2018 was a stormy year for the crypto-asset market. We’ve seen the market cap swing from a nearly $800 billion high in January to $100 billion low in December, according to CoinMarketCap. Governments and leading financial institutions contemplated their stances on and activity in the crypto space. In spite of the steep drop in the market, technology advancements have continued as players in the crypto ecosystem work to build a more stable, more mature and more secure set of services.
It’s not too surprising, given the tumultuous times and early stage of maturity of the market, that hackers have managed to steal a significant amount of cryptocurrency — estimated at around $1 billion in cryptocurrency stolen globally this year.
In many cases, the weakness exploited by attackers is their ability to get hold of other account holders’ private keys and then use them to transfer cryptocurrency to their own accounts. Attackers looking for large amounts of money aim for providers of crypto custody and exchange services, seeking to compromise the wallets of multiple users of those services, or the wallets of the providers themselves. The biggest theft of the year―over $500 million worth of NEM coins stolen from cryptocurrency exchange Coincheck―is a prime example of the latter type of attack.
A potentially scarier scenario than attacks exploiting weaknesses in security implementation would be an attacker undermining the cryptographic foundation on which a crypto wallet or service is built. In such a scenario, the attacker could shut-down the entire service, or steal all the funds accessible on that service.
This may sound extreme, but it is not so far-fetched. Compared to the careful, slow and risk-averse mentality that is common in the non-blockchain world, the implementation of cryptography technology in blockchain applications is today often guided by the desire to achieve speed and efficiency, at the cost of security.
Applying cryptography requires a great deal of expertise.
Considering what’s at stake, the underlying cryptography scheme of any crypto-asset system must be implemented with great care and knowledge.
First, an in-depth understanding of a crypto system’s security model (e.g. the types of adversaries that pose a threat and potential attacks) is needed in order to assess the level of security of the system and what constitutes an acceptable risk. This type of cryptography analysis is the basis for making informed decisions on the optimal implementation for the intended use cases.
Second, it’s the role of cryptographers to constantly scrutinize chosen implementations and be ahead of hackers who try to break existing cryptographic schemes―a very lucrative target that attracts brilliant minds.
Best practices for crypto wallet and platform developers: How to avoid the pitfalls?
While the pressure to release a new product may make it tempting to rush through the development process, not following proper care when implementing cryptography can lead to weaknesses that, if exploited, result in dire consequences.
The best approach is to work with vendors of cryptography products and services that bring their expertise to bear. That being said, below are some basic guidelines for developers to follow:
· Use modern, standardized algorithms such as RSA, AES and SHA256/512. The use of outdated algorithms such as SHA1 and MD5, which have been proven vulnerable (consider for example the MD5 algorithm which was exploited in the Flame espionage malware used against Iran), is still common in the market and very risky. Failure to meet the standard in implementation is also dangerous. One example of this issue is the ROCA attack which led to the recall of Microsoft security cards and Estonian IDs, after the RSA key generation method was altered. Finally, the creation of proprietary algorithms should be generally avoided, in favor of existing proven algorithms.
· Use strong, widely used cryptographic libraries such as openssl, which are extensively field tested and updated to be secure.
· Follow a rigorous process whenever developing new cryptographic protocols to validate their security. The process should start with a specification of the purpose of the protocol―this serves as a useful reminder when developing and debugging code. A formal description of the protocol itself is needed to clarify how it achieves its stated purpose and to facilitate security assessment. Finally, proof of security should be achieved thorough review of the code by external cryptography experts.
· Consider the entire system implementation, not just specific cryptographic components. For example, does your threat model address various types of adversaries, including ones with malicious intent? Are you implementing security measures to not just protect keys from theft but also enforce authorized use of the keys? Is a cryptographic random number generator used, to create truly random keys?
· Ensure your system is crypto-agile, so you can quickly add support for new algorithms such as new elliptic curves or post-quantum secure cryptography, and fix vulnerabilities promptly when discovered.
5 things customers should ask when choosing a crypto wallet or service:
When choosing a crypto-asset service provider or technology vendor to work with, it is strongly advised to assess the underlying cryptography technology and methods deployed. Following are five recommended aspects to check:
1. Ask the vendor to provide information on cryptographic algorithms and methods used. Do they have the information available? Has the vendor adopted industry accepted standards?
2. Are all cryptographic protocols used by the vendor well defined and proven to be secure?
3. Check if the overall cryptographic implementation was reviewed by a cryptography expert.
4. If the vendor is using proprietary or non-standard cryptography, inquire what the purpose of the vendor’s decision to go this route. Ask for proof of security.
5. Ask what actions the vendor is taking to ensure the security posture — including the cryptography implementation — remains high moving forward.
The bottom line
Though speed is of the essence in the digital economy, when it comes to applying cryptography, it is critical to play it safe. Proper implementation requires a careful mindset and in-depth expertise in the field. Once establishing a robust cryptographic foundation, crypto-asset product and service providers can benefit from the delivery of secure and differentiated offerings.