guardtime
  • Portfolio
  • Technology
  • Research
  • About
  • News
We are hiring. Apply now!

Blog & News

21May

Ebay, Attribution and Digital Forensics

Ebay’s announcement today is fascinating to read:

“After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats.”

Here’s our question: How exactly do they know? Can they prove it to their stakeholders?

Despite all the advances in technology over the last 40 years somehow it feels that digital forensics hasn’t advanced much since the 1980s. The status quo for forensics is still for an investigator to use imaging tools and try and figure out what happened after the fact.

To quote another 80s phenomenon: “You cannot be serious”.

The most fundamental flaw with forensics today is the ex post facto nature of evidence collection. Due to the volatile nature of electronic data any hacker worth his salt knows how to delete logs or worse, manipulate logs to cover his tracks and attribute his activity to an innocent party, which is why attribution of crimes on the Internet is so hard, whether a 16 year-old manipulating school records, a nation-state attack on critical infrastructure or cybercriminals hacking into Ebay’s network.

KSI: a universal standard for digital evidence.

When the inventors of KSI set out they weren’t thinking of digital evidence – simply a new signature scheme that uses only hash-functions. The the application for digital evidence is clear.

“The key feature that attract my interest is the “keyless” inside the KSI name. If there is no key, an attacker can obviously not compromise it.” – Rainer Gerhards, author of rsyslog

By eliminating the need for keys, key management the benefits for digital evidence are clear.

Ex-Ante

By integrating KSI into Cloud, Networks and Big Data Governance platforms there is no need to conduct a forensic examination after an incident has occurred – the forensic auditability is built in as a part of the data lifecycle.

Portability of Evidence

Evidence that can cross organizational and service provider boundaries – there is no trusted party that needs to be referred back to.

Independent Verification

Independent verification is probably the most important innovation in KSI. It means that the verification of an event in cyberspace can be verified without reliance on implementation of procedure, security of keys or any trusted human. As a practical example consider the implications of a connected car involved in a collision. Who is liable: the driver, the vehicle manufacturer, the software vendor, the network hardware manufacturer, or the service provider? With independent verification there is no dispute as to exactly what happened when it can be verified without the need to trust any of the parties involved.

Exabyte Scale

The entire world’s dataset, even an exabyte a second can automatically and naturally come with a KSI signature with close to zero network, storage and compute overhead.

The long term vision of Guardtime is to create the Attributed Internet, tag, track and locate functionality for the world’s electronic data. Modern security solutions such as firewalls and sandboxing search for vulnerabilities but they can’t guarantee their absence. KSI allows for different assumptions – by real time monitoring of the integrity of you network you can assume compromise and mitigate in real-time when malware acts.

A universal standard for digital evidence may be just a side-effect of the Attributed Internet but it sure looks like a powerful one from where we are sitting.


  • Share:
  • Twitter
  • Facebook
  • LinkedIn
Previous article Next article
Big Data and Privacy in the Digital Age: Matt Johnson @ TIA 2014 Advertising, Regulatory Compliance and Personally Identifiable Information (PII)
May 28, 2014 May 20, 2014

