How blockchain can help fight cyberattacks

Crazy Review : Blockchain, or distributed ledger technology, is a decentralized and more secure currency trading platform. This technology provides a completely different way to store information and perform functions, and has great potential in improving network security and protecting organizations and programs from cyber attacks.

Translation: Flora

Imagine a computing platform that not only has a zero-failure operating environment, but is also resilient enough to defend against the kinds of cyberattacks that have dominated the headlines lately. That’s the promise of blockchain, the distributed ledger that underpins digital currencies like Bitcoin and Ethereum and challenges the traditional host/guest model.

In 2009, Bitcoin became the first real-world experiment with blockchain, a secure, decentralized platform for trading currencies without brokers. More recently, blockchain has proven its worth in other areas.

Blockchain is the culmination of decades of research and a major breakthrough in cryptography and security. The technology offers a radically different way to store information and perform functions, particularly suited to today’s high-security needs and for participants who don’t know each other.

This concept has been applied in several innovative ways to improve cybersecurity and protect organizations and programs from cyber attacks.

Preventing data manipulation and fraud

One of the main features of blockchain is immutability. The use of continuous hashing, cryptography, and decentralized structure make it impossible for any party to unilaterally change the data on the ledger.

This can be used by organizations that handle sensitive information to maintain the integrity of their data and prevent and detect any form of tampering.

Guardtime, an emerging data security company, is choosing blockchain technology to keep its sensitive records safe. The company has used blockchain to create a keyless signature infrastructure, replacing the more traditional public key infrastructure, which uses asymmetric cryptography and a public key cache maintained by a centralized certification authority.

Matthew Johnson, chief technology officer at Guardtime, said that while public key infrastructure is suitable for digitally signing software, firmware and network configurations, it is not suitable for proving the authenticity of data.

Johnson said:

"The biggest problem with public key infrastructure is that you put your security above the secret (key) and the secret manager, which is hard to do and impossible to prove - just like in real life you can't prove that a secret is kept, and in security you can't prove that a key won't be leaked."

In contrast, rather than relying on secrets, blockchain’s security derives from distributing evidence across multiple parties, making it virtually impossible to manipulate data without detection.

“Blockchain removes the need for a trusted party to confirm the integrity of data, just like a central institution is no longer needed to play the role of a bank in digital currency.”

Keyless signature infrastructure confirms the integrity of data by running a hash function and comparing the result with metadata stored on the blockchain. "This is a completely different approach to traditional security," Johnson said. "Instead of using anti-virus, anti-malware and using intrusion detection solutions to look for vulnerabilities, you have to have a precise understanding of the history and integrity of every part of the system."

Keyless Signature Infrastructure is already being considered by organizations like the U.S. Department of Defense’s Advanced Research Projects Agency to protect sensitive military data, and by the Estonian eHealth Foundation to maintain the security of more than 1 million health records.

Preventing Distributed Denial of Service Attacks

On October 21, tens of thousands of users in the United States were unable to access major websites such as Twitter, Paypal, Netflix and Spotify because the domain name server host of the service provider Dyn was hit by a large-scale distributed denial of service attack, causing the system to crash.

The incident is a reminder that shortcomings in backbone network providers can become bottlenecks and single points of failure in a system that includes tens of thousands of nodes and users.

"The Achilles' heel of the current DNS system is its over-reliance on cache memory," said Philip Saunders, founder of Nebulis, a distributed, blank DNS system. "This is how China can poison its DNS, censor major social networks, and ban key words. It also makes it easy for thousands of autonomous machines controlled by malicious passwords to shut down entire networks and keep these disruptions going."

Saunders believes that blockchain provides a solution, with a decentralized system making it almost impossible for the infrastructure to fail even if there is an overload of requests.

Nebulis uses the Ethereum blockchain and the Interplanetary File System, a distributed alternative to the centralized structure of the hypertext protocol, to make its domain name server infrastructure immune to distributed denial of service attacks.

Saunders explained:

“Blockchains, and Ethereum in particular, allow for a completely different approach, where only changing or updating records costs money (in the form of network fees), while reading is free, provided you have a copy of the blockchain.”

As Saunders explains, with the Ethereum blockchain, you can read your copy right away without spending a dime. “This has the potential to greatly reduce the pressure on the physical backbone,” he says. “It also means we can do away with the information redundancy of traditional domain name servers and come up with something much better.”

The team has completed a first draft of the Nebulis catalog and is currently testing it. They plan to release the first iteration of the catalog soon.

Preventing data theft in untrusted environments

Encrypting data has become a norm among organizations today, but when you want to act on that data, you have to decrypt and reveal its contents.

“Currently, we simply don’t have the option to compute encrypted data in the marketplace,” said Guy Zyskind, founder and CEO of Enigma, a blockchain-based, decentralized cloud platform. “As a result, we can only encrypt data that is at rest (such as stored on disk) or in transit (passing over the wire), but not in use. This means that when we process data, no matter how or in what form, we are ultimately decrypting it. This illustrates some of the risks associated with data breaches in general – attackers with a way into a system can see data that is not encrypted.”

Another issue is directly related to the reality that we live in an era of cloud processing, on-demand services, where untrusted third parties can access and process our data.

Guy Zyskind

Zyskind said:

"Many times, we want to work with untrusted entities to process data without exposing our own information. This is normal in the business world. Companies want to cooperate, but cannot leak sensitive company information for security, privacy, or even some regulations. Similarly, we are now seeing more peer-to-peer systems, and users of these systems want to protect their privacy and hide their true identity."

Enigma ensures that different participants can jointly store information and run calculations while fully protecting privacy. The platform uses blockchain to record real-time events, and hashed files also prevent attackers from hiding their tracks when manipulating data.

In addition, Enigma uses multi-party computing, a cryptographic technology for performing calculations. This type of computing distributes data and tasks to multiple untrusted groups, ensuring that each group has only partial access to the data. "These groups can be trusted as a whole, a decentralized unit, but not as individuals," Zyskind explained.

According to Zyskind, the combination not only protects data from being tampered with, but also from falling into the wrong hands. “The main thing to consider is that these two technologies are complementary — both need to be protected from the broader cybersecurity threat landscape,” he said.

This paradigm can be used in a variety of settings, including groups that cannot share data directly with each other but need to collaborate on it. Potential use cases include simple tasks such as bookkeeping, aggregation, and generating simple statistics. This paradigm can also be used to train machine learning models on encrypted datasets owned by different groups.

Enigma can also be used to detect fraud. Organizations can jointly run fraud detection algorithms on their encrypted data without sacrificing privacy.

Blockchain and the future of cybersecurity

Blockchain offers a fundamentally different approach to cybersecurity, one that goes beyond endpoints to include user identity security, transaction and communication security, and protection of the critical infrastructure that supports operations across organizations.

The paradigm shift represented by blockchain provides the transparency and auditing that will allow us to maximize the use of shared network services while avoiding being forced to make trade-offs between security and privacy.