2 = (V1, X,0)
will be vastly different given how small variations in inputs drastically change hash outputs.
However, we can still add the columns and arrive at an encrypted total. This encrypted total, when decrypted will show us the actual total of votes. The mathematical property of addition still holds to the encrypted data (in this case thanks to the Pallier System).
So we can add up the encrypted values, and then simply decrypt the total row and see who won without knowing who voted for who.
Anonymity is maintained while mathematical addition properties are retained through the encryption. This is the purpose of homomorphic encryption.
In this case the cryptosystem was partially homomorphic with respect to addition. However, there are fully homomorphic systems using ideal lattices such as in the work of Craig Gentry that allow most mathematical operations to carry through.
Procurement and Supply Chain
I currently see a large number of applications of the above technology in both procurement and supply chains.
Anything where integrity of data, signatures, and private data exist are key examples.
Imagine:
- sending private manufacturing data to a supplier who can produce the part but not understand the technology behind its production. Essentially they produce material and machine and the customer produces the technology
- verifying data and material is from a specific supplier.
- verifying data such as material specifications have not been altered.
- Following the supply chain of materials to understand origin, process parties, and compliance information
- Having access to supplier reputation records prior to placing orders to a new vendor
Combining with the physical world.
Now take it a step further and imaging combining hash technology with physical alterations to verify actual material signatures similar to digital signatures.
The possibilities are endless in procurement and supply chain, and I am looking forward to continuing our exploration of these technologies here at Procurem in order to help the makers of the world spend more time innovating and less time verifying.
I hope this was both interesting and thought provoking for you. If you have anything to add please reach out to me on twitter or linkedin. Thanks!
Originally published at procurem.io.
