this post was submitted on 24 Aug 2023
24 points (90.0% liked)

Security

1232 readers
1 users here now

A community for discussion about cybersecurity, hacking, cybersecurity news, exploits, bounties etc.

Rules :

  1. All instance-wide rules apply.
  2. Keep it totally legal.
  3. Remember the human, be civil.
  4. Be helpful, don't be rude.

Icon base by Delapouite under CC BY 3.0 with modifications to add a gradient

founded 2 years ago
MODERATORS
LinearArray@programming.dev
24
Why Decentralization is the Only Way to Prevent Cybersecurity Breaches? (programming.dev)
submitted 2 years ago* (last edited 2 years ago) by Shannon@programming.dev to c/security@programming.dev
3 comments fedilink hide all child comments
 

Why Decentralization is the Only Way to Prevent Cybersecurity Breaches?

1/ A decentralized network is built by people, where individuals function as nodes within the network.

2/ There is no central server that stores data in a single location; instead, all data is distributed across random devices/nodes within the decentralized network.

3/ Data can only be decrypted using a unique private key specific to each user.

4/ Messages are sent with end-to-end encryption (E2EE) within a peer-to-peer (P2P) decentralized network, bypassing the need for a central server, unlike centralized platforms such as Telegram or WhatsApp.

The absence of a central server translates to no centralized data storage, which in turn means no potential entry point for hackers to exploit and compromise data, thus preventing data breaches.

Three decentralized tool that I tried:

  1. SimpleX:
  • Simply a decentralized messaging tool, safer than Session
  1. Nostr:
  • Fully decentralized social platform
  • Full of spam, hard to use compares to mastodom.
  1. WireMin:
  • Not open sourced (if they are open sourced, it will be my top choice.)
  • A combination of mastodon and Session
you are viewing a single comment's thread
view the rest of the comments
[–] jadero@programming.dev 6 points 2 years ago (2 children)

Counterpoints:

1/ A decentralized network is built by people, where individuals function as nodes within the network.

Everything is built by people. People are imperfect, so mistakes happen.

2/ There is no central server that stores data in a single location; instead, all data is distributed across random devices/nodes within the decentralized network.

Where the data is stored is meaningless. Once access is gained to the network, all resources are accessible.

3/ Data can only be decrypted using a unique private key specific to each user.

This is not limited to decentralized networks. It's completely feasible for a central system to be designed in such a way as to ensure that nobody including the system operators has access to user data. Likewise, it's entirely possible to build decentralized networks with no encryption at all.

4/ Messages are sent with end-to-end encryption (E2EE) within a peer-to-peer (P2P) decentralized network, bypassing the need for a central server, unlike centralized platforms such as Telegram or WhatsApp.

As with point 3, encryption is not a function of decentralization. While there may be value in getting rid of a central server, that value is not tied to encryption.

Problems with decentralized systems:

  1. No standard deployment and maintenance. Many security breaches start with a piece of hardware or software that has not received one or more critical security updates. While it's true that centralized systems can be poorly run, it's pretty much a guarantee that some individual node on a decentralized system will fail in deployment or maintenance.
  2. No standard training and use. Many security breaches start with phishing and social engineering attacks. Since these have no technical component, the only protection is found in adequate training and methods of use. While it's true that central systems have been and will continue to be breached in this way, the problem is made worse when people are just left on their own.
  3. Difficulty in key sharing. While it's certainly possible to limit key sharing to social graphs, life is a lot easier and no less secure with central directories.

How to prevent breaches:

  1. No plaintext storage of credentials.
  2. Everything encrypted at rest.
  3. Everything encrypted in transit.
  4. No method for extracting bulk unencrypted data.

If these are properly implemented, it doesn't matter whether the system is centralized or decentralized, no breach can affect more than one user at a time and having breached one user does not make it easier to breach another.

Since your examples all relate to interpersonal communications, I will describe such a centralized system:

  1. When I send a message, it is encrypted with my private key, then encrypted with your public key, then transmitted for storage. Since the outer encryption is under your public key, the service does not need to encrypt anything because you are the only person who can decrypt it.
  2. When you retrieve the message, you decrypt it on your device. But you still can't read it because I first encrypted with my private key. So you pull my public key to decrypt it. Now you can read the message and you know that only I could have sent it!
  3. If I want the central server to keep a copy of the message for my records, then I also send a copy of the message encrypted with my public key. As with the message intended for you, the service need not take any further action since nobody but me has my private key.

There are a number of things that can be done to streamline this system and mitigate against loss of private keys and deal with "perfect forward secrecy", but the system as described will work.

One interesting feature of this system is that, technically, it can operate completely in the open with no user accounts or log ins. Anyone can grab whatever they want because the only stuff they can decrypt is the stuff encrypted with their own public keys. In practice, of course, logins may desirable or even necessary for other reasons.

And going back to the very first point about people and their imperfections, I won't be surprised if someone finds mistakes in my presentation.

There are several reasons to prefer decentralized systems, but data security is not inherently worse in a centralized system.

[–] Shannon@programming.dev 0 points 2 years ago (1 children)

For me censorship and ads are the reasons pushed me away from centralized social platforms

[–] jadero@programming.dev 1 points 2 years ago

Absolutely, me too. I was making the point that encryption is about protecting communications and data, not about network architecture.

It is possible to construct a centralized system that is completely safe against censorship and user profiling.

It is not possible to construct a network that eliminates ads, since anyone with access to the network can either inject ads or spam users who have published addresses. Those ads might not be targeted based on user profiles, but they will still be ads.

Even if you have mechanisms to punish bad actors, it will always be a game of whack-a-mole.

If you utilize any form of filtering, you will still always have false positives and false negatives.

The only ways to stop ads is through strong enforcement of legislation or through contractual agreements.

Enforcement of legislation would require proving that the ad was placed by the people offering the goods or services instead of someone trying to harm that business. If communications are being properly protected, that could be impossible.

Contractual agreements will likely require both centralization and paid service.

All we can ever really do otherwise is to spin up new networks when existing ones become unusable. That is where decentralization (and data ownership!) has much to offer. When it is inexpensive (both financially and with regard to their social graphs) for people to isolate undesirable nodes, create new networks, and migrate to new networks, it becomes more difficult and more expensive for advertisers to follow people around and maintain connections to multiple networks as they are created and die off. That can push the returns on ads too low to justify.