blockchain-network-concept

Potential Applications and Challenges of Blockchain for Cybersecurity

Blockchain technology has risen to prominence over the past year along with the meteoric rise of Bitcoin. Bitcoin is a type of digital cash, hosted on a peer-to-peer public network. For most people, when they hear “blockchain” they only think of Bitcoin. However, blockchain is the technology that supports Bitcoin, and digital cash is just one application. The blockchain is all about network decentralization, spreading information, computing power, and trust across a vast network.

Decentralization stands in contrast to centralized institutions that we’re familiar with today. The problem with central systems is they’re often slow, expensive, and subject to attack. In my opinion, blockchain has yet to prove that it’s faster or cheaper than institutions. However, it has clearly proven itself more secure. This security advantage is one of the most compelling use cases for blockchain technology today and in the future.

What is Blockchain?

It’s worth taking a look at how blockchain works and why it’s more secure than traditional institutions. (I won’t go into depth on the cryptography of blockchain here. There are plenty of excellent guides that are just a google search away.)

A blockchain is essentially a database. While Bitcoin and other blockchain technologies use this functionality as a way to maintain a ledger of transactions, blockchain can also hold information about identity, authenticity, and ownership. In fact, nearly any data you could put in a database, you could put on a blockchain.

Traditional databases store your data in one place. Most databases have redundancies built in, so there may be a few copies of your data, but your data is still in the hands of the company providing database services. Blockchain data is different because it’s decentralized. Instead of your data living on a few servers, it exists on many computers tied together in a peer-to-peer network.

No one company hosts the blockchain on its servers. Instead, on a public blockchain, anyone can participate in hosting and maintaining the database. There are also private blockchains where joining the blockchain and operating a node on the network is restricted within a company or group, but the operation of the network is still based on distributing copies of the data to many nodes.

You Can’t “Hack Into” the Blockchain

The security benefit of every node on the network keeping its own copy of the database is it’s difficult to make unauthorized changes to blockchain data. You can’t just “hack into” the blockchain because the blockchain doesn’t exist on one or a few servers. It exists on hundreds or thousands of computers around the world.

It’s also cryptographically constructed so that you can’t change prior entries to the database. It’s append-only. If you want to update something, you’ll need to create a new entry in the database reflecting the change. Nodes on the network will review your request, and they’ll determine if it’s a valid change and if you have the permission to make that change. Changing something on the blockchain requires you get consensus from the entire network before a change goes into effect.

As a result, the blockchain is incredibly secure. In order to attack a blockchain network, you’d need to undermine the network’s consensus mechanism by amassing a majority of the network’s computing power to vote in favor of your attack. Doing so on a major blockchain network like Bitcoin would require millions of dollars of investment in hardware to run your attack, making it infeasible.

Blockchain & Cybersecurity

Blockchain’s strong encryption and resistance to attack makes it an attractive option for future cybersecurity initiatives. Digital identity is one such challenge. Currently, we rely on a combination of email, social security numbers, two-factor authentication via SMS or authenticator, manually submitted documents and biometrics like fingerprint and facial scanning. However, it’s scary to trust institutions with this information, especially in the wake of hacks like Equifax leaking millions of records of identifying information.

In the future, blockchain could store this digital identity information, making it immutable and nearly impossible for bad actors to access. Then, each of us would have a private key on the blockchain that corresponds to our identity information, allowing us to prove information about ourselves without having to give away that information to a third-party.

Companies could benefit from using the blockchain to manage sensitive customer and business data. Setting up a private, internal blockchain could offer similar security benefits to a public blockchain if deployed correctly. This could apply to supply chains, customer data, business intelligence, or smart sensors at production facilities. Data stored on the blockchain from these sources would be difficult to access and nearly impossible to change.

Conclusion

Bitcoin was the first blockchain, and it has existed for nearly ten years. During that time, there has never been a security breach of its blockchain protocol. Stories of missing Bitcoins or Bitcoin hacks all are tied to centralized institutions like Bitcoin exchanges. The security track record is promising.

However, blockchain technology is still in the early stages of usability for the mass market. Over the coming years, it remains to be seen how blockchain will integrate to provide security to traditional companies and the internet in general.