Imagine a computing platform that would have no single point of failure and would be resilient to the cyberattacks that are making the headlines these days. This is the promise behind blockchain, the distributed ledger that underlies cryptocurrencies like Bitcoin and Ethereum and challenges the traditional server/client paradigm.
In 2009, Bitcoin became the first real application of blockchain, a secure decentralized monetary exchange platform that removed the need for central brokers. More recently, blockchain has proven its worth in other fields.
Blockchain is the culmination of decades of research and breakthroughs in cryptography and security, and it offers a totally different approach to storing information and performing functions, which makes it especially suitable for environments with high security requirements and mutually unknown actors.
The concept is already being used in several innovative ways to enhance cybersecurity and protect organizations and applications against cyberattacks.
One of the main characteristics of the blockchain is its immutability. The use of sequential hashing and cryptography, combined with the decentralized structure, make it virtually impossible for any party to unilaterally alter data on the ledger.
This can be used by organizations handling sensitive information to maintain the integrity of data, and to prevent and detect any form of tampering.
Guardtime is a data security startup that is placing its bets on blockchain technology to secure sensitive records. It has already used blockchains to create a Keyless Signature Infrastructure (KSI), a replacement for the more traditional Public Key Infrastructure (PKI), which uses asymmetric encryption and a cache of public keys maintained by a centralized Certificate Authority (CA).
Matthew Johnson, CTO at Guardtime, believes that while PKI was a suitable technology for digitally signing software, firmware and network configurations, it was never designed to authenticate data.
“The fundamental threat with PKI is that you need to base your security on the secrets (keys) and the people who manage them,” Johnson says. “That is very hard to do well and impossible to prove — just as in the real world you can‘t prove a secret has been kept, in the security world you can‘t prove a key has not been compromised.”
Blockchain-based security is predicated on distributing the evidence among many parties.
In contrast, instead of relying on secrets, blockchain-based security is predicated on distributing the evidence among many parties, which makes it impossible to manipulate data without being detected.
“Blockchain has eliminated the need for trusted parties to verify the integrity of data just as in the cryptocurrency example it eliminated the need for a centralized authority to act as a bank,” Johnson explains.
KSI verifies the integrity of data by running hash functions on it and comparing the results against original metadata stored on the blockchain….