Is Blockchain the Swiss Army Knife to All of Our Cyber-Insecurities?
Best known as the immutable database that runs underneath cryptocurrencies like Bitcoin and Ethereum, blockchain is poised to play a critical role in every industry imaginable as businesses seek ways to cash in on the distributed ledger technology's promise of enabling a "trustless" consensus to validate transactions.
Financial transactions are typically guaranteed by a trusted third party (such as PayPal) and blockchain can be used to automate that process, reducing overall costs by cutting out the middleman with autonomous smart contracts acting as trusted intermediaries between parties on the network.
Blockchain is expected to be so influential over the coming years that some technologists foresee it ushering in a new type of Internet, one that stores and authenticates information about every asset, device and individual, opening the door to a range of new technological capabilities.
Besides simply being the backbone of cryptocurrency exchanges, the most powerful uses of blockchain technology are yet to emerge. It's envisioned by many to become a decentralized, real-time global distributed digital ledger of things for everything from tracking food supplies to managing identities.
click to enlarge
Despite the disruptive effects that the platform could soon have on industries that reach into core areas of our lives, it's difficult to find someone who can say more than a few words about what it is, how it works or what may become of rolling it out on such a massively conceived scale.
How Blockchain Works
Anders Brownworth, who taught about blockchain at MIT, illustrates the technology by explaining it as "a giant spreadsheet for registering all assets" and he provides a visual demonstration of the concept with a video series as well as a website where you can test his blockchain mockup.
An essential feature of blockchain is its ability to encrypt each "block" of data for a unique hash output that is also stamped onto the succeeding block, creating a chain of sequential information which is then verified through a consensus of activity across a network of participants. This works in conjunction with digital signatures to prove identity, authenticity and enforce data access rights.
Sharing those encrypted "spreadsheets" to every node or validator on the network creates a distributed system where each device can access the transaction data and make additions to the distributed ledger, which is then shared with everyone in real time (akin to Google Docs), acting as a form of data security/redundancy.
The process of encrypting blocks is best recognized as "mining" in cryptocurrency, which uses blockchain as a proof of work mechanism whereby people can participate in the network by performing "work" (your spare computing resources are used to encrypt and validate blocks).
Should a machine on the network attempt to alter an old block, the new data would result in a different hash for that block, breaking the chain of successively shared encryption outputs. The rest of the network participants would recognize this and reject the corrupt node.
Blockchain's encryption, consensus mechanisms and auditable databases have many outfits considering its viability for storing personal data (legal, health, financial and property records), while others are looking at uses ranging from autonomous smart contracts to uploading mind files.
Who's Interested in Blockchain?
Harvard Business Review sees a startlingly successful future for blockchain beyond cryptocurrencies, imagining a world in which "contracts are embedded in digital code and stored in transparent, shared databases, where they are protected from deletion, tampering, and revision."
"...every agreement, every process, every task, and every payment would have a digital record and signature that could be identified, validated, stored, and shared. Intermediaries like lawyers, brokers, and bankers might no longer be necessary. Individuals, organizations, machines, and algorithms would freely transact and interact with one another with little friction."
Text in the US government's NDAA 2018 Modernizing Government Technology Act suggests the use of blockchain and smart contracts as part of a broad cost-savings upgrade/migration strategy aimed at replacing the aging, inefficient infrastructure for human records keeping.
As part of a continuing government assessment of the cybersecurity risks associated with blockchain, the NDAA 2018 requires that the Pentagon monitor government agency rollouts of the technology to survey the infrastructure's security and then brief Congress within 180 days.
Amid the growing adoption of blockchain, DARPA is also funding efforts to determine if the encrypted and distributed nature of blockchains could help secure highly sensitive data pertaining to everything from nuclear weapons to military satellites.
Likewise, the medical industry is looking to surf the coming wave of blockchains, seeing a purpose for the technology in storing and sharing patient/doctor data throughout healthcare ecosystems. This could include bio-data feeds from wearable IoT sensors and smart apps for instance, and blockchains could even be used to house DNA sequences.
