National Security
Implications of
Virtual Currency
Examining the Potential for
Non-state Actor Deployment
Joshua Baron, An...
Limited Print and Electronic Distribution Rights
This document and trademark(s) contained herein are protected by law. Thi...
iii
Preface
This report examines the feasibility for non-state actors to increase
their political and/or economic power by...
iv National Security Implications of Virtual Currency
Defense Policy Center of the RAND National Defense Research Insti-
t...
v
Contents
Preface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
vi National Security Implications of Virtual Currency
CHAPTER FOUR
Technical Challenges to Virtual Currency Deployment. . ...
vii
Figures and Tables
Figures
2.1. Virtual Currencies Have Varied Authority Structures. . . . . . . . . . . . 9
4.1....
ix
Summary
A virtual currency (VC) is a digital representation of value that can be
transferred, stored, or traded electro...
x National Security Implications of Virtual Currency
such a non-state actor deployment; in this report, we aim to high-
li...
Summary xi
advantages and would likely be vulnerable to cyber attack by a
sophisticated adversary, while facing many of th...
xii National Security Implications of Virtual Currency
technologies are becoming commodities available for purchase
and th...
Summary xiii
mature? The further development and implementation of VCs
could contribute to security-related technological ...
xiv National Security Implications of Virtual Currency
services, which is a two-way street that could enable unprecedented...
xv
Acknowledgments
This work would not have been possible without the spearheading and
guidance of many RAND colleagues. W...
xvii
Abbreviations
DARPA Defense Advanced Research Projects Agency
DDoS distributed denial of service
DoD Department of De...
1
CHAPTER ONE
Introduction
With the introduction and growing conversation about Bitcoin, inter-
est in virtual currencies ...
2 National Security Implications of Virtual Currency
result, the rapid deployment of a VC over a large geographic area may...
Introduction 3
currencies. Second, examining VC use in this setting will also increase
understanding about VCs in general;...
4 National Security Implications of Virtual Currency
nizations, and formal documentation of the various VCs. We avoided
bl...
5
CHAPTER TWO
The Current State of Virtual Currencies
This chapter provides an introduction to VCs that we build on in the...
6 National Security Implications of Virtual Currency
many desirable properties.2 It is a commodity that has a market value...
The Current State of Virtual Currencies 7
than small, local transactions because they are physically inconvenient
to trans...
8 National Security Implications of Virtual Currency
ing account. More recent technological innovations have allowed users...
The Current State of Virtual Currencies 9
lenge law enforcement and intelligence efforts). Finally, Bitcoin does
not depen...
10 National Security Implications of Virtual Currency
Origins and Trends of Virtual Currencies
The first progress toward a...
The Current State of Virtual Currencies 11
other fraudulent enterprises.13 All of these systems are distinguished by
their...
12 National Security Implications of Virtual Currency
comprises a sequence of so-called blocks; each block contains a list...
The Current State of Virtual Currencies 13
no one necessarily knows who has the key, and the mailboxes are on
the block ch...
14 National Security Implications of Virtual Currency
is to either mine it or conduct a transaction with another user who
...
The Current State of Virtual Currencies 15
Table 1.1
Examples of Appcoins and Block Chain Applications
Examples Introduced...
16 National Security Implications of Virtual Currency
date the block chain.22 Yet other new coins altered the method of va...
The Current State of Virtual Currencies 17
as a currency due to its intended purposes. (See Chapter Five for further
discu...
18 National Security Implications of Virtual Currency
rity of the decentralized scheme). On the other hand, even if some
u...
The Current State of Virtual Currencies 19
Virtual Currencies and Non-State Actors
In this section, we give a brief overvi...
20 National Security Implications of Virtual Currency
porters urging fundraising via Bitcoin.32 Aaron Brantly of West Poin...
The Current State of Virtual Currencies 21
in Ecuador, the government seems to have supported the effort. To
date, no repl...
23
CHAPTER THREE
Can Virtual Currencies Increase Political Power?
This chapter examines the potential for non-state actors...
24 National Security Implications of Virtual Currency
Some separatist-movement supporters in developed countries, such as
...
Can Virtual Currencies Increase Political Power? 25
tal citizens. Marijuana smokers are buying buds from Bitcoin-
enabled ...
26 National Security Implications of Virtual Currency
There are many reasons why territories may lack a stable national
cu...
Can Virtual Currencies Increase Political Power? 27
David Vandervort and colleagues at PARC identify Mazacoin,12
the purpo...
28 National Security Implications of Virtual Currency
Using the example of an insurgent group with contested territo-
rial...
Can Virtual Currencies Increase Political Power? 29
separatist authorities in Somaliland introduced the fiat, paper-based
...
30 National Security Implications of Virtual Currency
it has the active support of the Nigerian government and much lower
...
Can Virtual Currencies Increase Political Power? 31
Implementing a new currency of any type is difficult. It entails large...
33
CHAPTER FOUR
Technical Challenges to Virtual Currency
Deployment
In this chapter, we examine the technical challenges t...
34 National Security Implications of Virtual Currency
• Ensuring that users of the currency have persistent, assured acce...
Technical Challenges to Virtual Currency Deployment 35
principle, the technical sophistication required to develop and dep...
36 National Security Implications of Virtual Currency
ware. Indeed, there are very few examples of such software currently...
Technical Challenges to Virtual Currency Deployment 37
Physically Deploying a Virtual Currency
Another significant challen...
38 National Security Implications of Virtual Currency
any VC that was accessible from a limited number of devices would
gr...
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015
of 102

National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015

bitcoin VC(virtual currency)
Published on: Mar 3, 2016
Published in: Technology      
Source: www.slideshare.net


Transcripts - National Security Implications of virtual currency examining the potential for non state actor deployment_RAND_2015

  • 1. National Security Implications of Virtual Currency Examining the Potential for Non-state Actor Deployment Joshua Baron, Angela O’Mahony, David Manheim, Cynthia Dion-Schwarz C O R P O R A T I O N
  • 2. Limited Print and Electronic Distribution Rights This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited. Permission is given to duplicate this document for personal use only, as long as it is unaltered and complete. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial use. For information on reprint and linking permissions, please visit www.rand.org/pubs/permissions.html. The RAND Corporation is a research organization that develops solutions to public policy challenges to help make communities throughout the world safer and more secure, healthier and more prosperous. RAND is nonprofit, nonpartisan, and committed to the public interest. RAND’s publications do not necessarily reflect the opinions of its research clients and sponsors. Support RAND Make a tax-deductible charitable contribution at www.rand.org/giving/contribute www.rand.org Library of Congress Cataloging-in-Publication Data ISBN: 978-0-8330-9183-3 For more information on this publication, visit www.rand.org/t/rr1231 Published by the RAND Corporation, Santa Monica, Calif. © Copyright 2015 RAND Corporation R® is a registered trademark.
  • 3. iii Preface This report examines the feasibility for non-state actors to increase their political and/or economic power by deploying a virtual cur- rency (VC) for use in regular economic transactions. Bitcoin is a digi- tal representation of valued currency that, like conventional currency, can be transferred, stored, or traded electronically. VCs are neither issued by a central bank or public authority nor are they necessarily linked to a fiat currency (dollars, euros, etc.). This form of currency is accepted by people as a means of payment. We addressed the fol- lowing research questions from both the technological and political- economic perspectives: • Why would a non-state actor deploy a VC? That is, what political and/or economic utility is there to gain? How might this non- state actor go about such a deployment? What challenges would it have to overcome? • How might a government or organization successfully techno- logically disrupt a VC deployment by a non-state actor, and what degree of cyber sophistication would be required? • What additional capabilities become possible when the technolo- gies underlying the development and implementation of VCs are used for purposes broader than currency? This report should be of interest to policymakers interested in technology, counterterrorism, and intelligence and law enforcement issues, as well as for VC and cybersecurity researchers. This research was sponsored by the Office of the Secretary of Defense, and it was conducted within the International Security and
  • 4. iv National Security Implications of Virtual Currency Defense Policy Center of the RAND National Defense Research Insti- tute, a federally funded research and development center sponsored by the Office of the Secretary of Defense, the Joint Staff, the Uni- fied Combatant Commands, the Navy, the Marine Corps, the defense agencies, and the defense Intelligence Community. For more information on the RAND International Security and Defense Policy Center, see http://www.rand.org/nsrd/ndri/centers /isdp.html or contact the Center director (contact information pro- vided on the web page). Comments or questions about this report should be addressed to the project leader, Joshua Baron, at Joshua_Baron@rand.org.
