Our increasingly connected and digital lives are making us more vulnerable to cyberattacks than ever. As was the case in previous years, 2016 saw a spate of cyberattacks of unprecedented proportions. Some of these incidents were a reminder that the internet is no longer fun and games.
What we also learned was that the current infrastructure that powers our current local and global networks might no longer be able to sustain the new generation of attacks and threats.
Enter the blockchain, the distributed ledger that underlies the popular and controversial Bitcoin cryptocurrency, the technology that is the result of decades of research in cybersecurity and cryptography.
Blockchain’s decentralized structure and robust security offers a totally different approach to storing information and transactions, which can prove to be more resilient and sometimes immune to cyberattacks.
Here are some of the threats that might become a thing of the past with blockchain.
Man in the middle attacks
Current encrypted communications such as HTTPS and TLS rely on the Public Key Infrastructure (PKI) and Certificate Authorities (CA) to secure channels. Every participant has an asymmetric private/public encryption key pair (see this post for a brief explanation of how asymmetric encryption works), keeping the private key to themselves while making the public key available to the public through trusted a trusted broker (the CA).
When a user wants to establish a secure connection (such as sending an encrypted email or connecting to a website), they pull off their interlocutor’s public key from the broker’s repository and encrypt their data before sending it, knowing that it can only be decrypted at the destination where the private key exists.
Therefore, the integrity of the system will depend on how secure the central broker and holder of public keys is. If the CA goes down, communications fail.
If it becomes compromised, something worse will happen. Attackers will then be able to stage man-in-the-middle attacks by providing users with forged public keys, to which they hold the private keys, and they can thus decrypt sensitive information. (It’s actually a bit more complicated, but this is as simple as I can make it in a short paragraph.)
In contrast, a blockchain approach can make MitM attacks virtually impossible. When users publish their public keys on the blockchain, the information will be distributed across thousands and millions of nodes, and linked to previous blocks stored on the ledger.
It will be impossible for hackers to circumvent the cryptography that makes the blockchain immutable, and there will be no single node they can compromise to publish their fake keys.
Last February, hackers managed to compromise the website of Linux Mint and distribute their own infected version of the operating system, which contained a backdoor. Distributors usually publish hashes of their software binaries to provide users with a means to verify the authenticity of their copy.
However, the problem is, when hackers compromise the website, they’ll publish the hash of their own version of the operating system, duping unfortunate users into thinking they’ve downloaded the authentic version of the software.
The same can be applied to any other data that is made available to the public or distributed to a specific network. There’s no definite way to make sure the data hasn’t been tampered with if the hash can be compromised and changed.
In contrast, imagine a blockchain where every user can publish a hash associated to a particular file, OS image, software binary, or any other data which needs to be protected from tampering. While an attacker might be able to compromise the storage location and tamper with the data, they won’t be able to change the hash stored on the blockchain. This will make it known to everyone that the data has been manipulated.
The difference between the blockchain security and traditional models is that, instead of relying on preserving secrets, the blockchain relies on transparency and general knowledge to protect information and data.
The massive Distributed Denial of Service (DDoS) attack of last October, which cut off millions of users from major services such as Twitter, PayPal, Netflix and Spotify, reminded us of the insecurity of the internet of things and the vulnerability of the infrastructure that underlies the internet.
What made the attack notable was that instead of attacking each of the websites, the attackers targeted the servers of Dyn, the company providing DNS services to millions of users. By bringing down Dyn’s server, all of the sites whose domains were being resolved through Dyn became inaccessible.
The Dyn attack was another example of how single points of failure and centralized systems are making us vulnerable. An even more evil scenario would be to compromise a DNS server and change entries to redirect users to malicious versions of websites.
A workaround would be to have a DNS system based on blockchain. Instead of relying on central DNS servers to store name-IP resolution pairs, every entry is registered on the blockchain and distributed among the nodes that constitute the blockchain.
This provides both transparency and security. Hackers will no longer be able to target the DNS infrastructure by attacking a specific server or server cluster, and the data entries can’t be tampered to direct traffic to malicious sources.
The vulnerabilities of centralized systems are becoming more and more evident as cyberattacks grow in size and number. Decentralized alternatives can offer a workaround to those vulnerabilities, but they need to run on a platform that doesn’t introduce its own security holes. Blockchain might prove to be the technology to power secure, reliable and decentralized services. There are already many exciting projects being led in each of these fields. It will be interesting how the trend develops into a replacement for the infrastructure and models that we’ve been using for decades.