#ISC2Congress: The Promise of Blockchain

Written by

Blockchain is revolutionizing the global economy, according to Nitin Uttreja and Ashish Dwivedi of CA Technologies. In their session, How Blockchain Is Revolutionizing Cybersecurity, Uttreja and Dwivedi said that blockchain companies enable banks to transact with other banks for improved efficiency of cross-border transactions.

“The distributed-ledger technology is not just restricted to the banking or financial world. Blockchain technology has the potential to disrupt nearly every industry, including healthcare, supply chain management, media, advertising, gambling, cloud and cybersecurity,” the presenters wrote.

Because it is so difficult to change or remove data once it is entered into the blockchain, the technology mitigates the risk of a single point of failure. It is a distributed database with a decentralized ledger database that is continuously growing. The technology is chronological and secured using cryptography. 

Any changes are stored in a new block. “A small change in the input would give a completely different hash, making it infeasible to find two messages that produce the same hash,” Uttreja said. Attempting to make changes would produce a completely different hash, which would not match, so all the subsequent blocks would become invalid. 

Yet “securing data by this technique is not good enough,” said Uttreja. “To counter we use proof of work or mining, which slows down the calculation of blocks. What we do in mining is take index, previous hash, timestamp and try to create a hash that specifies a certain criteria.”

As far as the application to cybersecurity, Dwivedi said that there are real-time use cases of blockchain in cybersecurity, including decentralized identity, cloud storage, passwords and securing IoT.

"The key challenge with digital is that individuals have no control over their personal data and do not know when it is shared with other institutions," the presenters wrote. Users leave personal information on complex servers. If that server is compromised, the user’s data is at risk. There are also challenges of centralized identity with storing personally identifiable information (PII) on a central depository and the potential of third parties accessing data without subject’s knowledge.

The blockchain solution is that the data becomes decentralized across a distributed database with peer-to-peer transmissions that use cryptographic hashing, Dwivedi said.

“Blockchain enables the creation of a decentralized distributed storage marketplace, with complete decentralization and true redundancy, total privacy, resulting in cost reductions.” 

What’s hot on Infosecurity Magazine?