  • 5. v Contents Preface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iii Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix Acknowledgments. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv Abbreviations.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii CHAPTER ONE Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Approach. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 CHAPTER TWO The Current State of Virtual Currencies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 The Evolution to Virtual Currencies.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Origins and Trends of Virtual Currencies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Early Systems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Bitcoin.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Virtual Currencies After Bitcoin: Altcoins.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 Authority (De)centralization and Implications for Virtual Currency Design. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Virtual Currencies and Non-State Actors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 CHAPTER THREE Can Virtual Currencies Increase Political Power?.. . . . . . . . . . . . . . . . . . . . . . . . 23 Non-State Currencies Emerge When State Currencies Do Not Meet Groups’ Needs.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Non-State Currencies Are Not Likely to Be VCs Now, But Could Be VCs in the Future.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
  • 6. vi National Security Implications of Virtual Currency CHAPTER FOUR Technical Challenges to Virtual Currency Deployment. . . . . . . . . . . . . . . . . . 33 Developing and Deploying a Virtual Currency. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 Developing Software for a Virtual Currency. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 Physically Deploying a Virtual Currency. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 Deployment Challenges for Decentralized Virtual Currencies. . . . . . . . . . . 40 Virtual Currencies, Adoption, and Value. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 Ensuring Anonymity of Currency Use. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 Anonymity Versus Virtual Currency Centralization. . . . . . . . . . . . . . . . . . . . . . . 43 “Anonymity”: A Bitcoin Case Study . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 Some New Altcoins Build in Anonymous Transactions. . . . . . . . . . . . . . . . . . . . 47 Cyber Threats to Virtual Currencies.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 Attacks Used by Tier I and Tier II Opponents.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 Attacks Used by Tier III and Tier IV Opponents. . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Attacks Used by Tier V and Tier VI Opponents. . . . . . . . . . . . . . . . . . . . . . . . . . . 56 The Possibility of Successful Defense.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 CHAPTER FIVE Implications Beyond Currency.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 Block-Chain Technology and Distributed Consensus.. . . . . . . . . . . . . . . . . . . . . . . 60 Virtual Currencies Increase Cryptographic Sophistication . . . . . . . . . . . . . . . . . . 61 Virtual Currencies and the Trend Toward Resilient, Decentralized Cyber Services.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 Toward Resilient, Public Cyber Key Terrain. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 CHAPTER SIX Conclusions and Future Research. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 For Future Research. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 APPENDIX Rating Cyber Threat Sophistication by Tiers.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 References. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
  • 7. vii Figures and Tables Figures 2.1. Virtual Currencies Have Varied Authority Structures. . . . . . . . . . . . 9 4.1. Mobile Payment Use. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Tables 1.1. Examples of Appcoins and Block Chain Applications. . . . . . . . . . . 15 A.1. Cyber Threat Tiers.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
  • 8. ix Summary A virtual currency (VC) is a digital representation of value that can be transferred, stored, or traded electronically and that is neither issued by a central bank or public authority, nor necessarily attached to a fiat currency (dollars, euros, etc.), but is accepted by people as a means of payment. Currently the most popular VC is Bitcoin. The national security–policy implications of the rise of virtual-currency technology is the subject of much debate as of late. There has been a particular focus on the potential anonymity of VCs such as Bitcoin as well as the potential for terrorist or insurgent group usage in a manner resilient against efforts by local and global law enforcement, military, and intel- ligence organizations (including those of the United States) to survey. The goal of this report is to enrich this policy conversation by provid- ing an in-depth analysis of the technological issues associated with vir- tual currencies. This report examines the potential for non-state actors, including terrorist and insurgent groups, to increase their political and/or eco- nomic power by deploying a VC as a medium for regular economic trans- actions as opposed to exploiting already-deployed virtual currencies, such as Bitcoin, as a means of illicit transfer, fundraising, or money laundering. We examine the issue of VC deployment from both the techno- logical and political-economic perspectives, with a particular focus on the challenges facing non-state actors who attempt a VC deployment. These challenges inform how the United States, its allies, and other cyber actors might respond to such a VC deployment if it threatened their national-security interests. To date, there has not been a case of
  • 9. x National Security Implications of Virtual Currency such a non-state actor deployment; in this report, we aim to high- light those key issues that might serve as technological and political- economic barriers today in order to understand why such a deployment may become more feasible—and beneficial—for the non-state actor in the future. We will also briefly examine the broader technological implica- tions of virtual currencies and the availability of their derivative tech- nologies to unsophisticated users in cyberspace. We first investigate technologies that development of VCs may advance, including a gen- eral increased sophistication in cryptographic applications. More gen- erally, we make the case that the main technological contribution of decentralized virtual currencies, from a national-security perspective, is cyber resilience and ask: What would the policy implications be if unsophisticated cyber actors had persistent, assured access to cyber ser- vices regardless of whether a highly sophisticated state actor opposes their use? Our key research questions and the answers we derived are as follows: • Why would a non-state actor deploy a VC? That is, what political and/or economic utility would be realized? How might the actor go about such a deployment? What challenges would the actor have to overcome? –– Deploying a VC may be an attractive alternative for non-state actors who look to disrupt sovereignty and increase their own political and/or economic power by displacing state-based cur- rencies. VC deployments are particularly attractive in devel- oping countries and in countries undergoing internal turmoil, where the existing financial infrastructure is either insufficient or weakened. The rapid deployment of a VC over a large geo- graphic area would likely be less complicated than deploying more common currencies, such as those based on commodi- ties or paper-based currencies. Examples of relevant non-state actors considered here include terrorist organizations, insurgent groups, drug cartels, and other criminal organizations. –– The use of an established VC, such as Bitcoin, as a currency by a non-state actor would provide few political or economic
  • 10. Summary xi advantages and would likely be vulnerable to cyber attack by a sophisticated adversary, while facing many of the same imple- mentation challenges as a new VC. –– Developing a VC from scratch, however, requires high techno- logical sophistication, extensive networking and computational infrastructure, and enough expertise to ensure successful roll- out and adoption, all of which are in short supply among non- state actors. Specific challenges include developing the software for a capable, secure VC; deploying the means of physically transacting with a VC, particularly in countries with fewer smartphones; and overcoming the ability of nation-states to launch successful cyber attacks against a VC. –– From an economic perspective, promoting adoption of VCs (versus adopting established currencies) may face significant challenges of acceptance by the population in which the VC is implemented, both as a new currency with no previous his- tory and thus potentially lacking in legitimacy and as a cur- rency that is intangible in societies accustomed to conceiving of money in terms of its physical manifestations. We expect suspi- cions of VCs will erode, however, as they become more familiar with them. Changes in attitude can take place as the technol- ogies that underlie VCs become more prevalent and trusted. Moreover, in a territory in which a VC is the only medium of exchange, economic necessity may force people to accept VCs where they would have otherwise rejected them. –– The deployment of a VC by non-state actors would be easier, and indeed are most feasible today, when supported by a nation-state with advanced cyber expertise. This nation-state could enable the non-state actors to overcome the considerable technical hurdles associated with deploying a VC. There are numerous parts of the world from which such support might originate, e.g., Iran (as in its support of Hezbollah and formerly of Hamas) or Russia (Ukrainian separatists). –– In spite of current hurdles, the trends indicate a future in which VCs could be deployed by non-state actors or other organi- zations, particularly given the rapid rate at which the needed
  • 11. xii National Security Implications of Virtual Currency technologies are becoming commodities available for purchase and the gradual but widening public understanding of VCs. • How might a government or organization successfully disrupt a new VC deployment by a non-state actor and what degree of cyber sophistication would be required? –– It would be difficult for a non-state actor to structurally design a VC that would be both resilient to attack and usable by all persons in the non-state actor’s geographic area of influence. Such difficulty is especially exacerbated in less technologically sophisticated regions and in areas with incomplete networking infrastructures. –– VCs are vulnerable to attacks of varying degrees of sophistica- tion. ◦◦ Relatively unsophisticated attacks by governments, other non-state actors, or even users of another VC could involve distributed denial-of-service attacks against more central- ized services, such as mining pools or online-wallet applica- tions, or attempts to gain control of a VC via exploiting a VC’s market rules, e.g., by supplying a majority of the com- puting power for Bitcoin-like VCs. ◦◦ A more sophisticated attacker could conduct zero-day exploits—attacks that take advantage of a software vulner- ability that the developer is unaware of and for which no patch exists. Zero-day attacks could target VC services, such as exchanges and wallets, as well as cell-phone applications used for common transactions. ◦◦ The most sophisticated challengers could attack the under- lying VC infrastructure, including hardware, or covertly corrupt the software used by VC participants, including through the subversion of the underlying security mecha- nisms on which the software relies. • What additional cyber capabilities other than VC use become possible, not just for non-state actors, as the technologies under- lying the development and implementation of VCs continue to
  • 12. Summary xiii mature? The further development and implementation of VCs could contribute to security-related technological developments outside the currency arena, which could aid non-state actors. –– VCs demonstrate a resilient means of storing data in a highly distributed fashion that is very hard to corrupt; possible impli- cations of this include information dissemination (blogs, social media, forums, news websites) that is eventually completely resilient to nation-state interference. –– The need to develop security mechanisms for VCs could encourage the development of advanced cryptographic tech- niques, such as secure multiparty computation, which seeks to perform distributed computation while preserving the confi- dentiality of inputs and outputs in the presence of malicious activity. –– VCs represent the latest step toward decentralized cyber ser- vices. In particular, the historical trend suggests the develop- ment of a resilient public cyber key terrain, which this report defines as the ability of unsophisticated cyber actors to have persistent, assured access to cyber services regardless of whether a highly sophisticated state actor opposes their use. This has implications for national firewalls, access to extremist rhetoric, the feasibility of nation-state cyber attacks, and the ability to maintain uninterruptible and anonymous encrypted links. The Department of Defense should be aware of the following: VCs are an increasingly technologically feasible tool for non-state actors to deploy; efforts to destabilize confidence in a new VC are effective, while popular sentiment is still untrusting of VCs for common trans- actions; VCs are just like any other service in cyberspace, and methods to successfully attack them are not meaningfully different than for any other cyberspace operation; decentralization affords more, though not total, resilience to disruptions from cyber attacks; and finally, the trend toward decentralized cyber service will only make it easier for unso- phisticated cyber actors to have increasingly resilient access to cyber
  • 13. xiv National Security Implications of Virtual Currency services, which is a two-way street that could enable unprecedented global access to information and communication services that, at its core, could be both beneficial and harmful to the national security interests of the United States.
  • 14. xv Acknowledgments This work would not have been possible without the spearheading and guidance of many RAND colleagues. We are particularly grateful to Ryan Henry, who pushed for this project to be undertaken in the first place. Thanks go to Seth Jones for his support and guidance, Michael McNerney for his work scoping the project at its outset, and Christopher Chivvis for his strong guidance on the draft of this work. We also thank Lillian Ablon, Lieutenant Colonel William Fry (U.S. Air Force), Richard Neu, Howard Shatz, and Cortney Weinbaum for sharing their considerable expertise. Thanks go to Yasha Tabrizy (Department of the Treasury) and Ryan Otteson (formerly of the Federal Bureau of Investigation) for pro-viding important and valuable insight and context. We are grateful to Aaron Brantly of the United States Military Academy at West Point, our colleague Krishna Kumar at RAND, and Tim Maurer of New America for their careful reviews of the manuscript. We also thank Holly Johnson, James Chiesa, Erin Dick, Theresa DiMaggio, Christopher Dirks, and Nedda Rahme for their aid in edit- ing this document. That we received help and insights from those acknowledged should not be taken to imply that they concur with the views expressed in this report. Any errors are the authors’ alone.
