When cyber attacks can shut down entire networks, it’s important to develop an effective solution to protect data against unauthorized access and tampering. Fortunately, blockchain technology offers an innovative approach to data security that has successfully withstood the fiercest cyber attacks for more than eight years.

The concept of the blockchain was initially described by Satoshi Nakamoto, who implemented the technology in the Bitcoin payment system in 2009. Since then, blockchain-based startups have appeared in various industries including banking, education, social media, and security.

Some people predict that blockchain technology will revolutionize the cyber security of any business that uses it, giving businesses the ability to store data without risk of damage, theft, or loss. According to a 2016 Gartner report, the blockchain is now at the peak of its hype, though there are still enough skeptics who have concerns about the technology’s security and sustainability.

This article will provide you with a brief overview of blockchain technology and reveal its pros and cons for cyber security.

 

Written by:

Anna Bryk,

Market Research Specialist

 

Contents:

Definition of the Blockchain

Main Elements of Blockchain Technology

Three Principles of Blockchain Security

Blockchains in Cyber Security

Conclusion

 

Definition of the Blockchain

What is a blockchain? A blockchain is a decentralized ledger that contains data about all transactions performed across a peer-to-peer network. Transactions are recorded by time and grouped into back-linked blocks that are cryptographically secured and organized in chains. The transaction data contained in these blocks is immutable, and is considered to be trusted and secured. Blockchain technology allows all network users to see any transaction ever made by anyone on the network.

Depending on its openness, a blockchain can have a public architecture with permissionless access – like Bitcoin and Ethereum, which operate with untrusted members – or with permissioned access – like Ripple, which deals with trusted members. A blockchain can alternatively have a private structure with permissioned access, such as Bankchain, which is open only for trusted members of a defined community.

However, companies can also take public blockchains and customize them for industry-specific purposes.

Main Elements of Blockchain Technology

  • Network user – An individual who has a wallet with tokens (e.g. cryptocurrency), a digital signature, and two keys: a public key and a private key. A public key is known to all network participants and is used for encrypting and receiving transaction data. A private key is known only to its owner, and is used for generating transactions and decoding data. A digital signature proves the ownership and integrity of transaction data.
  • Transactions – Any user can create a transaction and submit it to the network. A transaction includes the public key of the receiver, information about the value of the transaction, and the sender’s digital signature.
  • Authentication – After a user sends a transaction, nodes (computers on the peer-to-peer network) authenticate the transaction by decrypting the digital signature and comparing it against the history of validated transactions. Proposed transactions are organized into a pool of pending transactions.
  • Blocks – Validator nodes, or miners, select pending transactions from the pool and create blocks using consensus mechanisms. There are various mechanisms that allow miners to achieve consensus. In the Bitcoin stack, miners use the proof-of-work system that requires solving a computational puzzle to record a proposed transaction to the ledger. This puzzle is difficult to solve, so miners compete with each other. Alternative blockchain networks use other consensus algorithms such as proof-of-stake or proof-of-elapsed-time, in order to protect against hacks and abuse of the service.
  • Block chaining – Once a majority of the network validates a block through a consensus algorithm, miners “chain” it to the blockchain. Blocks are linked to each other with a hash, which is the unique fingerprint of the code in the previous block. It’s also possible for a blockchain to split in two chains because of competing blocks that create a hard fork. However, this uncertainty should be resolved over time as miners add new blocks to the longer chain of the blockchain while blocks on shorter chains are ignored. The ledger is replicable across all network nodes and contains an immutable history of completed transactions.

Three Principles of Blockchain Security

The blockchain can help fight cyberattacks due to its distributed and replicable nature, the consensus of participants, and its use of the latest achievements in cryptography. The security of blockchain technology relies on the following principles:

  • Peer-to-peer network – Blockchain technology is based on peer-to-peer connections that allow users to interact with each other as equals. Additionally, each node has a copy of the distributed ledger. Thus, there’s no need for central coordination and trusted authorities. A large number of nodes ensures resilience of the blockchain even when some nodes are unavailable. In the event that some computers are infected with malicious software, the correct blockchain will still be accessible via other network participants, who can easily detect inconsistent behavior.
  • Distributed consensus – Distributed consensus requires agreement among a majority of nodes, which is difficult to achieve. However, this approach allows blockchain technology to confirm a single version of the truth without requiring a central authority. Breaking the consensus mechanism is only possible if hackers exploit 51 percent of a blockchain’s computational power.
  • Encryption protection – Public-key cryptography is a form of data protection where the keys used to encrypt and decrypt data are different. Blockchain technology uses this approach to ensure the security of information as it travels across the network. Cryptography also protects completed transactions against any changes by making them immutable. If you want to change the state of your assets, you need to generate a new transaction, which will then be included in a new block and added to the chain. The new state of your assets will be available to all nodes along with the previous state that was already encrypted into the tamper-proof blockchain.

