- Enterprise blockchain solutions in Russia have to get their cryptographic elements certification with the FSB, the counter-espionage agency
- The process can take several years to complete and up to $100,000
- Some foreign-developed blockchains can’t satisfy the requirement without a fork
- Russian-made systems might end up isolated from the global market due to distrust of Russian government cryptography standards
Blockchain technology was created to be borderless. But in the real world, borders still impose limits on this technology.
Everything related to cryptography in Russia falls under the supervision of the Federal Security Service, or FSB, which is the successor to the KGB. The FSB has a certification process for blockchain companies, which might cost over $100,000 and take more than a year, according to experts on the Russian enterprise blockchain market.
Last year, the Fintech Association, a consortium helmed by the Bank of Russia, reported obtaining the certification for Masterchain, its blockchain for banks. The process took about three years to complete, and it’s still not the end of story.
The Fintech Association is working on getting another certificate from the FSB, this time for a particular product on Masterchain. Going forward, any new iteration and implementation of the code using cryptographic elements needs to go through this process.
Other Russian enterprise blockchain projects, including Waves and Bitfury’s Exonum, are still working on getting certified as well – and they also may need more than a year.
The FSB’s certification process is challenging the borderless feature of blockchain technology in two ways. Globally, Russia is trying to get the cryptographic community to accept its encryption algorithm as a standard. Inside the country, the blockchain industry is trying to figure out what to do with a product that foreign partners might be reluctant to adopt.
While there is no law directly stating that blockchain companies must be certified by the FSB, companies have strong incentives to do so. First, according to Russian law, documents that are signed electronically must use state-certified electronic signatures to be legally binding documents.
“If we’re talking about financial services, certification is a must, otherwise the transactions between [blockchain system] participants won’t have any legal significance. And the digital signature should be built into the blockchain system,” explained Anatoly Konkin, head of DLT at the Fintech Association.
Certification also could help convince big clients, in particular government agencies in Russia, that the system you’re building is secure, says Ivan Maslov, Bitfury’s head of development in Russia.
“If you are creating a system for a government body, it must be certified,” Maslov said.
“It’s an additional competitive advantage for [enterprise blockchain] vendors, which allows them to promise that the system will satisfy all the security requirements,” said Dmitri Plakhov, head of the technical committee of the Center for Distributed Ledger Tech at the Saint Petersburg State University.
The situation is not unique to Russia, notes Sasha Ivanov, CEO of Waves: “Using local cryptography for government-level blockchain projects is a reality that we will have to deal with, be it Russian, Chinese, or Western projects.”
The certification process in Europe, he adds, might take less time than in Russia, but the principle is the same.
For blockchain companies, however, the FSB certification process brings special challenges. Blockchain technology is supposed to be a transparent, agile and auditable system, but having certified cryptographic modules raises questions about transparency and reliability.
The easiest way to comply with the FSB requirements is to use a solution from a licensed vendor – but the code of such solutions is not open source and can not be audited. This is not obligatory, and Masterchain, for example, is using its own cryptography elements, Konkin said. However, an FSB-licensed company named Crypto PRO has been supervising the entire creation of Masterchain.
CryptoPRO is also one of the licensed providers of the GOST (GOvernment STandard) cryptography solutions certified by the FSB.
Bitfury’s Maslov explains that to get Exonum compatible with the requirements of Russian government bodies that the company is working with, Bitfury used software made by one of the FSB-certified providers. The software is responsible for data encryption, hashing and securing channels for the nodes to connect, Maslov said, but it’s up to the blockchain architect to decide what functions should be used.
The process is far from transparent. When a company gets a document from the FSB saying its product is now certified, most of that document is classified.
If the blockchain solution is open source, it’s certified version won’t be. For example, the certified version of Bitfury’s Exonum will not be open source, even though Exonum itself is, Maslov said. “The open code can not be certified. You need to certify a certain version of it, but if somebody can change it with one click, it’s hard to control this,” he adds.
Furthermore, the certification process is complicated by the need to check not just the code, but also its implementations. Even though Masterchain was already certified as a platform, it also had to get a separate certificate for each app it’s building on top, Konkin said. For one of these apps, which stores digital mortgage bonds, the certification is already complete. But for another one, the inter-bank letter of credit project, the process is still ongoing.
The certification touches every part of the blockchain architecture. Artem Kalikhov, Wave Enterprise director of product, explained that the certification process entails the entire architecture of the blockchain being scrutinized. This includes “not just the use of the cryptographic functions, but also the information security, correctness of the consensus algorithm. Different threat models for the system must be studied.”
