BLOCKCHAIN & CYBERSECURITY

The Future of Digital Authentication

By Matthew Scannella June 2017

INTRODUCTION

In the early morning of November 3rd, 1988, Purdue University's Professor Gene Spafford discovered he had lost server access after a failed attempt to log in to his email.¹ He wasn't alone: approximately 6,000 others, 10% of the computers connected to the internet at the time, spread across universities, military sites, and medical research facilities found themselves in a similar predicament. Several of these computers had been slowed down to the point where they were completely inoperable. ²

Three states away sat Robert Tappan Morris, a 23-year-old graduate student at Cornell University. He had developed a computer program to see how many people were connected to the Internet, but had inadvertently created something far more detrimental. If his program attempted to count the same computer twice, it would see that the computer was already 'positive' for being counted, and not copy code onto that computer a second time. However, he approximated that in 1 out of every 7 computers, administrators would instruct their computer to report a 'false positive.' To compensate for this, Morris instructed his code to replicate itself in the case of a positive 14% of the time. ³ Ultimately, this small bit of code led to the uncontrollable replication of what has come to be known as the Morris Worm, one of the first computer worms distributed via the Internet.

Cyberattacks have evolved in complexity and sophistication since 1988, from worms and viruses to advanced persistent threats and certificate-based attacks. The U.S. Government Accountability Office estimated the final cost of Morris's experiment to be in the range of $100,000 to $10,000,000, which is just a fraction of the impact we are seeing in the 21st century. Cybercrime costs the global economy over $400 billion annually ⁴, with the average United States firm spending upwards of $15 million per year. ⁵ Juniper research recently predicted that the rapid digitization of consumers' lives and enterprise records will increase the cost of data breaches to $2.1 trillion globally by 2019

As cybercrime has become more sophisticated over the past three decades, so too has the field of cybersecurity, which protects computer systems and the information within them from damage or theft. Leaders in the field speculate that in coming years, the implementation of blockchain technology will become far more commonplace in cybersecurity than it is currently. According to Ben Dickson of TechCrunch:

Blockchain provides a fundamentally different approach to cybersecurity, which can go beyond endpoints and include user identity security, transaction and communication security and the protection of critical infrastructure that supports operations across organizations. The paradigm shift represented by blockchain can provide the transparency and auditing that will enable us to make the most use of shared online services, while eliminating the potential security and privacy trade-offs. ⁶

Here we explore various types of cyberattacks, and how blockchain technology can drastically reduce the odds of a successful man-in-the-middle attack or remove the threat altogether. It will discuss the necessity of authentication in modern-day transactions, the evolution of Public Key Infrastructure, and the two current approaches to authentication: Certification Authorities and Webs of Trust. Lastly, it will cover the drawbacks of these authentication methods, and how a blockchain-based approach can completely revolutionize the authentication process.

A CYBERCRIME SAMPLER

Corporate Account Takeover

In an account takeover, a cybercriminal will send an email attachment or utilize a program, such as a Trojan, against an employee at a firm. This attack enables them to acquire the victim's login credentials. Then, they will hack into the victim's computer remotely, giving them access to the organization's bank accounts. Lastly, the hacker will transfer funds from the firm's bank account into their own. ⁷ Security experts believe that the attackers behind the Bangladesh Bank heist stole and utilized legitimate credentials from the bank's employees during the $81 million USD theft in early 2016. ⁸

Identity Theft

A cybercriminal obtains an individual's personally identifiable information (PII) when committing identity theft. Once the PII has been obtained, it can be used to commit several different crimes, such as credit-card fraud or loan fraud. Billions of accounts at major institutions have been accessed through data breaches, leaving its users open to identity theft. ⁷ Such breaches include the 2013-14 Yahoo hacks, where 1 billion accounts total were compromised ⁹, and the 2013 Target hack, with 100 million accounts compromised. ¹⁰