  • 15. xvii Abbreviations DARPA Defense Advanced Research Projects Agency DDoS distributed denial of service DoD Department of Defense HUMINT human intelligence IP Internet protocol ISIL Islamic State of Iraq and the Levant MPC secure multiparty computation TTP tactics, techniques, and procedure VC virtual currency VOIP voice over Internet protocol ZK-SNARKs zero-knowledge succinct arguments of knowledge
  • 16. 1 CHAPTER ONE Introduction With the introduction and growing conversation about Bitcoin, inter- est in virtual currencies (VCs) has dramatically increased.1 This inter- est is diverse across many communities: from venture capitalists to cybersecurity academics to economists. In addition, organized groups and governments have explored or adopted VCs for a variety of legiti- mate and illegitimate purposes, albeit with mixed success. Today, the utility of VCs, both in the near and long term, remains the subject of intense debate. AVC,whenissuedasacurrencyforeverydaytransactions,requires considerably less new physical infrastructure than government-backed currencies in broad use today. VCs, however, also require a networked architecture capable of supporting such everyday transactions. As a 1 See Satoshi Nakamoto, 2008, for a discussion of Bitcoin. See also the section in this report “Origin and Trends of Virtual Currencies” in Chapter Two for further examples of historical and current VCs. The European Banking Authority (“EBA Opinion on ‘Virtual Currencies,’” July 4, 2014) gives a working definition of a virtual currency: “a digital repre- sentation of value that is neither issued by a central bank or a public authority, nor necessarily attached to a [fiat currency], but is accepted by natural or legal persons as a means of payment and can be transferred, stored, or traded electronically.” The requirement by the European Banking Authority that VCs are not issued by a central bank of a public authority will be the subject of some discussion in this report. For further discussion of the definition of a VC, see also European Central Bank, Virtual Currency Schemes, October 2012. Throughout this report, as a matter of convention, we will use the term virtual currencies or VCs rather than digital currencies or cryptocurrencies. It should be noted that not all VCs are cryptocurrencies, but by the definition used by this report, all cryptocurrencies are VCs. While a definitional distinction could be made between virtual and digital currencies, we will treat them as the same.
  • 17. 2 National Security Implications of Virtual Currency result, the rapid deployment of a VC over a large geographic area may be considerably less complicated than deploying these more traditional currencies; the amount of labor, capital, and infrastructure required to deploy a VC has the potential to be dramatically less. In develop- ing countries and in countries undergoing internal turmoil where the existing financial infrastructure is either insufficient or weakened, and where legal enforcement is weak, deployment of VCs may be an attrac- tive alternative for non-state actors seeking to disrupt sovereignty and increase their own political and/or economic power. Examples of rel- evant non-state actors considered here include terrorist organizations, insurgent groups, drug cartels, and criminal organizations. The United States national-security community should under- stand how these non-state actors might exploit VCs as another tool to increase their influence in areas of interest to U.S. foreign and national-security policy in order to understand the threat as well as assess how the threat may be best thwarted. Accordingly, this report is mainly interested in how the United States or another opponent of a VC deployment can leverage or increase the challenges to deploying a VC for common transactions. This examination is a small part of a larger conversation on the feasibility of VCs, both from a social-science perspective (i.e., VC as currency) as well as a technological perspective (i.e., VC as secure, anonymous, and resilient cyber service). This report will examine the potential for terrorist, insurgent, or criminal groups to increase their political and/or economic power by deploying a VC to use as a currency for regular economic transac- tions rather than exploiting existing VCs as a means of illicit transfer, fundraising, or money laundering. We have chosen to primarily exam- ine VC deployment rather than exploitation for several reasons. First, while we are aware of literature that has examined the exploitation of VCs for these ends,2 there is little literature that examines VC usage as a complete replacement currency to the indigenous or other common 2 For instance, see Raj Samani, “Cybercrime Exposed: Cybercrime-as-a-Service,” corporate white paper, Santa Clara, Calif.: McAfee Labs, 2013a, and “Digital Laundry: An Analysis of Online Currencies, and Their Use in Cybercrime,” corporate white paper, Santa Clara, Calif.: McAfee Labs, 2013b; and Aaron Brantly, “Financing Terror Bit by Bit,” CTC Sentinel, Vol. 7, No. 10, October 2014, pp. 1–5.
  • 18. Introduction 3 currencies. Second, examining VC use in this setting will also increase understanding about VCs in general; were a non-state actor to deploy a VC in a country whose legitimate government objects to its usage, sig- nificant questions of security, anonymity, and resilience to cyber attack will arise. Answering these questions, particularly in the case where (possibly allied) nation-states with sophisticated cyber capabilities (such as the United States) may be involved in attempting to disrupt a non-state actor VC deployment, pushes our current understanding of VCs and is likely to have positive spillovers to the area of cybersecurity technologies. Finally, this examination will help reveal those key issues that critically enable or impede VC deployment, yielding implications for VC exploitation. After providing some background on the evolution of VCs and their relevance to non-state actors (Chapter Two), this report proceeds along two lines of inquiry: political and economic, and technological. We will discuss how VCs can help in projecting political power (Chap- ter Three). We then examine how a non-state actor (especially terror- ists or insurgents) might feasibly deploy a VC in developing or failed nation-states (Chapter Four). We also examine how VCs might be dis- rupted in both deployment and operations, either through deliberate actions by a third party or through implementation failures. Finally (Chapter Five), we examine VCs within a larger tech- nological perspective: What capabilities become possible when the technologies underlying VCs are used for different, broader purposes beyond currencies for economic transactions? In particular, we exam- ine the implications of enabling low-sophistication cyber actors to have access to resilient cyber services that would otherwise only be available to actors with far greater sophistication. Approach This analysis is based on extensive literature reviews and interviews with subject-matter experts in both the technical aspects as well the usage of VCs. As much as possible, we relied on published academic literature, policy literature, white papers of established security orga-
  • 19. 4 National Security Implications of Virtual Currency nizations, and formal documentation of the various VCs. We avoided blog posts and websites when possible, due to their often-tenuous reli- ability; however, it is not possible to avoid them entirely, particularly in the dynamically changing world of VCs.3 In this paper, we call adversaries of the non-state actor deploying a VC opponents; these opponents may include both the nation-state(s) where a VC was deployed as well as allies of that “victim” nation-state, who may have far more advanced cyber capabilities (such as the United States). 3 In particular, we refer to wikis for information about VCs numerous times, namely in regard to Bitcoin. This is done both because these sites are the best reference and ideally these websites will adjust over time to provide the most accurate, current picture of a dynamically changing VC environment. The drawback of such an approach is that some citations may be inaccessible or less well maintained some time after the publication of this report.
  • 20. 5 CHAPTER TWO The Current State of Virtual Currencies This chapter provides an introduction to VCs that we build on in the rest of the report. It may be of independent interest as a primer on VCs for the interested reader. We first examine the economic progression to VCs in order to understand them from a social-science perspective. We then examine the current technological state-of-the-art of VCs and introduce the main currencies, most notably Bitcoin. Finally, we briefly highlight current non-state actor use of VCs. The Evolution to Virtual Currencies We briefly examine here the historical evolution of currencies, from gold to VCs, to ascertain the reasons motivating a VC’s use. As a moti- vation for this analysis, many currency users prefer transactions that are secure and anonymous; virtually all users prefer that the transac- tions take place within a system that is stable, resilient, and easy to use. Superficially, a decentralized VC such as Bitcoin appears far removed from the gold coins often used as a comparison. VCs have no physical manifestation, they have no intrinsic value, and their value is generally not backed by a government. Gold coins have been used as a store of value, unit of account, and medium of exchange since at least 700 BCE.1 As a currency, gold has 1 See Peter L. Bernstein, The Power of Gold: The History of an Obsession, Hoboken, N.J.: Wiley and Sons, Inc., 2004, p. 24. These are the three canonical functions of money. Gold has been used in bar form as money for much longer.
  • 21. 6 National Security Implications of Virtual Currency many desirable properties.2 It is a commodity that has a market value in and of itself (i.e., intrinsic value). As Peter Bernstein notes, however, Value alone is insufficient for a substance to qualify as money. Lots of things have value that do not serve as money. In fact, the most effective forms of money have developed from objects that were otherwise quite useless, such as paper and computer blips.3 Unlike the cowrie shells that were used as a trading currency in West Africa, gold is relatively indestructible.4 The supply of gold in the world has been plentiful enough to sustain its use as a currency, but not so plentiful as to erode its value. This stands in contrast to other metals, such as platinum (too rare) and aluminum (too abundant). Gold is also easily divisible, making it easy to measure. Although gold and silver coins may be issued by a government, their value lies primarily in their weight and purity. As a result, a cen- tral authority is not necessary for enforcing the value of a commodity- based currency. Commodity-based currencies are also highly anony- mous. There is no record built into any of the transactions for which the currency is used that tracks users or uses. Although most commodity- based currencies have maintained stable values over time, commodity- based currencies have been vulnerable to value fluctuations beyond the control of any monetary authorities. This is because the value basis of the currency reflects the supply and demand for the commodity. For example, the value of silver vis-à-vis gold fell by one-half around 1870 as silver discoveries in Mexico, as well as reduced demand for silver as currency in Europe, increased the supply of silver, essentially decreas- ing the demand.5 In addition to commodity-based currencies’ vulner- abilities to value instability, they are difficult to use for anything more 2 Silver has similar properties. We focus on gold in this discussion for simplicity. 3 Bernstein, 2004. 4 See Marion Johnson, “The Cowrie Currencies of West Africa. Part I,” Journal of African History, Vol. 11, No. 1, 1970, pp. 17–49. 5 Jeffry A. Frieden, Global Capitalism: Its Fall and Rise in the Twentieth Century, New York: W. W. Norton and Company, 2006.
  • 22. The Current State of Virtual Currencies 7 than small, local transactions because they are physically inconvenient to transfer at scale and distance. Over time, most countries migrated from commodity-based to paper (fiat) currencies; these currencies are decreed by a central author- ity to be legal tender, have no intrinsic value, and are only convertible into a commodity such as gold at the discretion of a central authority.6 As a result, fiat currencies’ value depends on users’ trust that the cen- tral authority will be able to maintain the currency’s value. Fiat cur- rencies have key advantages over commodity-based currencies. They are lighter and easier to use (although still difficult to transport over distance), and they provide more leverage for governments to control monetary and fiscal policy. Similar to commodity-based currencies, fiat currencies can provide more anonymous transactions. Fiat curren- cies, however, are highly dependent on their central authority to main- tain their value. The stability of fiat currencies is dependent on govern- ments’ macroeconomic policies and can experience huge fluctuations, even becoming worthless (e.g., during hyperinflationary episodes). Financial innovations have allowed people to conduct economic transactions far beyond the constraints imposed by physical currency. Bills of exchange emerged around the great European trade fairs that took place in the 1200s to facilitate commerce without having to ship large quantities of gold from town to town and country to country.7 These bills of exchange were denominated in countries’ currencies, sim- ilar to the modern form of writing a check against money in a check- 6 This very simplified evolution of monetary systems does not discuss alternatives to territo- rial monetary systems. For more detailed discussions, see Benjamin J. Cohen, The Geography of Money, Ithaca, N.Y.: Cornell University Press, 1998; Glyn Davies, A History of Money: From Ancient Times to the Present Day, Chicago: University of Chicago Press, 2005; Eric Helleiner, The Making of National Money: Territorial Currencies in Historical Perspective, Ithaca, N.Y.: Cornell University Press, 2003; and Jack McIver Weatherford, The History of Money, New York: Crown Publishers, 1997. An important step between the current mon- etary system and the pre–World War II commodity-based monetary system was the Bretton Woods monetary system (1944–1971), in which the U.S. dollar was backed by gold reserves, other developed country currencies were pegged to the dollar, and the developing countries’ currencies were pegged to a basket of developed country currencies (Frieden, 2006). 7 See Charles Kindleberger, A Financial History of Western Europe, Oxford: Oxford Univer- sity Press, 1993.
