Disclosure: This article is a new article, largely based on the Provide Technologies Blog and whitepaper Secure Communications Using Blockchain that I co-wrote and published on September 11, 2019.
Today’s internet operates on underlying protocols and services invented in the 1960s during the first stage of the public internet. Based on a standard model for networking that serves only to establish connectivity, it is highly susceptible to centralized control, surveillance, and manipulation—and fails to protect user privacy or data security.
These weaknesses created the ‘hackerpocolypse’ that is currently underway. Permeable and largely in plain text, the internet has become a haven for bad actors. Centralized in many areas, it also is considered fragile.
According to Cybersecurity Ventures, this cybercrime haven will cost businesses in excess of $6 trillion annually by 2021—twice the cost since 2015.
The Cost of Data Breaches
Breaches are becoming more frequent and expensive. A cyber attack occurs every 39 seconds now, and more than 6 million records are breached every day.
With 70% of data being created by individuals, and 80% of data managed by companies, the frustration over how our data is managed is becoming untenable.
Governments are now interceding, creating legislation to push companies to protect customer data better. Last year, the EU implemented General Data Protection Regulation (GDPR). Next January, the California Consumer Privacy Act (CCPA) will go into effect. These regulations compel businesses to treat consumers as sovereigns of their own data. They need the right to be forgotten. They need to own their data destiny.
The Cost of Securing Data
Yet, we continue to build systems that perpetuate information architectures and transport mechanisms that centralize data and their supporting networks. This is an increasingly expensive proposition.
According to Deloitte, businesses spend up to 14% of their IT budget annually—if there are no breaches—securing data that is still unsecure.
Since 2013, just 4% of breaches were “secure breaches” where encryption was used and the stolen data was rendered useless.
Yet, organizations continue to pour money to secure their data the hard way. Large financial companies like JP Morgan Chase spend over $600M a year. For US taxpayers, combating cybercrime will cost the Department of Defense $9,642M—up 10% from 2018.
These costs do not include the actual costs of breaches. In 2019, the average cost to US businesses affected by a data breach rose to $8.19M, up from $7.91M in 2017. The global average cost per data breach was $3.92M. For financial services businesses, the costs of cybercrime is particularly steep—averaging of $18.3M.
Compliance costs are also skyrocketing, with a full third of enterprises over 1000 employees spending over $1M US per year to comply.
Modernizing Secure Communications with Blockchain
This is why it is time to modernize internet communications and application architecture to be secure and sovereign by default—to comply with standards, and to meet the true purpose of customer demands.
It will require work, but it will stop us from the evil game of whack-a-mole with cybercrime, and allow us to return focus to normal operations.
The good news is, the advancements of the past decade in blockchain and decentralization paved the way forward where a new, publicly accessible, fair platform to modernize secure communications is now possible.
The whitepaper Secure Communications using Blockchain discusses these weaknesses and solutions in greater detail.
The Path to Fixing the Internet
To embrace this new, publicly secure internet will not be free. However, thanks to the principles and technologies developed under the blockchain and decentralization banners, components are built, and protocols and services are proven.
To summarize the points in the whitepaper Secure Communications using Blockchain, the changes needed span the 4 areas of the Internet Protocol Suite: Packetization, Addressing, Transmission, and Routing.
Problem 1—Packetization: Domain Name System (DNS) is centralized. Currently centrally managed under the Internet Corporation for Assigned Names and Numbers (ICANN), a non-profit organization, a centralized DNS registry poses a single point of failure for the internet. There are just 13 authoritative name servers (root zones) managing the public internet, and one centralized registry. If any one fails—and they have—URLs could be unresolvable globally. Plus, centralization creates an expensive gatekeeper for registering and maintaining active URLs.
Solution 1: Decentralized, open alternatives to DNS. Projects like the Handshake Protocol are establishing a decentralized network of DNS servers that utilize cryptoeconomic incentives to coordinate consensus on the association between names and certificates. Handshake will not to replace all of DNS, but will replace the rootzone file and the root servers with more open and democratized (read: cheaper!) alternatives. This will make DNS uncensorable, permissionless, and free of centralized gatekeepers such as ICANN.
Problem 2—Addressing: IP addresses are too easily traceable. All communications through the internet use IP addresses. Ranges are fully owned by ISPs, and are easily traced through a single entity responsible for registering IP ownership. Since the majority of communications are direct, they are easily traceable to the neighborhood level, and often with a phone number and a name. Proxies, onion routing, or VPNs can be used to mask ownership, but even those can still be porous.
Solution 2: Protect IP addresses using public blockchain as a message bus. Decentralize addressing federates messages across a multitude of nodes and can be designed to obscure specific addressing by using the blockchain as a message bus. Encrypted messages are published broadly on a busy blockchain network and only users with a corresponding key can decrypt and read them. With substantial volume, tracing message patterns becomes improbable rendering surveillance and manipulation improbable. Redundancy of messages across nodes also serves to improve deliverability and fault tolerance.
Problem 3—Transmission: Hosted messaging lacks privacy and creates a point of failure. Most message communications today are hosted. Whether hosted by your company or in the cloud, hosted email and chat makes it easy for the user. With little to set up, low prices, and someone else managing the headache, hosted services are attractive. However, the nature of creating a centralized repository for information also positions an administrator to be able to access and possibly divulge information, posing serious concerns for privacy and civil liberties. As always, centralization also creates a single point of failure.
Solution 3: Self-sovereign message transmission with blockchain. Well-architected blockchain-based messaging can dramatically enhance user privacy. With the infrastructure to send and store encrypted messages distributed across a blockchain and distributed file systems, no single party would have the ability to read each user's messages. Additionally, traditional messaging systems are “receiver-based,” in that the recipient gets to decide how long messages live and how they are shared. A blockchain based system can change this to be “sender-based” where the sender decides how long a message can persist or be shared during addressing, making messages truly private and secure.
Problem 4—Routing: ISPs are centralized choke points. All IP traffic routing goes through an ISP. Therefore, it can be interrupted or delayed through hijacking or constraining just a few IP prefixes, creating a point of failure for connectivity. This is how national firewalls are created. Additionally, routing protocols socialize information in plain text, creating ample opportunity for interception, and the possibility for cache poisoning, including at the DNS level.
Solution 4: Secure routing through decentralized blockchain. Routing needs to adopt modern security protocols where each connection point securely peers with every other point, regardless of ISP host, using decentralized authentication. This untethered-to-ISPs architecture could also support a public voting mechanism that establishes global consensus for socializing and optimizing routes. However, one of the biggest benefits for communications across a decentralized network remains that routing becomes compartmentalized and makes end-to-end surveillance improbable.
The Path Forward for Secure Communications
Secure messaging communications using blockchain presents a tremendous opportunity to create a better, safer internet.
These tenets create an open, trustless environment that will allow users to communicate freely and safely by default. Importantly, it also builds in standards for data privacy and security that are essential for operating in today’s digital age.
While these applications, protocols and services need to be assembled—and there is still work to be done, we are now officially in the age where we can construct and secure applications that will eliminate many of the costs, central points of failure, and opportunities for surveillance and manipulation.
If you’d like to understand how you can modernize your communications infrastructure with blockchain, check out the whitepaper Secure Communications using Blockchain or contact Provide Technologies at firstname.lastname@example.org.