Man-in-the-Middle Attacks

A man-in-the-middle attack is a cyberattack where two parties believe they are conversing with one another, but in reality are actually both talking to a malicious actor. This enables the attacker to intercept data from both parties, as well as feed both parties false information. This data intercepted may include login credentials and personally identifiable information, potentially enabling the attacker to perform a corporate account takeover or identity theft. Alternatively, the malicious actor, impersonating one party to the transaction, conveys to the other party a promise to perform their end of a contract once funds are received, and then sends the other party their account details. If the malicious actor succeeds, the other party will send their funds to the attacker, who will not perform on the contract and disappear with the money. ¹¹

THE NEED FOR AUTHENTICATION

Authentication is the process by which an account is confirmed to belong to or be associated with a particular owner. For example, when using Venmo, the sending party will typically confirm the receiving party's username prior to sending money to them for the first time. While this process is typically sufficient for sending a friend money, a much more robust authentication process is required if secure transactions are to successfully take place between a large number of parties. If a transaction takes place without prior authentication of the parties involved, the aforementioned man-in-the-middle attack may occur.

Symmetric-Key Algorithms

The first major evolution in authentication was the development of the symmetric-key algorithm (SKA). When two trusted parties wished to transact securely, they could exchange a key that was capable of both encrypting and decrypting data transferred between them. If only two parties knew of the key, and one party received encrypted data that was capable of being decrypted using this key, then the receiving party authenticated that this data was truly sent by the other trusted party. ¹²

In order for the symmetric-key algorithms to work as intended, both parties need to agree on the key they are using via secure channels. While data could be securely transferred between two trusted parties using SKA, there are two major issues with this approach. First, SKA is not scalable for users wishing to transact with multiple parties given the need to agree on a different symmetric key with each different party. Second, SKA is not secure for use with untrusted parties, given that the other party can provide others with the key.

Public-Key Cryptography

The advent of public-key cryptography (PKC) addressed the issue of scalability associated with symmetric-key algorithms. In PKC, a user's key is split into a public key and a secret key. While the public key is viewable by anyone, the user's secret key is known only to that user. If one party wants to securely send data to another, the sender utilizes the receiving party's public key to encrypt the data before sending it. The receiver then uses their private key to decrypt the data. If this data is intercepted in transit by a cyber attacker, they will only have access to the encrypted data, and not be able to decipher it as long as the receiver's secret key remains private. ¹³

Although public-key cryptography enables parties to securely send and receive data from one another, it does not authenticate that a public key is truly associated with a user, nor does it authenticate who the sender is. When using a symmetric-key algorithm, the mere fact that the receiving party is able to decrypt the information received is proof that the sender is indeed who the receiver believes it is. For PKC, a user can see that a public key belongs to someone who claims to be a particular party. However, it is difficult to authenticate that the public key truly belongs to the intended receiving party. Additionally, given that a user's public key is available to everyone, the data that is being sent to the receiver is not guaranteed to be coming from the presumed sending party.

TODAY'S AUTHENTICATION

Webs of Trust

One method of authenticating a public key is by use of a Web of Trust. To start a Web of Trust, two parties (let's call them Party A and Party B) are required to trust each other and confirm that a public key truly does belong to the other party. Once trust and confirmation exist, both users receive certificates with their public key and the digital signature of the other, and either party can go out and repeat this process with new parties. If Party B and Party C trust each other and confirm their public keys, Party C will receive a certificate with their public key and Party B's digital signature. If Party C then wishes to transact with Party A, they send Party A their certificate with Party B's digital signature, and Party A is able to trust Party C without having ever met them. Thus, a Web of Trust is created. ²²

One of the major benefits of Webs of Trust is that it is completely decentralized, leaving no central point of failure. In other words, there is no one person that is responsible for the entire Web who, if compromised, can destroy its legitimacy. However, there are a few drawbacks to this method. First, while Party A trusted Party C due to Party B's digital signature being included on their certificate, this trust is not necessarily scalable. For example, if Party C authenticated Party D, Party A would be hesitant to trust them just because Party C (who they have never met) authenticated them. Additionally, the authentication process of newcomers to the web is time-consuming and has high barriers to entry.

