Blockchain and cybersecurity
Blockchain and cybersecurity
Blockchain, according to many IT specialists, is still an underestimated technology, which became famous because of cryptocurrencies. Cryptocurrencies are just a niche application of blockchain technology causing a mental perception of the technology as dangerous, suspicious, and unregulated by law. Unfortunately, the association for many people is unequivocal — blockchain and cryptocurrency are one thing, and in fact they are not. Bitcoin, the most popular cryptocurrency, made the term blockchain popular. And blockchain is a decentralized and distributed database without a centralized data storage, used to record individual operations, transactions, payments, database activities, all encrypted with cryptographic algorithms.
Encryption and nodes
All transactions are encrypted with the public key. Information about these actions is stored in many places on the network called nodes. The transaction information is not controlled by a single broker. After confirming their correctness, the transactions are added to the data block and “propagated” to the nodes of the blockchain. Each created data block contains a certain number of records with transactions, and the block size is determined in a specific blockchain implementation.
Why safe?
The security of blockchain technology results from the assumptions guiding the creators, which are: transaction history inviolability, decentralization, and encryption. Importantly, blockchain does not need any intermediary institution that verifies transaction data or confirms its participants. Typically, this is where, in the case of traditional centrally stored data structures, identity theft and operations take place on the data that they want to protect. Thanks to its dispersion and decentralization, it is resistant to failures of IT systems. Blockchain security also includes consensus and immutability. Consensus refers to the ability of nodes gathered in a distributed network to reconcile the true state of the network and the validity of the transaction. Immutability refers to the ability of a blockchain network to prevent changes to transactions that have already been recorded. Thus, blockchain technology can detect that the data integrity in one of the nodes has been modified in some way (although it is practically impossible) preventing the changed data from spreading to all other nodes.
Distributed Ledger Technology
Blockchain is based on the DLT technology, i.e., the Distributed Ledger Technology — a distributed database technology whose registers are replicated, shared, and synchronized as part of the consensus of various geographically dispersed people or organizations.
Where can the DLT technology be used? We can imagine a vehicle register in place of paper vehicle cards and the Central Register of Vehicles and Drivers, which is public, scattered, secure, and containing information about car owners, their history of ownership, insurance, and accidents. Another application may be the real estate registry, i.e., “blockchain” land and mortgage registers, without intermediaries, notaries, and land registry courts. Any company can keep a share register using blockchain technology, without the need to create physical documents, approvals, analog signatures, safes, etc. We can imagine gathering data on the collection and tracking of donations made to a charity. The number of applications is great, limited only by the imagination of the creators of blockchain solutions. Certainly, the financial industry will be the biggest beneficiary of this technology. You can imagine keeping accounting books, bank account history, and brokerage operations conducted using exactly this architecture. There are already diamond registers in the world, in which information is recorded about the diamonds, the history of their possession and transactions. Surely, an identity register will also be created, where information about each of us will be recorded. The identity register will contain information clearly identifying us, whether at the airport or when entering the stadium for a football match.
Internet voting
Every time there are elections, be it local or parliamentary, the topic of e-voting returns. The available IT solutions for voting have one significant drawback — they are centralized. This type of voting architecture means that there is one IT vendor controlling the data. The system and the base are exposed to a hacker attack or intentional internal modification of the operator or the author of the system. Blockchain technology may make e-voting more popular due to security reasons, as the database with registered votes is distributed and resistant to attacks.
Why blockchain?
The advantage of blockchain over the traditional solution consists of several elements, the most important of which is the fact that the data is not stored only in one place (so an attack in this exact place will not change the stored information) — because the architecture protects against such an attack. Data is encrypted — so the basic problem of leakage of such data being a simple structure of a database table is not possible (we can imagine that blockchain stores logins and passwords for an e-commerce site). There is no single intermediary, owner, operator who grants access, and thus the intermediary itself becomes the object of an attack and “takeover” — the removal of this element causes this possibility of data modification. Blockchain by definition excludes the use of the so-called third party.
You can expect legal restrictions on the use of blockchain technology in some countries. You can imagine a situation that governments or strong global organizations, such as banks, will be against the loss of control over the data that can be stored. History, however, has shown that such prohibitions are ineffective in the long run and will only result in faster popularization of the technology.
Author: Przemysław Kucharzewski
https://www.linkedin.com/in/przemyslawkucharzewski/
About Przemek Kucharzewski
Co-founder and General Manager in Cypherdog Security Inc. – a vendor of solutions for encrypted communication. Przemek has 27 years of experience in building sales channels, marketing, and commercialization of IT solutions. In recent years, he has been focusing on cybersecurity and cloud solutions. In the past, he mainly worked for the largest IT distributors in the CEE region. He worked as Interim Manager for IT system integrators and vendors in advanced solutions selling. He is the author of many articles in the IT & business media, speaker, lecturer, and podcaster.