  • 23. 8 National Security Implications of Virtual Currency ing account. More recent technological innovations have allowed users to move away from paper-based exchange systems (such as checks) to electronic systems (such as swiping debit cards through a point-of-sale card reader) to using near-field communication (NFC) technology to enable radio communication through mobile-computing platforms (such as via applications on smartphones).8 As with the 13th-century bills of exchange, these innovations are convenient mechanisms that allow users to use traditional currencies more efficiently. Unlike VCs, they do not constitute new currencies. VCs have become increasingly common in recent years. So far, no VCs are fiat currencies—no government has adopted a VC as its legal tender. They do, however, represent value for a particular community that uses them as a means of exchange. VCs have been used in online gaming communities and loyalty programs, such as airline frequent- flier programs, to keep track of redeemable membership credits that may not otherwise have value in terms of a fiat currency.9 VCs, such as money used in online games or frequent-flier miles, are designed to act as a store of value, unit of account, and medium of exchange solely within their community of interest. That community of interest does not, however, need to occupy a single geographical or political unit. Some of the latest VCs, such as Bitcoin, differ from earlier VCs in that they are designed explicitly to function as currency in the real economy and are exchangeable for government-issued fiat currencies. Returning to the comparison with gold coins, Bitcoin shares many of the same characteristics of gold coins. There is a limited supply of cur- rency in circulation. Similar to a commodity such as gold, Bitcoin’s exchange rate can be volatile. Bitcoin is easily measurable and divisible. In contrast to gold, Bitcoin is easily transportable and does not need to transit through international borders as currency, which may increase its ease of use and reduce cross-border transaction costs (as well as chal- 8 This is the technology underlying applications, such as Google Wallet, Apple Pay, and Venmo. 9 Exchanges may develop to allow users to “cash out” VCs for fiat currencies, but this is neither a feature nor a requirement of VCs.
  • 24. The Current State of Virtual Currencies 9 lenge law enforcement and intelligence efforts). Finally, Bitcoin does not depend on a central authority to safeguard its value. Perhaps the most important distinction between Bitcoin and pre- vious VCs is that while VCs do not technically require a central author- ity, one of Bitcoin’s key features is its completely decentralized author- ity—and many VCs have followed Bitcoin precisely in this direction. As a result, VCs such as Bitcoin cannot build trust in their curren- cies’ stability based on the policies and capacities of a central authority. Instead, users’ trust in VCs depends on their trust in the decentralized mechanisms that secure and sustain a VC. Current VCs have authority structures that range from completely centralized to completely decen- tralized (see Figure 2.1). Having examined the evolution to VCs from a monetary perspec- tive, we will now examine the evolution of the VCs themselves, mainly from a technological perspective. Figure 2.1 Virtual Currencies Have Varied Authority Structures RAND RR1231-2.1 One central authority Examples: US dollar, Perfect Money, Liberty Reserve Central authority Centralized authority Comprising multiple independent organizations Example: Ripple Org 1 Org 3 Org 2 Semi-centralized authority Decentralized authority Comprising any party that joins the network Examples: Bitcoin, Litecoin n 1 6 7 5 4 3 2
  • 25. 10 National Security Implications of Virtual Currency Origins and Trends of Virtual Currencies The first progress toward a VC was made by the cryptography researcher David Chaum, who used cryptographically signed tokens.10 This and later related proposals paid significant attention to an untraceable, anonymous currency issued centrally and backed by banks or other institutions (who would enjoy a certain amount of trust by users). Digi- cash, the company Chaum started, managed only a three-year trial at a single bank, which subsequently was not pursued.11 Early Systems VCs have been in use well before the invention of Bitcoin, though they were not decentralized. Digital gold currency and similar systems comprised the first wave of VCs that were created and used. Began in 1996, e-gold was a precursor to the type of system proposed by Chaum; it used a central account structure to track and transfer certifi- cates backed by gold in a central repository with no guaranteed crypto- graphic security and anonymity, mainly as a function of trust in those running the e-gold system.12 Since e-gold was outside the financial reg- ulatory system, it offered effective anonymity and security, guaranteed by trust in the operating practices of the companies running these sys- tems. Similar systems, such as Liberty Reserve, WebMoney, and Per- fect Money, were frequent targets for illegal activities, both by users abusing the anonymity and the relative ease of transfer beyond the control of regulators and by the operators, who ran Ponzi schemes and 10 See David Chaum, “Blind Signatures for Untraceable Payments,” in David Chaum, Ronald L. Rivest, and Alan T. Sherman, eds., Advances in Cryptology: Proceedings of Crypto 82, Berlin: Springer-Verlag, 1983, pp. 199–203. 11 See David Chaum, Amos Fiat, and Moni Naor, “Untraceable Electronic Cash,” in Shafi Goldwasser, ed., Advances in Cryptology—CRYPTO ’88: Proceedings, Berlin: Springer-Verlag, 1990, pp. 319–327, and Julie Pitta, “Requiem for a Bright Idea,” Forbes online, November 1, 1999. 12 Doug Jackson, the founder of e-gold, said “practically speaking, e-gold was the opposite of anonymous,” as quoted in Kevin Dowd, “Contemporary Private Monetary Systems,” self- published paper, August 2013. There was cryptography used in connections to the system, but it was not an intrinsic feature of the currency.
  • 26. The Current State of Virtual Currencies 11 other fraudulent enterprises.13 All of these systems are distinguished by their centralized authority structure: in order to support illicit activi- ties, actors would have to trust the currency proprietors to maintain their anonymity and security (which some of these currencies histori- cally have done). Bitcoin The primary interest regarding VCs in the national security–policy community has been on Bitcoin, in particular with respect to Bit- coin’s wide use and its perceived security and anonymity. Bitcoin was introduced in 2009 and exists outside the control of a single company or government; it is defined and controlled by a decentralized group of users executing the Bitcoin protocol over the Internet as described below.14 As of June 2015, there were about 14.2 million bitcoins in circula- tion, with a total market capitalization of $3.5 billion (at an exchange rate of about $240 per bitcoin); this is down from the highest market capitalization of nearly $14 billion in March of 2013 (at a rate of $1,150 per bitcoin). There are currently over 110,000 Bitcoin transactions per day, with a roughly linear increase in transactions from June 2012, at which point there were around 20,000 transactions per day.15 The central technological feature of Bitcoin is a global public ledger containing all Bitcoin transactions ever made. The ledger itself 13 See Dowd, 2013. 14 See Nakamoto, 2008. Bitcoin refers to both a new type of algorithm for a secured public ledger, called the block chain, and to the tokens, called bitcoins, that are tracked by the ledger and are used as currency. For an excellent, in-depth review of Bitcoin, related VCs, and the academic literature examining them, see Joseph Bonneau, Andrew Miller, Jeremy Clark, Arvind Narayanan, Joshua A. Kroll, and Edward W. Felten, “Research Perspectives on Bit- coin and Second-Generation Cryptocurrencies,” Proceedings of IEEE Security and Privacy 2015, San Jose, Calif.: IEEE Computer Society, May 2015. For a more policy-oriented intro- duction, see Edward V. Murphy, M. Maureen Murphy, and Michael V. Seitzinger, Bitcoin: Questions, Answers, and Analysis of Legal Issues, Washington, D.C.: Congressional Research Service, August 14, 2015. 15 See Blockchain, “Market Capitalization,” undated (b). Note that the data presented here may fluctuate wildly. In addition, it is difficult to estimate the percentage of “legitimate” transactions versus those executed for criminal purposes.
  • 27. 12 National Security Implications of Virtual Currency comprises a sequence of so-called blocks; each block contains a list of transactions, as well as the hash, or digital signature, of the previous block created (hence the term block chain) for the ledger, since each block is chained to the previous one. The block chain is distributed to all computers running the Bitcoin protocol; therefore all nodes in the Bitcoin network have a copy of all transactions ever made. Participants jointly validate new transactions, block by block; more technically, this process is a decentralized consensus protocol, where the consensus is whether or not to include the new block into the block chain. Identities in the Bitcoin protocol are cryptographically generated addresses. Loosely, each transaction is a transfer order from one address to another.16 The ledger is the recorded history of each of these transac- tions. A new transaction is allowed to process if the ledger reveals that the sender address had enough of a balance to transfer the proposed amount to the receiver address. By submitting the transaction and having it included in the block chain and acting as the ledger, the cor- responding new balance is publicly included in the ledger and review- able for all future transactions. Accordingly, the number of bitcoins a user owns is the total number of bitcoins associated to the address(es) that the user has access to, and the reason that Bitcoin is said to be “anonymous” is that identity-privacy of bitcoin ownership is main- tained through the inability to link an address to an identified user. It is worth stressing that a user does not own bitcoins. Rather, a user has the right to spend the number of bitcoins that are associated with the various addresses they are able to access. Accordingly, a wallet of bitcoins is actually the requisite information proving ownership of a Bitcoin address, which in turn allows that user to spend bitcoins associated with that address. Specifically, these addresses are based on a public/private key pair generated cryptographically. The private key allows the coins to be spent in a new transaction. It is conceptually similar to having an address with a locked mailbox; anyone can deliver mail, but only someone with the key can take letters out and send them to a new address, thereby transferring or spending them. In this case, 16 More generally, a single transaction can be conducted from at least one address to at least one other address.
