Search Inside Bitcoins

Can crypto thefts be prevented by confidential computing?

Don’t invest unless prepared to lose all the money you invest. This is a high-risk investment, you shouldn’t expect to be protected if something goes wrong.

Join Our Telegram channel to stay up to date on breaking news coverage

The recent loss of billions of dollars’ worth of cryptocurrencies could have been stopped, and the solution to the security problem is confidential computing.

With the use of confidential computing, sensitive data can be kept separate from the rest of the system, where it would otherwise be more accessible to hackers. It accomplishes this by employing hardware-based secure enclaves to process encrypted data in memory.

The attack on the Ronin Bridge, a $600 million blockchain bridge robbery in which an attacker exploited compromised private keys to counterfeit withdrawals and steal money, is only one example of the numerous instances in this field, according to Fireblocks co-founder and CTO Idan Ofrat.

Ofrat’s business specializes in providing digital asset infrastructure for businesses looking to create blockchain-based products, such as banks, cryptocurrency exchanges, NFT marketplaces, and others.

According to Ofrat, the Ronin breach “was the biggest attack on cryptocurrencies ever, and to exploit it, the attacker was able to manage one wallet and sign two transactions.” They “probably wouldn’t have gotten to that stage if they had employed confidential computing,” said the author.

According to Ofrat, the private key to the wallet should be the first thing you safeguard when thinking about digital asset protection.

Confidential computing is useful in this situation. Alternative technologies exist, such as key management systems and cryptographic hardware security modules (HSMs), but Ofrat believes that these are insufficiently safe in the context of digital assets.

Security for personal keys

For instance, he says, criminals may infiltrate wallet software and direct the HSM to sign fraudulent transactions. Confidential computing is significantly more effective in this situation since it enables you to safeguard the entire transactional flow, including the transaction’s creation, the policies you wish to apply to it, who approves it, as well as the private key itself.

Fireblocks uses multi-party computation for private key security using confidential computing. The particular implementation is based on the idea of threshold signatures, which divides up the production of key shares among several parties and necessitates a “threshold” of these shares (for instance, five of the eight total shares) to sign the blockchain transaction.

The algorithm required for multi-party computing is not supported by commercial key management systems like HSMs, continues Ofrat. Therefore, the only method that allows us to both safeguard the secret and also employ multi-party computation to split the key into several shards is confidential computing.

Every major cloud provider has a unique approach to private computing, and during their separate conferences last month, Microsoft and Google both expanded their confidential computing service offerings.

Make your pick

Google, which debuted its Confidential Virtual Machines in 2020, launched Confidential Space last month, enabling businesses to perform multi-party processing. According to Sunil Potti, VP and GM of Google Cloud Security, this would enable businesses to interact without disclosing private information to other parties or the cloud provider.

For instance, banks can cooperate to spot fraud or money-laundering activity without disclosing sensitive client data and violating data privacy regulations. Similar to this, Potti stated during the event, healthcare groups can exchange MRI scans or work together on diagnoses without disclosing patient information.

Microsoft also revealed in October that its private virtual machine nodes were generally available in Azure Kubernetes Service. At its Ignite conference in 2017, Redmond first showcased confidential computing, and Azure is regarded as the most experienced supplier of the still-emerging technology.

Amazon refers to their secure computing solution as AWS Nitro Enclaves, but as many users of the cloud with data dispersed across several settings quickly learn, providers’ services don’t always get along. This is valid for technology used in secure computing, which have given rise to a market for businesses like Anjuna Security.

Cloud-agnostic software

Anjuna created confidential computing software that enables businesses to execute their workloads on any hardware and in any secure data centers operated by cloud providers without having to rewrite or otherwise alter the application. According to Anjuna CEO and co-founder Ayal Yogev, this makes protecting sensitive data incredibly simple.

He compares the simplicity of switching to HTTPS for website security to how his company’s cloud-agnostic software for secure computing works. “We made it incredibly easy to use,”

The Israeli Ministry of Defense, banks and other financial services companies, and digital asset managers are some of Anjuna’s clients.

Even though the foundation of Fireblocks’ Azure Confidential Computing system, which uses Intel SGX for secure enclaves, was designed when the service was still in preview, “we want to provide our clients options, like AWS Nitro or GCP,” says Ofrat. Customers are free to select whatever cloud partner they desire, and Anjuna supports them all.

Will it become popular?

27 percent of respondents said they currently employ confidential computing, and 55 percent said they expect to do so in the next two years, according to a recent Cloud Security Alliance survey [PDF] commissioned by Anjuna.

According to Ofrat, over the next three to five years, secure computing will spread throughout cloud systems and become more commonplace.

In addition to government and healthcare use cases on privacy, he continues, “this will enable Web3 use cases as well.” According to Ofrat, the advantages of confidential computing even include defense against ransomware and intellectual property theft. They cite the alleged Disney movie theft, in which thieves allegedly threatened to disclose movie snippets unless the studio paid a ransom.

He claims that using this straightforward technology, movies might be encrypted before being released. The benefits of technology are numerous.

Additionally, keeping stolen cryptocurrency away from criminals wouldn’t be a bad idea.

Related

Join Our Telegram channel to stay up to date on breaking news coverage

Read next