e-Estonia: KSI Blockchain

By JSC | New Web3 initiatives | 5 Aug 2022

Welcome to the second episode of the series on e-Estonia, and at the same time the second post on the country's digital greenhouse. I will now touch on Guardtime's KSI Blockchain technology deployed after the Russian cyberattack to strengthen the integrity of data processed by public institutions.

Circumstances of the 2007 cyberattack on Estonia

The pretext for the cyber attack was the dismantling of the Tallinn Liberators Monument to commemorate the recapture of Tallinn from Nazi occupation by the Red Army. With Estonians also recognizing the Soviet Union as an occupying power, the Tallinn authorities decided to remove the monument and the mass grave of Soviet soldiers from the center of the capital, more specifically from St. Anthony's Hill, and then move the remains and monument to the Tallinn military cemetery. The process of moving the monument itself took place on April 27, 2007, and exhumations began the day before. The act was met with protests, probably inspired from Russia, by the Russian national minority, which, after police intervention, turned into riots that lasted for 3 days.

On the day street violence erupted at 10:30 p.m., the Russian hacking organization (...)Nashi(...) affiliated with the Kremlin launched a DDoS attack on the Estonian government's website. The attack was a prelude to an offensive that engulfed the websites of the defense and justice ministries, parliament, political parties and, as of May 9, numerous banks and newspapers. In addition to the denial-of-service attack, comment spamming and website hopping were also used. The research also revealed an edit war on a page dedicated to the so-called Brown Monument on the English-language Wikipedia. This campaign lasted for about three weeks until May 18, 2007, when the offensive activities abruptly ceased.

The totality of hostile cyber-activities that Estonia fell to at the time was declared as the first cyber-war in history, and its scale was still one of the largest for a long time to come, as it was only overshadowed by the 2017 WannaCry ransomware campaign and the exchange of blows, also using WRE technology and physical attacks on telecommunications infrastructure elements, part of the full-scale war launched in Ukraine by Russia on February 24, 2022.

In the aftermath of that war, the so-called Tallinn Manual was developed, which is a study of legal issues related to the issue of national cyber security and related operations.... it is worth mentioning that at the time it was considered whether an act of cyber warfare was a rationale for triggering Article 5 of the NATO Treaty, which speaks of a joint response to a military threat. In addition, the NATO Cooperative Cyber Defense Center of Excellence (CCDCOE) was established in Tallinn. In Estonia itself, on the other hand, CERT-EE was established while the attacks were still in progress, organizing an improvised defense, and after they subsided, took up the cause of raising cybersucity of Estonia. One of the major decisions from that time, among others, was to implement KSI blockchain technology to improve the integrity of state databases.

The importance of KSI blockchain technology

Blockchain KSI relies on the principle that a client hosting a data resource every second sends a data structure called a Merkle tree, which contains a hash of the data to be secured, the identity of the sender with authenticated credentials and with a so-called path through the infrastructure with the intention of being added to the general ledger. Integration of this data into the general ledger occurs by way of signing with a hash calendar algorithm, so that it can be certified that a given block in the chain was created at a given point in time.

The above-described process makes it possible to make evidence of data integrity public without revealing its contents, Guardtime suggests doing so by publishing one of the actual ledger hashes in electronic media and even newspapers (many of the materials I encountered during my research suggest that the company published the hashes in the Financial Times). The second advantage of the KSI blockchain is that its size scales over time (at a rate of approximately 2 GB per year), rather than by the number of transactions performed. The third advantage, in turn, is that it can handle datasets that exist in environments such as the cloud or embedded devices.

Architecture of the ifrastructure supporting KSI Blockchain and the roles of its nodes

Nodes supporting KSI blockchain operate on Black Lantern Security Appliance devices, which are copies of an integrated hardware-software platform with an integrated KSI gateway.

These nodes form a distributed network composed of the following elements:

Gateway - They collect and process requests from clients, and then send aggregate requests to the aggregation layer nodes, that is, above.

Aggregator - They aggregate process the requests produced by the lower layer and add a local hash, which the railroad sends to the layer above.

The aggregation node hierarchy creates a global hash tree for each round. In addition, the verification network that is part of the aggregation network provides universal access to the state of the calendar and the history of root hashes used for verification purposes.

Core - Its task is to manage the hash calendar (CHC). He does this by calculating the top hash root and then voting for it through the verification network and promoting it to the CHC. This entire process is done every second, so that the exact time can be determined from the round number, which is added to the signature of the KSI.

Implementation status of KSI blockchain technology in e-Estonia systems for 2019

The list of institutions it has implemented:

- Ministry of Economic Affairs and Communications

- Ministry of Justice

- Ministry of Finance

- Ministry of the Interior

- Ministry of Social Affairs

Selected registries supported by KSI blockchain:

- Healthcare Registry

- Property Registry

- Business Registry

- Succession Registry