MIT researchers have designed a solution to prevent online identity theft, using bitcoin blockchain technology.

The system is called Catena, and the researchers are Alin Tomescu, a graduate student in electrical engineering and computer science and first author on the paper, and his thesis advisor Srini Devadas, the Edwin Sibley Webster Professor of Electrical Engineering and Computer Science at MIT. Both are members of the Computer Science and Artificial Intelligence Laboratory, the largest research lab at MIT.

MIT has always been on the forefront of blockchain, the technology behind the cryptocurrency bitcoin. The new system was presented last week during the 2017 IEEE Symposium on Security and Privacy.

Catena is about “efficient non-equivocation” through the use of bitcoin blockchain. It is designed to prevent the problem of equivocation, the creation of false encryption keys — the man-in-the-middle attack, as Tomescu called it in his presentation — that trick users into revealing secret information.

“Our paper is about using Bitcoin to prevent online services from getting away with lying,” Tomescu said in a statement.

“When you build systems that are distributed and send each other digital signatures, for instance, those systems can be compromised, and they can lie. They can say one thing to one person and one thing to another. And we want to prevent that.”

A simple explanation for why Catena is needed

Tomescu gave a detailed explanation of the need for Catena, as well as its function, in both the video and research paper, but he broke it all down for TUN to make the concept easily understandable by the layman.

“In order to communicate securely online I need to obtain your public key. Once I have it, I can use it to encrypt a message to you,” Tomescu told TUN.

“This is more difficult than it sounds, because you might be in California and I might be in Romania so you need to send me your public key over the insecure Internet. As a result, attackers can replace your public key with theirs and thus trick me into encrypting messages straight into their hands. Right now, to solve this problem, you and I place trust into an entity called a Certificate Authority (CA). Specifically, we trust CAs to “certify” public keys so that they cannot be modified when sent over the insecure internet.”

But can CAs be trusted to protect our online identities? Tomescu explained why we can’t trust CAs to do that and why we need Catena.

“However, CAs have been compromised or coerced and can still certify “fake” keys for you. Thus, I could still be tricked,” said Tomescu.

“This type of attack is called an equivocation attack: the CA is saying two different things about your identity: it certified two inconsistent public keys as being yours. The question is, can we help you detect such attacks? And the short answer is yes: we can have the CAs publicly and efficiently log all certifications in Bitcoin, so that you can discover any fake certifications. This will hopefully deter such attacks.”

How Catena can help

Bitcoin was launched in 2009, and is considered reliable because each transaction is recorded on a virtual and dependable ledger, or blockchain, which guards against equivocation. Earlier systems that use bitcoin security technology to prevent equivocation, however, have to download the entire blockchain for verification purposes. These files are huge, so one would have to download 110 gigabytes or more of data.

In contrast, verifying a transaction on Catena would require one to download only about 40 megabytes of data, a task that could be accomplished on a smartphone.

“Our idea is so simple — it’s embarrassingly simple,” Tomescu said in a statement.

Bitcoin technology is designed to prevent anyone from spending the same bitcoin in more than one place. Catena builds on that by simply requiring every bitcoin transaction to be accompanied by an actual bitcoin transfer, even if the transfer is to oneself, so it precludes anyone from transferring the same bitcoin to someone else in the same block of the blockchain.

The Catena requirement thus precludes equivocation within the block. Catena users then need download only a small portion of data (about 600 bytes) for each block as cryptographic proof.

The idea behind Catena may appear simple with hindsight, but wasn’t so easy to accomplish.

Tomescu told TUN that he conceived of the idea in early May 2016 but put it to the side for a couple of months. He picked up the idea two months later and began to think about how he would code it. He finally started coding in August and, although he was busy, managed to make the November paper submission deadline for the IEEE Symposium on Security and Privacy.

Conclusion

While the main reason behind Catena is the prevention of equivocation in compromised online services, Tomescu and Devadas hope that their new system can be adopted by secure messaging apps, such as WhatsApp and Signal, or public-key directories like Keybase, to give end users stronger guarantees about non-equivocation.

Catena can also be used to help vendors detect if malicious software binaries have been posted online in their name.

Catena’s success lies in its efficiency.

“Catena represents a simple way to deter online services from lying: just make all statements publicly visible and then lies are evident,” Devadas told TUN.

“The idea of using Bitcoin to do this is not new, but Catena shows how to discover lying efficiently, and this makes for greater deterrence. We hope Catena will be adopted by public-key directories in the near future.”

Tomescu is in complete agreement with his thesis advisor.

“People have been using Bitcoin for this in the past and our project, Catena, shows a way to do it very efficiently, so that you can verify no fake public keys have been certified for you via your mobile phone,” Tomescu told TUN.