If you think Blockchain is secure, this talk from two experts on the matter will make you think again. Dr Melanie Rieback – CEO of Radically Open Security – and Dr Klaus Kursawe – GridSec.org – explain why this technology, contrary to common belief, comes with a huge number of risks. One of the main characteristics of blockchain, immutability, designed for security, turns out to be one of its weakest spots.
Secure by design
The idea of blockchains existed for a while in computer science, but they became well-known for the bitcoin cryptocurrency that is based on them. Since then, lots of use cases have come up, such as managing supply chain (tracking the life-cycle of your vegetables for example), music distribution, new video games and even online voting.
Let’s start with the definition of blockchain. A blockchain is, in the simplest of terms, a time-stamped series of immutable records of data that is managed by clusters of computers not owned by any single entity. Each of these blocks of data (i.e. block) is secured and bound to each other using cryptographic principles (i.e. chain). It is a shared and immutable ledger, the information in it is open for anyone and everyone to see, which is why it feels so “democratic”.
This distributed trust between members, the cryptography used to chain the blocks and their immutability is what makes blockchain secure “by design”. Or that is what many people think…
Even though the possibilities seem endless, Rieback claims that not everything is openly discussed regarding this technology and raises some security questions that many people don’t dare to, or simply don’t want to, address. Kursawe investigated the vulnerabilities of blockchains (“byzantine fault tolerant total ordering protocols”, the scientific term) in 2000; the general concept has been investigated in computer science for over 20 years. It’s nothing new.
In practice, there are bad sides to the immutability of blockchains. Think about security updates. Security patches are one of the most important ways of keeping software secure. Programmers make mistakes and introduce bugs, and so programs need to be corrected, especially if they introduce vulnerabilities. The immutability of blockchain makes this difficult because the data cannot be modified. If the patches include changes in the data structure, it’s not possible to apply them.
Another problem is that when the wrong data gets inserted into the blockchain, it’s impossible to remove it. Think about GDPR and the right of users to remove their personal data. This is not even possible with blockchain, even if something ends up in the chain by mistake. There are already cases where “bad” things were inserted in several public chains. In the bitcoin blockchain people managed to get in rickrolls, wikileaks cablegate files, photographs, valentine love messages and even a tribute to Len Sassaman, security advocate who was not so positive about blockchain.
Also, even if blockchain had no vulnerabilities, we have to be aware that using it doesn’t guarantee security, because the chain software is only a small part of the system. There is a whole ecosystem built around the blockchain, with application, APIs and complex protocols which can contain bugs.
Other potential for attacks come from mining pools. Mining pools are a large number of members working together in a chain. When we have these groups, if they happen to be 51% of the members, then they can basically decide on their own. Double spending can be done if the members in this mining pool first spend, then reverse the transaction, without the need for consensus. Even with a big blockchain, reaching the 51% can be achievable with a very big investment of mining capacity and electricity. It might not be accessible by a normal citizen, but it is for a government.
Quantum computing brings another challenge to the mix. Actually, the computing speed of quantum computers could break any sort of system which is based on any kind of encryption, and blockchain is just one of them. Another way in which quantum computers can disrupt the blockchain security system is by doing 51% attacks. And here, again, those who first have the quantum computers win.
Another issue to take into account is that of the operational security of the endpoint devices. Attacks can occur on the members, who often share the same operating systems, libraries and implementations.
In the specific use case of the supply chain, as an example think about the possibility of tracking the tomato you are eating from the moment it was harvested to the moment it’s on your table. How do you actually prove the relation between the actual object and the digital equivalent in the chain? You could use a QR code or a bar code, or even something more advanced like RFID. But there is no guarantee that the sticker/RFID that is on your vegetable or box corresponds to what is in the blockchain (provided that RFID was indeed secure).
This makes it clear that blockchain might not be a good solution where the integrity of the data is of high importance, such as for public voting. But also the risks for cryptocurrency shouldn’t be taken lightly. Perhaps blockchain is a technology appropriate for more “simple” use cases, where the distributed nature is useful but the well-being of people is not at risk, such as review systems, games or web browser certificate validation.