The task gets further complicated by the fact that the FSB hasn’t dealt with blockchain systems before, excluding Masterchain, and it has to grapple with the novel concepts of blockchain architecture.
“Now they are figuring out blockchain, consensus, smart contracts,” Kalikhov said.
The certification process requires quite a lot of company resources. Normally, two or more people in the company need to work on it full time, writing the technical papers and communicating with the FSB, Maslov said. The product that’s getting certified basically gets frozen for the period of certification, and any updates need to go through the process again, he said.
A game of algorithms
The FSB certification requires international blockchain companies to use Russian standards, but those Russian standards could be viewed with suspicion abroad.
Historically, Russia has maintained its own cryptographic standard, the so-called GOST, as did China, staying clear of the global market of cryptographic solutions and not trusting foreigners to sell them encryption tools.
This strategy was vindicated by stories such as that of Crypto AG, a Swiss code machine manufacturer, which turned out to be controlled by the NSA for decades and sold compromised machines across the globe, as the Washington Post reported.
The certification process also makes it harder for global blockchain projects to make it in Russia.
“Cryptographic algorithms created abroad can’t be recognized as legitimate in Russia by the law,” Alexey Lukatsky, security advisor at CISCO, said. “According to the FSB requirements, a cryptographic solution developer should be based in Russia and have a license from FSB, which is unfeasible for foreign companies.”
Yet another problem is that Russian certification could cause blockchain projects to be cut off from the global developer community.
“There are no platforms, and won’t be any, where you can build the Russian cryptography in and keep the full tech support available before,” CryptoPRO’s engineer Dmitri Pichulin told CoinDesk.
Currently, most blockchain solutions are based on the hashing algorithms built upon the Advanced encryption standard, or AES, established by the U.S. National Institute of Standards and Technology.
For internationally recognized standards, there are multiple libraries that developers can use, while for national standards, there are less opportunities to build upon freely. Libraries for GOST are harder to find, a cybersecurity expert Sergey Prilutsky says.
For example, there is no GOST library for the Go language, which is used to build on Hyperledger Fabric, Prilutsky said. “So the devs have to transfer [their code] from C++ to Go. But in this case, there is a danger to introduce serious vulnerabilities into a system,” he added.
In addition, the GOST crypto algorithm itself has been viewed with apprehension by the global cryptographic community. When the algorithm, named Kuznyechik (“grasshopper” in Russian), was presented to the International Organization for Standardization (ISO) last summer, it got a cold reception, Vice reported, as the experts from other countries found potential vulnerabilities in the cipher.
According to the French cryptographer Pascal Paillier, the research has shown that “the Russian standards may contain what looks like a backdoor, which, if confirmed, would allow Russia to be able to break the confidentiality of communications,” he told Vice.
No more Fabric?
Blockchain products with foreign roots might get pushed out of the Russian market. Take the example of Hyperledger Fabric by IBM. Hyperledger has been the most popular framework for enterprise blockchain, and the giants like the Russian Railways, Sberbank and Gazpromneft used it as a platform of choice for blockchain proof-of-concepts. But maybe not anymore.
Previously, there was a way to build the GOST cryptography into Fabric without forking it – which is, without making it incompatible with the main branch code – by using plugins, and CryptoPRO even created some for Russian companies to use. However, the most recent version of Fabric, released late January, no longer supports plugins.
IBM engineer Chris Ferris, who is the сhair of Hyperledger’s Technical Steering Committee, said via a spokesperson that it’s still possible to build in an alternative cryptography but “it would require a recompile of the binaries.” As for the plugins, supporting them “was not sustainable and required significant work-arounds to manage dependencies,” Ferris added.
There is also an opening for Russian developers to find a way to securely build the GOST cryptography into Fabric and provide quality tech support and regular code updates, essentially replacing the Hyperledger community.
Some companies have been working on commercial forks of Hyperledger Fabric already. One of them is CryptoPRO, which has already patented its forked version, named CryptoPRO HLF 1.0.
It’s not a commercial product yet, Pichulin says, but it might become one. “The demand is there, tech support and updates are on our agenda.”
Still, the challenge of certification, combined with Russia’s law demanding that all Russian’s data be stored inside the country, might further insulate Russia from the global technology market.
Cryptographic elements are rooted deep in any product’s core, which makes systems based on different standards incompatible, Prilutsky says.
“The open source solutions based on Western [cryptographic] standards, available in hundreds of countries, can’t be used in Russia because of the certification requirements, and the blockchains with Russian cryptography are a non-starter for the global market players – they are not trusted.”