Sanghwan Ahn (h2spice) LINE / Security Strategy Team BITBOX is a trusted platform where users can exchange cryptocurrencies. It is necessary to make this platform secure since attackers have been targeting cryptocurrency exchanges to steal funds residing in user wallets. Many cryptocurrency exchanges have already been attacked in the past. We have studied cryptocurrency exchange hacks in order to make BITBOX user assets safe against cyber attacks using two security strategies: one is layered security and the other one is defense in depth. Layered security is the combination of a series of security counter-measures, each layer protects against a different attack vector. This way, each counter-measure can cover gaps of the others. Defense in depth, on the other hand, assumes a broader range of scenarios which can not all be covered using technological means or new security threats that are not traditionally recognized such as disaster recovery, malicious insider threat, sophisticated(or zero-day) attack, etc. In this talk, he will share LINE's security strategies and a cryptocurrency exchange security architecture focused on protecting user assets even when the adversary gain full control of the system.

1. BITBOX: HOW TO SECURE A
CRYPTOCURRENCY EXCHANGE
SANGHWAN AHN(H2SPICE), SECURITY STRATEGY TEAM

2. ● Senior Security Engineer
Security Strategy Team, LINE Corporation
● Mentor
Best of the Best, Korea Information Technology Research Institute
● Speaker
SECUINSIDE, KIMCHICON, LINE and Intertrust Security Summit,
PacSec, CODEBLUE, HITCON
● Application Security, Trusted Computing
AHN SANGHWAN (H2SPICE)

4. CRYPTOCURRENCY EXCHANGE HACKS
Coinrail: $37,000,000 (in various tokens), 2018.06
BitGrail: $195,000,000 (17,000,000 NANO), 2018.02
CoinSecure: $3,300,000 (438 BTC), 2018.04
Coincheck: $534,800,000 (523,000,000 NEM), 2018.01
Zaif: $60,000,000 (5,966 BTC), 2018.09
Bithumb: $32,000,000 (in various tokens), 2018.06
Bitstamp: $5,000,000 (18,000BTC), 2018.06

5. Agenda • Cryptocurrency Exchange Threats
• BITBOX Security Strategies And Tactics

6. TARGETED ATTACK SCENARIOS
BlockChain
Network
Service APIs
MemberTrade Wallet
Exchange Engine
APIs
Wallet Engine
APIs
Wallet key
stolen
employee’s PC
was hacked
Malicious
insider
Internal
Network
Trusted
Attackers directly attack servers or services
Attackers obtain employee's
credential via phishing.
External
Network
receive and send
cryptocurrency
Exchange
database hacked
Member
database hacked

7. ATTACK
SINGLE
FAULT
BROKEN
UNFAIR GAME
● The adversary, they need to find
only one vulnerability
● The defender, we need to find
all vulnerabilities

8. BITBOX SECURITY STRATEGIES
Layered
security
Defenseindepth

9. LAYERED SECURITY

10. LAYERED SECURITY

11. LAYERED SECURITY

12. DEFENSE IN DEPTH
● More comprehensive security strategy
than layered security
● Even new or unknown threats

13. BITBOX: DEFENSE IN DEPTH
Layered
Security
AssuranceMonitoring
● Internal Audit, Compliance
● Security Information and Event Monitoring
● Risk Management
● AML(Anti Money Laundering)
● Anomaly Detection ● External Audit
● Insurance
● Disaster Recovery
● Physical Security
● Network Infrastructure Security
● Application/Service Security
● Data/Traffic Encryption
● Two-factor Authentication
● Wallet Protections
● Multiple Signature
● Multiple Approvals
● Velocity and spending limit
● HSM(Hardware Security Module)
● WBC(White-box Cryptography)

14. BITBOX: DEVSECOPS
DEV
SECURITY
REVIEW
QA STAGING PRODUCTION
SECURITY ASSURANCE
● Threat Modeling
● Design Review
● Secure Service Architecture
● Code Review
● Secure Network Infrastructure Design
● Building Network Infrastructure
● Compliance / Internal Audit
● Penetration Testing ● Threat Intelligence
● Incident Response Management
● Vulnerability Assessment

15. BITBOX SECURITY DESIGN PRINCIPLES
● No such thing as perfect security
● The adversary is already inside
● User assets must be protected under any circumstance.
● Trust no one, make no one knows secret key and prove that.
(Also, all critical operation such as ‘key ceremony’ should be done with supervision)
● Least privilege, role separation

