1 Aspects, Impacts, and Significant Aspects EMS Implementation Workshop.
ITU Workshop on “Security Aspects of Workshop on “Security Aspects of Blockchain” (Geneva,...
-
Upload
dangnguyet -
Category
Documents
-
view
221 -
download
5
Transcript of ITU Workshop on “Security Aspects of Workshop on “Security Aspects of Blockchain” (Geneva,...
ITU Workshop on “Security Aspects of Blockchain”
(Geneva, Switzerland, 21 March 2017)
Blockchain’s Brave New World
Haydn Jones Managing Director, Blockchain Hub,
[email protected], Switzerland, 21 March 2017
Agenda
• What makes a blockchain special in terms of inherent security?
• When could a blockchain become insecure / unstable? Examples and implications
• Novel use cases exploiting a blockchain's inherent security
• When could a blockchain pose a cyber threat?
Geneva, Switzerland, 21 March 2017
What makes a blockchain special?
Scope
Geneva, Switzerland, 21 March 2017
• Blockchain in its purest sense • Storage • Relying on pure cryptography
• Blockchain in the context of Bitcoin & Cryptocurrencies • Cryptographic work as a store of value and reward • Incentivised to further secure the transaction set • Security implications of such a protocol
What makes a blockchain special?
The Power of the Hash Function
Geneva, Switzerland, 21 March 2017
• One way • Collision Resistant - Infeasible to find a collision for x and y, where H(x) = H(y) • Puzzle Friendly - No solving strategy exists which is better than trying random values
H( ) = B6096533C201C009D4A930A1EBC264CAA4B2D30B1D0F20CAEE9D4D302D34AD2D
H(ITU) = 95FC203CAEC2063213593B1159EDED34A825403D8C1775A13FF0ACFD5ADF9081
176 pages
A simple immutable store of data
Blockchain’s Inherent Security
Geneva, Switzerland, 21 March 2017
Time
H(Data) = Digest
• Cumulative Aggregation of the Digest • Parallel Digest Capture
Digest(1) Digest(2) Digest(N)
What makes a blockchain special?
Cryptographic Primitives Combined
Geneva, Switzerland, 21 March 2017
Time
Digest(1) Digest(2) Digest(n)
Transaction Set
• The addition of the nonce puzzle, creates cryptographic work • Public keys become identities • Signing with your private key allows the movement of value • Digital tokens as a reward framework for providing additional security
H (Digest(1) + nonce) = 000000xxxx
Reward
What makes a blockchain special?
The Net Result (1)
Geneva, Switzerland, 21 March 2017
Immutability is blockchain’s main proposition
• No single point of failure - distributed synchronised nodes • Disintermediation of central trusted counterparties allowing trustless
exchange • Enhanced data quality - validated - a single correct distributed copy • Removal of multiple tiers of ledgers, with inherent vulnerabilities • Whilst a centralised database can be corrupted, requiring third party
oversight - similar to how a central bank maintains confidence in the currency - blockchains create a “trust fabric”
• Public blockchains incent participation via digital tokens, issued upon the completion of cryptographic work, and create an additional dimension of security - consensus.
When could a blockchain become insecure / unstable?
Edge Vulnerabilities
Geneva, Switzerland, 21 March 2017
• Bitcoin, per se, has never been hacked • Quality vulnerabilities still exist
• Fully distributed networks are in the hands of a community
• Very much an experiment
What makes a blockchain special?
The Net Result (2)
Geneva, Switzerland, 21 March 2017
Secure More Secure
Blockchain
Blockchain +
Cryptographic Work +
Store of valuePredictable Outcomes
Use cases exploiting blockchain's inherent security
Secure Data Storage
Geneva, Switzerland, 21 March 2017
Blockchain as a Cyber Threat
Geneva, Switzerland, 21 March 2017
• The Bitcoin protocol has a virus like quality.
• “It’s Impossible to Kill Bitcoin”- Former Chief of Govt-Owned Bank of China
• Could a blockchain based cyber virus emerge requiring an infeasible amount of cryptographic work to neutralise it?
What makes a blockchain special?
In summary…
Geneva, Switzerland, 21 March 2017
• Nascent technology • Application not understood • Therefore security story not understood • Cryptographic work to secure the network comes
at a price in the form of energy consumption and throughput
• Predictable vs. non-predictable outcomes • Community Grade vs. Enterprise Grade • It’s an all or nothing solution