Certificate Authority

In a Web of Trust, a user presents another user with a certificate containing their own digital signature or the signature of another trusted user in order to authenticate themselves. In Public-Key Infrastructure, a user instead presents another user with a certificate containing the digital signature of a Certificate Authority. A Certificate Authority (CA) is a third-party authentication provider that issues certificates of key ownership to entities. Per RSA Data Security, CAs such as Verisign are organizationally structured to issue certificates as follows:

1. There is a single root at the top.
2. The root certifies public primary certification authorities (PCAs), which issue, suspend, and revoke certificates for all CAs within the hierarchy.
3. PCAs certify CAs. PCAs may also cross-certify with PCA-like entities in other vendors' PKIs.
4. CAs authorize subordinate CAs, which belong to the PKI service company or the customer.
5. At the bottom of the hierarchy can be local registration authorities (LRAs) that evaluate certificate applications on behalf of the root, PCA, or CA that issues the certificates. ¹³

CERTIFICATE AUTHORITY FAILURES

We previously explored the major pros and cons of a Web of Trust: it is distributed and without a central point of failure, but has high barriers to entry and is not easily scalable amongst several parties. Thus, a Web of Trust can never serve as the authentication framework for any large-scale transacting users. Public Key Infrastructure, on the other hand, is extremely scalable and with low barriers to entry. However, PKI has a central point of failure: the Certificate Authority. Conceptually, Public Key Infrastructure is an excellent authentication model: a reputable, trusted organization issues certificates tying users to their keys, preventing cybercrimes such as man-in-the-middle attacks. But what about when the Certificate Authorities themselves are the victims of cybercrime?

Verisign

RSA Security spun-off its certification services business in 1995 to form Verisign, which served as an independent Certificate Authority until its authentication unit was acquired by Symantec in 2010. Its mission was to provide "trust for the Internet and Electronic Commerce through our Digital Authentication services and products." The firm became a major player in PKI, issuing over 3 million certificates and processing $80 billion in payments annually. ¹⁴ Just prior to the acquisition of its authentication business, Verisign was repeatedly penetrated by hackers. Per Verisign's Form 10-Q, filed on October 28, 2011:

In 2010, the Company faced several successful attacks against its corporate network in which access was gained to information on a small portion of our computers and servers. We have investigated and do not believe these attacks breached the servers that support our Domain Name System (DNS) network. Information stored on the compromised corporate systems was exfiltrated. The Company's information security group was aware of the attacks shortly after the time of their occurrence and the group implemented remedial measures designed to mitigate the attacks and to detect and thwart similar additional attacks. However, given the nature of such attacks, we cannot assure that our remedial actions will be sufficient to thwart future attacks or prevent the future loss of information. In addition, although the Company is unaware of any situation in which possibly exfiltrated information has been used, we are unable to assure that such information was not or could not be used in the future.

The occurrences of the attacks were not sufficiently reported to the Company's management at the time they occurred for the purpose of assessing any disclosure requirements. Management was informed of the incident in September 2011 and, following the review, the Company's management concluded that our disclosure controls and procedures are effective. However, the Company has implemented reporting line and escalation organization changes, procedures and processes to strengthen the Company's disclosure controls and procedures in this area. ¹⁵

Despite Verisign facing "several successful attacks" in 2010, it failed to disclose this information to both its users and shareholders until the end of 2011, and as a risk factor in its SEC filing no less. Given the ambiguity of Verisign's disclosure and its failure to further clarify beyond the filing, it is unclear if their certification line was compromised. High-level employees at security firms have questioned the integrity of Verisign's certification business after the hack, including Oliver Lavery of nCircle, a security risk provider. When asked if any site using Verisign SSL certificates could be trusted, Lavery, Director of Security Research and Development, said, "Without more clarity, the logical answer is no." ¹⁶

TrustWave

TrustWave, founded in 1995, is a Certificate Authority based in Chicago. As previously discussed, a Certificate Authority's main function is to bind a cryptographic key to an organization. In 2011, TrustWave added an additional service offering to a customer: issuing a subordinate root, or 'man-in-the-middle digital certificate', so that the customer could review all connections within its network. This issuance gave the customer essentially the same authority as TrustWave, enabling them to sign certificates for almost any domain name. If the company abused this power, it could have used it to issue false certificates and steal data.

