Turn-Key Simplicity Meets MPC Security
An Introduction to Threshold Signature Wallets With MPC
The recent announcement of the CYBAVO VAULT™ is an important milestone in the industry’s migration toward more secure, multiparty computation (MPC) -based cryptocurrency wallets and expands the rapid adoption opportunities to a far wider range of users.
Some of the industry’s largest and most technologically advanced financial services firms are implementing MPC to maximize transaction security on their exchanges and custodial wallets. (See the blog An Introduction to Threshold Signature Wallets with MPC) However,
Are Threshold Signatures Really More Secure Than MultiSig?
Cryptography is a primary means of protecting digital information, typically through encryption. In modern cryptography, the algorithms are standardized and well known but the keys are secret. Many algorithms are so advanced that even the most powerful computers cannot defeat them. So, hackers focus on stealing the secret keys instead. Therefore, the effectiveness of protecting data through cryptography is primarily dependent on maintaining secrecy of the cryptographic keys.
Institutional Crypto Trading Is Coming, Is Your Wallet Ready?
I was informally chatting with the security architect for a major financial services company earlier this week and he candidly asked “are threshold signatures really more secure than MultiSig or is it just a more effective way of achieving the same level of security?” As we continued the discussion I realized it was a really important question that I hadn’t addressed directly enough in our discussion about cryptocurrency wallet security.
Cryptocurrency Wallet Security
Cryptocurrencies are shifting from the obscure dark corners of the web to mainstream press, and soon mainstream institutional investors. Over recent months we’ve seen formal announcements of bank-backed cryptocurrency exchanges from SBI Holdings and Fidelity Investments. We’ve also seen clear signals of intent to offer institutional trading of cryptocurrencies from Goldman Sachs, Morgan Stanley, and JP Morgan. As cryptocurrencies become traded by institutional investors the stakes will increase and the security requirements for institutional-grade wallet security will rise. Is your exchange or hot wallet service ready to compete in this environment?
Meltdown and Spectre – divide and conquer
As the popularity of cryptocurrency trading explodes, one of the biggest risk factors for existing and potential investors continues to be the large scale hacks of exchanges and digital wallets. Digital wallets are well-known across legacy applications such as e-payment and PKI, with cryptocurrencies now added to the list. Security is very important for all of these applications, but perhaps most for cryptocurrencies, because transactions are irrevocable when they’re used in conjunction with blockchain schemes.
A short introduction to Multiparty Computation (MPC)
Security experts recently revealed two computer flaws called Meltdown and Spectre, serious vulnerabilities that threaten data by targeting modern microprocessors. This blog post discusses cryptographic protection called Multi-Party Computation (MPC), a way of mitigating the attack vectors by distributing vulnerable data onto different servers, a so-called "divide and conquer" strategy.
Use case: Document signing services
Multiparty Computation (MPC) is a technology that allows you to compute on encrypted values. This might sound impossible at first – but in fact, using the right kind of cryptography, it is indeed possible. Using MPC a number of servers can jointly compute any function without learning the inputs to the function.
In this blog post, we give a brief introduction to MPC: how it works and what it is good for.
Encrypting data on Amazon S3
In early March, Penneo – the digital signature platform used by Scandinavian businesses – rolled out a new feature for selected customers. The new feature allows customers to protect access to their documents stored in the Penneo managed archive using encryption keys, not controlled by Penneo, effectively separating the lock from the key.
Penneo customers who take advantage of this service will have 100% control over who has access to their documents.
The “cloud encryption problem” in a nutshell
For cloud storage services the need for encryption is clear. Using Amazon S3 as the use case, this blog post considers the different choices available for your application when encrypting data stored at cloud storage providers.
Amazon S3 Demo
A recent survey of the nearly 300,000 professionals who are members of Linkedin’s Information Security Group showed that more than 90% of them have moderate or high levels of anxiety over the security of their data resident in public cloud services.
Trust in Big Brother?
Try our Java S3 Demo and start encryption data on Amazon S3 in just a few minutes.
If I had a KMaaS in 2013
Everywhere I turn these days, I find plenty of bewildering bills and proposals related to privacy, security, and encryption from congressmen, senators, assemblymen and politicians of various colors who are in the business of introducing legislation in the U.S., EU, and other countries.
This is a story about how I came to wish for a pure-cloud Key Management System (KMS), delivered in the form of a SaaS offering, for the strong encryption of unstructured data. In other words, a true Key Management as a Service (KMaaS) that could be decoupled entirely from expensive conventional Hardware Security Module (HSM) appliances, deliver cryptographic security (rather than password or trust based), and yet, scale at cloud economics.