Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Blockchain decentralized apps: the future of malwares?

Blockchain decentralized apps: the future of malwares?

Renaud Lifchitz

October 11, 2018
Tweet

More Decks by Renaud Lifchitz

Other Decks in Research

Transcript

  1. Blockchain decentralized apps:
    the future of malwares?
    Renaud Lifchitz
    Econocom digital.security
    October 10-11, 2018
    HackIT, Ukraine

    View full-size slide

  2. Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    Renaud Lifchitz
    Econocom digital.security
    IoT security expert
    https://www.linkedin.com/in/renaudlifchitz/
    [email protected]
    2

    View full-size slide

  3. The current Web is obsolete
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    3

    View full-size slide


  4. The Web has been designed to be decentralized
    BUT…

    It’s more and more centralized: Google, Apple, Amazon, Microsoft, …

    That makes the spying and data leaks easier

    A lot of DDoS attacks succeed

    A single server is not enough even to serve a single popular
    Youtube video

    Hosting changes → URLs are broken
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    The current Web is obsolete
    4

    View full-size slide


  5. DNS

    SSL/TLS certificates

    System security

    Network security

    Application security

    Passwords
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    Many security weak points
    5

    View full-size slide


  6. Load balancing:

    is complex

    is costly

    depends on the web technologies involved

    Efficient DDoS protection is hard
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    Scalability issues
    6

    View full-size slide

  7. Several parts should be
    decentralized:
    • Back-end (core logic/app)
    • Web front-end (storage of
    HTML/JS/CSS)
    • Domain name (storage
    and resolver)
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    A fully decentralized application,
    is it possible?
    7

    View full-size slide

  8. • Scalable since the
    beginning
    • DoS & DDoS-resistant
    • No downtime
    • Censorship-resistant
    • Fault-tolerant
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    Benefits of a decentralized application
    8

    View full-size slide

  9. Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    Examples of decentralized applications (dApps)
    9

    View full-size slide

  10. Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    10

    View full-size slide

  11. • Network access:
    • through P2P / blockchain node (can be a light node)
    • or public gateway (HTTP/HTTPS)
    • Client application:
    • browser with extension
    • or heavy client
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    Requirements to use a decentralized
    application
    11

    View full-size slide

  12. Decentralized technologies
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    12

    View full-size slide

  13. • ENS (Ethereum Name Service)
    • Namecoin
    • BNS (Blockstack Naming Services)
    • IPNS/IPFS (Inter-Planetary Naming System)
    • …
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    Decentralized entry points
    13

    View full-size slide

  14. Decentralized storage backends
    • Ethereum Swarm
    • Sia
    • IPFS
    • Storj
    • …
    with or without paid
    incentives
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    14

    View full-size slide

  15. • Using smart contracts:
    • Ethereum (Solidity programming language)
    • Tezos
    • EOS (not very decentralized)
    • Bitcoin (somewhat limited)
    • Once deployed:
    • No one can modify the code or stop its execution
    • The code runs simultaneously on all the nodes
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    Decentralized execution
    15

    View full-size slide

  16. We can choose the Ethereum technology stack
    with some beta components:
    • web back-end: Ethereum smart contract
    • web front-end: Ethereum Swarm
    • domain name: Ethereum Name Service (ENS)
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    A fully decentralized application?
    16

    View full-size slide


  17. https://www.ethereum.org/

    More than 12,000 online nodes!:
    https://www.ethernodes.org

    Most secured/trustable blockchain nowadays

    Average block/transaction time: 15 seconds

    Allows safe execution of logic through smart contracts

    Allow payments with its digital currency, ether (ETH):
    https://coinmarketcap.com/currencies/ethereum/

    “Ethereum: the World Computer”:
    https://www.youtube.com/watch?v=j23HnORQXvs
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    The Ethereum blockchain
    17

    View full-size slide


  18. An ENS entry can map a .eth name to:

    an individual Ethereum account

    a content hash for decentralized storage
    (Swarm or IPFS)

    ENS official web site: https://ens.domains/

    Booking an entry: https://enslisting.com/

    ENS stats: https://ens.codetract.io/
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    Decentralized name service:
    Ethereum Name Service (ENS)
    18

    View full-size slide


  19. Peer-to-peer storage and serving solution

    DDOS-resistant, zero-downtime, fault-tolerant, censorship-resistant
    and Soon self-sustaining with incentives (soon)

    Swarm protocol: bzz://

    Swarm official web site is stored using… Swarm and is also a Swarm gateway:

    https://swarm-gateways.net/ redirects to
    https://swarm-gateways.net/bzz:/theswarm.eth/

    theswarm.eth resolves to
    Oxd1de9994b4d039f6548d191eb26786769f580809256b4685ef316805265ea162

    https://swarm-gateways.net/bzz:/d1de9994b4d039f6548d191eb26786769f580809256b4685ef316805265ea162/
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    Decentralized storage:
    Ethereum Swarm
    19

    View full-size slide

  20. Hosting a decentralized photo album
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    Distributed storage demo: Swarm
    20

    View full-size slide

  21. Sharing a multimedia directory
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    Distributed storage demo: IPFS
    21

    View full-size slide

  22. A decentralized malware
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    22

    View full-size slide

  23. • Ransomware acts as a worm
    (decentralized propagation)
    • Infected devices run light or full blockchain
    nodes to allow ransom payment
    • All blockchain nodes run ransomware
    (command-and-control) smart contract
     fully decentralized C&C!
    • Key generation using private smart contract or
    better, homomorphic encryption (no private
    key on infected devices)
     unstoppable ransomware!
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    Fully decentralized ransomware:
    proposed logic
    23

    View full-size slide

  24. Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    Ransomware on the blockchain:
    proposed architecture
    24

    View full-size slide

  25. • Ban blockchain nodes & light nodes in antivirus 
    • Traffic filtering related to blockchain 
    • Fooling used oracles (bridges between blockchain and
    the Web), if any
    • DPI (Deep Packet Inspection) to block calls
    to specific smart contracts/oracles 
    • Governance to ban specific smart contracts (e.g. « The DAO ») 
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    Acceptable solutions?
    25

    View full-size slide

  26. Thank you!
    [email protected]
    Blockchain decentralized apps: the future of malwares? -
    HackIT 4.0, Kyiv - October 10-11, 2018
    26
    Any questions?

    View full-size slide