  • 28. The Current State of Virtual Currencies 13 no one necessarily knows who has the key, and the mailboxes are on the block chain. The anonymity of Bitcoin users, or lack thereof, is a critical com- ponent of the currency; see the discussion of VC anonymity in Chapter Four for a detailed discussion of this issue, with a particular focus on Bitcoin. The blocks of records of correct transactions are validated by employing significant computing power through a process called mining; those performing the computations are called miners.17 Mining is successfully completed for a block when a miner has successfully found the correct input to a complex mathematical function called a hash function, which effectively binds the validated block to the block- chain transactions. An important feature of the Bitcoin infrastructure is that it is extremely computationally difficult to alter newly validated blocks once bound to the chain, thus preventing changes to the trans- action history. For a miner to find a correct input to the hash function, he or she must effectively guess the input at random. This is because finding the input any other way is computationally infeasible (due to the security guarantees of the hash function). In practice, these guesses are made through harnessing many thousands of computing proces- sors. A correct guess is published, providing so-called proof of work, because it proves that a miner worked hard to find the input (since finding the input required significant computational work). Other users can easily validate that the miner has found the correct input to validate the block; once verified, the miner is rewarded with bitcoins (in practice, this reward transaction is included in the block that the miner validates).18 Accordingly, the only way to acquire new bitcoins 17 The validation process is done by checking if the hash of the transactions, plus an addi- tional “nonce” value, conforms to a specific format. The hash function is computationally expensive to run, and any specific set of transactions plus a specific nonce has a very low probability of matching the format. Because of this, miners try many different nonce values, hoping to find one that will validate the block. 18 In reality, a miner who successfully validates a Bitcoin block obtains bitcoins both from the mining reward process as described above as well as from so-called transaction fees that can be included in every Bitcoin transaction. The number of bitcoins obtained via mining rewards is designed to decrease over time, reaching zero around 2140; the theory is that
  • 29. 14 National Security Implications of Virtual Currency is to either mine it or conduct a transaction with another user who already has bitcoins, such as with an online-exchange service to trans- fer government-backed currency for Bitcoin.19 Bitcoin’s decentralized, mining-based infrastructure requires that many users dedicate significant resources in order to maintain and secure the overall system. The ability of users to transact in bit- coins depends on the decentralized system’s ability to consistently and securely add new blocks to the block chain, thereby validating indi- vidual transactions. At the same time, the mining process has become increasingly computationally intensive as the computational difficulty of mining bitcoins was designed to increase with miners. Today, to have a meaningful chance of successfully mining, special-purpose hardware that is specifically optimized for Bitcoin mining is needed.20 Chapter Four contains additional discussions about the Bitcoin system, including an examination of the security and anonymity of Bitcoin as well as a discussion of how Bitcoin, and related VCs, can be used for common transactions on devices such as smartphones. Virtual Currencies After Bitcoin: Altcoins Bitcoin is not the only VC that a non-state actor might choose to use or build upon for their own VC deployment; many other currencies have built upon the foundational ideas of Bitcoin that a non-state actor might also leverage. Following the release of Bitcoin, and its subsequent wide adoption and interest, many new projects were launched, a selection of which are represented in Table 1.1. These were based on either the architecture or, transaction fees will correspondingly increase to maintain the economic incentivization of mining, which secures the entire Bitcoin system. 19 It should be noted that this is a very high-level description of Bitcoin. An interested reader should consult other sources for a more detailed description. See, for instance, Bitcoin Help, homepage, undated; see also Bitcoin Wiki, homepage, August 13, 2015b. 20 For further discussion, see Michael Bedford Taylor, “Bitcoin and the Age of Bespoke Silicon,” paper presented at the International Conference on Compilers, Architecture, and Syn- thesis for Embedded Systems (CASES), Montreal, Quebec, September 29–October 4, 2013.
  • 30. The Current State of Virtual Currencies 15 Table 1.1 Examples of Appcoins and Block Chain Applications Examples Introduced Application NameCoina April 2011 DNS-like storage in block chain Mastercoinb January 2012 Planned market, smart contracts Nxtcoin+c November 2013 Asset exchange Rippled December 2012 Inter-bank transactions MaidSafeCoine April 2014 Anonymous, secured cloud computing (non–block chain) a Namecoin, homepage, undated. b See J. R. Willett, The Second Bitcoin White Paper, vs. 0.5 (Draft for Public Comment), self-published paper, undated. Also, see GitHub, “Omni Protocol Specification (formerly Mastercoin),” undated. c See Nxt Wiki, “Whitepaper:NXT,” modified July 13, 2014. d See Ripple, “FAQ,” undated. e The network is still in pre-beta public testing as of February 2015. in most cases, a near-total replication of the source code from Bitcoin. Because the block chain is specific to the Bitcoin network, these “alt- coins” used new block chains, with various modifications to the pro- tocol. Many of these were effectively Ponzi schemes, with the creators using them to pump-and-dump the new currency, or in other ways that were never intended as legitimate currencies.21 We highlight three classes of noteworthy alternatives to Bitcoin as a currency; the first, Pure Altcoins, primarily modified the finan- cial and cryptographic details of Bitcoin. This included currencies that minted coins more rapidly or used different hash functions to vali- 21 Coins have been launched as jokes (e.g., Dogecoin, Pizzacoin, Beercoin) or as proofs of concept and learning exercises (e.g., GeistGeld, Tenebrix). In one case—Liquidcoin—it was announced explicitly as “speculation based” (see Bitcoin Forum, “[RELEASE] Liquid- coin (Speculation Based),” discussion thread began January 18, 2012). In the case of Doge- coin, the joke currency has become less of a joke, with a current market capitalization of $13,874,871 as of February 24, 2015 (see Bitcoin Wiki, “Comparison of Cryptocurrencies,” December 24, 2014, and CoinMarketCap, “Crypto-Currency Market Capitalizations,” Sep- tember 30, 2015a).
  • 31. 16 National Security Implications of Virtual Currency date the block chain.22 Yet other new coins altered the method of vali- dating more drastically, replacing proof of work with other schemes.23 Prominent altcoins include Litecoin,24 which has a faster hashing pro- cess than Bitcoin; Dogecoin, which started as a humorous creation not meant to be taken seriously, then became gradually more accepted; and Peercoin, which uses a hybrid approach to mining that uses an alterna- tive to Bitcoin’s proof-of-work system.25 The second category, which we will call Anonymous Coins, used additional new cryptographic techniques or protocol to create greater anonymity than Bitcoin offers. This has either been in the form of new altcoins that allow for or enforce a level of anonymity in the protocol or various Bitcoin add-ons using a technique called CoinJoin; see Chap- ter Four’s discussion on VC anonymity for more information about Anonymous Coins. Most recently, the majority of new effort has been focused on a third category, so-called Appcoins, which use block chains for other purposes. While many Appcoins can be used as currencies and are useful for various types of financial transactions, they create and rely on a more complex infrastructure and do not differ greatly from other VCs in the aspects most relevant to this this report.26 This new cat- egory is interesting because it points to new technological applications of the block chain, though it may be a misnomer to term this category 22 A variety of hash functions and combinations of hash functions have been proposed, largely revolving around concern about centralization of mining power due to application- specific integrated circuit (ASIC)–based mining. Similarly, alternative schemes, such as proof-of-stake, or computing Cunningham chains in Primecoin, have been created. All of these have important pros and cons, but the details are not relevant for most of the following discussion. 23 For a list of these currencies, see Altcoins, homepage, undated; see also Bitcoin Wiki, “Comparison of Cryptocurrencies,” December 24, 2014. 24 Litecoin, hompage, undated. 25 Peercoin also uses a so-called proof-of-stake mining system; see Sunny King and Scott Nadal, “PPCoin: Peer-to-Peer Crypto-Currency with Proof-of-Stake,” self-published paper, August 19, 2012. 26 See Chapter Five for further discussion about the implications of VC technology.
  • 32. The Current State of Virtual Currencies 17 as a currency due to its intended purposes. (See Chapter Five for further discussion on possible future applications beyond VCs.) Having given an overview of the VCs and some of their design choices, we now highlight the implications of a particularly important design choice: how to structure the authority mechanism from the cen- tralized structure of older VCs (such as WebMoney) to the fully decen- tralized structure of Bitcoin. Authority (De)centralization and Implications for Virtual Currency Design Perhaps the most prominent design choice in a VC is how central- ized its authority mechanism should be. The earliest VC designs, such as Chaum’s, had centralized authority mechanisms: there is a central server that ensures that security properties, such as double spending and counterfeiting, do not occur. Drawbacks of such architectures are that they require at least some trust in the central authority (for exam- ple, that they do not simply ignore incoming transactions) and that they can be vulnerable to a single point of failure or present a single target for attack. For instance, the M-PESA system, a currency-transfer mechanism that relies only on text messages to conduct transfers in countries such as Kenya, is centralized at the cellular provider; all it would take to disrupt M-PESA is to degrade the cellular network of a particular country (or selected servers of the provider). It is worth noting that non-state actors such as the Islamic State of Iraq and the Levant (ISIL) are unlikely to care about how centralized a currency is from a fiscal policy perspective; however, vulnerability to cyber attack could be a significant concern. Bitcoin and the vast majority of the second-generation VCs have decentralized authority mechanisms. There is no central server or ser- vice, and any user can and do contribute resources to the authority- mechanism process. Such decentralized structures inherently require more public information about users and transactions because each participating user in the authority mechanism must be able to have enough information to contribute meaningfully. In addition, consen- sus may take time because many users must agree on the best course of action (otherwise small groups of malicious users can break the secu-
  • 33. 18 National Security Implications of Virtual Currency rity of the decentralized scheme). On the other hand, even if some users contributing to the decentralized authority are malicious, they still cannot impede correct behavior on the part of the overall decen- tralized system due to its consensus-verification system. It is this resil- ience, and lack of required trust, that has attracted many users to Bit- coin and other decentralized VCs. There is a middle ground between the two alternatives: so-called semi-centralized VCs, where the authority mechanism is distributed among a restricted set of participants (e.g., ten total) and only when a sufficiently large fraction of them collude would any private informa- tion be revealed or would security be violated. This approach may be useful where there are a small number of high-security users who are trusted not to collude with one another; one example might be the central banks (or military units) of multiple countries that may not have completely trusting relationships with one another. The benefit of semi-centralized VCs is that they balance the trust and single-point-of- failure issues with the centralized model and the mass-dispersal issues with the decentralized model. To date, the existence of semi-centralized VCs is largely theoretical;27 only Ripple may be said to have a fully semi-centralized authority mechanism, and Ripple is not designed to protect user privacy in a meaningful way (for more details, see the dis- cussion on VC anonymity in Chapter Four).28 Having discussed the current state of VCs, we will now investigate the extent to which non-state actors are currently using VCs as well as a brief examination of previous politically motivated VC deployments. 27 See, for instance, Karim El Defrawy and and Joshua Lampkins, “Founding Digital Currency on Secure Computation,” CCS ’14: Proceedings of ACM SIGSAC Conference on Computer and Communications Security, March 2014, pp. 1–14. 28 The VC Dash (formerly Darkcoin) has a hybrid structure where anonymity is guaranteed by a semi-centralized architecture, but most other elements of the currency are governed by a decentralized architecture; see Dash, homepage, undated (a), and Dash, “Masternodes and Proof of Service,” undated (b).
