Is the Blockchain the ultimate? A new “Internet of values” next to the existing “Internet of information”?1 Blockchains have existed since 2009, but today they are on the verge of a breakthrough: in a few years block chains will turn the world upside down.
They enable a global register, assign ownership unambiguously and values are transferred within seconds if necessary, cannot be manipulated, are organized decentrally on millions of computers and without intermediate instances such as states or banks. When fully developed, the blockchain promises fundamental progress, 2 for companies in particular, and for the first time since the introduction of the public limited company in the 19th century, also in general through new types of company forms. 3
Why this assessment of a new trend-setting security? Distributed systems that do not require a central authority to verify a transaction are setting new standards in terms of security, authenticity, privacy and accessibility. The transmission of a transaction and also its acceptance is carried out by a large number of independent computers, or network nodes, and they are connected to each other. Each network node redundantly stores the common state of the blockchain and shares it with other computers, which makes the validation forgery-proof. In addition, only transactions can be added to the blockchain, not removed or changed.
Delimitation and Definition
The word blockchain originates from the later development of the Bitcoin platform and cannot be assigned exactly,4 but it has established itself as an accepted jargon. We use blockchain synonymously for systems that are suitable to technically emancipate sovereignty 5 over data from a central person. Therefore, technical approaches such as Directed Acyclic Graphs, which do not use data structures such as “blocks” but are used equally, fall into the now common collective term. 6
Figure 1 shows the concept of the blockchain cloud, which is intended to help orientation and bring the various safety concepts into a clear context. The conventional web server is basically based on a single “node” and is dependent on a single person. In comparison, a consortium of western IT companies under the auspices of Facebook is trying to issue a new synthetic currency that explicitly does not depend on a single company or node. 7 Blockchain technology is to be used for this purpose, but it is not clear whether this will be successful at all. Bitcoin is ultimately the most renowned representative of independent blockchain platforms and is characterized by a large number of account points from which developers and operators have little dependence on each other. 8
Information security and its protection goals
In the field of information security, states of information and systems are described with the achievement of various protection goals. Violation of a protection goal indicates the way in which data has been intercepted, manipulated or blocked. Information security serves to protect against dangers or threats, to avoid economic damage and to minimize risks.
Confidentiality, availability and integrity fall under the general protection goals. Extended protection goals include authenticity and anonymity as well as pseudonymity. When looking at the protection goals individually, it becomes clear that blockchain platforms, depending on their design, compromise on individual security problems.
The blockchain judges the following on the basis of confidentiality
Confidentiality is the protection against unauthorized disclosure of information. Confidential data and information must only be accessible to authorised persons. Confidentiality is fundamentally opposed to the design principle of transparency of blockchain technology. Since the transaction data is available to all participating nodes, the establishment of confidentiality on a blockchain is difficult due to its construction.
The solution to the problem is complex. To ensure confidentiality protection, encryption of the sensitive data would be necessary. This key management is conceptually not provided for blockchain platforms. If externally encrypted data were stored, it would be particularly affected by the restrictions of long-term security.
Due to the increase in the computing power made available and new mathematical methods, secure encryption methods can currently be endangered. 9
If an encryption method becomes insecure or if keys are compromised, affected ciphers cannot simply be withdrawn or recrypted because they are distributed throughout the network and are no longer under the control of the original publisher. In principle, it is not possible to guarantee the security of cryptographic algorithms in the long term.
A simple practical solution to the confidentiality deficit is therefore not to store sensitive data directly in the blockchain, but to use only references of the data (e.g. in the form of a hash value). The data itself would then have to be stored in an external structure (e.g. in a database) and will be protected against unauthorized access.
However, external storage of data can jeopardise the guarantee of availability.
On private blockchains, confidentiality towards those who do not have access to the network is guaranteed, provided that communication within the network is adequately protected. In addition, there are possibilities on private blockchains to further restrict visibility.
The blockchain judges the following according to availability
The availability of services, IT applications or even information is present if users can always use them as intended.
This requirement does not generally pose a problem for the blockchain.
Due to the distributed and decentralized storage, the information is available at any time with high probability, provided that a sufficient number of nodes holding the complete data set is available. However, availability is only reliably guaranteed for the data stored directly in the blockchain.
A limitation in this context is the problem of “state growth”, i.e. the growth of the blockchain itself. If the blockchain becomes too large too fast, the position of the platform on the x-axis of our model (see Fig. 1) shifts to the left, to the zero point, which can ultimately cause the platform to fall out of the blockchain cloud and cease to be a blockchain. 10 In such a case, the availability of the platform is the same as in a conventional database.
The blockchain judges on the integrity
Integrity refers to ensuring the completeness and correctness (intactness) of data.
The integrity of the data is ensured, with the inclusion of the transactions in the blockchain, by chaining the data blocks using a hash function.
However, the security objective of data integrity can only be reliably achieved by using cryptographically secure hash functions. It is important in connection with the use of hash functions for referencing that hash functions do not guarantee complete confidentiality, although it is practically impossible to calculate back the input value from a hash. 11
If blockchain platforms are to be scaled to a large scale deployment and a large number of transactions, their resource requirements, throughput and efficiency are very important parameters in practice. The integrity of the data can often only be guaranteed some time after it has been included in the blockchain. For this reason, various consensus mechanisms require a waiting period until the data can no longer be changed, thus ensuring its integrity.
The blockchain judges the authenticity
Authenticity refers to the property that ensures that a communication partner (a person or IT component or application) is in fact who it claims to be.
On a blockchain, transactions are secured by digital signatures, which, however, requires asymmetrical encryption (public key infrastructure). So-called signatures are used here, which are required by the key holder for each interaction. 12 Weak signatures are susceptible to so-called brute force attacks, whereby the correct one is ‘guessed’ by automated, random testing of keys.
