Blockchain brings a qualitative improvement to network security: preventing data tampering, DDoS, and data theft

Imagine a computing platform with no single point of failure failure and resistant to cyberattacks. This would definitely make headlines. This computing platform is made possible by blockchain or distributed ledgers, the technology underlying cryptocurrency like Bitcoin that is challenging the traditional server/client model.

In 2009, Bitcoin became the first real-world application of blockchain, a secure, decentralized currency exchange that eliminated the need for a central broker. Today, the potential of blockchain technology is being recognized in other areas as well.

Blockchain represents the culmination of decades of research and breakthroughs in cryptography and security, offering a radically different approach to storing information and performing functions, which makes it particularly suitable for environments with high security requirements and where the identities of participants are unknown to each other. The concept has been used in a number of innovative ways to improve network security and protect organizations and applications from cyberattacks.

Preventing data manipulation and fraud

One of the main features of blockchain is immutability. The use of hashing and cryptography, combined with a decentralized structure, makes it impossible for any party to unilaterally change the data on the blockchain ledger.

This feature can be used by organizations that need to handle sensitive information to maintain data integrity and prevent and detect any form of tampering.

Data security startup Guardtime is now betting on blockchain technology and is using it to protect sensitive records. The company has used blockchain to create a keyless signature infrastructure (KSI) to replace the existing more traditional public key infrastructure (PKI), which uses asymmetric encryption and a public key cache and is maintained by a centralized certification authority (CA).

Guardtime CTO Matthew Johnson believes that while PKI technology is suitable for digitally signing software, firmware and network configurations, it was never designed to verify data.

Johnson said:

"The main threat to PKI is that you are putting security in the hands of keys (secrets) and the people who manage them. This process is difficult to ensure, and there is no way to prove that the keys have not been compromised - just like in real life you can't prove that a secret has been kept, in the security world you can't prove that a key has been compromised."

In contrast, rather than relying on secrets (keys), blockchain-based security is premised on distributing evidence to various institutions, making it impossible to delete and manipulate the data.

Johnson explained:

“Blockchain eliminates the need for trusted institutions to verify data integrity. In the case of cryptocurrencies, cryptocurrencies eliminate the need for centralized institutions, such as banks.”

KSI verifies data integrity by running a hash function and comparing the result with the initial metadata stored on the blockchain.

Johnson said:

"This is a fundamentally different approach than traditional security. You can mathematically determine the provenance and integrity of every component part of the system without having to use anti-virus, anti-malware and intrusion detection systems to scan for vulnerabilities."

KSI has been considered by some organizations, such as the Defense Advanced Research Projects Agency (DARPA), an agency under the US Department of Defense, which is considering using KSI to protect sensitive military data, and the Estonian e-Health Foundation, which also intends to use the technology to protect millions of medical records.

Preventing Distributed Denial of Service (DDoS) attacks

On October 21, 2016, millions of users in the United States were cut off from access to many large websites, such as Twitter, PayPal, Netflix, and Spotify. The reason was: the servers of DNS service provider Dyn suffered a massive DDoS attack.

This incident warns us that the weaknesses of the current network backbone will become a bottleneck and single point of failure, involving millions or even tens of millions of users and nodes.

Philip Saunders, founder of Nebulis, a distributed DNS system, said:

"The Achilles' heel of the current DNS system is its over-reliance on caching. This allows a country to compromise DNS name servers, censor key social networks and ban certain keywords. It is also easy to put millions of anonymous devices at the mercy of malicious code to shut down the entire network."

Saunders believes blockchain offers a solution — a decentralized system that makes it nearly impossible for infrastructure to collapse due to excessive demands.

Nebulis uses the Ethereum blockchain and the InterPlanetary File System (IPFS), a distributed alternative to the centralized HTTP infrastructure, to protect its DNS infrastructure from DDoS attacks.

“Blockchain offers a different approach. You only charge a fee (in the form of a transaction fee) when you change or update a record, but reading the record is free as long as you have a copy of the blockchain.”

According to Saunders, using blockchain, you can read directly from your own copy without having to pay on the network. He said:

"That has a lot of potential to relieve a lot of pressure on the physical backbone of the internet. It also means we can eliminate a lot of the redundancy of traditional DNS and come up with something much better."

Prevent data theft in untrusted environments

Data encryption has become a norm in various industries today. However, when you want to use this data, you must decrypt it and display the data content.

Guy Zyskind, CEO and founder of Enigma, said:

"Currently, there are no real options available on the market for calculating confidential data. As a result, we can only encrypt data at rest (when stored on disk) or in transit (when traveling over a network), but not while in use. This means that when we process data, in any way or form, we need to decrypt it first. This introduces the risk of data leakage - attackers who successfully break into the system can see the data in plain text."

Another problem is that we live in an age of cloud computing and on-demand services, where untrusted third parties are able to access and process our data.

“There are many situations where we want to work together on data, but we don’t want to give our data away to untrusted parties. These situations often occur in the business world, where companies want to collaborate but don’t want to give away sensitive information that they are prohibited from sharing for security, privacy or even regulatory reasons. Similarly, we are seeing more and more peer-to-peer systems emerge because users want to be able to maintain their privacy and anonymity.”

The Enigma platform enables different participants to jointly store data and run computations while maintaining complete privacy. The platform uses blockchain technology to record events and file hashes with timestamps, thus preventing attackers from hiding their tracks if they manipulate data.

Additionally, Enigma uses multi-party computation (MPC), a cryptographic technique that performs computations by distributing data and tasks among multiple untrusted parties and ensuring that each party has partial access to the data. Zyskind explained:

“The parties involved are trusted as a whole, decentralized unit, not as individuals.”

According to Zyskind, this combination not only prevents data from being tampered with, but also protects it from falling into the wrong hands. He said:

The main point to consider is that the two technologies are complementary and both are needed to prevent a wide range of cybersecurity threats.

This system is suitable for institutions that cannot directly share data but need to perform joint operations. Potential use cases include simple tasks such as bookkeeping, aggregation, and generating simple statistics. It can also be used to train machine learning models on encrypted datasets owned by different institutions.

Enigma can also be used for fraud detection, where organizations can jointly execute fraud detection algorithms on their encrypted data without compromising privacy.

Blockchain and the future of cybersecurity

Blockchain offers a fundamentally different approach to cybersecurity that goes beyond the endpoint to include user identity security, transaction and communication security, and protection of critical infrastructure to support the operations of a wide range of organizations.

The paradigm shift brought about by blockchain, which enables transparency and auditability, will enable us to make the most of shared online services while eliminating potential security and privacy trade-offs.