CryptoAssets are often the object of bank robberies. Here are some reflections about some security design patterns which could be implemented in exchanges.
2. Security, a problem?
Just this year (2017):
In Q1 and Q2 of 2017, Bithumb the largest Korean exchange in volume was
hacked. Personal information was stolen and several customers lost money.
In April, Youbit had to terminate its operations after losing 17% of its funds in a
hack.
Recently (December 2017) EtherDelta was subject to a phishing attack on its
DNS server. Their DNS was compromised and the exchange traffic was re-
directed to a copycat version of the site. Result: 305 ETH lost including a full
bag of ERC20 tokens.
And so on and so forth….
Regularly, we get these news
5. DNS phishing Attack? what to do
If the copycat site is identical to the original one, it is very hard for
users to distinguish the fake one from the original.
Add to the login screen an image and a sentence the client and
the exchange agreed. This has to be different for each user. Users
now have a way to differentiate a copycat from an original. It will
be hard to replicate pieces of information dedicated solely to each
user.
Problem:
Security Design Pattern:
6. A picture displayed for a
particular user
This reminds me of my vacations
A sentence the user wrote
associated to the picture
user ID
password
If a user do not see the picture and
the sentence he/she associated to
the picture, the user can infer it is a
wrong site.
A two factors authentication is
better. Especially with a cell phone
PIN to be entered in addition to the
userID/password.
Add a note mentioning that if the
picture and the comments are not
present, then it is a wrong site.
Users are then trained to watch for
these information elements. It is a
mean for exchanges to the
authenticated to users
7. Is it really you?
user IDs and password could be stolen and be used to
impersonate real users , then to be used to perform all kinds of
unwanted actions.
A two factor authentication involving several devices. For example,
a mobile phone in addition to a laptop/desktop. After a user
enters a user ID and a password, a code is sent to a mobile phone
and this code needs to be entered for full validation.
Problem:
Security Design Pattern:
8.
9. The good old castle…
Web sites offer an open interface to the external world. Some
unknown vulnerabilities may still be present even if we tried hard
to protect the system from hackers. Modern day bank robbers do
not have machine guns, they have keyboards.
Castles of the past where built with several lines of defense, each
protected by walls. Create a similar structure with separated
networks each protected by a firewall. The open ports should be
different at each junction, and data direction being different
between each network. Even use different communication
mechanism. If possible use air gap.
Problem:
Security Design Pattern:
10. Web interface
And/or
FIX interface
As an example, a cryptoAsset exchange
Orders
objects
Clients
Objects
Matching
engine
Accounts
Blockchain
Settlement
Air gap:
A file used to
transfer data
11. What else?
We just scratched the surface and more elaborate schemes can be put in place. For
example, in the case of exchanges, an external replicate of the accounts on different
databases shared by the settlement section and the operational section. It is harder to
compromise several databases localized in different networks
And a lot more….
Increasing lines of defense at the critical sections increases security.
Just a few food for thoughts…