  • 34. The Current State of Virtual Currencies 19 Virtual Currencies and Non-State Actors In this section, we give a brief overview of non-state actors’ use of VCs, particularly for criminal purposes, as well as examine previous instances of politically motivated VC deployments. There is ample evidence that organized non-state actors—espe- cially cybercriminals—use existing VCs.29 There does not seem, how- ever, to be significant evidence that these actors are regularly conduct- ing standard economic commerce using a VC; rather, VCs are only used as a means of secure, anonymous currency transfer for special- ized services. That is, there is no evidence that organized (i.e., nefari- ous) groups have developed and deployed VCs, but there is evidence that some have exploited currencies such as Bitcoin for illegitimate transactions. One of the more common criminal uses of VCs, particularly Bit- coin, is for ransom ware, where cybercriminals encrypt a victim’s data and only release it upon payment in a VC, generally Bitcoin.30 Another common usage is for the purchase of illicit goods (e.g., drugs) on online services similar to Silk Road.31 This differs from a VC used for every- day commerce, which requires a markedly different physical payment infrastructure that would enable payments at actual physical vendors rather than just websites; technology to enable such payments include smartphones (see Chapter Four’s discussion on VC deployability). There is little evidence that terrorists are using VCs on a mean- ingful scale, particularly as compared with criminal organizations. The two most-cited examples are two postings by (purported) ISIL sup- 29 See, for instance, Samani, 2013a and 2013b. 30 See, for instance, Federal Bureau of Investigation, “Ransomware on the Rise, FBI and Partners Working to Combat This Cyber Threat,” January 20, 2015. 31 For one analysis of the Silk Road, see Nicolas Christin, “Traveling the Silk Road: A Measurement Analysis of a Large Anonymous Online Marketplace,” Proceedings of the 22nd International Conference on World Wide Web (WWW 2013), Rio de Janeiro: World Wide Web Conference, 2013, pp. 213–223.
  • 35. 20 National Security Implications of Virtual Currency porters urging fundraising via Bitcoin.32 Aaron Brantly of West Point has noted: There is sufficient evidence to suggest that terrorists are consid- ering and, in limited instances, using digital currencies such as Bitcoin to finance activities. While these tools have gained in popularity, in recent years their expansion into various terrorist organizations has been slow and deliberate and has not matched pace with transnational criminal uses of these same technologies.33 This situation may well change in the future, however, if non-state actors feel they have more to gain—politically, economically, or opera- tionally—by moving toward increased VC usage. Recently, there have been cases of politically motivated VC deployments to replace existing sovereign physical currency in a sover- eign country (with or without government approval). Auroracoin was deployed in Iceland by an unknown source in March 2014 as a means to provide a currency that would be less susceptible to inflation and not subject to government regulation.34 Derek Nisbet introduced Scot- coin as a new independent Scottish currency.35 Ecuador is examining the potential of using a VC as an alternative to physical currency.36 It should be noted that, in the Iceland and Scotland example, the legiti- mate government did not explicitly sanction the VC deployment, while 32 See Taqi’ul-Deen al-Munthir, “Bitcoin wa Sadaqat al-Jihad: Bitcoin and the Charity of Violent Physical Struggle,” self-published article, August 2014, and Adam Taylor, “The Islamic State (or Someone Pretending to Be It) Is Trying to Raise Funds Using Bitcoin,” Washington Post online, June 9, 2015. 33 See Brantly, 2014, p. 1. 34 See Auroracoin, “Why Iceland? Many Governments Have Abused Their National Cur- rencies, but Why Is Iceland Such a Good Place for the First National Cryptocurrency?” undated. 35 See Folding Coin, “Announcing Scotcoin,” February 5, 2015; Alex Hern, “Bitcoin Goes National with Scotcoin and Auroracoin,” Guardian website, March 25, 2014; and Giulio- Prisco, “An Independent Scotland Powered by Bitcoin?” CryptoCoinNews.com, September 17, 2014. 36 See Nathan Gill, “Ecuador Turning to Virtual Currency After Oil Loans,” Bloomberg News online, August 11, 2014.
  • 36. The Current State of Virtual Currencies 21 in Ecuador, the government seems to have supported the effort. To date, no replacement-VC deployment has enjoyed widespread adoption. One of the main purposes of this report is to examine the key challenges that, if overcome, would enable non-state actors, including terrorist groups, to leverage VCs for their political, economic, and/or operational gain. While a non-state actor might choose a more stan- dard paper currency over a VC, changes in perception to VCs in the future, particularly in terms of trusting VCs as a secure, resilient, and available currency, may greatly increase the likelihood of adoption. In particular, support by an allied nation-state with cyber sophistication may greatly influence a non-state actor toward VC deployment.
  • 37. 23 CHAPTER THREE Can Virtual Currencies Increase Political Power? This chapter examines the potential for non-state actors to use VCs to increase their political and/or economic power by virtue of deploy- ing a VC to use as a currency for regular financial transactions. Based on our analyses of the social and political underpinnings of non-state actors’ use of currencies, controlling their own currencies can provide non-state actors, such as insurgent groups, with an important tool for increasing their political and economic leverage in contested territories. Historically, insurgents have issued new currencies in an effort to asserttheirpoliticalandeconomiccontrol.ISIL’sdeclarationonNovem- ber 13, 2014, that it will issue its own commodity-based currency fits within this trope.1 ISIL’s choice of a commodity-based currency rather than a VC may be a result of the difficulties involved in deploying a VC in a politically contested territory characterized by relatively low physical infrastructure and low penetration of communications- technology platforms such as smartphones. As discussed in the previ- ous chapter, ISIL’s stated intention to use a gold- and silver-based com- modity currency also emphasizes the economic credibility conveyed by a currency whose value can be established on international commodity exchanges. To date, VCs have not been used successfully on a large scale as a full competitor to countries’ fiat currencies. Unsurprisingly, given their large technological-infrastructure requirements, VCs have not been the medium of choice for insurgents involved in civil conflicts. 1 See Borzo Daragahi, “ISIS Declares Its Own Currency,” Financial Times online, Novem- ber 13, 2014.
  • 38. 24 National Security Implications of Virtual Currency Some separatist-movement supporters in developed countries, such as Scotland,2 have issued VCs (e.g., Scotcoin), but without popular sup- port. Auroracoin was launched in Iceland as a means to contest the government’s strict capital-controls regime. As such, it was not under- taken as a vehicle for insurgency or separatism, but did constitute a political protest against the government’s macroeconomic policies. The developers adopted the tagline, “a nation breaks the shackles of a fiat currency.”3 As a VC, Auroracoin represented an interesting experiment that nevertheless failed to attract users in that the Icelandic population appeared unwilling to switch from króna to Auroracoin, despite Ice- land’s capital-controls regime. These examples demonstrate both the technological feasibility of a non-state actor deploying a VC, as well as the challenge faced by a non-state actor to encourage societal participation in a new VC when traditional currency options remain available. We expect non-state actors will be most likely to get people to use a new VC when the non- state actor has sufficient territorial control and governance capacity to enforce the use of its VC. Non-State Currencies Emerge When State Currencies Do Not Meet Groups’ Needs With the wealth of attention enjoyed by VCs such as Bitcoin, one might think that VCs were playing a significant role as a new medium of exchange for day-to-day transactions in countries such as the United States. A recent Bloomberg article touted the growing popularity of Bitcoin, reporting:4 Consumers are embracing the digital currency . . . Parents are dispensing allowances in Bitcoin to teach their kids to be digi- 2 See Scotcoin, homepage, undated. 3 See Auroracoin, undated. 4 See Olga Kharif, “Bitcoin: Not Just for Libertarians and Anarchists Anymore,” BloombergBusiness.com, October 9, 2014.
  • 39. Can Virtual Currencies Increase Political Power? 25 tal citizens. Marijuana smokers are buying buds from Bitcoin- enabled vending machines. Consumers in emerging markets such as Brazil and Russia are starting to use Bitcoin to hedge their volatile currencies. The overall demand for VCs as fully fledged competitors to cen- trally managed fiat currencies in countries with strong state capac- ity and stable macroeconomic policies, however, is relatively small. Central banks and governments in developed countries have assessed the monetary-control risk posed by VCs circulating in their areas of responsibility to be low, at least at current and foreseeable levels of VC circulation.5 There are two conditions under which VCs are likely to gain trac- tion as market actors’ preferred currency option. The first condition is that the central authority does not provide a stable macroeconomic environment and, as a result, the territorial fiat currency is nonexistent or its value becomes unstable.6 The European Banking Authority high- lights this environment as one the key findings of their report on VCs.7 In jurisdictions where financial services are not widely available, where users have a high risk profile, where the national currency is not convertible into other [fiat currencies], where financial ser- vices are too expensive for individuals, or where the administra- tive burden for obtaining an account is high, VC schemes provide an alternative way for individuals to achieve the same end: access- ing commerce and effecting payment transactions. 5 See European Central Bank, 2012, and Murphy, Murphy, and Seitzinger, 2015. 6 It is important to note that a VC is not the only monetary alternative to a fiat currency in a territory lacking a stable macroeconomic environment. Market participants could also engage in barter, develop their own scrip-based community currency, or use another coun- try’s currency. The U.S. dollar has been used extensively outside of the United States. This report focuses on the feasibility of non-state actors deploying a VC. It does not provide a full assessment of the tradeoffs across the full menu of alternative currency arrangement options available to non-state actors. 7 See European Banking Authority, 2014.