Blockchains in Cyber Security

The security principles described show that blockchain technology impacts cyber security. The blockchain is the result of many years of research and development in security and cryptography, making it a potentially effective tool in the defense of confidential information.

However, its technological complexity raises some concerns regarding implementation, security, and sustainability. Let’s look closer at the pros and cons of blockchains in the context of cyber security and data protection.

The main advantages of blockchain technology for cyber security are the following:

  • Decentralization – Thanks to the peer-to-peer network, there’s no need for third-party verification, as any user can see network transactions.
  • Tracking and tracing – All transactions in blockchains are digitally signed and time-stamped, so network users can easily trace the history of transactions and track accounts at any historical moment. This feature also allows a company to have valid information about assets or product distribution.
  • Confidentiality – The confidentiality of network members is high due to the public-key cryptography that authenticates users and encrypts their transactions. However, some blockchain-based startups go a step further and improve this technology. For instance, Guardtime developed a Keyless Signature Infrastructure (KSI) that allows users to verify their signature validity without disclosing keys.
  • Right to be forgotten – Data privacy is important even if your information is immutable. As there’s no option to erase unnecessary information, blockchain technology ensures the privacy of your data when you forget a key, as nobody can decrypt it.
  • Fraud security – In the event of a hack, it’s easy to define malicious behavior due to the peer-to-peer connections and distributed consensus. As of today, blockchains are considered “unhackable,” as attackers can impact a network only by getting control of 51 percent of the network nodes.
  • Sustainability – Blockchain technology has no single point of failure, which means that even in the case of DDoS attacks, the system will operate as normal thanks to multiple copies of the ledger.
  • Integrity – The distributed ledger ensures the protection of data against modification or destruction. Besides, the technology ensures the authenticity and irreversibility of completed transactions. Encrypted blocks contain immutable data that is resistant to hacking.
  • Resilience – The peer-to-peer nature of the technology ensures that the network will operate round-the-clock even if some nodes are offline or under attack. In the event of an attack, a company can make certain nodes redundant and operate as usual.
  • Data quality – Blockchain technology can’t improve the quality of your data, but it can guarantee the accuracy and quality of data after it’s encrypted in the blockchain.
  • Protected network access – Employees may have a need for continuous access to a blockchain from multiple devices, so a company risks losing control over their private keys. In order avoid risks arising from lost keys or human error, REMME’s blockchain provides each user and each device with a specific Secure Sockets Layer certificate that eliminates the need for passwords. This approach makes it impossible to get unauthorized access to the network.
  • Protected communication – Business correspondence contains sensitive data, which can be effectively protected if you use a blockchain for cyber security. There are many startups that encrypt business communication. For example, Obsidian uses blockchain-based networks to mitigate vulnerabilities in end-to-end-encryption. A distributed ledger for messages reduces the risk of surveillance.
  • Smart contracts – Software programs that are based on the ledger. These programs ensure the execution of contract terms and verify parties. Blockchain technology can significantly increase the security standards for smart contracts, as it minimizes the risks of cyber attacks and bugs.
  • Availability – There’s no need to store your sensitive data in one place, as blockchain technology allows you to have multiple copies of your data that are always available to network users.
  • Increase customer trust – Your clients will trust you more if you can ensure a high level of data security. Moreover, blockchain technology allows you to provide your clients with information about your products and services instantly.

Though the blockchain is changing cyber security, there are still some disadvantages that you should take into account:

  • Irreversibility – There’s a risk that encrypted data may be unrecoverable in case a user loses or forgets the private key necessary to decrypt it.
  • Storage limits – Each block can contain no more than 1 Mb of data, and a blockchain can handle only 7 transactions per second.
  • Risk of cyberattacks – Though the technology greatly reduces the risk of malicious intervention, it’s still not a panacea to all cyber threats. If attackers manage to exploit the majority of your network, you may lose your entire database.
  • Adaptability challenges – Though blockchain technology can be applied to almost any business, companies may face difficulties integrating it. It’s quite challenging to employ this technology in supply chain systems, for instance, as it may take much time to replicate supply chains as blockchains and refine them. Blockchain applications can also require complete replacement of existing systems, so companies should consider this before implementing the blockchain technology.
  • High operation costs – Running blockchain technology requires substantial computing power, which may lead to high marginal costs in comparison with existing systems.
  • Blockchain literacy – There are still not enough developers with experience in blockchain technology and with deep knowledge of cryptography.

Conclusion

Blockchain technology is a breakthrough in cyber security, as it can ensure the highest level of data confidentiality, availability, and security. However, the complexity of the technology may cause difficulties with development and real-world use.

Blockchain technology relies on the latest cryptographic achievements as well as comprehensive network management expertise. With vast experience in data encryption and cyber security, our Apriorit team can help you develop a solution using blockchain technology.

 

 

Subscribe to updates