How the Blockchain Can Ensure Virus-free Devices

One of the advantages of the blockchain concept is the capability to register objects on the blockchain, through smart contracts on Ethereum, or entity registration objects on Gorbyte.

Such ability allows for a novel approach to guarantee a virus-free, malware-free software environment on a user device running blockchain applications.

The objects or entities we are talking about can be software programs, or applications, or components of applications, or parts of an operating system environment.

These software entities can be registered and signed on the blockchain by the company that developed the software using a unique identifier. Known companies, who have a reputation to defend, would guarantee that their software registered on the blockchain is virus-free, just as currently happens when we buy and download a software application from a reputable source.

In addition to the unique identifier, and the developing company’s signature, these entities will also contain a hash of the object code.

This hash can then be used to verify a software component loaded in the memory of a device. The hash in memory can be checked against the hash registered on the blockchain for that component.

Because we can trust the blockchain as being secure, and unchangeable, we can then guarantee a virus-free environment on a device using a new approach: We can check for the integrity of the software components running on the device, instead of using the classic anti-virus approach of testing for every possible virus that can penetrate the device. Our object code integrity checker (OCIC) would be faster and require only information about the software we intend to run.

More importantly, the classic anti-virus approach requires a database of virus signatures and can never guarantee that all possible viruses signatures are included in the database.

Our approach instead would guarantee a virus-free environment, at least with the same level of confidence as we trust the original companies we buy our system and applications from.

The conditions for this approach to work are:

Implementation Details

If our system contained a virus, our OCIC code itself could be compromised.

How can our code integrity checker itself run securely in a hostile environment, such as an operating environment of a generic device? How can we make sure that a virus cannot infiltrate the system even before the OCIC code is loaded? How can we make sure that an attacker will not change our loading tables, the OCIC relies on?

The blockchain comes again to our help, when our device is a node of the crypto-network (i.e.: it contains a blockchain replica).

Gorbyte, for example, will release wearable devices that will participate in sustaining a blockchain replica on every user device.

In this case, our OCIC can rely on registration object information because this information is in the device itself as part of the device’s verifiable blockchain replica, before any communication with the outside world is initiated.

Having a positive and secure way to test the integrity of software components, we can apply the test to every component in the system from the time the device is switched on. Note that the blockchain itself, up to the last verified block, has a unique verifiable hash, just like any registered component.

When a device is switched on, the first running code is a bootstrap loader in firmware. This firmware loader can do a first verification of the initial software components when it loads them in memory. It will include a small loading table in firmware with the unique version numbers and hashes of the initial software components, namely:

The software bootstrap loader will then take over, using the verified loading table. It will load each of the following modules, and run our OCIC to verify them:

From then on, any new component needed in the system can be verified by OCIC at the time the new component is first loaded.

Our device will then go through the normal initialization procedures: loading and initializing system components, requesting the blocks it is missing on its blockchain replica, etc. until the desired running environment is established.

At this point, only trusted verified software will run in our system (RAM).

This does not exclude that malware software could find its way into the device storage, but it would be discovered and prevented from being loaded in RAM by the (verified) loader.

No other loader can be used, to load software in RAM.

For further insurance, our OCIC could remain running in the background, verifying the loaded components at regular intervals, to guarantee that all the components running in the system have not changed due to unpredictable events. At the same time it can also scan the device storage to detect and flag any object code that is not in the loading table.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Giuseppe Gori

Giuseppe Gori

85 Followers

CEO, Gorbyte, is currently developing a stochastic distributed crypto-network, GNodes, which will provide free financial transactions to anyone in the world.