TrustWave performed security checks at the customer site and ensured that the customer was not able to issue certificates for any reason beyond its intended purpose of internal security checks. While TrustWave ensured the public that proper controls were in place to prevent any mishaps, this statement could not be independently verified given TrustWave's signing of a non-disclosure agreement, preventing them from even revealing who the customer was. Accordingly, companies such as Mozilla strongly considered revoking TrustWave's certificates as trusted. The Certificate Authority ultimately revoked the subordinate root, and Mozilla decided to leave them in place as is.

What is more disconcerting is the likelihood that other Certificate Authorities are providing similar services, and without taking the necessary precautions taken by TrustWave. Calum MacLeod of certificate-seller Venafi was glad that TrustWave was terminating the subordinate root, but still concerned that it was much more commonplace than people assumed:

I believe it is commendable that they will no longer continue this practice, but the reality is in my opinion that this is a common industry practice.

According to Amichai Shulman, CTO of Imperva, a security firm,

The fact that CA services are willing to issue 'weak CA' certificates to practically anyone is outrageous. Not only that the effect of a compromise of such a certificate is devastating but the chances for it happening are not negligible. ¹⁷

DigiNotar

Nearly 13 years after Professor Gene Spafford lost access to his email account due to the Tappan Worm, an Iranian with the username Alibo found that he similarly was unable to access his Gmail account and reported the issue to Google. After two days of digging, Google issued a statement informing the public that DigiNotar, a Dutch Certificate Authority founded in 1998, was the responsible party.

DigiNotar was a root Certificate Authority, or number 1 in the CA hierarchy. The amount of power the company had made it an extremely attractive target for cybercriminals, and in the summer of 2011, a hacker discovered that they were able to penetrate unpatched software on DigiNotar's servers. This resulted in the issuance of 531 fraudulently issued certificates, including certificates for companies like AOL, Google, and Microsoft, and intelligence organizations such as the CIA and Mossad.

When nearly 300,000 Iranians tried to access Google, they were automatically redirected to a false Google website that would've allowed the hacker to access their emails. Google Chrome had a built-in mechanism to prevent this redirection, which is ultimately the only reason why the majority of these users were not affected. When the hacker attempted to redirect user Alibo to the false Google site, Google blocked the webpage, resulting in Alibo's post. After Google's statement, every vendor quickly revoked their trust in DigiNotar certificates. Within one month, DigiNotar was acquired by the Dutch government, and one year later declared bankruptcy. ¹⁸

BLOCKCHAIN-BASED PKI

While many speculate that the Iranian government was responsible for the DigiNotar hack, no evidence has ever been brought to light indicating as such. The only message ever left by the hacker indicated that he did not believe there was any possible hack-proof system:

I know you are shocked of my skills, how I got access to your network. THERE IS NO ANY HARDWARE OR SOFTWARE IN THIS WORLD EXISTS WHICH COULD STOP MY HEAVY ATTACKS MY BRAIN OR MY SKILLS OR MY WILL OR MY EXPERTISE. ¹⁸

Although the hacker was clearly talented (though perhaps not so much in the English language), he did not take into consideration a blockchain-based key-signing approach when stating there was no software that could stop him. Companies such as Certcoin, Pomcor, and IOTA are discovering avenues for applying blockchain technology to the authentication process. The two current authentication approaches are Webs of Trust and Certificate Authorities. Each has their own major flaw: Webs of Trust are not scalable, while CAs are potential central points of failure in PKI. These aforementioned companies are exploring different avenues to creating authentication processes without any major flaws.

Pomcor

Pomcor, an Oregon-based company founded in 2003, conducts research on applications of cryptography and biometrics in the Internet identity space. In October of 2016, they issued a white paper called Backing Rich Credentials with a Blockchain PKI. Similar to current PKI, Pomcor's proposed solution to the authentication process involves Certificate Authorities. However, instead of CAs signing certificates, it stores a hash of the certificate in a blockchain ledger. This would require the use of a blockchain such as that used by Ethereum, which allows the storage of data within the chain.

