Securing Blockchains with Hardened Encryption
In the first of a two-part blog post dedicated to blockchain technology, we will explore the origins of blockchain and the general principles and cryptographic mechanics that make blockchain work.
Blockchain was invented as a way to track and authenticate transactions for cryptocurrencies. Cryptocurrencies are an online form of digital currency that depend on cryptography to regulate the creation of currency and verify transactions. Cryptocurrency transactions occur on a peer-to-peer basis with no central regulating authority acting as an intermediary between sender and receiver. Part of the allure of cryptocurrencies is their decentralized nature, and lack of a central administrative authority to oversee and verify transactions. By removing the role played by the banks in traditional forms of electronic payments, cryptocurrencies allow users to exchange money directly with each other more quickly and without the exchange of personal information. However, this decentralization initially presented a quandary. With no banks or central authority to approve transactions and track balances, how could any currency be trusted? This is where blockchain comes into play.
First created for use with Bitcoin, the most popular cryptocurrency, blockchain is a distributed-trust public ledger system. Blockchain depends on volunteer users or “nodes” to track, verify, and add transactions to a continuously updated ledger using encryption. Within cryptocurrencies, blockchains are maintained by nodes within the P2P blockchain network who use their own hardware resources to perform a process known as “mining”. Mining is the process of verifying transactions and adding them to the blockchain using encryption.
Blockchain provides an inexpensive and efficient way to record data by mass collaboration among users on a network. With all the peers on a network working in concert to verify and add data using encryption to a continuous data record or chain, the result is a fully trusted data source that is easy to maintain and unalterable.
As the nodes approve transactions, they are grouped together into blocks and added to the chain. Every block is coded with a specific cryptographic hash that subsequent blocks on the chain will share, which ensures the blocks will remain linked. In addition to the hashes, Blockchain relies on cryptography and public key infrastructure to function. All data entered into the chain is encrypted, and every user on the network is assigned their own private key. Though the blockchain is publicly available, it is protected with encryption throughout the process.
Blockchain is built upon the principles of collective interest and mutual trust. Every user has access to the most recent version of the blockchain. Once a node completes a new block, it is added to the chain and the updated version of the blockchain is broadcasted to all other nodes. There is no official version of the blockchain and no one version is more trusted than another. In addition to speed and efficiency, the decentralized structure of blockchain creates a difficult target for hackers. With no centralized structure, there is no primary target or single point of failure for attackers to exploit.
Blockchain stands to revolutionize the way we track data and has the potential to make its way into virtually all industries and commercial sectors. Any large business or organization who tracks transactions, assets, or maintains records could potentially adopt blockchain style ledger systems to increase efficiency and accuracy, while also decreasing costs. However, one large obstacle exists in the areas of secure and compliant cryptographic operations.
With respect to what has worked for Bitcoin and other cryptocurrencies, many large enterprise organizations may not see blockchain as a feasible option due to concerns about encryption key management and other cryptographic processes. Most cryptocurrencies are backed up by public blockchains, which are widely available and accessible to anyone on the P2P network who wishes to participate in “mining” on the blockchain. While the wide availability contributes to mass collaboration and trust, it can also lead to questions about cryptographic integrity. Many nodes on public blockchains store and generate keys from software-based programs servers and standard hard drives. This is a much less than desirable method of key storage that leaves encryption keys vulnerable to both physical and virtual theft. It’s worth emphasizing that encrypted data is only as secure as the keys used for the encryption. Once keys are compromised, so is the data.
Many large enterprise organizations that depend on secure and compliant cryptographic operations use Hardware Security Modules (HSMs) for their key storage and other cryptographic operations. These HSMs, such as those offered in Futurex’s Hardened Enterprise Security Platform, are dedicated cryptographic devices that are securely and compliantly perform all the cryptographic operations on a network, including key management. They are logically partitioned on a network in a way that prevents risk to virtual attacks, and they adhere to government regulated physical security standards that deter physical theft. Before large enterprise organizations begin to adopt blockchain technology, they will first need HSMs and key management solutions that are flexible and scalable enough to be integrated into a blockchain environment.
In the second part of our blog post on blockchain, we will explore how Futurex’s Hardened Enterprise Security Platform can be integrated with blockchain to bring added security.