This document provides an overview of blockchain technology, including its types, use cases, security, and usability. It discusses the key components of blockchain like hash chains, Merkle trees, and consensus models. It outlines the main types of blockchain solutions and some important features like immutability and decentralization. The main drawbacks of public blockchains are that they are expensive, volatile, and not scalable. The document also discusses security considerations and challenges with usability. It analyzes some proposed use cases for blockchain technology and their issues. In conclusion, it states that cryptography enables data integrity, and the right tool should be chosen for each job.
8. Main drawbacks of public blockchains
Expensive Volatile Not scalable Not mature
Hard do code and
support
9. Usability
Key management
Decentralization
How to make it
usable?
• Key management is hard (despite key management services)
• Secure key storage, key rotation
• Lost key = lost account, which is a no-go
• Mobile phones and user laptops should not be nodes
• Current blockchains don’t scale well, shared databases are huge
• The user must not know they are using blockchain
• Keys should be hidden & encrypted with password-derived keys
• Services should be used via web apps or mobile apps
10. Security
Cryptographic
security
Storage security
Private blockchain
security
• The cryptography is sound
• Keys are as secure as their storage
• Semi-quantum-resistant (hashes are resistant, ECC is not)
• It’s a bad idea to store sensitive data on a public blockchain
• Even encrypted, as re-encryption is not possible
• Fully decentralized apps are a risk
• Consensus is sometimes not needed (e.g. for single-party)
• PKI is a single point of failure -> HSMs are needed
• Need for regular verification of local data
12. Immutable vs tamper-evident
Immutable
Tamper-evident
• Tamper-resistant – nobody can modify data
• Requires replication to multiple nodes with near real-time
validation
• Makes it possible to detect if tampering has occurred
• Practical tamper-resistance is achieved through backups with
integrity checks
14. Smart contracts
Neither smart,
nor contracts
Distributed code execution
Using the ledger
as a database
Written in specific languages
(e.g. Solidity)
16. Proposed use-cases and their issues
• E-voting – public bulletin boards have been around for a while. Blockchain can help, but
doesn’t solve fundamental problems
• Payments – it’s slow
• Food quality provenance – sensors and data entry are the hard part
• Item provenance – centralized database; physical identity != digital identity; cloning
• Healthcare data – storing data on a public blockchain, even encrypted, is risky
• Land or property registry – legal need for central authority (integrity is needed, though)
• Hotel reservations, ride sharing – p2p reputation is the hard problem to solve
• Many other usecases are just digital transformation + trusted timestamping (PKI)
18. Blockchain can solve problems
Prove
unmodifiability
Internal
lack of trust
Multi-stakeholder
databases
• Prove to 3rd parties that data has not been tampered with
• Logs, documents
• Internal actors modifying data
• Anchor to public blockchain, avoid scalability and cost issues
• Practically a signed, shared database. Enterprise integration.
• Higher education diploma registers
• Car manufacturer + dealers usecase