Martin Ruubel

President,
Guardtime Estonia

Martin on linkedin

Latest news

Nov 05

Guardtime to host the world’s largest blockchain wine trial in Australia

by Guardtime
Oct 28

Putian Hospital Group Selects HSX for Health Care Assurance

by Guardtime
Aug 14

Enabling Multi-Party Trust for 5G and Edge Computing

by Guardtime
Jul 28

Guardtime and Estonian Biobank announce a partnership to deploy Guardtime Helium

by Guardtime
Show archiveHide archive
July 23, 2019
Convergence of Blockchain and Artificial Intelligence
July 09, 2019
Guardtime re-elected to ECSO Board of Directors
July 03, 2019
Guardtime and DMI Broaden Strategic Alliance to Bring Blockchain and Artificial Intelligence Solutions to U.S. Healthcare Sector
June 28, 2019
Guardtime's Randy Bishop, presents at the Utility Cybersecurity Forum in San Diego: Blockchain for Smart Grid Cyber Security.
June 25, 2019
EY, Sensyne Health and Guardtime to use AI and blockchain to link health care reimbursement and actual patient outcomes
June 19, 2019
Guardtime joins Computer and Communications Industry Association
June 12, 2019
Guardtime presents at HIMSS
June 04, 2019
Guardtime Closes Strategic Investment from SICPA, Establishes HQ in Switzerland
May 27, 2019
Guardtime’s new Head of Strategy Luukas Ilves introduces his next steps towards making the world’s information universally reliable
May 27, 2019
Guardtime won the second Estonian digital government hackathon
May 20, 2019
Guardtime delivers cyber exercises for UK critical infrastructure
April 25, 2019
In Memoriam                                  Mari Kert-Saint Aubyn
April 05, 2019
Guardtime Founding Member of Global Blockchain Association
February 28, 2019
Guardtime to Lead Pan-European Cyber Range Federation Development
February 20, 2019
KPMG forms strategic alliance with Guardtime
February 11, 2019
Happy blockchain days at HIMSS in Orlando
January 31, 2019
Defence Technology Institute  of Thailand partners with Guardtime for Cybersecurity Research
January 09, 2019
European Space Agency selects Guardtime for Data Provenance
November 29, 2018
Estonian President visits Guardtime
November 28, 2018
China Food Safety Cloud selects KSI Blockchain for food supply chain track and trace
November 21, 2018
Guardtime Health Appoints Ain Aaviksoo as Chief Medical Officer
November 09, 2018
Dutch Government deploys Guardtime's KSI Blockchain for integrity assurance
September 06, 2018
SUMMUS Global and Guardtime launch partnership to offer blockchain-powered medical specialist platform in Asia
September 04, 2018
Aletheia and UMVA China announce Alliance for Blockchain and Automotive Supply Chain
July 15, 2018
SICPA and Guardtime announce solution to architect trust into U.S. elections
June 20, 2018
World’s first blockchain-supported Personal Care Record Platform launched by Guardtime and partners to up to 30 million NHS patients in the UK 
June 16, 2018
Guardtime’s Glen Ogden to present at BioNJ 2018
June 12, 2018
Guardtime's Martin Ruubel to present at Wirtschaftstag 2018
June 07, 2018
Crypto-custody platforms: 8 must haves for institutional investors 
May 24, 2018
World’s First Blockchain Platform for Marine Insurance Now in Commercial Use
April 17, 2018
Guardtime signs a global pledge to fight cyber attacks
March 12, 2018
Guardtime delivers specialized Cyber Exercise for the UK Civil Nuclear Sector
March 08, 2018
Aletheia awarded Chinese Government contract for a blockchain-based platform targeting copyright violation, fake news and online advertising fraud
February 12, 2018
Verizon to deploy blockchain platform based on Guardtime technology
January 29, 2018
NIAP certification for Black Lantern anti-tamper hardware platform
January 23, 2018
Guardtime and Metaco launch SILO: the cryptocurrency asset management solution for financial institutions
January 12, 2018
Guardtime and CYCL Announce Strategic Partnership for Blockchain-based Content Management Solutions
January 10, 2018
Guardtime wins Sovereign Blockchain Contract for Thai Government
January 05, 2018