Healthcare vendors such as IBM have already started integrating AI as a solution to analyze patients' blockchain data while looking at health parameters for signs of illness or to find cures based upon a patient's distinct personal health information.
click to enlarge
With the popularity and adoption of cryptocurrencies, the financial industry is also eyeing an upgrade. 'FinTech,' as the emerging 21st century financial services sector is so often called, is pushing new frontiers with market trend prediction and automatic securities trading, leading to the development of 'distributed autonomous organizations' (DAOs).
A DAO can run and scale without human involvement, and transactions are completed autonomously between two parties based upon a set of parameters, allowing financial exchanges to happen automatically without human intervention on a per-transaction basis.
Founded by AI researcher Ben Goertzel, 'Aidyia' is one example of a 'FinTech DAO.' Based out of Hong Kong, the company can trade US equities on Wall Street as a fully autonomous hedge fund with no humans in the mix by using AI to process, learn and adapt models for price prediction.
"If we all die," says Goertzel, "it would keep trading."
Stocks, mutual funds, bonds and pensions may one day be stored on blockchains as many financial organizations explore the technology, and it's worth noting that Ethereum already supports DAO functionality for autonomous transactions and smart contracts.
Identity management is another prime candidate for blockchain technology, with Microsoft, Accenture, Hyperledger Alliance and the Rockefeller Foundation working alongside the United Nations on the ID2020 initiative to provide all humans with a global digital ID and identity verification services.
"Decentralized, user-controlled digital identity holds the potential to unlock economic opportunity for refugees and others who are disadvantaged, while concurrently improving the lives of those simply trying to navigate cyberspace securely and privately," says David Treat, MD of the global blockchain practice at Accenture.
Blockchain is also being considered for managing access rights to assets in situations where people are sharing a car or other piece of property, which could have locks linked up to a blockchain network that authorize someone's use after the owner received a payment.
With our digital world being so insecure and blockchain looking like the cure to so many cybersecurity ills, it's no surprise that the technology is gaining global support, though some researchers are also questioning whether the technology is actually as secure as it initially seemed.
Blockchain Security & Scalability
Putting a large amount of faith in a nascent open-source technology could prove disastrous under the right circumstances, so it seems prudent to consider the wildest potential consequences before actually adopting blockchain as our go-to solution for storing every asset, transaction, piece of property, proof of ownership or drop of private information.
Those in the security field are known to live by the mantra that "nothing is secure" and that is also true of blockchain. Here are five ways that the platform isn't quite bulletproof...
Immutability Myth - Being "immutable" (unchangable) is perhaps blockchain's biggest selling point and yet this isn't thought to be true by many people involved with the industry. As noted by Gideon Greenspan of MultiChain, a platform for private blockchains: "...the chain's behavior depends on a network of corporeal computer systems, which will always be vulnerable to destruction or corruption."
"Nonetheless, it's important to remember that each node is running on a computer system owned and controlled by a particular person or organization, so the blockchain cannot force it to do anything. The purpose of the chain is to help honest nodes to stay in sync, but if enough of its participants choose to change the rules, no earthly power can stop them. That's why we need to stop asking whether a particular blockchain is truly and absolutely immutable, because the answer will always be no."
Scalability - The supported frequency of transactions on a blockchain have been an ongoing limitation compared to traditional financial networks, which can support tens of thousands of transactions per second versus single digits for most blockchain-based infrastructure. Startups including Billion and Zilliqa have introduced developments such as sharding (splitting the network into smaller pieces) to increase that throughput, but much of the issue surrounding scalability currently boils down to a compromise between performance and security.
Malware - Interpol raised concerns over the potential for blockchain infections during Black Hat Asia 2015, noting that all the current applications of malware on the Internet could also be deployed on a blockchain and that they could mutate over time through modules in proceeding blocks. If an infection managed to reach all of the peers involved on a network and there were no way to delete it, all versions of the database could become corrupt. One should question the potential for creating botnets as well.
