Blockchain decentralized apps: the future of malwares?

Transcript

1. Blockchain decentralized apps: the future of malwares? Renaud Lifchitz Econocom

   digital.security October 10-11, 2018 HackIT, Ukraine

2. Blockchain decentralized apps: the future of malwares? - HackIT 4.0,

   Kyiv - October 10-11, 2018 Renaud Lifchitz Econocom digital.security IoT security expert https://www.linkedin.com/in/renaudlifchitz/ renaud.lifchitz@digital.security 2

3. The current Web is obsolete Blockchain decentralized apps: the future

   of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 3

4. • The Web has been designed to be decentralized BUT…

   • It’s more and more centralized: Google, Apple, Amazon, Microsoft, … • That makes the spying and data leaks easier • A lot of DDoS attacks succeed • A single server is not enough even to serve a single popular Youtube video • Hosting changes → URLs are broken Blockchain decentralized apps: the future of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 The current Web is obsolete 4

5. • DNS • SSL/TLS certificates • System security • Network

   security • Application security • Passwords Blockchain decentralized apps: the future of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 Many security weak points 5

6. • Load balancing: • is complex • is costly •

   depends on the web technologies involved • Efficient DDoS protection is hard Blockchain decentralized apps: the future of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 Scalability issues 6

7. Several parts should be decentralized: • Back-end (core logic/app) •

   Web front-end (storage of HTML/JS/CSS) • Domain name (storage and resolver) Blockchain decentralized apps: the future of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 A fully decentralized application, is it possible? 7

8. • Scalable since the beginning • DoS & DDoS-resistant •

   No downtime • Censorship-resistant • Fault-tolerant Blockchain decentralized apps: the future of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 Benefits of a decentralized application 8

9. Blockchain decentralized apps: the future of malwares? - HackIT 4.0,

   Kyiv - October 10-11, 2018 Examples of decentralized applications (dApps) 9

10. Blockchain decentralized apps: the future of malwares? - HackIT 4.0,

    Kyiv - October 10-11, 2018 10

11. • Network access: • through P2P / blockchain node (can

    be a light node) • or public gateway (HTTP/HTTPS) • Client application: • browser with extension • or heavy client Blockchain decentralized apps: the future of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 Requirements to use a decentralized application 11

12. Decentralized technologies Blockchain decentralized apps: the future of malwares? -

    HackIT 4.0, Kyiv - October 10-11, 2018 12

13. • ENS (Ethereum Name Service) • Namecoin • BNS (Blockstack

    Naming Services) • IPNS/IPFS (Inter-Planetary Naming System) • … Blockchain decentralized apps: the future of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 Decentralized entry points 13

14. Decentralized storage backends • Ethereum Swarm • Sia • IPFS

    • Storj • … with or without paid incentives Blockchain decentralized apps: the future of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 14

15. • Using smart contracts: • Ethereum (Solidity programming language) •

    Tezos • EOS (not very decentralized) • Bitcoin (somewhat limited) • Once deployed: • No one can modify the code or stop its execution • The code runs simultaneously on all the nodes Blockchain decentralized apps: the future of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 Decentralized execution 15

16. We can choose the Ethereum technology stack with some beta

    components: • web back-end: Ethereum smart contract • web front-end: Ethereum Swarm • domain name: Ethereum Name Service (ENS) Blockchain decentralized apps: the future of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 A fully decentralized application? 16

17. • https://www.ethereum.org/ • More than 12,000 online nodes!: https://www.ethernodes.org •

    Most secured/trustable blockchain nowadays • Average block/transaction time: 15 seconds • Allows safe execution of logic through smart contracts • Allow payments with its digital currency, ether (ETH): https://coinmarketcap.com/currencies/ethereum/ • “Ethereum: the World Computer”: https://www.youtube.com/watch?v=j23HnORQXvs Blockchain decentralized apps: the future of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 The Ethereum blockchain 17

18. • An ENS entry can map a .eth name to:

    • an individual Ethereum account • a content hash for decentralized storage (Swarm or IPFS) • ENS official web site: https://ens.domains/ • Booking an entry: https://enslisting.com/ • ENS stats: https://ens.codetract.io/ Blockchain decentralized apps: the future of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 Decentralized name service: Ethereum Name Service (ENS) 18

19. • Peer-to-peer storage and serving solution • DDOS-resistant, zero-downtime, fault-tolerant,

    censorship-resistant and Soon self-sustaining with incentives (soon) • Swarm protocol: bzz:// • Swarm official web site is stored using… Swarm and is also a Swarm gateway: • https://swarm-gateways.net/ redirects to https://swarm-gateways.net/bzz:/theswarm.eth/ • theswarm.eth resolves to Oxd1de9994b4d039f6548d191eb26786769f580809256b4685ef316805265ea162 • https://swarm-gateways.net/bzz:/d1de9994b4d039f6548d191eb26786769f580809256b4685ef316805265ea162/ Blockchain decentralized apps: the future of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 Decentralized storage: Ethereum Swarm 19

20. Hosting a decentralized photo album Blockchain decentralized apps: the future

    of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 Distributed storage demo: Swarm 20

21. Sharing a multimedia directory Blockchain decentralized apps: the future of

    malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 Distributed storage demo: IPFS 21

22. A decentralized malware Blockchain decentralized apps: the future of malwares?

    - HackIT 4.0, Kyiv - October 10-11, 2018 22

23. • Ransomware acts as a worm (decentralized propagation) • Infected

    devices run light or full blockchain nodes to allow ransom payment • All blockchain nodes run ransomware (command-and-control) smart contract  fully decentralized C&C! • Key generation using private smart contract or better, homomorphic encryption (no private key on infected devices)  unstoppable ransomware! Blockchain decentralized apps: the future of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 Fully decentralized ransomware: proposed logic 23

24. Blockchain decentralized apps: the future of malwares? - HackIT 4.0,

    Kyiv - October 10-11, 2018 Ransomware on the blockchain: proposed architecture 24

25. • Ban blockchain nodes & light nodes in antivirus 

    • Traffic filtering related to blockchain  • Fooling used oracles (bridges between blockchain and the Web), if any • DPI (Deep Packet Inspection) to block calls to specific smart contracts/oracles  • Governance to ban specific smart contracts (e.g. « The DAO »)  Blockchain decentralized apps: the future of malwares? - HackIT 4.0, Kyiv - October 10-11, 2018 Acceptable solutions? 25

26. Thank you! info@digital.security Blockchain decentralized apps: the future of malwares?

    - HackIT 4.0, Kyiv - October 10-11, 2018 26 Any questions?