While still a relatively young technology, blockchain has shown some significant developments. From saviour for entire industries, to climate killer due to increasingly high energy consumption – blockchain seems to devide the tech world. Blockchain and its best known application, the Bitcoin crypto currency, are also seen as very secure mechanism. But is this really true? We spoke with Prof. Aggelos Kiayias, Chief Scientist at blockchain technology company IOHK, about the security and future of blockchain.
Cyber Protection Magazine: Blockchain is usually praised for the security of the data and information stored in it – however, in your presentation at FC21 you highlight some security issues of existing blockchains – can you elaborate on those and what would be needed to make a blockchain more secure?
Prof. Kiayias: Let’s start with the understanding that no functional system can ever be perfectly secure. There are design trade-offs that can make security just right for the particular use-case but not in others. For instance, Elon Musk has talked about speeding up Dogecoin, but how fast can one make block production in a cybercurrency before it becomes too brittle? As we have shown in recent work, the number of blocks that the network produces in given length of time each block travels the network in a predictable time and an adversary can be held off by the miners following established protocols. However, if one dares to increase that travel time by an order of magnitude as Musk suggests without making any fundamental modifications in the underlying protocol design, protection against adversaries decreases accordingly.
Cyber Protection Magazine: One of the issues – at least how I understand them – is the fact that blockchains become rather bulky and slow over time, as is currently demonstrated with Bitcoin, which has a higher power usage than a small country and where the blockchain itself is becoming increasingly large. Is there a way to overcome this in future versions of blockchain applications?
Prof. Kiayias: Bitcoin’s energy usage has more than quadrupled since the start of its last peak in 2017 and currently accounts for greater electricity consumption than The Netherlands. Energy inefficiency is built into Bitcoin and will only worsen, as its price rises. The more competition there is for the currency, the higher its energy consumption will rise. This is because Bitcoin draws its security from the energy-intensive ‘proof of work’ process, in which Bitcoin miners use their computing power to compete to solve random, complex cryptographic puzzles, with the first to solve the puzzle earning the right to mint the next block of data on the Bitcoin ledger. It amounts to a hugely energy intensive, processing power arms race, with most of the electricity used essentially being simply ‘thrown away’. As an answer to this, we have developed a highly energy efficient ‘proof-of-stake’ protocol, and were the first to formally propose such a system and have it accepted for publications to a major Cryptology Conference. Ouroboros appeared on August 21st 2017 as part of the International Association for Cryptologic Research flagship conference – Crypto 2017. The Ouroboros protocol sees the entire global blockchain network powered with the energy usage of just a single family home. That equates to 4 million times less power than Bitcoin.
Cyber Protection Magazine: One of the papers you presented at FC21 is on interoperability between blockchains. It seems like something which should’ve been considered when the blockchain concept was invented – why is this feature lacking and how would you intend to change it?
Prof. Kiayias: Historically, there’s been a lot of competition in the blockchain space, rather than collaboration. It does not have to be a zero-sum game though. A better objective would be to grow the industry as a whole allowing assets to flow freely between different blockchain networks as packets flow freely over the Internet across different networks. In order to do this, blockchain companies need to build solutions that can work together. Cardano is unique because it was built with interoperability in mind, and a lot of our work is focussed on making blockchain systems work with each other via our work on interoperability.
Part of that work is realised through our focus on academic research and submitting those research papers for peer review at the world’s leading cryptography conferences, such as the IEEE Symposium on Security and Privacy, TCC, and ACM Conference on Computer and Communications Security.
To date, we have supported, authored and co-authored 102 research papers, with 81 of them having been through peer review and 15 still in the peer-review process.
Cyber Protection Magazine: In a few of our past articles we have talked about quantum cryptography. Blockchains (at least Bitcoin, as an example) are built on ‘regular’ cryptography. Do I need to be afraid that all my Bitcoins can be hacked once a working quantum computer will be built?
Prof. Kiayias: With Google claiming to have solved the ‘holy grail’ of quantum supremacy, there was much fear that quantum computing could leave conventional security protocols and even blockchain vulnerable to quantum attacks. Some suggest, fallaciously, that you can fight fire with fire by just employing quantum solutions as a defense. But quantum computers cannot solve all computational problems efficiently. In fact they have their own unclimbable computational tasks.
However, in collaboration with researchers at Texas A&M University and University of Edinburgh we have already shown that the Bitcoin design can be adapted for post-quantum resilience and in upcoming work we will be extending these results to the more challenging setting of Proof of Stake protocols like Ouroboros.
Emerging quantum capabilities can actually boost the security of blockchains, rather than increase their vulnerability. For example, a recent research breakthrough we collaborated with scientists at City University of New York, Princeton University, University of Edinburgh, NTT Research, and we have shown that hybrid quantum/classical cryptography, harnesses the joint benefits of classical and quantum techniques jointly to develop distributed ledgers of unprecedented security and performance characteristics. In more details, in that work, we harnessed quantum no-cloning and some sophisticated quantum safe classical cryptography to create ‘one-shot signatures’ which possess a single, secret, self-destructing quantum secret key that can be used to sign a message but verified classically. Crucially, this quantum primitive can be harnessed to boost the cyber security of classical computing systems such as blockchains due to its ability for classical computing verifiability. In this way, this system shows how to harness the benefits of quantum mechanics to safeguard classical computer transactions.