Given that certificate hashes are stored on the immutable blockchain, certificates cannot be revoked in the traditional sense. Accordingly, revoked hashes are stored on a second blockchain ledger. A user wishing to authenticate another party will confirm that their certificate is included in the first ledger, and also not included in the revoked ledger. Pomcor has also developed the concept of a 'rich credential', which can be used to identify a user. It requires users to present a password, their private key, and biometric data such as voice or facial structure. This system creates infallible proof that a key truly belongs to a user.¹⁹

IOTA

While Pomcor's rich credential blockchain-based PKI is certainly an improvement over the current system, it still leaves Certificate Authorities in place as a central point of failure. IOTA provides an alternative approach to authentication that is both scalable and eliminates the central point of failure. According to their website: IOTA is a revolutionary new transactional settlement and data integrity layer for the Internet of Things. It's based on a new distributed ledger architecture, the Tangle, which overcomes the inefficiencies of current Blockchain designs and introduces a new way of reaching consensus in a decentralized peer-to-peer system. For the first time ever, through IOTA people can transfer money without any fees. This means that even infinitesimally small nanopayments can be made through IOTA. ²⁰

Traditional blockchains such as Bitcoin bifurcate the individuals that are mining transactions and those that are completing transactions. The Tangle, on the other hand, requires that all users algorithmically choose two previous transactions to essentially mine in order to complete one of their own transactions, thus making Tangle an extremely scalable blockchain-based authentication solution. As more users join, the amount of time it takes for a transaction to be verified and added to the Tangle decreases exponentially. Additionally, the verification process is decentralized amongst the users, removing the risk of a central point of failure. ²¹

Certcoin

Developed at MIT, Certcoin is an implementation of Bitcoin-based PKI. The creators of Certcoin believe that it can be used to replace both CAs and Webs of Trust:

We believe that Certcoin is a viable PKI, capable of replacing Certificate Authorities and PGP Webs of Trust. Our construction benefits from an entirely decentralized architecture offering inherent fault tolerance, redundancy, and transparency. Despite this, Certcoin supports the expected features of a full-fledged Certificate Authority including certificate creation, revocation, chaining, and recovery. Domain purchases and transfers are accomplished with simple Bitcoin transactions to incentivize miners. Certcoin employs cryptographic accumulators to maintain a constant size storage for authenticating domains, which is becoming ever more critical with recent trends in internet usage. Finally, our design addresses the need for a self-sustaining, trusted key distribution mechanism that provides efficient key retrieval, making Certcoin more practical for performance conscious applications. Moreover, Certcoin addresses many of the issues inherent to current PKIs, such as the need for a trusted third party and limited accessibility.

While traditional PKI relies on the use of a Central Authority, Certcoin is completely decentralized and without a single point of failure. When new domain names are purchased through Certcoin, the purchaser is directly provided public and secret keys once the transaction is posted. Transactions requesting either the purchase of a new name or the update of a name are posted with transaction fees, incentivizing miners to include their information in the blockchain. Similar to Pomcor, this results in the user's public key being hashed into a block. Given the PKI is Bitcoin-based, Certcoin is also a highly scalable solution. ²²

THE FUTURE OF CYBERSECURITY

Several companies are springing up to offer cybersecurity solutions by means of blockchain technology. Guardtime, a systems engineering firm and provider of blockchain-based solutions, has been contracted by Lockheed Martin to build out their blockchain cybersecurity platform. Lockheed stated that this will enable the firm to "realize more efficient and secure software development and supply chain risk management.” According to Ron Bessire, Lockheed Martin's Engineering and Technology Vice President, "These new cyber security approaches will enhance data integrity, speed problem discovery and mitigation. The faster our developers can discover issues, the faster we can deliver." ²³

While companies such as Lockheed have eagerly embraced new blockchain-based cybersecurity solutions, others, including major financial institutions, have lagged behind. When recently asked about the practicality of utilizing blockchain technology in a cybersecurity context, Chief Information Security Officer of JPMorgan Chase Rohan Amin said,

You need to get a lot of businesses comfortable with this transformation… it will take some time to uproot institutional mechanisms that have been in place for years.

