Blockchain makes it possible to imagine a world in which all kinds of transactions will be created and stored transparently in public and shared databases. It is a promise that has attracted the attention of many industrial and economic sectors, including that of computer security and federal offices.
Blockchain technology could act as a “cyber shield” to protect communications, technology, and defense jobs. DARPA engineers (Defense Advanced Research Projects Agency) – the grandchildren of Internet inventors to understand each other are working on a project to create a spy-proof messaging service. Likewise, the Federal Office for Information Security (BSI) of Germany has published a guide to blockchain security.
The new blockchain technology will revolutionize banks, logistics, the real estate industry, all of them. But does technology hold what it promises?
Pure blockchain solutions are so far immature and can be challenging to scale up. In recent times, all kinds of blockchain-inspired solutions are coming up to deliver packages that are easier to use.
Not a Panacea
Gartner predicts that the whole blockchain market will create a total business value of $3,100 billion by 2030. At the same time, Gartner estimates that 75 percent of all public blockchains can be illegal under GDPR in 2021.
The blockchain is better available than traditional central databases and more robust against abuse. The decentralized infrastructure on which the blockchain is based exploits the basic characteristics of operational resilience, data encryption, verifiability, transparency, and immutability of transactions.
The blockchain solves the problem of lack of trust between counterparties during monetary transactions through a distributed database system structured in blocks or network nodes between them connected (chain). A mechanism that has proved effective to date. In a nutshell, the blockchain is a platform for exchanging encrypted data, stored within a shared database.
However, there are disadvantages in terms of confidentiality and efficiency. Common security issues with hardware and software persisted.
Also, new attack vectors would come on top of various components of the system, such as consensus mechanisms, smart contracts, or external blockchain gateways. Errors in the code, manipulatable random numbers and missing authenticity of the data in the blockchain are therefore further created problems. Where personal information is located, it cannot be deleted. And since there is no encryption in the blockchains, malicious people can enter personal information in a text field and then it remains forever.
What is the right Blockchain?
Everyone agrees that the blockchain has great potential and that the technology is on the broad front. Now it is all about accepting on what applies. The original idea is that the blockchain is open to everyone. There are already a variety of competing blockchain technologies available today.
The opportunities of the blockchain are rapidly expanding even outside the finance sector. Retail, according to IDC data, is the third sector for global investment levels and is positioned as an early adopter. The manufacturing industry is the second-largest adopter. Companies are carrying out the first experiments and some pilot projects in the areas of product tracking, to fight fraud and ensure quality and authenticity, and also to optimize supply chain management activities.
Many different options for designing a blockchain pose further problems. It is important to analyze carefully which of them are most suitable for the use case. In this context, it can be assumed that the Bitcoin model does not make sense for most applications. On the other hand, blockchains with strict rights and authenticated parties would be more useful.
It is crucial to carefully select the cryptographic algorithms on which the blockchain is based. The protection goals of integrity, authenticity, and confidentiality are essential to achieve a high level of protection.
Collision with Privacy
The question of how information stored in the Blockchain tamper-resistant information is compatible with the right to be forgotten by the GDPR has not yet been clarified. The transparency of the stored data, which underlies the technology, also gives rise to data protection discussions.
According to the analysis, in many blockchain variants, a central, legally responsible body in regular operation is missing. For example, the Financial Conduct Authority (FCA) of the United Kingdom will not regulate Bitcoin as a part of its guidance on the blockchain. The FCA’s document titled “PS19/22: Guidance on Cryptoassets” describes crypto-assets as “usually decentralized and primarily used as a means of exchange.” For this, there existed some possible solutions, which clarify particular forms of blockchain responsibilities. A binding and overarching regulation is not yet found.
Although various Federal Offices and regulators do not have clear answers to all questions, the basic rule to adopt blockchain is to overview of essential fundamentals and current problems on the security. The guidelines should serve as a decision-making aid for companies and provide a sound basis for future discussions.