Bitcoin Security Receives a Much-Needed Upgrade

Featured article by John Grimm, senior director of product marketing, Thales e-Security

Even if you can’t quite explain what Bitcoin is or how it operates, chances are that you have at least heard of it. This leading-edge cryptocurrency has been shaking up notions of what currency is and how value is transmitted since its founding in 2008. Bitcoin is intriguing to investors, technology watchers and even a few bankers due it is blockchain technology, a transaction database shared by all nodes participating in a system based on the Bitcoin protocol.

This all seems interesting to economists and the intellectually curious, but Bitcoin has not begun to enjoy mainstream business and consumer adoption. Speculators in a new currency expect a bumpy ride, but even for users who just want real-time transactions, the Bitcoin community can sometimes look like the Wild West of payments. Public attacks and accidents such as Mt. Gox, BitStamp, the Silk Road, Neo & Bee can paint the world of cryptocurrency as an unfriendly place to do business.

The security record of Bitcoin doesn’t help to reassure would-be users, either. Out of all Bitcoins that have ever existed, up to ten percent have been lost or stolen. At the time of writing, that represents over $350 million in lost value. These losses have almost entirely stemmed from weak security practices – in particular, poor management and protection of the keys that quite literally translate to cash.

Bitcoin security is reliant on keeping private cryptographic keys secure from theft, loss and misuse – and this has proven to be its central security challenge. For decades, the payments industry has mandated the use of hardware security modules (HSMs) to keep private keys secure. Time and time again they have been proven to be the best means of safeguarding payments-related data such as PINs and card details. The trouble is that they don’t speak Bitcoin.

All that is changing, though. Bitcoin service providers have begun bringing HSM security to Bitcoin transactions and wallets via techniques that include multi-signature platforms. By abstracting away the hard parts of blockchain development, these approaches offer developers the simplest way to get up and running, giving them expert security by default.

Cryptographic signing operations are central to every Bitcoin transaction, and HSMs are perfect for securing not just the private wallet keys but also creating the signatures to transfer funds. Higher-order security techniques such as hierarchical deterministic key derivation and multi-signature transaction authorization can add even more substantial layers of security. Taking advantage of this approach requores securing application code as well as keys and crypto to create a tamper-resistant application.

New security capabilities such as this may propel the popularity of Bitcoin forward as people and institutions feel more secure about giving and receiving these payments. This cryptocurrency, however anti-establishment or interesting it may be, cannot survive without a robust level of security. In the wake of massive, ongoing data breaches and identity theft and fraud, consumers will not embrace any new technology that might further compromise their financial stability.

John Grimm is senior director of product marketing at Thales e-Security and a leader with over 20 years of high technology experience that also includes industry solution development, product management and software development.