Guardtime appoints Randy D. Bishop as General Manager for Energy Infrastructure 
November 27, 2017
Guardtime appoints Kaido Raiend as CISO
October 29, 2017
Guardtime, EDF and Industry Partners Sign Agreement for €26 Million Project Targeting Smart Energy Transmission Grid
October 23, 2017
Guardtime and Intrinsic ID Awarded Dutch Government Contract for Distributed Energy Marketplace 
October 16, 2017
Guardtime and SICPA Announce Strategic Partnership for Enabling Trust in Public Services in a Digital Environment
October 11, 2017
Guardtime appoints Mari Kert-Saint Aubyn as Head of European Affairs
October 03, 2017
Guardtime at Defense Industry Expo Electronic Warfare & Military Cyber Live
October 02, 2017
Guardtime Announces EPIC Systems Integration, Targets US Health Care Interoperability
September 21, 2017
U.S. Department of Energy Contracts Guardtime, Siemens and Industry Partners for Blockchain Cybersecurity Solution
September 04, 2017
EY, Guardtime and Industry Participants Launch the World's First Marine Insurance Blockchain Platform
September 01, 2017
Guardtime appoints Luc Dandurand as Head of Cyber Operations
August 21, 2017
VOLTA – a Compliance Product for GDPR
August 20, 2017
Blockchain IdAM: Guardtime Awarded Development Grant by EU
July 29, 2017
KSI Blockchain to Secure Driverless Buses in Tallinn
May 29, 2017
The 9th CyCon Starts in Tallinn, Estonia
May 21, 2017
SAP Combats Cyber Risk in Military Supply Chains with Blockchain
May 10, 2017
Jamie Steiner at DIA Amsterdam on 11-12 May
April 27, 2017
Lockheed Martin Contracts Guardtime Federal for Innovative Cyber Technology
February 27, 2017
Guardtime Awarded Best Government Emerging Technology at WGS 2017
February 06, 2017
Guardtime Appoints James Koo as President of Guardtime Singapore
February 01, 2017
Guardtime Awarded Contract for Next-Generation NATO Cyber Range
January 12, 2017
NMC Health Partners with UAE-based Telecom 'du' for a pilot to deploy Guardtime’s KSI Blockchain
November 25, 2016
Martin Ruubel to Give Keynote at TRUSTECH, the Largest Event Dedicated to Trust-Based Technologies
November 18, 2016
Securing the Physical Supply Chain: PUF Technology and KSI Blockchain
October 24, 2016
Dentsu ISID, SIVIRA and Guardtime Pilot Farm to Fork Supply Chain Tracking with Blockchain
October 06, 2016
GE and Ericsson launch KSI Blockchain based Cloud Assurance for the Industrial Internet
October 03, 2016
Intrinsic-ID and Guardtime Announce Alliance on IOT Blockchain
September 21, 2016
AssureNet and Guardtime Implement Blockchain based Connected Car Liability Management
August 31, 2016
Lifetrack Medical Systems Upgrades its Digital Radiology Platform with Guardtime's KSI Blockchain Technology
August 28, 2016
Blockchain-Enabled Cloud: Estonian Government selects Ericsson, Apcera and Guardtime
July 20, 2016
Guardtime Federal Appoints Jeffrey Schrader as CFO
July 17, 2016
Increasing Healthcare Security with Blockchain Technology
July 05, 2016
Guardtime Signs a Strategic Alliance Agreement with EU Commission on Cybersecurity
June 28, 2016
Guardtime Announces KSI Blockchain Integration for Oracle 11g and 12c
April 25, 2016
Innovative Approaches for Enhanced SATCOM Security
March 16, 2016
Blockchain and Implications for Trust in Cybersecurity
February 12, 2016
Estonian  eHealth Authority Partners with Guardtime to Accelerate Transparency and Auditability in Health Care
November 17, 2015
Estonian Ministry of Defence and Guardtime Support Cyber Defence Education
November 08, 2015
Guardtime Announces New Development Center in Irvine, California, Doubles Engineering Staff
October 13, 2015
Blockchain Based Immutable Infrastructure
October 07, 2015
Lockheed Martin and Guardtime Federal Target Data Manipulation Cyber Threats
September 17, 2015
OPM Breach - Truth, Trust and Integrity
September 13, 2015
The End of Lies: The Coming Blockchain Revolution
July 08, 2015
A Blockchain Alternative to Certificate Pinning
June 24, 2015
Why Let’s Encrypt Everything Misses the Point
May 21, 2015
