Security is not safety

Dr Neeraj Oak explains the first of the three themes of the new book: “Virtual Currencies- From Secrecy to Safety”. In this post, he covers the ideas of secrecy and safety, and considers why they may not be able to coexist.

clip_image002

It’s often said by proponents of cryptocurrencies that the design of such systems makes them safe to use. Is this really true?

It’s easy to confuse the idea of a secure system with that of a safe one. In reality, these terms mean very different things. A secure system is one that is locally resilient to errors or malicious attack. A safe system is a much more all-encompassing idea, describing an environment in which users can make payments with confidence, knowing that their money and personal information cannot be stolen, leaked or lost.

To illustrate the difference between security and safety, I like to use the example of putting a padlock on a live bomb. A padlock is a security device; it stops people from tampering with whatever object it is attached to, protecting it from potential attackers. But does it make the bomb any safer? Perhaps a little, since someone trying to set off the bomb may have a little more trouble doing so. However, the bomb still remains as dangerous as it was before; if it were to go off, it would cause no less damage.

How does this analogy fit with the cryptocurrencies on today’s markets? I’d agree that the security features are impressive, indeed many of the methods they use are ahead of their time. But safety has still eluded many cryptocurrencies, as several incidents ([1],[2],[3]) in the past years have shown. The problem is that while the security provided by cryptography and the blockchain is strong, attackers find it easy to bypass these by targeting individual users.

Attacks on users include phishing, communications exploits, keylogging and mining clipboards and computer data. These types of attack predate cryptocurrencies and are often used against services like online banking. The difference is that centralised organisations banks will often take responsibility for flaws in their security systems and go to a great deal of effort to ensure customers are kept safe. This could include providing memorable information, tying online banking to email or telephone banking to force attackers to break two levels of security or using physical devices such as card readers to verify transactions. In a decentralised system like Bitcoin, there is currently no provision of such features, nor is there likely to be one in the near future.

Beyond the means of attacking users, the consequences of attacks are also reduced in cryptocurrencies. Anonymity means that attackers find it easier to hide their true identity, giving them safe havens to store stolen funds. Further, transactions cannot be reversed without the explicit consent of both parties, so once a user has lost money to a thief or scammer, there really is no way of getting it back. In the case of online banking, there may be some means of halting transactions or compensating users. This is not the case in many of today’s generation of decentralised virtual currencies.

While there is certainly a vulnerability in the safety aspect of virtual currencies at the moment, this need not always be the case. Allowing anonymity or secrecy is a choice that many of these virtual currencies make, and is not intrinsic to their operation. Anonymity has been one of the most attractive features to the early adopters of cryptocurrencies such as Bitcoin, but it is not the only reason to use such technologies. Decentralised cryptocurrencies could potentially be faster, cheaper, more accessible and more convenient than centralised payment services. Abandoning anonymity could be a drastic step in the eyes of many current users of cryptocurrencies, but if it has a positive effect on the safety of the system, then it is a step that both current and future cryptocurrencies should consider.

Join me for the next post, in which I look at the consequences of trading secrecy for safety and the importance of attracting mainstream users to cryptocurrencies, which are still considered by many to be a fringe movement.

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.