  • 40. 26 National Security Implications of Virtual Currency There are many reasons why territories may lack a stable national currency. The territory may be part of a failed state with no functioning government; it may be part of a country in the midst of a civil conflict; or it may be a country with a stable government, but unstable macro- economic policies or policies that freeze out economic participation by a large fraction of its population (e.g., countries with a large black market). In an environment in which the central authority cannot safeguard the stability and accessibility of a fiat currency, a non-state actor–sponsored VC may provide a viable solution. The second condition in which VCs may play an important role in is building and maintaining communities. At the local level, many communities have set up regional exchange trading systems.8 Local currencies broaden a community’s exchange infrastructure beyond economic exchanges to also support social, ethical, and environmen- tal dimensions valued by the community. Most community currencies are geographically constrained and circulate side by side with national currencies.9 Their value in a particular community is specific to the goals of that community, and their creation may reflect payment for services rendered solely for that community. Examples of community currencies are Ithaca Hours and Salt Spring Dollars,10 or more global currencies, such as frequent-flier miles. While most communities use paper currencies, there have been a few forays into community VCs. The Totnes Pounds system supports both a paper currency and elec- tronic accounts.11 8 Although we focus here on recent examples of community currencies, Christine Desan examines the importance of community exchange systems and the role of community stake- holders in medieval English communities (Christine Desan, Making Money: Coin, Cur- rency, and the Coming of Capitalism, Oxford: Oxford University Press, 2014). 9 See Jerome Blanc, “Thirty Years of Community and Complementary Currencies,” Inter- national Journal of Community Currency Research, Vol. 16, 2012, pp. D1–4. 10 See Ithaca Hours, homepage, undated, and Salt Spring Dollars, homepage, undated. 11 See Totnes Pound, homepage, undated.
  • 41. Can Virtual Currencies Increase Political Power? 27 David Vandervort and colleagues at PARC identify Mazacoin,12 the purported national currency of the Lakota nation, and Irish Coin,13 a community coin developed to promote the Irish tourism industry, as two exemplars of community VCs.14 As technology for VCs improve, community VCs may become more common. Most local communities that have adopted community currencies have done so within the structure of a well-developed financial system, i.e., in a stable, generally democratic country or international system with stable macroeconomic policies15 or shared norms of behavior. Not all non-state actors, however, choose to develop alternative curren- cies that function complementarily with their country’s fiat currency. Many non-state actors, such as separatist and insurgent groups, as well as contested regions issue their own currencies to highlight their eco- nomic sovereignty and to solidify their economic control in territories under their jurisdiction or lands they wish to control.16 For example, the autonomous region of Somaliland has its own shilling, and the autonomous region of Transnistria has its own ruble. A whites-only town in South Africa called Orania uses a currency called the ora.17 In addition to ISIL’s declaration to launch its own currency, the aspira- tional central bank of Barotseland in 2012 declared the introduction of the Barotseland mupu in 2012.18 12 See Mazacoin, homepage, undated. 13 See Irish Coin, homepage, undated. 14 See David Vandervort, Dale Gaucas, and Robert St. Jacques, “Issues in Designing a Bitcoin-Like Community Currency,” paper presented at the Second Workshop on Bitcoin Research, San Juan, Puerto Rico, January 30, 2015. 15 Damjan Pfajfar, Giovanni Sgro, and Wolf Wagner, “Are Alternative Currencies a Substi- tute or a Complement to Fiat Money? Evidence from Cross-Country Data,” International Journal of Community Currency Research, Vol. 16, 2012, pp. 45–56, found that the use of community currencies is positively associated with stability in the country’s fiat currency, financial sector development, and overall economic development. 16 See Daniel Treisman, “Russia’s ‘Ethical Revival’: The Separatist Activism of Regional Leaders in a Postcommunist Order,” World Politics, Vol. 49, No. 2, 1997, pp. 212–249. 17 See Wikipedia, “Ora (Currency),” April 27, 2015. 18 See Barotseland Free State, Barotseland Mupu Currency Act of 2012, February 28, 2012. Barotseland is a contested territory between Zambia and Angola. The central bank has
  • 42. 28 National Security Implications of Virtual Currency Using the example of an insurgent group with contested territo- rial control over a region, insurgent groups have three options when adopting a currency. Their first option is to adopt a commodity-based currency in which the currency in circulation is the commodity itself (e.g., gold coins). This is ISIL’s stated strategy. The key benefit of this option is that the credibility of the currency is backed up by the intrinsic value of and international market for the commodity. There is no need to trust the monetary authority that gold or silver will retain its value. A key limitation of this option is that it is difficult for most insurgent groups to amass sufficient supplies of gold and silver to implement this type of currency. Their second option is to adopt another country’s currency. This option can range from circulating the pre-existing currency directly in the local economy (e.g., dollarization) to minting a new currency that is backed 1:1 with reserves of another country’s currency (e.g., use a currency board). Leaders of the self-proclaimed Donetsk People’s Republic have attempted to set up a ruble zone in eastern Ukraine. The costs and benefits of this option are somewhat similar to those of a commodity-based currency. The new currency gains credibility based on the stability of the issuing country’s currency and the adoption of the currency throughout the territory. If the value of the issuing coun- try’s currency falls, then so will that of the new currency. The feasibil- ity of this option depends on the insurgent group’s ability to amass sufficient supplies of the adopted currency to issue it in their territory or use it to back up their own currency. This is a much easier hurdle to overcome, especially with the support of the issuing country; indeed, support by another country, particularly when that country possesses cyber sophistication, is one key enabler for non-state actor deployment (see Chapter Four for further discussion). Their third option is to adopt its own currency. In this option, the currency may not necessarily be backed 1:1 by a commodity or by stocks of a reserve currency. One example of this occurred when released samples of mupu bills, but does not have the resources to issue and maintain a stable currency.
  • 43. Can Virtual Currencies Increase Political Power? 29 separatist authorities in Somaliland introduced the fiat, paper-based Somaliland shilling without being explicitly tied to a commodity or reserve currency. Accordingly, the benefit of this option is that the insurgent group may require smaller reserves of commodities or foreign exchange to roll out their new currency. The drawback of this option is that there is no intrinsic value built into the currency at its outset.19 A fixed-exchange rate peg may help to combat volatility in the currency’s value; however, unless the market believes the currency is accurately valued or the group has the foreign exchange reserves to defend their exchange rate peg, the group may be unable to maintain the currency’s value.20 Non-State Currencies Are Not Likely to Be VCs Now, But Could Be VCs in the Future Although some separatist groups have attempted to adopt their own currencies, we do not expect VCs to be their preferred format in the near term. There are three main reasons why deploying a VC may pose greater difficulties than a paper- or commodity-based option. The first reason is that most insurgent organizations currently lack the skills necessary to deploy a VC. Most insurgencies occur in politically con- tested territories characterized by low physical infrastructure and low penetration of communications-technology platforms, such as smart- phones. Although a prominent debate over the use of VCs as a source of development capital in areas of low economic development has sparked interest in the development community, the need for advanced cellu- lar phones (i.e., smartphones) for VCs has impeded implementation. In contrast, M-PESA, a mobile phone money-transfer system (and a convenience mechanism rather than a VC), works well in Nigeria, as 19 It should be noted, however, that hesitation with respect to new currencies can be over- come through careful and proper rollout of a new currency. The most famous example is Brazil’s rollout of the fiat currency réal (R$) in 1994, which was carefully managed to replace the old currency to defeat hyperinflation. 20 Alternatively, the group may declare the currency is not convertible, in which case the fixed exchange rate statement may simply serve a symbolic purpose.
  • 44. 30 National Security Implications of Virtual Currency it has the active support of the Nigerian government and much lower technological requirements. We discuss the technological requirements and challenges for a VC in greater detail in the next chapter. The second reason is that the monetary rules underlying a VC need to be specified and maintained. These rules specify such currency characteristics as how actors will be incentivized to create and secure the currency, whether the money supply will be capped or continue to grow, and whether the money will be geographically constrained or can be used globally. In a centralized system, these rules are set and enforced by the central authority. In a decentralized system, some form of rule-adoption process is needed. Community currency systems have often failed as the communities included in the currency system grew too large to adjudicate the rules-adoption-and-enforcement process effectively.21 VCs such as Bitcoin tend to be decentralized systems in which rules governing the currency and incentivizing its expansion and maintenance are specified by their designers but are subject to consen- sus decisionmaking at the protocol level, between the servers. Decen- tralization is often a key characteristic of a VC’s resilience. Maintaining control over the rules of the game, however, is a source of vulnerability for a decentralized VC with relatively small circulation. An insurgent group that sets up a VC would face a tradeoff between a centralized authority structure that would not be vulnerable to rules changes trig- gered by a majority of currency holders, but might be more vulnerable to external (and internal) attack. By contrast, a decentralized authority structure may be more resilient to external attacks, but less amenable to rules changes. The third reason is that, at least at the outset, users’ trust in new currencies tends to be low.22 Users need time to become familiar with and feel assured by the system and the stability and the ease of use of the currency. We expect this will be exacerbated for new VCs. 21 See Georgina Gomez, “Sustainability of the Argentine Complementary Currency Sys- tems: Four Governance Systems,” International Journal of Community Currency Research, Vol. 16, 2012, pp. D80–89. 22 See Matthias Kaelberer, “Trust in the Euro: Exploring the Governance of a Supra- National Currency,” European Societies, Vol. 9, No. 4, 2007, pp. 623–642.
  • 45. Can Virtual Currencies Increase Political Power? 31 Implementing a new currency of any type is difficult. It entails large technological, economic, and logistical challenges. Particularly for insurgent groups that choose to deploy their own fiat currency, the trustworthiness of the currency is an important component of its suc- cess. A low initial penetration of VCs in day-to-day economic life will increase users’ suspicion of currencies deployed through this technol- ogy. Although paper currency may require greater physical infrastruc- ture and be less resilient to physical attack, in the near term, paper cur- rencies will be far more acceptable and inherently trustworthy for the population than VCs. That said, populations’ suspicions of VCs will erode as they become more familiar with them. In a territory in which a VC is the only medium of exchange, economic necessity may force people to accept VCs where they would have otherwise rejected them. That is, everything else being equal, an insurgent group is more likely to choose a paper currency (whether or not it is backed by government- controlled commodities) over a VC today in order to increase the popu- lations’ trust in the currency, but there could be a shift in attitude as the technologies that underlie VCs become more prevalent and trusted.