The company's 2014 cyberattack affected 76 million households and 7 million small businesses. ²⁴

While companies such as Pomcor, IOTA, and Certcoin still remain in their infancy, they show strong potential for the future of blockchain-based public key infrastructure and decentralized authentication. If the field of cybersecurity continues to evolve and embrace blockchain technology, we may ultimately find attacks such as those conducted on VeriSign and DigiNotar to be things of the distant past.

RELATED CONTROLS

• IA-5 — IDENTIFICATION AND AUTHENTICATION | AUTHENTICATOR MANAGEMENT
• IA-5 (2) — AUTHENTICATOR MANAGEMENT | PKI-BASED AUTHENTICATION
• IA-5 (11) — AUTHENTICATOR MANAGEMENT | HARDWARE TOKEN-BASED AUTHENTICATION
• IA-5 (14) — AUTHENTICATOR MANAGEMENT | MANAGING CONTENT OF PKI TRUST STORES
• SC-12 — SYSTEM AND COMMUNICATIONS PROTECTION | CRYPTOGRAPHIC KEY ESTABLISHMENT AND MANAGEMENT
• SC-17 — SYSTEM AND COMMUNICATIONS PROTECTION | PUBLIC KEY INFRASTRUCTURE CERTIFICATES

REFERENCES

1. T. B. Lee, "How a grad student trying to build the first botnet brought the Internet to its knees," Washington Post, [Online]. Available here.
2. B. P. Kehoe, "The Robert Morris Internet Worm," [Online]. Available here.
3. "Morris Worm," Radware, [Online]. Available here..
4. R. Williams, "Cyber crime costs global economy $445 bn annually," The Telegraph, [Online]. Available here.
5. J. Griffiths, "Cybercrime costs the average U.S. firm $15 million a year," CNN Money, [Online]. Available: Available here.
6. B. Dickson, "How blockchain can help fight cyberattacks," TechCrunch, [Online]. Available here.
7. T. Singleton, "THE TOP 5 CYBERCRIMES," AICPA, [Online]. Available: Available here.
8. M. J. Schwartz, "Bangladesh Bank Hackers Steal $100 Million," Bank Info Security, [Online]. Available here.
9. K. Conger, "Yahoo discloses hack of 1 billion accounts," TechCrunch, [Online]. Available here..
10. C. Isidore, "Target: Hacking hit up to 110 million customers," CNN Money, [Online]. Available: http://money.cnn.com/2014/01/10/news/companies/target-hacking/
11. N. DuPaul, "Man in the Middle (MITM) Attack," Veracode, [Online]. Available here..
12. H. K. Hans Delfs, Introduction to Cryptography: Principles and Applications, Berlin, Germany: Springer, 2007.
13. "Understanding Public Key Infrastructure (PKI)," RSA Data Security, [Online]. Available here.
14. "MOEDES OF PAYMENTS IN E-BUSINESS," E-Business, [Online]. Available here.
15. "Verisign Inc Form 10-K," SEC EDGAR Online, [Online]. Available here.
16. T. Bradley, "VeriSign Hacked: What We Don't Know Might Hurt Us," PCWorld, [Online]. Available here.
17. L. Constantin, "Trustwave admits issuing man-in-the-middle digital certificate; Mozilla debates punishment," ComputerWorld, [Online]. Available here.
18. J. Wolff, "How a 2011 Hack You've Never Heard of Changed the Internet's Infrastructure," Slate, [Online]. Available here..
19. F. C. Karen Lewison, "Backing Rich Credentials with a Blockchain PKI," Pomcor, [Online]. Available here..
20. "What is IOTA?," IOTA, [Online]. Available: https://iota.readme.io/v1.2.0/docs
21. S. Popov, "The tangle," IOTA, [Online]. Available here.
22. D. V. S. Y. Conner Fromknecht, "Certcoin: A NameCoin Based Decentralized Authentication System," MIT, [Online]. Available: Available here.
23. L. Lancaster, "Lockheed Martin bets on blockchain for cybersecurity," CNET, [Online]. Available here.
24. J. Silver-Greenberg, "JPMorgan Chase Hacking Affects 76 Million Households," NY Times, [Online]. Available here..