Modern security remains based on blind luck. Hope that you can patch vulnerabilities faster than attacker –a doomed strategy that is being played out over and over again in our critical financial and defense systems. There will always be vulnerabilities – zero day exploits, malicious insiders, misconfigurations, practice and policy vulnerabilities. It’s an arms race and the attackers are winning and will continue to win unless we fundamentally rethink assumptions and find a way to build security technologies whose efficacy, in accordance with Geer's law, can be empirically determined.
One of the dominant paradigms in cryptographic research is "provable security." This is the notion that to have confidence in the security of a cryptographic protocol it is necessary to have a mathematically rigorous theorem that establishes a conditional guarantee of security given certain assumptions.
The challenge, and reason why provable security has remained in the ivory towers of academia is that it is completely useless if, in accordance with Geer’s law, there are other assumptions (such as trusted humans or security of keys) that cannot be verified. Simply put the provability of cryptographic theorems doesn’t matter much in the real world if there are other attack vectors that can defeat the security much more effectively.
Enter the Block Chain
Interestingly recent crypto-currencies address security using different assumptions – distributed consensus instead of centralized authorities. The Blockchain is based on distributed consensus i.e. a transaction is only complete once a sufficient number of participants have entered the transaction into public ledger of transactions (block-chain). Once complete anyone, anywhere can verify a transaction without reliance on a centralized authority.
Now think about applying this to critical infrastructure, POS payment systems, cloud, big data or industrial data lakes. If every component that defines that infrastructure is entered into a blockchain as well as every data transaction (storage, compute, transport) then everything can be verified in a provable way i.e. you can state assumptions and derive a proof of security. Then any malicious change in the state of that infrastructure indicates a breach – which can be acted upon in real-time. It is security based on different assumptions - but those assumptions provide a level of empirical verifiability that has not been possible to date.
What this means for Visa
Visa sits at the very heart of the world’s transaction systems processing 81 billion transactions per year worth 8 trillion USD. Yet like any industry leader they must remain paranoid to new payment mechanisms hatched in Silicon Valley, whether garages or Cupertino-based shiny corporate headquarters. Indeed according to their own recent 10K:
“If we cannot keep pace with rapid technological developments to provide new and innovative payment programs and services or with new laws and regulations, the use of our products, our revenues and net income could decline”.
Charles Scharf, their CEO recently said in an interview with Bloomberg magazine “We have to think and act much more like a technology company than we have before. The payments world is changing. There are new entrants, new opportunities for people to get into our business and other opportunities for us to grow our business in ways that didn’t exist before.”
For Visa we think that one of those opportunities is security. Imagine if every Visa payment could be entered into a blockchain style public ledger so that there was a mathematical proof of time, integrity and attribution for every transaction in the world.
We posed the same question to Ericsson last year and we are thrilled to be teaming with them on what Bloomberg estimates to be a 69 Billion USD data safety market. It would be a privilege for our firm to meet with Mr Scharf and his management team to collaborate on providing security and attribution for the world's next one billion mobile payment adopters.