Secure second-factor authentication for custodial wallets

by | Aug 6, 2022 | Technology

Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.

Institutional custody often involves the management of substantial amounts of cryptocurrencies, often belonging to several users. The total value managed is often in billions. While cryptocurrency keys can be managed inside hardware security modules (HSMs), which are highly secure, the application that interacts with the HSM using an API key is often in an environment that is much less secure.

The Secret Zero Problem

If this application misbehaves or is compromised and the API key is stolen, a custodian could see heavy losses. This is an instance of the famous Secret Zero Problem; while most of the secrets can be protected inside secure environments, there is at least one secret that remains in an environment that may be considered less secure.  

Figure 1: An illustration of the Secret Zero Problem.The typical way custodial wallet service providers address this issue is by providing a second-factor authentication system. Once a user initiates a cryptocurrency transfer, the user is requested to input a pin number or a time-based one-time password (TOTP) generated by an authenticator app installed on their phones. Google Authenticator and Duo are commonly used authenticator apps.

In this article, I question whether this approach is indeed more secure and whether this approach solves the Secret Zero Problem.  

2FA isn’t helpful in insecure environments

In reality, second-factor authentication systems are often deployed in insecure environments. I.e., they are often deployed in the same environment as the backend application managing the HSM API keys. If this insecure environment is breached by an attacker or malicious insider, the cryptocurrency keys managed by the HSM could be used to sign transactions and this could lead to heavy losses to the custodial wallet provider and their customers.  

Figure 2: Second-factor authentication systems are often deployed in insecure environments.When second-factor authentication systems are compromised, such events do make headlines. For example, the second-factor authentication system of a well-known exchange was recently compromised and over 400 users lost somewhere between $30 million to $40 million in cryptocurrencies. The exchange took the loss on their own account and compensated the users. But such events do hurt the reputations of businesses that aim to maintain the highest standards of security.  

The problem is not with second-factor authentication; 2FA is important. The problem lies in how second-factor authentication systems are implemented and deployed. If a s …

Article Attribution | Read More at Article Source

Share This