How Thales and DigiCert enhance cybersecurity for Hyperledger Fabric-based networks

In 2019, 7.9 billion data records were breached. And, yet, 39% of companies aren’t using robust data security measures because deployment complexity is a barrier. Still, security is not a nice-to-have feature. It’s not an opt-in. It’s a must. No one will buy your solution if they cannot trust it.

So, are DLTs the answer to your cybersecurity concerns?

DLTs promise a lot: immutability, transparency, and auditability. Once the network achieves a consensus and information is put on a ledger, users can trust what they’re seeing is identical to what was approved as “truth.” And, if the data is encrypted, only users who are approved will be able to see it. In these ways, DLTs secure data.

However, as with any storage solution, blockchains are not immune to compromise. They are not, by themselves, 100% secure. Blockchains are only one part of an entire system—what happens before the consensus and what happens after data is retrieved has nothing to do with DLTs.

To be secure, blockchain and DLT solutions must still meet standard cybersecurity practices and requirements. Key management—making sure that keys are kept confidential, their integrity is protected, and they are always readily available—is critical.

Understandably, key management is a constant challenge for companies. They don’t have just one set of keys to secure or a few documents to protect. Enterprises can generate many hundreds of key pairs an hour—and each key contains from 2048 to 3072 bits.

With remote employees and partners, multiple devices accessing networks, and secure email and document exchange, enterprises authenticate identities, encrypt data, and verify the integrity of documents and communications countless times a day.

That’s a lot of information to manage and secure. It requires a robust platform for certificate, key, and identity management; and it requires a way to generate, manage and store the private keys.

And this is where DigiCert and Thales come together with a joint solution for authenticating and managing the identity of blockchain and DLT users and devices. Simply put, DigiCert secures devices with keys and Thales secures those keys. And together they serve to secure solutions built on Hyperledger Fabric.

To start, a client creates an account within DigiCert’s platform, which allows the client to issue publicly and privately trusted certificates. Then they use DigiCert’s API to integrate it with Hyperledger Fabric and replace the native CA (Certificate Authority). From that point, clients can use Thales Luna HSM (Hardware Security Modules) as a strong foundation of digital trust.

Though the integrations are separate now, the companies aim to have a single product with one point of contact for key pairs and certificates.

Hyperledger worked up with Thales and DigiCert on a case study that details how their joint solution incorporates critical levels of security into the blockchain, increasing the integrity of solutions built using Hyperledger Fabric. It also delves into the challenges of identity authentication and management with the increasing deployment of IoT devices and distributed networks and includes details on key management best practices.

Read the full case study here. For more details, tune into the Wednesday, September 15, discussion with Blair Canavan of Thales on increasing cybersecurity for Hyperledger Fabric.

Back to all blog posts

Sign up for the monthly Hyperledger Horizon & /dev/weekly newsletters 

By signing up, you acknowledge that your information is subject to The Linux Foundation's Privacy Policy