In building, a wall made of 500 connected, overlapping small concrete blocks with steel is stronger than a wall made of one, large concrete “block” without steel.
If you wanted to keep a single letter, one “block” of information or an individual document of private data safe and secure ten or 2000 years ago chances are you would have kept it under lock and key in one “secret” place, and/or possibly encrypted it with a cypher – like the famous Roman General Julius Caesar did with his Caesar cipher for military secrets. Using the Caesar cipher each letter in any given message was substituted with the letter three spaces to the left in the alphabet. This knowledge was essentially the ‘key’ that encrypted/decrypted the message. Caesar’s generals knew that to decode the letters they only had to shift each to the right by three, thus keeping the information safe from intercepting enemies.
Jump ahead to today’s digital world… instead of trying to protect a single stack or one “block” of information from a thief at home or in the cloud with one key, we are now able to protect the same “block” of information by distributing it across a chain of copies with multiple keys which are almost impossible to hack – because of modern cryptography, and can not be altered without the other copies in the chain knowing about it. If you haven’t already heard the new buzzword, it’s blockchain…
Why is blockchain secure?
Blockchain is decentralised. Instead of uploading data to a centralised cloud server or storing it in a single location, blockchain breaks everything into small chunks and distributes them across an entire network of computers – a digitally-connected chain. It’s a digital ledger of transactions that has no central control point. These records are secured through cryptography – most notably public-key cryptography. Network participants have their own private keys that are assigned to the transactions they make and act as a personal digital signature. Rather than using just a single key for encryption and decryption, as is the case with symmetric key cryptography – like the Caesar cypher, blockchain uses asymmetric cryptography with separate keys (a public key and a private key).
Imagine it like this… Jack has a two-tiered box that, when locked, allows items to pass through to the second tier. This box has two separate keys – one for each tier. The key to the first tier is the public key, and the key to the second is the private key. Jack gives copies of the public key to all of his friends, but only keeps the private key for himself. Anyone needing to send Jack a secret note can open the box, insert the note, and close it again so that it’s secure. However, once the box closes the note passes through to the second tier, to which only Jack has access. On a simple level, this is how public-key cryptography, and blockchain works.
“Blockchain plugs the gaps that we have left with our poor implementation of security and lack of trustworthiness,” said Bill Buchanan, an acclaimed computer scientist and professor at the School of Computing at Edinburgh Napier University. “In 2018, we must encrypt by default. At the current time, you cannot verify that no one has read an email sent to you, and that it hasn’t been modified. We often can’t even verify the sender.”
“With blockchain methods, we can properly verify and sign our transactions,” says Buchanan. “While there is some hype around cryptocurrencies, the implementation of blockchain methods will actually build more trustworthy infrastructure for our digital world.”
Five reasons blockchain can improve data security
- Blockchain is decentralised
Instead of uploading data to a cloud server or storing it in a single location, blockchain breaks everything into small chunks and distributes them across an entire network of computers. It effectively cuts out the middle man – there is no need to engage a third-party to process a transaction. You don’t have to place your trust in a vendor or service provider when you can rely ona decentralised, unchangeable ledger.
- Blockchain offers encryption and validation
Everything that occurs on the blockchain is encrypted and cannot be changed without effect. Because of its distributed nature, you can check file signatures across all the ledgers on all the nodes in the network and verify that they haven’t been changed. If someone does change a record, then the signature is rendered invalid. You can verify that data you backed up and stored in the cloud with third-party vendors has gone completely unchanged weeks, months, or years later.
- Blockchain is virtually impossible to hack
While hackers can break into traditional networks and find data stored in a single location, steal and/or corrupt it, the blockchain makes this unfeasibly difficult. The data is decentralised, encrypted, and cross-checked by the whole network. Once a record is on the ledger it is almost impossible to alter or remove without it being noticed and invalidating the digital signature.Every legitimate transaction is confirmed by multiple nodes on the network. To successfully hack blockchain, you would have to hack most of the nodes simultaneously, which, though technically possible with enough supercomputing power and time, is well beyond the ability of cybercriminals today.
- A safer DNS
The Mirai botnet showed just how easy it is for criminals to compromise critical internet infrastructure. By bringing down the domain name system (DNS) service provider for most major websites, the attackers were able to cut off access to Twitter, Netflix, PayPal, and other services. A blockchain approach to storing DNS entries could, in theory, improve security by removing the single, attackable target.
Nebulis is a new project exploring the concept of a distributed DNS that supposedly never fails under a deluge of access requests. Nebulis uses the Ethereum blockchain and the Interplanetary Filesystem (IPFS), a distributed alternative to HTTP, to register and resolve domain names. “At the core of the internet, we see critical services such as DNS providing opportunities for a large-scale outage and also for hacks against organisations,” says Buchanan. “Thus, a more trusted DNS infrastructure, using blockchain methods, would considerably aid the core trust infrastructure of the internet.”
- Blockchains can be private or public
While public blockchains have grabbed early headlines and praise for enabling anonymity, you can create private blockchains that restrict access to specific users. You still get the benefits of a decentralised peer-to-peer network, but anyone accessing a private blockchain must authenticate their identity to gain access and it can be restricted to specific transactions.
Limitations to bear in mind
With all the hype, and while blockchain sounds amazing, it’s crucial to remember the potential problems and limitations of blockchain…
- The size of the network is vital – if your data isn’t well distributed, then it’s vulnerable to attack.
- Because of the way it works, you need to consider network bandwidth demands and the potentially huge size of your network communication overhead.
- It’s still a relatively new technology, so we don’t have all the answers yet, but blockchain clearly has the potential to have a big impact on the data security world. The potential use cases for security are definitely worth looking into, even if blockchain isn’t always the answer.
Nothing is really impossible to hack, but blockchain looks like a technology that offers more security than anything we’ve seen so far. For individuals responsible or concerned for keeping data safe and secure, this is certainly going to be a space to watch in the near future.
CybACADEMY courses powered by GoldPhish® educates employees on the cyber risk and helps build a more secure organisation with awareness training.