It is important to note that the blockchain can only ensure authenticity with respect to identities within the network. The assignment of keys to a specific communication partner must be achieved by additional measures.
If more extensive identification of the communication partner is required, a trustworthy central office is needed to verify and certify the identity. 13
Special security precautions are required when handling private keys. If the private signature key is the only proof of ownership on the blockchain, this key is highly endangered.
Cryptographic keys are random numbers. A high entropy is required to generate secure keys, which is a challenge for deterministic computers. If a weak random number generator is used here, whose output is traceable in any form, attacks on the personal key can be simplified considerably.
The blockchain is judged by the degree of anonymity
Anonymization is the process of changing data in such a way that the data can no longer be assigned to a communication partner.
While the first blockchain designers were mainly concerned with the basic security and integrity of platforms, in recent years there has been an increasing emphasis on anonymity of transactions.
In the beginning, formal anonymity was sufficient for the relatively small assets and deanonymization was disproportionately time-consuming and labor-intensive. This has changed with the rapid spread and performance of public blockchains and more extensive efforts are being made to illuminate networks. 14
To counteract this, known cryptographic methods such as ring signatures 15 were initially used. Since 2016, cryptography has been experiencing a real renaissance in the field of anonymization and many experts are launching new ideas16 based primarily on so-called zero-knowledge proofs. 17
In a professional environment, a resilient implantation with a high degree of anonymity is one of the last major hurdles before blockchains can be rolled out comprehensively. 18
As a result, this means that the security of an IT system depends largely on the security of the underlying cryptographic procedures. This is particularly true for block chain systems, since here (especially in public, independent systems) organisational security measures are often dispensed with in favour of decentralisation and disintermediation.
In addition, the quality of the implementation and the maturity of the software play a decisive role. Since blockchain systems can become very complex due to their distributed structure and interfaces, it is difficult to make statements about the overall security. 19
Depending on the focus and priorities of the respective use case, it has to be considered whether public or private blockchains are more suitable. Whenever transparency, decentralization and data security are the focus of action, public blockchains are more useful than private blockchains. Therefore public blockchains are often used for crypto currencies.
1 See: A. Neef, (2016). “How the Blockchain will change the economy and society,” Z_punkt GmbH, Cologne.
2 A. Berentsen, & F. Schär, “The Case for Central Bank Electronic Money and the Non-case for Central Bank Cryptocurrencies.” Review, Federal Reserve Bank of St. Louis Review, Second Quarter 2018, 100(2), S. 99, 2018.
3 For example, a sufficiently trustworthy infrastructure enables anonymous and smooth cooperation for the first time: S. Wang, W. Ding, J. Li, Y. Yuan, L. Ouyang and F. Wang, “Decentralized Autonomous Organizations: Concept, Model, and Applications,” in IEEE Transactions on Computational Social Systems, vol. 6, no. 5, pp. 870878, Oct. 2019.
4 Nakamoto only mentions “chain of blocks” in his relevant white paper. S. Nakamoto, “Bitcoin: A Peer-to-Peer Electronic Cash System,” p. 7, 2008
5 Sovereignty differs from simple redundancy in that there is no coordinator or higher authority to regulate read or write access.
6 See: M. Divya, and Nagaveni B. Biradar. “IOTA-next generation block chain.” International Journal Of Engineering And Computer Science 7.04 (2018): 23823-23826.
7 See Libra Protocol Overview (https://archive.is/wip/X0Q9P).
8 Today, more than 10,000 nodes are (publicly) reachable, based on 12 different implementations of the consensus algorithm (https://archive.is/h6nYg).
9 The trend here has been downwards since the 1950s (https://www.gwern.net/docs/cs/1955-nash), sources: Christof Paar, Jan Pelzl: Cryptography understandable Wolfgang Ertel / Ekkehard Löhmann: Applied Cryptography
10 See the discussion by R. Chen, “The State Growth Problem Facing Blockchains,” The Control, 22 Jul. 2019, (http://archive.is/wip/HzPIA).
11 Source: Daniel Drescher: Blockchain Basics: A Non-Technical Introduction in 25 Steps
12 When using signatures, it is also recommended to use a salt, whereby a randomly selected character string is appended to the underlying signed data before further processing (e.g. storage).
13 See e.g. the city of Zug, which is making a block-chain-based digital identity available to residents in a pilot phase: Zug City Council (http://archive.is/GPcGx).
14 See e.g. approaches with artificial intelligence that allow an entity recognition of over 70%: Harlev, Mikkel & Yin, Haohua & Langenheldt, Klaus & Mukkamala, Raghava Rao & Vatrapu, Ravi. (2018). Breaking Bad: DeAnonymising Entity Types on the Bitcoin Blockchain Using Supervised Machine Learning. 10.24251/HICSS.2018.443.)
15 See the widely used and meanwhile further developed Cryptonote approach: Van Saberhagen, Nicolas “Cryptonote v 2.0, 2013.” URL: https://cryptonote.org/whitepaper.pdf).
16 For example bullet proofs: https://archive.is/wip/zAtxq
17 CCPs provide a mathematical proof that the calculation was performed correctly without allowing a conclusion to be drawn about the data used. See: Fig, Uriel, Amos Fiat, and Adi Shamir. “Zero-knowledge proofs of identity.” Journal of cryptology 1.2 (1988): 77-94.
18 See also the challenge by Ernst & Young: https://archive.is/DTBnP
19 See A. Hern, “‘$300m in cryptocurrency’ accidentally lost forever due to bug,” 8 Nov. 2017, The Guardian, (https://archive.is/cpvBI).