Dear Mr. Trump: To ‘Cyber’ Better, Try the Blockchain
An internet infrastructure built on open, permissionless, blockchain networks would be far more resilient to cyberattack than the centrilized system in place today.
This article originally appeared in Wired.
A MASSIVE DISTRIBUTED denial-of-service (DDoS) attack took several high-profile websites—Twitter, Amazon, the New York Times, even WIRED—offline in October. This attack didn’t target any of these companies directly, but rather Dyn, the company that provides DNS services for each of those sites. Dyn is one of many vulnerable, centralized chokepoints in the infrastructure of the web; a targeted attack on this one company allowed the perpetrators to momentarily disable a big chunk of the internet for people all over the US. The attack is an unsettling precedent and should serve as a warning: Our digital infrastructure is more fragile than we imagine.
President-elect Donald Trump wants us to “cyber better,” and he says he’s serious about finding solutions for the nation’s increasingly fragile cybersecurity infrastructure. An often-overlooked (or unexpected) solution worth considering: open blockchain networks like bitcoin, Ethereum, and Zcash.
In some ways open blockchain networks are similar to the technologies employed by Dyn and other traditional infrastructure providers. Just like a centralized DNS server, open blockchain networks keep track of important data and protect that data from malicious or fraudulent interference. For cryptocurrencies like bitcoin, that data is a list of cash-like transactions between bitcoin users. But open blockchain networks could also be used to securely record all sorts of information, everything from DNS records to smart-device identities and user-access rights in the internet of things. Where these networks differ substantially from legacy systems is in the methods employed to keep those records secure.
The old strategy for cybersecurity is called perimeter security. Have something to protect? Have external threats? Build a perimeter—dare I call it a wall?—and don’t let the baddies in. Turns out this approach doesn’t work very well, because perimeters are inevitably breached. And once inside, attackers can take full control, steal potentially sensitive data (as in credit card hacks and ransomware attacks) or access powerful controls (as in nuclear reactor systems).
Open blockchain networks take an approach to security that could not be more different than this perimeter model. There is no perimeter around the bitcoin protocol. The software that powers it is open source, able to be audited by anyone. Bitcoin transaction messages travel over the Internet Protocol unencrypted for all to see, and the network is peer-to-peer: built from a web of strangers’ computers!
Despite this openness, the record of all bitcoin transactions—the fabled blockchain—has never been hacked. But a blockchain is just a data structure, it’s just 1’s and 0’s. What’s truly revolutionary about bitcoin is the consensus mechanism that helps all of the computers on the network come to agreement over what new data is valid and should be included in the blockchain, and what data is an attack and should be ignored.
The permissioned blockchains that banks have being testing use a straightforward consensus mechanism: They only allow identified users to add new data. That’s basically another secure perimeter with all the same cybersecurity weaknesses. If you steal the credentials of the member banks, you can change the consensus data.
Bitcoin, as well as Ethereum and Zcash (two new decentralized computing networks that borrow from bitcoin’s core technologies), do something different and revolutionary. They allow anyone to add data to the blockchain, so long as they make a provably costly sacrifice to the network. It may sound like voodoo, but it’s just economics: Prove that you are a serious member of the network by solving computationally intensive equations (what computer scientists call a “proof-of-work”) and you will be allowed to add new blocks to the chain. Open consensus mechanisms don’t discriminate based on identity, credentials, or geographic location. They just want skin in the game. Therefore the only way to attack the network is to invest in it, and at that point an attack goes against your self-interest. It’s this proof-of-work consensus mechanism that makes bitcoin so resilient in the face of cyber attacks, and it puts the old perimeter security model of cyber defense in question.
Consider how this perimeter-free model of cybersecurity could have stopped the Dyn attack. Dyn is a DNS provider, which means it keeps a record of which domain name (e.g. Amazon.com) matches which IP address (e.g. 220.127.116.11, Amazon’s servers). When Dyn was attacked, the record required to translate a typed website into an internet address went missing, and as a result those websites wouldn’t load.
Just like every other DNS provider (and most web services generally), Dyn’s security model is perimeter security. Build a wall around the sensitive data—in this case DNS records— and pray it stands up to attack. Hackers breached that wall with a flood of messages (a DDoS attack), and the result was the temporary loss of internet-critical data. DNS records are no more complicated than bitcoin transactions: We want to know who has which domains, and we only want the people who currently have a domain to be able to transfer it to someone else.
This critical system could easily run outside of a secure perimeter, on an open blockchain network. An open community of computer users would work together to form a decentralized DNS service. Anyone who wants to help store and validate DNS data can run the relevant software, connect to the peer-to-peer network, download a copy of the network’s communally maintained DNS blockchain, validate and relay new requests for changes to that record, and reap a small digital currency reward for providing this public good. Claiming an unclaimed domain is easy: Ask the network to add your domain to the DNS, and buying or selling existing domains is peer-to-peer. Any change to the record would probably require a fee, just as we pay fees for domain registry today, but the fees would go to the open community of participants across the network instead of one particular company. An open blockchain network can resist Dyn-style hacks because it has no central point of failure. Every participant has a copy of the record.
No single target, no hack. That is, in the words of Trump transition team member Rudy Giuliani, a real “holistic solution to cyber.” The incoming administration should do everything it can to ensure these new technologies develop in the U.S. unencumbered by unproductive regulations or restrictions. The administration may not be able to push for a blockchain DNS right here, right now. But Trump’s team should know that open networks like bitcoin are a promising development in the otherwise bleak story of cybersecurity, even if while they sometimes present challenges to law enforcement and financial regulators. Just like the early internet, these tools may cause a policy headache or two, but they are well worth protecting.