Vitalik's new article: How to ensure information security in the post-deepfake era?

Original Title: "Ask security questions"
Original Author: Vitalik
Original Compiler: Luccy, BlockBeats

Editor's Note:

On February 4, a finance employee at a multinational company was scammed out of $25 million during a video conference, with the scammer using deepfake technology to impersonate the company's CFO. Initially, the employee suspected it was a phishing email after receiving a message purportedly from the CFO based in the UK, as it mentioned the need for a secret transaction. However, after the video call, the employee set aside their initial doubts because everyone present looked and sounded like colleagues they knew, but in reality, all were deepfake entertainment products.

In response, Vitalik believes that encryption cannot solve all problems. He points out that leveraging the human ability to remember information as a foundation for setting security questions is worth incorporating into workflows alongside other protective layers. However, he also states that while security questions are useful, they are not yet user-friendly enough. BlockBeats compiles the original text as follows:

Special thanks to Hudson Jameson, OfficerCIA, and samczsun for their feedback and review.

Recently, an article has been circulating about a company that lost $25 million due to a finance employee being scammed into wiring money to a fraudster impersonating the CFO, seemingly executed through a very realistic deepfake video call.

Recently, deepfake technology (i.e., AI-generated fake audio and video) has been appearing more frequently in the cryptocurrency space and beyond. In the past few months, my deepfake videos have been used to peddle various scams and Dogecoin. The quality of deepfakes is rapidly improving; while deepfake videos from 2020 were quite poor, they have become increasingly difficult to distinguish in recent months. Those familiar with me can still recognize that the video of me promoting Dogecoin is fake because the version of me in the video says "let's f***ing go," while I only use "LFG" to mean "looking for group." However, those who have only heard my voice a few times might easily be deceived.

When I mentioned the $25 million theft to security experts, they unanimously agreed that it was an embarrassing failure of operational security at multiple levels within the company. The standard practice is to require multiple layers of approval before authorizing any transfer of that magnitude. Yet, the fact remains that as of 2024, a person's audio or even video stream is no longer a secure way to confirm their identity.

This raises the question: what constitutes a secure method of identity verification?

Relying Solely on Encryption Methods Does Not Solve the Problem

The ability to securely verify people's identities is crucial for various individuals in different situations: individuals need to recover their multi-signature or social recovery wallets, businesses need to approve commercial transactions, individuals need to authorize large transactions for personal use (such as investing in startups, buying homes, sending remittances), whether using cryptocurrency or fiat, and even family members need to verify each other in emergencies. Therefore, we need a good solution to address the impending era of deepfake videos.

In the cryptocurrency community, one common answer to this problem is: "You can verify yourself by providing an encrypted signature of the address of your ENS/human proof profile/public PGP key." This answer is appealing. However, it completely overlooks why involving others in signing transactions is useful. Suppose you are representing an individual user who has a personal multi-signature wallet and you are sending a transaction that requires approval from some co-signers. Under what circumstances would they approve it? When they are confident that you are indeed the person wanting to make the transfer. If they suspect that the trader is a hacker who has stolen your keys or a kidnapper, they will not approve the transaction. In a corporate environment, there are usually more layers of defense; even so, attackers may impersonate managers, and not just in the final request but also in the earlier stages of the approval process. They may even hijack an ongoing legitimate request by providing a false address.

Thus, in many cases, the practice of other signers accepting your signature with your key to confirm "you are you" undermines the entire purpose: it turns the entire contract into a 1-to-1 multi-signature, where controlling your single key is enough to steal funds!

This leads us to a somewhat practical answer: security questions.

Security Questions

Suppose someone texts you claiming to be your friend, so-and-so. They text you from an account you've never seen before, claiming to have lost all their devices. How do you determine if they are who they say they are?

An obvious answer is to ask them something only they would know, which should relate to the following:

• Something you know
• Something you expect them to remember
• Something the internet does not know
• Something difficult to guess
• Ideally, something even those who have hacked into corporate and government databases do not know

Naturally, ask them about shared experiences, such as:

• Where did we have dinner the last time we met, and what did you eat?
• Which of our friends told a joke about an ancient politician? Which politician was it?
• What did you think of that movie we recently watched that you didn't like?
• Last week, you suggested I talk to so-and-so to see if they could help us with our research on XXX?

Recent examples of security questions used to verify my identity

The more unique your questions, the better. Questions that are just on the edge of requiring people to think for a few seconds or possibly forget the answer are the best, but if the person you are asking claims to have forgotten, make sure to ask them three more questions. Asking about "micro" details (what someone likes or dislikes, specific jokes, etc.) is usually better than asking about "macro" details, as the former is generally harder for third parties to accidentally dig up. For example, even if only one person posts a photo of dinner on Instagram, modern LLMs may quickly capture and provide the location in real-time. If your question could be guessed, meaning there are only a few reasonable options, then add another question to increase entropy.

If security questions are boring and tedious, people often stop engaging in security practices, so security questions should be made interesting. They can become a way to remember positive shared experiences and also serve as a motivation for truly owning those experiences.

Supplementing Security Questions

No single security strategy is perfect, so it is best to always combine multiple techniques.

• Pre-agreed passphrase: When you are together, intentionally agree on a common passphrase to use later for mutual identity verification.

• You might even want to agree on an emergency keyword: a word you can casually insert into a sentence to signal to the other person that you are being coerced or threatened. This word should be common enough that it feels natural when you use it, but rare enough that you wouldn't accidentally insert it into your speech.

• When someone sends you an ETH address, ask them to confirm it across multiple channels (e.g., Signal and Twitter DMs, the company website, or even through mutual acquaintances).

• Protect against man-in-the-middle attacks: Signal's "secure digits," Telegram's emojis, and similar features are worth understanding and being vigilant about.

• Daily limits and delays: Simply impose delays on highly important and irreversible operations. This can be done at the policy level (agreeing with signers in advance that they will wait N hours or days before signing) or at the code level (imposing restrictions and delays in smart contract code).

A potential advanced attack is when an attacker impersonates executives and beneficiaries at multiple steps in the approval process. Security questions and delays can help prevent this, and it is best to use both simultaneously.

Security questions are useful because, unlike many other technologies, they fail not due to being unfriendly but because they are not user-friendly enough. Security questions are built on the foundation of information that humans are naturally good at remembering. I have been using security questions for years, and it has become a very natural and unembarrassing habit, worth incorporating into workflows alongside other protective layers.

Note that the "person-to-person" security questions described above are very different use cases from "business-to-person" security questions, such as when you call a bank to reactivate your credit card after it has been deactivated multiple times due to traveling to another country, and after 40 minutes of music on hold, a bank employee asks for your name, birthday, and perhaps your last three transactions. The types of questions personal individuals know the answers to are very different from the types of questions businesses know the answers to. Therefore, it is worth considering these two situations separately.

Everyone's situation is unique, so the types of unique information you share with the person whose identity you need to verify will vary. It is usually best to tailor the technology to people's situations rather than adjusting people to fit the technology. A technology does not need to be perfect to be effective; the ideal approach is to combine multiple technologies simultaneously and choose the ones that work best for you. In the post-deepfake era, we indeed need to adjust our strategies to accommodate the new reality of content that is now easily forged and content that remains difficult to forge, but as long as we do this, maintaining security remains entirely possible.