Check out all the on-demand sessions from the Intelligent Security Summit here.
As cryptocurrency adoption grows, so does the need to secure the technology.
In the words of Adrien Treccani, CEO of digital asset management company Metaco, “dealing with cryptocurrencies has been a disaster.”
“Every year you have a new hacking, [with] companies losing their coins or an employee of the company stealing part of it,” Treccani told VentureBeat’s European correspondent Chris O’Brien at the Transform 2021 conference. “You realize that managing cryptographic secrets is not trivial at all when they potentially represent millions or billions of dollars.”
Trecanni elaborated on the challenges of securing cryptocurrencies and the role of confidential computing.
Intelligent Security Summit On-Demand
Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.
Why it’s hard to keep cryptocurrencies secure
Metaco provides security infrastructure to financial institutions that want to offer cryptocurrency-related services to their clients. In a nutshell, cryptocurrencies rely on cryptography — like a very long password — for security. If a bank wants to secure cryptocurrencies and use them on a daily basis, it needs the appropriate infrastructure.
The challenge lies in having to not just protect cryptographic secrets, but also manage access within a large corporation, Treccani explained.
He said a successful security framework ensures that even when hundreds of employees are interacting with the infrastructure, there’s no point of failure in the chain. “You can be confident that 10 years later, even if you have not actively maintained your platform, you don’t have holes in it that could be exploited by either insiders or outsiders.”
Confidential computing secures cryptocurrencies
Simply put, confidential computing is a way to secure access to a vault.
“At Metaco, we started working exclusively with hardware security modules, and we had great solutions to manage the keys,” Trecanni said. “But then we realized having an HSM is a bit like having a secure vault. How do you secure the key to the vault?”
The rules are defined by what comes into play. Certain people and employees can access the vault and do only what they’re tasked to do.
Security and access represent ongoing tradeoffs, Trecanni said.
“You have to position yourself on a scale where you want maximum security, but subject to use cases that you need to satisfy,” he explained.
To do this, Metaco combines the use of HSM and confidential computing. While “confidential computing” is a relatively new term, Trecanni said the concept has been around for years. And the technology has undergone multiple stages of evolution before reaching its current stage of maturity, he added.
“The ability to leverage a platform which is by design secure, by design confidential, is a game-changer,” Trecanni said.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.