The Standards Blog

Will Blockchains Include Insecurity by Design?

512px-FSB_Flag_0.pngAsk any journalist to pick an adjective to use in connection with standards development and the answer will invariably be "boring." But according to a recent New York Times article (yes, it also used that word - as well as "wonky"), the process of creating standards just became a whole lot more interesting - at least when it comes to the blockchain. The reason? A standards working group may have been infiltrated by state actors bent on embedding security flaws into the very standards being created for the purpose of preventing attacks.

And why not? The power of a successful standard comes from the fact that vendors have to adopt it in order to sell a given product or service, such as a WiFi router or a USB device. Indeed, laptops and smart phones include hundreds of standards, each of which is essential to a given function or service. As I noted last week, the blockchain will need standards, too, in order for it to take hold in multiple areas. Some of those standards will be intended to make the blockchain more secure.

With the blockchain promising to become a core infrastructural component of a bewildering and expanding number of use cases, what could be a bigger coup for a national intelligence service than to engineer the inclusion of a backdoor in all that technology that only it could access?

Sound far fetched? Well consider this: according to the Times, several of the participants in a standards group hosted by the International Organization for Standardization (ISO) are members of the Russian Federation's Federal Security Service (FSB) - the successor to the Soviet Union's highly effective and notorious KGB. There's no evidence to date that anything inappropriate has taken place, but on the other hand, participation by a state intelligence agency is highly unusual.

Involvement by government personnel is not in and of itself remarkable. Indeed, in the US, the Technology Transfer and Advancement Act of 1995 requires that each government agency use private sector standards whenever possible, and report to Congress on every instance where it believes it can't. I've represented well over 100 standards organizations in my career, and noted participation by many US and foreign national, state and local government agencies and bodies. But an intelligence agency such as the CIA or National Security Agency (NSA)? Never - at least not visibly.

And why would I? That's a point that the Times, surprisingly, does not pick up on. After all, intelligence agencies don't act out in the open. If the CIA wanted to plant a back door in a blockchain standard, it's highly unlikely they'd place a technical expert on the appropriate working group with "Central Intelligence Agency" on her name tag. Instead, it would plant someone operating under cover, perhaps as an employee of the Treasury Department, or a contractor delivering systems to government customers.

Now that's a scenario one could easily imagine. During the Cold War, spooks from both the east and the west employed every means imaginable - and some that were almost unimaginable - to spy on their opponents. The most rewarding efforts produced ongoing, reliable access to their enemy's most top secret information without the source ever catching on.

With relations today between east and west at an all-time low since the bad old days, and the rise of tensions with new players such as North Korea and Iran, counter-intelligence is very much back in vogue, not to mention state-initiated efforts to steal the valuable commercial and intellectual property of rival nations.

So if spies only act like, well, spies, why were those FSB representatives participating out in the open, instead of being embedded in some other Russian agency?

Perhaps they were simply the most technically astute government employees available. According to someone who asked why the FSB personnel were there, the answer was: “Look, the internet belongs to the Americans — but blockchain will belong to us.”

Other national participants echoed the importance of getting into blockchain technology early and influentially. Gilbert Verdian, the leader of the British delegation, is quoted in the article as saying:

It is a very sought-out technology today, because it really does create the foundation for the future that is coming. To get behind it and back it now is going to put people at an advantage, either politically or economically.

Whatever the motivation of the FSB may be, there's clearly enough motivation to raise the worry that someone, Russian or not, may wish to hijack the standards development process for its own illicit goals. The Times quotes Emma Channing, a consultant, on that point:

In the context of software it is the perfect Trojan. If something gets buried in it, these things will get adopted wholesale — and won’t be questioned on the way in.

Ms. Channing is sufficiently concerned that she's trying to recruit legitimate representatives to ISO blockchain projects to keep them from being stacked by those seeking to subvert the process.

ISO, however, appears not to be concerned:

The chairman of the I.S.O. blockchain committee, Craig Dunn, rejected the idea that any country could shape the process. While I.S.O. proceedings are generally confidential, new standards must go through many stages, with many rounds of voting — first with smaller working groups and then with full national delegations.

Dunn has a point - but only in relation to some types of collaborative work, where the details are easy to understand and where the particular implementation method is left to the vendor.

But that's not true in every case. Indeed, ISO itself recently turned down a cryptography algorithm that the NSA offered up, presumably due to fears that the NSA might secretly have a way to decrypt data jumbled by the algorithm. It says something that American's might not want to hear when a global standards body says "no thanks" to an offer from a US intelligence offer but is totally cool with participation by the successors to the KGB.

To be fair, given the efforts of the NSA to persuade technology vendors to allow them to place backdoors in their products (the vendors claim, by the way, that they refused the requests) and the CIA's admitted monitoring of the cell calls of non-US nationals, that's a pretty obvious suspicion.

And then there's this, also from the Times article:

Few countries have made their interest in the blockchain as clear as Russia. President Vladimir V. Putin met briefly last year with Vitalik Buterin, the founder of Ethereum, the second most widely used blockchain-based virtual currency platform after Bitcoin. Mr. Putin also put the blockchain at the center of his “Digital Economy” program for Russia, and his government has talked about creating a crypto-ruble, similar to Bitcoin. . .

Another member of the Russian delegation, Alexey Urivskiy, told the Russian newspaper Vedomosti last year that the delegation at the I.S.O. committee was supposed to get Russian cryptographic algorithms into the standard. The Vedomosti article said that the head of the Russian I.S.O. delegation, Mr. Marshalko, was affiliated with the F.S.B.

Whether the Russian Federation is out simply for the type of commercial advantage a standards development participant may reap from getting it's own technology embedded in a standard or to plant a back door - or both - isn't something we're likely to find out. Or whether the US or China - or both - are playing the same game.

What we likely should assume is that with motive and opportunity clearly established, there's a real risk that someone will game the standards development system to its advantage. For all we know, they've been doing so for decades. 

Whether that's a good thing or a bad thing depends on which team wins and whether that's a team you support - and whether you believe that all's fair in love and standards - and blockchains.

PS: As has happened so often before with my Frank Adversego thriller series, what I concoct in my plots later ends up happening in the real world. And so it is here, where my newest book involves the Americans, the Russians and "someone else" all seeking to hack various blockchains of critical national and financial importance. I've been posting book five to my author blog as I write it, a chapter a week (14 chapters are posted so far). If you'd like to follow along, make suggestions on plot twists and help me figure out the technical bits, you can do so by starting here.

How hard could it be to hack a Presidential Election?

Funny you should ask: The Lafayette Campaign

The Lafayette Campaign