Guardtime Announces BLT, New Blockchain Standard for Digital Identity
May 15, 2015
Guardtime Appoints Tony Kenyon as CTO EMEA
May 13, 2015
BlockCloud: Re-inventing Cloud with Blockchains
April 06, 2015
Six Reasons Security Will Fail on the Industrial Internet
March 15, 2015
Six Reasons why Encryption isn’t working
March 03, 2015
Ericsson introduces industrialized data-centric security
February 10, 2015
Q: What do HSBC and Anthem have in Common?
January 17, 2015
Blockchain Security Implications for the Industrial Internet 
December 07, 2014
Our answer to Peter Thiel: Start with Integrity
November 03, 2014
What Geer’s Law means for Visa
October 28, 2014
In Docker We Trust? Containerization, Security and Trust Models
October 14, 2014
Guardtime Recognized as the Leading Technology Company in Estonia
October 08, 2014
Matt Johnson to Present at PNAA Defense, Space & Security Conference
October 06, 2014
Google, Subrogation and Cloud Data Residency
October 05, 2014
Matt Johnson to present at the ETSI/IQC Quantum-Safe Crypto Workshop in Ottawa Canada on 6-7 October
September 22, 2014
Data Poisoning
September 12, 2014
Native Forensics, Integrity Instrumentation and Breach Management
September 09, 2014
David Hamilton Appointed as President of Guardtime Federal
September 03, 2014
Ericsson and Guardtime Partner to Create Secure Cloud and Big Data
September 02, 2014
The Industrial Internet: Forensics, Attribution and Data Governance
August 24, 2014
Block Chains, Time and Lorentzian Frames
August 22, 2014
C-RAN: Addressing Vulnerabilities with KSI-Enabled Cloud Forensics
August 20, 2014
Rethinking Cloud Forensics
July 02, 2014
Matt Johnson’s Keynote at Asia Cyber Liability Conference in Singapore
June 30, 2014
Privacy, Integrity and Big Data Rules
June 20, 2014
What Bitcoin means for SWIFT: Technological Progress and Provable Security
June 18, 2014
Hardening PKI to Address the IoT and Mobile Devices
June 14, 2014
Cisco's Vision of Next Generation Cybersecurity
June 12, 2014
Addressing CIO Concerns Over the Public Cloud
June 12, 2014
Trust and Truth in the Public Cloud
June 02, 2014
Integrity: The Number One Threat to Corporations
May 28, 2014
Big Data and Privacy in the Digital Age: Matt Johnson @ TIA 2014
May 21, 2014
Ebay, Attribution and Digital Forensics
May 20, 2014
Advertising, Regulatory Compliance and Personally Identifiable Information (PII)
May 11, 2014
Target: A Confidentiality or Integrity Breach ?
May 07, 2014
Big Data Governance and Security for the Fortune 500
April 29, 2014
Freedom Online Coalition Dinner Hosted by President Toomas Hendrik Ilves in Tallinn
April 28, 2014
Guardtime And Authentise Form Strategic Partnership For 3D Printing IP & Supply Chain Assurance Services
April 25, 2014
Attribution And Data Lakes: The Future of Big Data
April 16, 2014
President's Day in Estonia
April 09, 2014
Whitepaper: Virtualization and Attribution
April 09, 2014
Heartbleed
April 07, 2014
Guardtime Launches Industry’s First API Integrity Platform
March 25, 2014
Securing APIs and Operational Data Sources using KSI
March 23, 2014
KSI and Third Party Verification (TPV) Services
March 03, 2014
Whitepaper: Cloud Insecurity and True Accountability
February 28, 2014
Implementing Data Governance at Internet Scale
February 10, 2014
The Target Compromise: Trust and Verification in Cyberspace
January 23, 2014
Cyber Security: A 3 Trillion Dollar Problem for Governments & Global Corporations
November 22, 2013
Privacy and Integrity on the Internet of Things. If all you have is a PKI hammer…
September 15, 2013
Guardtime invited to 68th General Assembly of the United Nations
September 04, 2013
ZDNet: The Estonian cryptography startup that wants to be the Qualcomm of data security
June 08, 2013
Cyber Conflict 2013, Government Accountability and The Insider Threat
April 12, 2013
Quantum Computing, KSI and Flat-Earthers
  • © 2019 Guardtime
  • Terms of Use
  • Trademark Guidelines
  • Home Page
  • Portfolio
  • Technology
  • Research
    • Publications
    • Contact
  • About
  • News