51% Attack - Although hypothetical, a group who controlled more than half of a network's encryption power would determine whether or not a block was validated, which is to say that they could validate bogus blocks and corrupt the other 49%. This is easier to pull off on blockchains with less nodes, which is one of the concerning factors about some of the methods for improving scalability as they involve splitting up a network into smaller ones, making them more susceptible to 51% style attacks.
Quantum Computing - The boost in horsepower that quantum computing is expected to bring over the coming years could enable encryption cracking that isn't possible on conventional hardware. A report from a group of universities warn that by 2027, quantum computing could pose a risk to blockchain as it may be powerful enough to crack blockchain encryption or mount a 51% attack.
Though expensive, countries working on large amounts of quantum research, such as China, may have a bank of quantum machines that could be used to take control of a blockchain. To combat against this threat, NIST began working in 2016 on post-quantum cryptography standards to ensure future ciphers will be secure against quantum machines.
Additionally, 'The Distributed Futures' research program, a group researching AI, cryptocurrencies and blockchain, has announced a project called "The Quantum Countdown: Quantum Computing And The Future Of Distributed Ledger Encryption" to help secure encryption algorithm strength against future quantum machines.
Future Use Cases for Blockchain
Although many of its potential uses are forwarding-looking at the moment, blockchain infrastructure is being considered for purposes ranging from GeneCoins to Brain DAOs...
DAO - Mentioned briefly above, 'decentralized autonomous organization' functionality is already supported by Ethereum and is essentially an organization that runs by rules encoded as computer programs called smart contracts which can be maintained on a blockchain. Smart contracts are software-based transaction protocols that negotiate, verify and execute agreements autonomously.
In the context of a DAO, a blockchain is meant to serve as a leaderless group of people authorized to act as a single economic entity through the execution of smart contracts via hardcoded rules that are digitally enforced. Participants in a DAO can vote on the direction of the organization as a 'digital democracy' where they can contribute to group decisions about adding or changing rules, removing a participant or funding a project as a crowdsourcing vehicle.
IoT - Securing the ever-increasing numbers of connected devices has become a concern for the technology industry as it approaches the 'Internet of Things' era. Security is tantamount for exchanging high-value data between IoT devices, especially if a global rollout is to be successful, and the worry of botnet attacks involving millions of compromised IoT devices has prompted a search for potentially wide-reaching solutions.
Adding blockchain as a foundational element of IoT is looking to be the fix everyone has been waiting for: natively encrypted transactions, a distributed architecture and consensus-verified data blocks make blockchain an attractive option for securing transactions between IoT devices.
Genecoins - To borrow text from the theoretical whitepaper Meet Genecoin: The Bioeconomy Currency... "Think of [Genecoins] as your robot friends that encode your genetic material on new networks as they develop. Similar to the way that Google discovers new websites, we'll be able to jump from chain to chain. Our aim is to turn Genecoin into a Decentralized Autonomous Organization that preserves your genetic material indefinitely."
Brain DAOs - Other papers propose the concept of using blockchain to store the digitized contents of human brains in "mindfiles," which may be aided by advancements in optogenetic brain mapping. Mindfiles could open the door to possibilities such as versioning and backups of your memories, the ability to explore other peoples' mindfiles, and ideas such as organizing mindfiles into a DAO/DAC (distributed autonomous corporation) and creating self-mining brain ecologies. Developments in this area would likewise aid artificial intelligence and the integration of man and machine.
AI - The combination of AI, 5G, IoT and blockchain would provide the ability to extract intelligence from a global ecosystem of always-connected sensors, with real-time tracking and documentation of everything that happens to a package or pallet along the supply chain.
Companies are working on solutions where this technology could be used for tracking fresh food from the grower to grocer (reducing waste and costs), documenting inspections, and recording the chain of custody through time-stamped blockchain transactions. With the addition of technologies such as AI, blockchain could be the solution to creating a worldwide distributed asset and records management system.
Someday, you might be able to monetize home devices or wearable IoT sensor data by selling data feed subscriptions in a trusted transaction between you and an organization paying for the data through a blockchain. Selling your real-time IoT data streams such as shopping habits or biostats could become commonplace.