Upload
itu
View
25
Download
0
Embed Size (px)
Citation preview
ITU Workshop on “Security Aspects of Blockchain”
(Geneva, Switzerland, 21 March 2017)
Blockchain’s Brave New World
Haydn Jones Managing Director, Blockchain Hub,
[email protected], Switzerland, 21 March 2017
Agenda
• What makes a blockchain special in terms of inherent security?
• When could a blockchain become insecure / unstable? Examples and implications
• Novel use cases exploiting a blockchain's inherent security
• When could a blockchain pose a cyber threat?
Geneva, Switzerland, 21 March 2017
What makes a blockchain special?
Scope
Geneva, Switzerland, 21 March 2017
• Blockchain in its purest sense • Storage • Relying on pure cryptography
• Blockchain in the context of Bitcoin & Cryptocurrencies • Cryptographic work as a store of value and reward • Incentivised to further secure the transaction set • Security implications of such a protocol
What makes a blockchain special?
The Power of the Hash Function
Geneva, Switzerland, 21 March 2017
• One way • Collision Resistant - Infeasible to find a collision for x and y, where H(x) = H(y) • Puzzle Friendly - No solving strategy exists which is better than trying random values
H( ) = B6096533C201C009D4A930A1EBC264CAA4B2D30B1D0F20CAEE9D4D302D34AD2D
H(ITU) = 95FC203CAEC2063213593B1159EDED34A825403D8C1775A13FF0ACFD5ADF9081
176 pages
A simple immutable store of data
Blockchain’s Inherent Security
Geneva, Switzerland, 21 March 2017
Time
H(Data) = Digest
• Cumulative Aggregation of the Digest • Parallel Digest Capture
Digest(1) Digest(2) Digest(N)
What makes a blockchain special?
Cryptographic Primitives Combined
Geneva, Switzerland, 21 March 2017
Time
Digest(1) Digest(2) Digest(n)
Transaction Set
• The addition of the nonce puzzle, creates cryptographic work • Public keys become identities • Signing with your private key allows the movement of value • Digital tokens as a reward framework for providing additional security
H (Digest(1) + nonce) = 000000xxxx
Reward
What makes a blockchain special?
The Net Result (1)
Geneva, Switzerland, 21 March 2017
Immutability is blockchain’s main proposition
• No single point of failure - distributed synchronised nodes • Disintermediation of central trusted counterparties allowing trustless
exchange • Enhanced data quality - validated - a single correct distributed copy • Removal of multiple tiers of ledgers, with inherent vulnerabilities • Whilst a centralised database can be corrupted, requiring third party
oversight - similar to how a central bank maintains confidence in the currency - blockchains create a “trust fabric”
• Public blockchains incent participation via digital tokens, issued upon the completion of cryptographic work, and create an additional dimension of security - consensus.
When could a blockchain become insecure / unstable?
Edge Vulnerabilities
Geneva, Switzerland, 21 March 2017
• Bitcoin, per se, has never been hacked • Quality vulnerabilities still exist
• Fully distributed networks are in the hands of a community
• Very much an experiment
What makes a blockchain special?
The Net Result (2)
Geneva, Switzerland, 21 March 2017
Secure More Secure
Blockchain
Blockchain +
Cryptographic Work +
Store of valuePredictable Outcomes
Use cases exploiting blockchain's inherent security
Secure Data Storage
Geneva, Switzerland, 21 March 2017
Blockchain as a Cyber Threat
Geneva, Switzerland, 21 March 2017
• The Bitcoin protocol has a virus like quality.
• “It’s Impossible to Kill Bitcoin”- Former Chief of Govt-Owned Bank of China
• Could a blockchain based cyber virus emerge requiring an infeasible amount of cryptographic work to neutralise it?
What makes a blockchain special?
In summary…
Geneva, Switzerland, 21 March 2017
• Nascent technology • Application not understood • Therefore security story not understood • Cryptographic work to secure the network comes
at a price in the form of energy consumption and throughput
• Predictable vs. non-predictable outcomes • Community Grade vs. Enterprise Grade • It’s an all or nothing solution