  • 46. 33 CHAPTER FOUR Technical Challenges to Virtual Currency Deployment In this chapter, we examine the technical challenges that a non-state actor might face when deploying a VC. These challenges could poten- tially be leveraged by opponents, such as the United States, to impede the success of the non-state actor’s VC deployment. Some of these tech- nical challenges relate to ensuring that a VC deployment is widespread and usable enough for everyday financial transactions (e.g., buying a soda at the corner store), while other challenges relate to securing a VC deployment so that it is trusted for everyday use. In addition, any entity deploying a VC needs to ensure resilience of the currency against cyber threats by opponents, including the most advanced threats posed by competitor nation-states. We emphasize that this section is focused primarily on issues of VC deployment rather than exploitation; however, some of the chal- lenges that we examine here, particularly those relating to anonymity, also apply to VC exploitation. Specific technical challenges facing any actor attempting to deploy a VC for everyday use include: • Having access to the technological sophistication necessary to develop, deploy, and maintain a VC as a cyber service. In the context of VCs, the technological sophistication required includes competencies in networking, computation, and cryptographic techniques.
  • 47. 34 National Security Implications of Virtual Currency • Ensuring that users of the currency have persistent, assured access to their currency while requiring a sufficiently low level of tech- nological sophistication to enable use for everyday transactions. • Ensuring levels of transaction anonymity demanded by users while ensuring transaction integrity so that buyers and sellers are assured of proper exchange—all without the need for overly advanced technological expertise. • Protecting the overall integrity (and availability) of a VC against advanced cyber threats, particularly those nation-states that would oppose the non-state actor’s VC deployment. It is important to note that these challenges are not unique to Bit- coin or other decentralized VCs (see Chapter Two for a discussion of the current state of the art). Indeed, it is not clear that a non-state actor would favor the lack of a central authority. Accordingly, one of the main initial decision points for the creation of a VC is how to structure the authority infrastructure, i.e., the network of computers executing algorithms that perform the same aggregate functionality that a cen- trally postured authority would. Throughout this chapter, we discuss VC deployment as if the non-state actors are acting essentially on their own. Were they to be backed by a nation-state with moderate to sophisticated cyber capabili- ties, however, that might well change a non-state actor’s decision cal- culus as to whether (and how) to deploy a VC.1 By convention, we will call adversaries of the non-state actor deploying a VC their opponents. Developing and Deploying a Virtual Currency One of the main technological barriers for a non-state actor to deploy a VC would be the expertise and general capability necessary to develop and deploy both the currency and the means to transact with it. In 1 It is worth highlighting that there is ample evidence of state actors supporting non-state actors generally. At issue here would be significant support—indeed, direct and sustained coordination—in the domain of cyberspace operations, which, while feasible, seems differ- ent in nature than historical and current examples of state-actor support.
  • 48. Technical Challenges to Virtual Currency Deployment 35 principle, the technical sophistication required to develop and deploy a VC are relatively high, but in practice current technologies exist for general adoption to support such a deployment. Further, the main goal is to identify those key issues now that, once overcome, would greatly impact a non-state actor’s ability to deploy a VC. The key components that would require development are: (1) the currency itself, including numerous important design choices; (2) the means of acquiring, maintaining, and transferring currency as part of financial transactions, including the physical means capable of sup- porting such transfers such as smartphones; and (3) sufficient back-end services and front-end payment-processing systems to support all of these services in a secure and resilient manner. Developing Software for a Virtual Currency The difficulty of development of computer software for a new VC depends on the degree to which a non-state actor wishes to depart from existing VCs and/or their associated software. At one extreme, a non- state actor could simply use Bitcoin or another existing VC outright as their currency, but this raises the question of how a non-state actor would gain politically or economically from such simple adoption. At the other extreme, a non-state actor may decide to create an entirely new currency from scratch; this would require access to software devel- opers with significant skill. A compromise between the two extremes, which is perhaps the most feasible, would be for a non-state actor to create a new VC by using essentially the same software used by an existing VC. Software developers would have to design software to regulate the currency (e.g., miners for Bitcoin-type decentralized currencies) as well as software applications for everyday users to maintain and transact in the VC; all of this development would have to be usable enough to encourage widespread adoption and use.2 Given the inherent underly- ing security required for such applications, one rough (lower-bound) estimate for how sophisticated such a developer would have to be would be on the order of creating custom, widely used encryption soft- 2 See Open Hub, “Project Bitcoin Summary,” undated.
  • 49. 36 National Security Implications of Virtual Currency ware. Indeed, there are very few examples of such software currently in use—and one public case of such software abruptly disappearing from use.3 Note that if a non-state actor had nation-state backing, including access to that country’s cyber experts and developers, such development may be far more feasible. Even in this more ideal situation, however, there are cases of advanced cyber powers having difficultly creating widely deployed cyber services in even the most permissive environ- ments, such as the United States’ development of the online exchanges to support the Affordable Care Act. Alternatively, a non-state actor may rely on allied, or paid, “hacktivists,” cyber-criminal organizations, or cyber mercenaries.4 It should also be noted that some non-state actors, in particular terrorist organizations, seem to have at least a limited abil- ity to create secure cyber services, such as encryption platforms.5 The most straightforward way of developing a new VC is to repur- pose an existing VC—that is, keeping the underlying technological aspects of an existing currency while regenerating it under a new name. We note that this setting is different from using Bitcoin or another VC; the software may be the same, but used as a separate cyber service (whereas above, the non-state actor would actually use Bitcoin or some other existing VC). Many existing VCs are repurposed or extensions of Bitcoin (see Chapter Two for more details). In some cases, constructing a new VC requires very few cyber capabilities inasmuch as there exist online services that advertise VC creation services. One possible issue is leveraging old software may have the side effect of importing existing cyber vulnerabilities contained in that software. 3 See Brian Krebs, “True Goodbye: ‘Using Truecrypt Is Not Secure,’” KrebsonSecurity.com, May 14, 2014. 4 See, for instance, Kaspersky Labs, “The Desert Falcons Targeted Attacks,” version 2.0, corporate publication, Moscow: Kaspersky Labs, 2015. 5 See, for instance, Recorded Future, “How Al-Qaeda Uses Encryption Post-Snowden (Part 1),” self-published paper, May 8, 2014a, and “How Al-Qaeda Uses Encryption Post-Snowden (Part 2)—New Analysis in Collaboration with ReversingLabs,” self-published paper, August 1, 2014b.
  • 50. Technical Challenges to Virtual Currency Deployment 37 Physically Deploying a Virtual Currency Another significant challenge in deploying a VC is that of physical deployment, i.e., identifying the medium through which the average citizen can transact with their neighborhood vendor. While a computer may be enough for some VC transactions, in order to enable everyday transactions, VC users will need far more portable devices with which to conduct transactions. Unlike paper-currency transactions, the com- putational complexity of these transactions constitutes a significant barrier to deployment because the average user may not have the exist- ing physical means with which to conduct everyday transactions. On one hand, the easiest answer to this issue is smartphones, since they already have significant capabilities to both compute and communicate. For instance, Bitcoin has many possible smartphone applications that can be used for transactions.6 The use of smartphones for VC transactions is hardly novel, indeed, many vendors in developed countries already use their smartphones (or tablets) for standard cur- rency credit-card transactions through applications such as Square.7 Depending solely, or primarily, on a smartphone-dominated cur- rency system is challenging for several reasons. The greatest issue is that creating a smartphone-based currency requires that each person who transacts must have a smartphone or equivalent; this is not currently a realistic assumption in any country, let alone developing countries. Another issue is that a currency architecture that relies solely on smart- phones, or for that matter any single device, leaves a user extremely vul- nerable to currency theft if the device is stolen. For currently conceived VCs, the theft of a password that gives access to the wallet or applica- tion allows for the theft of all currency associated with that password. By contrast, for physical currency, a thief is generally limited to cash on hand; automated teller machine (ATM) withdrawal limits; or other limitations, such as personal-check revocation before use.8 Therefore, 6 See, for instance, Bitcoin, “Choose Your Bitcoin Wallet,” undated (a). 7 See Square, homepage, undated. 8 The assumption here is that VC transactions are “non-revocable,” i.e., once transactions are made, they cannot be undone. In truth, non-revocability is typically only the case for decentralized VCs (and in particular is true for Bitcoin). Revocation can be done technically
  • 51. 38 National Security Implications of Virtual Currency any VC that was accessible from a limited number of devices would greatly benefit from advanced security mechanisms, such as biometric verification (which Apple Pay uses)9 or some other multifactor authen- tication (such as requiring a Bluetooth link between a phone and an additional required device, such as required by Coin)10 that would allow for additional security or credential-revocation capabilities. Using smartphones is not the only means of conducting digital transactions. Indeed, the African (standard) currency-transfer system, M-PESA, has been using non-smart (i.e., “dumb”) cell phones for years.11 It is possible to conduct existing VC transactions with such phones using text messages,12 but these systems essentially use a cen- tral server trusted to maintain a wallet. Due to the high level of trust required in the service provider, it is unclear that adoption of a VC with such a setup would be likely due to trust issues. In principle, one could create a wallet application for non-smartphones, though it is difficult to install such an application in a widespread fashion, since such phones are typically not set up for such remote installations (wallet applica- tions are a security challenge for smartphones in their own right; see the section on cyber threats to VCs later in this chapter). At the same time, there is evidence of increased mobile-phone usage for financial transactions (not just smartphones), particularly in Africa (see Figure 4.1). Much of this popularity, particularly in if a VC was centralized or semi-centralized. With some regulatory/law enforcement capabil- ity built in, theft may not be as crucial an issue, though it would still be highly inconvenient. 9 See Apple, “iOS Security, iOS 9.0 and Later,” September 2015. 10 See Only Coin, homepage, undated. 11 See William Jack and Tavneet Suri, “The Economics of M-PESA,” second version, self- published paper, August 2010; and Ignacio Mas and Dan Radcliffe, “Mobile Payments Go Viral: M‐PESA in Kenya,” World Bank website, March 2010. M-PESA is very different from the VCs considered here because it is a means of transfer more than currency; users buy the currency from physical vendors and transfer the currency via text message. The cell- phone provider is trusted to conduct the transactions. In the case of a non-state actor trying to deploy a VC in a denied environment, such an infrastructure would be unlikely to suc- ceed because it presents many points of attack (the single cell service provider, the physical merchants). 12 See Blockchain, “Send Via: Send Bitcoins Using Email and SMS,” undated (c).

Related Documents