16. Contents Delivery Network(CDN)
DDos Protection
Firewall , IDS
Internal firewall, IDS
B.B network, segmented
BITBOX NETWORK ARCHITECTURE
Office network
Client
SIEM
Network
Access
Control
Server
Access
Control
Client Client Client…
ACL
Server
Server
Host IDS
Monitor
Host IDS
Monitor
ACL
Server
Server
Host IDS
Monitor
Host IDS
Monitor

17. BITBOX SERVICE ARCHITECTURE
External networkB.B Network, Segmented
Third-party
cosigner
BlockChain
Network
offline
Internal Network
Security Room
High Security Room
half-signed tx
signed tx
signed tx
upload
half-signed tx
half-signed tx
(sdcard)
Exchange Core
Key Management Service(KMS)
Hardware Security Module(HSM)
B.B
Service
APIs
Trade MemberWallet
APIs
*Accessible only wallet engine in the whitelist, No internet access allowed
Wallet Core
APIs
unsigned tx
half-signed tx
sign
KYC Service
KYT Service
Sanction
list DB
Black
wallet DB
Hot/warm wallet operation flow
Cold wallet operation flow

18. WALLET SECURITY
Cold, Warm, Hot wallet
Personal wallet address
Warm wallet
(online with whitelist)
Deposit
Cold wallet
(offline)
Hot wallet
(online)
External wallets
Withdrawal
● User’s funds will be deposited in
warm wallet
● Funds transfer is restricted to
only cold or hot wallet which are
registered in the whitelist
● Withdrawal is only available from
hot wallet
● Funds transfer is restricted to
only warm wallet
● The vast majority of funds will be
stored

19. WALLET SECURITY
Approval system
Personal wallet address
Warm wallet
(online with whitelist)
Deposit
Cold wallet
(offline)
Hot wallet
(online)
External wallets
Withdrawal
Admin{1..n}
Approval Approval
Approval
Admin{1..n}
Admin{1..n}

20. WALLET SECURITY
Multi-signature wallet
Third-party
Cosigner
BITBOX Key Cosigner KeyBackupKey
encrypted
2-of-3 MultiSig Wallet
(requiring at least two keys to authorize a transaction)
Admin1
ShardKey1
*double encrypted
Admin2
ShardKey2
*double encrypted
ShardKeyn
*double encrypted
Adminn
* ’double encrypted' means that it is encrypted with the passphrase of the key owner, and again
encrypted with a white-box cryptographic key that generated with proper procedure, no body knows.

21. RISK MANAGEMENT SYSTEM
Transfer Monitoring : deposit, withdrawal
Personal wallet address
Warm wallet
(online with whitelist)
Deposit
Cold wallet
(offline)
Hot wallet
(online)
External wallets
Withdrawal
Monitoring Monitoring
Monitoring
Monitoring

22. RISK MANAGEMENT SYSTEM
AML(Anti Money Laundering)
Personal wallet address
Warm wallet
Deposit
Hot wallet
External wallets
Withdrawal
Monitoring
CriminalBlackMarket
Minor
unknown
unknown
unknown
Malicious Minor
unknown unknown

23. RISK MANAGEMENT SYSTEM
Exchange Monitoring : sell, buy
Reference: https://twitter.com/CryptoTutor/status/1014262801681080321

24.
Exchange Core
● Multiple transactions in a short term
● Multiple transactions have unequal variances
● Market that have a great deal more
transactions than usual
● Any transaction in which the amount or
frequency appears unusual
● Frequent exchanges into other
cryptocurrencies
● A large number of transactions across a
number of different regions
User A
User B
RISK MANAGEMENT SYSTEM
Exchange Monitoring : sell, buy
Transaction History
Previous orders
…
Matched order
…
Orderbook
Matching
Executor
Buy order by
UserB
Sell order by
UserA

25. TO SUM UP
● Security is embedded in every part of the BITBOX architecture
● Attackers cannot obtain raw wallet keys even if they have control over application/API servers.
● All transactions, trades are being monitored by risk management system
● We have multiple measures in place to protect users assets
● Wallet protection measures
● Risk management system
● Disaster recovery measures
● Wallet freeze
● Asset insurance

26. FUTURE WORKS
● White-paper
● ML Group profiling

27. THANK YOU