By Olivier Boireau, CEO and Founder of Vormgeving SHIFT
Blockchain is converting the way gegevens is collective and value is transferred. However, there remain significant obstacles that vereiste be overcome before blockchain is ready for mainstream adoption—most notably, security. How to protect both the cryptographic keys that permit access to the ledger and blockchain applications remain top concerns for any organization or individual interested te using blockchain to transact anything of significant value.
Many hail blockchain technology spil a security innovation because it provides a trusted ledger, which shifts gegevens storage and protection from a centralized to decentralized proefje. Trust comes from the process itself rather than from the status of any one participant. This permits two untrusted parties to efficiently record transactions ter a verifiable, voortdurend way without using an intermediary.
While blockchain shows promises te its capability to support an endless number of innovative financial trading, payments, healthcare, government and other critical applications, latest high-profile breaches of blockchain exchanges vertoning that blockchain participants and their access to the blockchain represent a security weakness that vereiste be addressed before the technology can reach its total potential.
What is Blockchain?
Any fresh record is verified by overeenstemming meaning that various network participants, called “miners,” work together to verify the integrity of the gegevens. Once verified by a majority of the miners, the block is stored ter an encrypted and decentralized style across the network. This results ter a system of record-keeping that is maintained solely by network participants.
Blockchain is revolutionary because it enables the creation and operation of a “trustless network.” Using blockchain, unrelated parties can transact with one another without pre-existing trust, middlemen, or supervisory authorities. Te the case of Bitcoin, for example, blockchain helps create fresh depository and transaction mechanisms that no longer rely on banks or other third-party intermediaries. This gives blockchain the power to disrupt existing financial systems and create a fresh financial architecture based on pc algorithms rather on interpersonal trust.
The power of blockchain to decentralize markets and undermine the control of existing middlemen has captured the imagination of Silicon Valley and Wall Street alike. Moving forward, blockchain isn’t just about disintermediating the middleman, but rather about solving problems or seizing opportunities that have eluded current systems.
Despite all the allure of blockchain, significant security challenges still remain. A latest Greenwich Associates survey underscores the importance of overcoming thesis security roadblocks—85% of survey respondents are worried or very worried that permissioned networks and centralized identity management systems are creating a big target for hackers.
Private Keys: The Keys to the Blockchain Kingdom
While blockchain technology secures gegevens ter transit from place to place using cryptography, the private key becomes vulnerable to theft when it is stored or displayed at one end or the other—whether that be on a chunk of paper, screen, disk, te memory or on the cloud.
To keep digital assets and private keys safe, most people presently use software called wallets or multi-signature wallets, but thesis solutions are driven more by convenience, than security. Hardware wallets, like Trezor or Keepkey, were designed to suggest a higher level of private key security, but even thesis solutions are vulnerable to various hacks, including fault injections.
A fault injection attack is a proces used to maliciously introduce an error ter a computing device ter order to alter the software execution. The aim of the fault injection can be to either (1) avoid the execution of an instruction or (Two) omkoopbaar the gegevens the processor is working with. Thesis technics can be used to compromise the security of hardware wallets by bypassing security checks or leaking the private keys.
Once private keys are stolen, it does not matter how secure the blockchain itself is—anyone can monetize and exploit the asset and any malicious transfer of value is typically instantaneous and irreversible. Today, hackers commonly target online services that store the private keys for a large number of users or infect network participants with a malware that searches for private keys.
Te August 2016, hackers stole $72 million worth of bitcoin from accounts at the Hong Kong cryptocurrency exchange Bitfinex. Te the Bitfinex hack, at least two private keys stored te a multi-signature wallet hosted by BitGo were compromised. Public blockchain participants have lost millions of dollars spil a result of compromised security systems.
Immutability: When Lies Become Truth
This is exactly what happened with the Ethereum blockchain when an attacker attempted to steal about $50M of the digital currency, Ether. Two other blockchains based on Ethereum, Krypton and Shift, suffered what are commonly referred to spil 51% attacks te August 2016.
The attack works when hackers are able to compromise overheen half the knots participating te the distributed ledger. Ter which case, they can prevent fresh transactions from gaining confirmations and halt transactions inbetween some or all users. They also can switch roles transactions that were ended while they were te control of the network, meaning they could double-spend coins if attacking a cryptocurrency blockchain.
Blockchains (like all distributed systems) are not so much resistant to bad actors spil they are ‘anti-fragile’ – meaning, they react to attacks and grow stronger. However, this requires a large network of users. If a blockchain is not a sturdy network with a widely distributed grid of knots, it becomes more difficult to ensure the immutability of the ledger.
How to Protect Blockchains Against Hacks
HSMs are designed to protect potential access points te virtually any application that requires secure, verified digital signatures. People rely on the security provided by HSMs ter their everyday life without even knowing it. HSMs housed te canap gegevens centers verify Speld numbers every time a customer withdraw contant from an ATM and validate transactions at merchant POS terminals when consumers purchase goods.
Using HSMs to protect blockchain ledgers, digital wallets and applications against hacks can provide the trusted computing environment necessary to take total advantage of the blockchain protocol. To execute a successful attack, attackers would either need to have administrative privileges, access to gegevens before it is encrypted, or physical access to the HSM(s), which makes the attack vector utterly difficult and unprofitable for a hacker. Fifty-eight procent of Greenwich Associates probe participants agreed that HSMs are an essential part of addressing blockchain security concerns.
What Makes HSMs Virtually Impenetrable to Attacks?
HSMs are dedicated hardware systems specifically designed to store and manage private and public keys. The entire cryptography key lifecycle – from provisioning, managing, and storing to disposing or archiving the keys – occurs ter the HSM. Digital signatures also may be captured via an HSM, and all access transactions are logged to create an audit trail.
An HSM is hardened against tampering or harm and may be located te a physically secure area of a gegevens center to prevent unauthorized voeling. The module may be embedded te other hardware, connected to a server spil part of a network, or used spil a standalone device offline.
An HSM is a trusted computing environment because it:
1. Is built on top of specialized hardware, which is well-tested and certified te special laboratories.
Two. Has a security-focused OS.
Three. Boundaries access via a network interface that is stringently managed by internal rules.
Four. Actively hides and protects cryptographic material.
Delivering Industrial-Grade Security to the Masses
This next-generation of ultra-secure PCs come with an embedded HSM and requires two factors of authentication (a key and a password) to make sure that unauthorized users cannot access the device. Additionally, the PC is protected against physical attacks with a tamper-proof casing and the private key is erased if any of the PCs physical or logical security controls are breached.
Using trusted computers ter place of digital wallets and spil blockchain knots provides the missing listig that will give security-conscious users and organizations assurance that no matter what blockchain application they choose, they have the means to protect digital assets using a turnkey solution that is virtually impenetrable.
Innovations te blockchain security will make the technology increasingly attractive – and usable – for a broader number of organizations and consumers. It is difficult to predict where blockchain technology is headed next, but it has all the makings of a truly disruptive technology.
Further to leading Vormgeving SHIFT, Olivier develops hardware and software vormgeving for POS, cameras, smartphones, netbooks, and consumer electronics devices. He specializes ter defining wireless HW architecture, developing strategies for HW device vormgeving (ODM, Silicon Vrouwen, SW platforms) and has received numerous industry awards for his innovations.