Addressing Security Concerns and Challenges Around Blockchain
Written by Aravind Kambhampati
How Secure is Blockchain?
Blockchain algorithm uses cryptography to display the transaction data. All the transactions are stored in cryptography. So basically, we can see that a transaction happened, but there is little clarity on what transaction happened. Parties initiating the transaction need not trust each other, but trust the consensus algorithm between them, eliminating the need for a trusted third party to complete a transaction.
Following are the risks associated with blockchains:
- Random number generator: Blockchains are built with cryptographic algorithms and libraries and the random number generators are used as keys. Random numbers with insufficient entropy lead may result in weak encryption.
- Computers participating in a blockchain can be hacked to replace the encryption libraries with defective ones. Hackers might use key logger to collect a passphrase that a user has to enter to participate in a blockchain (or access their crypto wallet).
- Vulnerabilities like the recent CPU flaws SPECTRE and MELTDOWN can be exploited to gain access to otherwise protected memory, and try to read or tamper with data before it’s actually encrypted and added to a blockchain distributed ledger.
- Blockchain encryption can be broken by firing up the quantum computer.
Even a well-designed blockchain algorithm or protocol which looks completely secure, the implementation and the applications built on it, may not be completely secure.
Obstacles Ahead for Blockchain
- Education: How to explain to someone what it means to “create a new block” on the blockchain? What is a “block” in the first place? What is actually happening? Facilitators should consider who really needs to buy into using blockchain technology in order for it to scale. In addition, consumers need a basic understanding about building a block on blockchain. For instance, users do not really know how the Internet works, but they have a basic understanding of how to use the programs built on top of it. Similarly, users need a simple language understandable enough and yet which equips them with the knowledge to work with the technology.
- Scaling the technology: Here, it is less to do with the understanding, and more to do with how the technology will scale as mass adoption begins. This issue can be viewed from a few different angles. Currently, there are mostly public ledgers with a handful of permission ledgers, but a permission ledger is now being used as a database. This raises a question – What if every company or every industry has their own permission ledger? The main obstacle would be to have the public ledgers store data and be able to anonymously transfer serial numbers to large-scale adoption of blockchain.
- Regulations, entities sometimes trail technology innovation, and that is surely the case with blockchain. New products and services are rising based on blockchain transactions, but there are currently no regulations on how the transactions should be made. Even though being tamper-proof and transparency are major benefits of blockchain, some industries may require having new regulations for blockchain.
Blockchain itself is not an actual application, but is a tool that we use to do other things. In other words, it is part of a technology stack using other tools and we use it to build applications.
Experts claim that blockchain not only has a place in cryptocurrency exchanges, but could also be used to improve security solutions.
None of the above obstacles can be solved overnight. It takes time for a new technology to evolve, especially something as innovative as blockchain. In the early 90s, these were the same obstacles that confronted the Internet. People tussled to understand it and others suspected how such complicated tech would scale to mass adoption.
Since blockchain is in its early stages of development, security concerns are inevitable. For more insights/updates on risks related to blockchain, subscribe to Supply WisdomSM Alerts. Contact us to find out how we can help you stay up-to-date on latest trends and be more proactive about monitoring and managing risks.