Digital security is an integral part of our lives, every day. And as our IT systems become more complex, the potential for vulnerabilities increases. More and more organizations are being hacked, leading to financial loss, interrupted supply chains and identity theft.
The current best practice for secure technology architecture used by large enterprises and organizations is a “zero trust” approach.
In other words, no person or system is trustworthy and every interaction is verified by a central entity.
Unfortunately, absolute trust is then placed in the verification system used. Thus, breaching this system gives an attacker the keys to the kingdom. To solve this problem, “decentralization” is a new paradigm that eliminates any point of vulnerability.
Our work studies and develops the algorithms needed to implement an effective decentralized verification system.
We hope our efforts will help protect digital identities and strengthen the security of verification processes that many of us rely on.
Never trust, always verify
A zero-trust system implements verification at every possible step.
Every user is verified and every action they take is also verified before implementation.
The move towards this approach is considered so important that US President Joe Biden last year issued an executive order requiring all US federal government organizations to adopt a zero-trust architecture.
Many commercial organizations are following suit.
However, in a zero-trust environment, absolute trust is (counterintuitively) placed in the validation and verification system, which in most cases is an Identity and Access Management (IAM) system.
This creates a single trusted entity that, in the event of a breach, provides open access to all of the organization’s systems.
An attacker can use a user’s stolen credentials (such as a username and password) to impersonate that user and do anything they are authorized to do – whether they are open doors, authorize certain payments or copy sensitive data.
However, if an attacker gains access to the entire IAM system, they can do anything the system is capable of. For example, they can claim authority over the entire payroll.
In January, identity management company Okta was hacked. Okta is a single sign-on service that allows employees of a company to have one password for all company systems (because large companies often use multiple systems, each requiring different login credentials).
Following the Okta hack, the accounts of major companies using its services were compromised, giving hackers control over their systems. As long as IAM systems are a central point of authority over organizations, they will continue to be an attractive target for attackers.
In our latest work, we have refined and validated algorithms that can be used to create a decentralized verification system, which would make hacking much more difficult.
Our industrial collaborator, TIDE, has developed a prototype system using the validated algorithms.
Currently, when a user creates an account on an IAM system, they choose a password that the system should encrypt and store for later use. But even in an encrypted form, stored passwords are attractive targets.
And while multi-factor authentication is useful for confirming a user’s identity, it can be circumvented.
If passwords could be verified without having to be stored in this way, attackers would no longer have a clear target. This is where decentralization comes in. Instead of trusting a single central entity, decentralization trusts the network as a whole, and that network can exist outside of the IAM system that uses it.
The mathematical structure of the algorithms that underlie decentralized authority ensures that no single node can act alone.
Additionally, each node in the network may be operated by an independent operating organization, such as a bank, telecommunications company, or government department.
Thus, stealing a single secret would require hacking multiple independent nodes. Even in the event of a breach of the IAM system, the attacker would only have access to certain user data, not the entire system.
And to gain authority over the entire organization, they would need to breach a combination of 14 independently operating nodes. It’s not impossible, but it’s much more difficult.
But beautiful math and verified algorithms are still not enough to create a usable system.
There is still work to be done before we can move decentralized authority from a concept to a working network that will keep our accounts secure.