Blockchain, with its application of the cryptographic distributed ledger architecture, could potentially bring spectacular disruption across all industries. However, in our enthusiasm, we must not overlook the security risks that this new technology brings.
The matter of key protection and key governance in blockchain is a crucial yet mostly unresolved obstacle. This is the first-time that private keys are directly tokenized to assets; such as digital currency, stocks, smart contract, real estate, cars, and energy. Thus, securing the signing keys used to trade and transact with these assets is highly important, because once the keys are lost or stolen, so are the assets themselves. Non-repudiable ownership is certainly an irresistible incentive for criminals, indeed.
The importance of key security has been demonstrated in many incidents over the past few years, including the following notable hacks:
Bitfinex Hong Kong: In August 2016, one of the world’s biggest bitcoin exchanges was hacked, with around $72 million stolen, despite Bitfinex using multi-sig security architecture.
Mt. Gox: In 2013, the Japan-based bitcoin exchange, Mt. Gox, was the largest exchange and handled around 70% of global bitcoin transactions. By early 2014, they filed for bankruptcy due to a hacking theft of nearly half a billion dollars worth of bitcoin.
Good Samaritan White Hat: A white hat hacker was able to exploit a security flaw in Blockchain’s key generation algorithm to siphon over 800 BTC from users’ wallets. Being a white hat, he returned the coins, but again visualized the problematic issues with protecting keys in the blockchain.
“Pony” Botnet: Over the course of 5 months (Sept 2013 – Jan 2014), criminals used a botnet known as Pony to infect a large number of computers, stealing up to $220,000 worth of bitcoins and other cryptocurrencies. Pony was the same botnet that was found to have stolen more than two million passwords and stored them on a server owned by the hackers. Pony infected computers and stole bitcoin wallets stored locally on the infected machines., effectively showing the dangers of storing bitcoin wallets on Internet-connected devices.
Why don’t the key security methods used in traditional crypto work for blockchain as well?
These hardware solutions are very secure – BUT are rigid, inelastic, very hard to scale, expensive to maintain, deploy and provision. They are extremely challenging to work with in cloud environments. On top of that, scaling hardware-based encryption solutions for blockchain is highly problematic due to few inherent problems:
- Non-Standard Crypto: Bitcoin, for example, uses non-standard crypto, specifically ECDSA curve with parameters secp256k1 which was almost never used before bitcoin became popular, but is now used more widely due to its ability to perform very efficient computation, over 30% faster than other (standard) ECDSA curves. This non-standard curve is not supported by the majority of secure encryption hardware today. And with other and future blockchain networks using other curves, there is no way for hardware to scale to support blockchain in a timely manner, given the long lead times for development and update.
- Private Key Seeding: In addition to using the key, in bitcoin there’s a process of seeding a private key per transaction in order to preserve user anonymity, so multiple private keys are generated from the same seed. Thus, the seed is highly sensitive and must remain secure. This means that the seeding process must be protected within boundaries of the secure hardware and not just the signing operation. Most secure hardware cannot give protection to both processes without massive modification: (i) derivation of private key from seed, (ii) the private key itself used to sign the trx.
- Multi-Sig Scalability: Blockchain networks contain huge amounts of keys on the backend when using multi-sig security architecture, which is a considered an industry standard today. Existing Hardware Security Modules (HSMs) can typically store no more than 10Ks of keys. How can that scale to millions of transactions and more?
Out with the old and in with the new… key protection methods
Dyadic offers a creative and unique solution for key security and key governance in blockchain. Based on our vHSM technology, Dyadic offers a pure software solution while maintaining the hardware-level security guarantees found in the traditional methods – thereby eliminating the tradeoff between security and usability. Including powerful tamper-proof logging and auditing capabilities, Dyadic’s key management technology is built for the future – supporting the massive scale, speed and agility requirements fueled by the cloud, mobility, IoT and blockchain revolutions. In our next post, we will share more details on this solution and its implementation in a real world wallet.