Mudit Gupta who is the Head of Information Security at Polygon has expressed concerns about the gap between theoretical and practical security measures in the cryptocurrency industry . While speaking at the Ethereum Community Conference (EthCC) in Paris Gupta shed light on the challenges faced when it comes to protecting private and mnemonic keys. He put emphasis on the industry lags behind in practical security implementation.
Difficulty of Protecting Private and Mnemonic Keys
Gupta highlighted the importance of private and mnemonic keys for security in the crypto space while also acknowledging the difficulties associated with their protection. He explained that unlike passwords private keys cannot be easily changed if leaked which in turn makes their safekeeping a much more complex task. Gupta warned that the loss or leakage of mnemonic keys has resulted in the loss of billions of dollars and put countless users’ funds at risk.
Gupta also pointed out the theoretical security of private keys. He said that they are considered 100% secure in theory. However he raised practical concerns such as the scenario of an individual’s death and the need for loved ones to access their funds . The question of compromised keys further complicates the issue which makes it difficult to find a comprehensive solution.
The Challenge of Defending Against Security Attacks
In addition to the hardships of protecting keys Gupta addressed the difficulties faced by security professionals in defending against attacks. He emphasized that hackers have an advantage in finding vulnerabilities as they only need to exploit a single weak point to gain access . On the other hand defenders must protect every aspect of their systems and be mindful not to leave no room for exploitation .
Gupta stressed the asymmetry between security professionals and hackers and said that defenders face a much harder task than those attempting to breach security . The constant need to identify and close potential vulnerabilities necessitates immense effort and caution.