Introduction
Blockchains are immutable digital ledger systems implemented in a distributed fashion (i.e., without a central repository) and usually without a central authority. At its most basic level, they enable a community of users to record transactions in a ledger public to that community such that no transaction can be changed once published.
Blockchains are a new information technology that have the potential to invert the cybersecurity paradigm. First, blockchain networks are trustless: they assume compromise of the network by both insiders and outsiders. Second, blockchains are transparently secure: they do not rely on failure-prone secrets but rather on a cryptographic data structure that makes tampering both exceptionally difficult and immediately obvious. Finally, blockchain networks are fault tolerant: they align the efforts of honest nodes to reject those that are dishonest. As a result, blockchain networks not only reduce the probability of compromise but also impose significantly greater costs on an adversary to achieve it. The Air Force, for example, will research and develop blockchain technology and leverage it for national defense.
A blockchain is a shared, distributed, tamper-resistant database that every participant on a network can share—but that no one entity controls. In other words, a blockchain is a database that stores digital records. The database is shared by a group of network participants, all of whom can submit new records for inclusion. However, those records are only added to the database based on the agreement, or consensus, of a majority of the group. Additionally, once the records are entered, they can never be changed or erased.1 In sum, blockchains record and secure digital information in such a way that it becomes the group's agreed-upon record of the past.
The blockchain was first proposed in 2008 by Satoshi Nakamoto (a pseudonym) in conjunction with the cryptocurrency Bitcoin. Nakamoto's vision was to "allow online payments to be sent directly from one party to another without going through a financial institution." However, without a trusted central authority to oversee accounts and transactions, there would be no way to prevent dishonest actors from spending a single Bitcoin twice. Nakamoto's solution was a distributed database of time-stamped, consensus-based, cryptographically tagged transactions that form a record that cannot be changed—a blockchain. Bitcoin became a reality in 2009, and since then its market capitalization has gone from zero to more than $6.3 billion as of April 2016. Each day, some of Bitcoin's 6.6 million users exchange more than $75 million in 120,000 transactions across the network.
Bitcoin offers a noteworthy example of a blockchain's potential. All of Bitcoin's currency, transactions, and accounts that have ever existed are recorded in a blockchain database that lives on the open Internet. It is fully exposed to the hostile efforts of governments, criminal organization, and hackers. Yet, the Bitcoin blockchain has never been hacked. Clearly, this technology deserves study.
While "the blockchain" was virtually synonymous with Bitcoin for several years, it should be made clear that they are two separate technologies. Bitcoin is just the first popular application of blockchain, just as e-mail was the first popular application of the Internet.6 Its potential is so vast, in fact, that advocates compare the maturity and innovative potential of blockchain technology today to that of the Internet in 1992, an Internet before the World Wide Web. However, because blockchain technology simply rides on the existing Internet infrastructure, the maturity of blockchain technology is likely to progress three times faster than the Internet, with mainstream use expected within the next eight years.
Industry has recognized the potential of blockchain technology. Since 2013 more than $1 billion of venture capital has been invested into 120 blockchain start-ups. Aims are diverse, ranging from finance to the tracking and trade of indivisible assets (such as diamonds and art) to digital notary services that can serve as evidence in a court of law; however, interest has expanded beyond just start-ups. Large, mature companies such as Lockheed Martin, IBM, and Goldman Sachs have also begun investigating potential blockchain applications in their respective sectors.
Blockchains solve a challenging problem in data science: how to reliably exchange information over an unreliable network on which some of the participants cannot be trusted. The blockchain security model inherently assumes that these dishonest participants will attempt to create friction by not only generating false data but also attempting to manipulate valid data passed from honest participants. By using a variety of messaging and consensus techniques, blockchains ensure data integrity by both rejecting invalid data and preventing valid data from being secretly modified or deleted.
Blockchain technology is worthy of examination because it offers three significant advantages over traditional cyber defense strategies. First, rather than trying to defend boundaries from compromise, blockchains assume compromise by both adversaries and trusted insiders. They are designed to defend data in a contested cyber environment. Second, blockchain networks harness the aggregate power of the network to actively resist the efforts of malicious actors. Specifically, blockchains take advantage of the asymmetry of many against few. Finally, the security that blockchains provide is not dependent on secrets or trust. There are no passwords to be exposed, cryptographic keys to be protected, or administrators to be trusted. Blockchains provide an inherent security function on which additional security functions can be added, depending on the application. As result of these advantages, blockchains are capable of operating successfully and securely on the open Internet, without a trusted central authority, while fully exposed to hostile actors.
This paper examines the blockchain activities of the U.S. Government.
Source: http://www.airuniversity.af.mil/CyberCollege/Portal/Article/Article/1238526/blockchain-technology/