Experts Warn – Security Problems Inside The Blockchain Technology

Bildergebnis für blockchain

 

Awareness of blockchain has soared in recent years with the emergence of cryptocurrencies, but the technology has existed for much longer. The linking of blocks, containing cryptographic functions of transactions and data, means that tampering with their contents becomes increasingly difficult as the chain grows – this concept was exploited for document timestamping applications more than a decade before cryptocurrencies became reality. In many implementations, blocks are confirmed by, and stored at, many nodes in different locations, providing a high degree of data integrity. There are, however, many challenges for applying blockchain technologies in tactical networks, particularly due to the constraints of the platforms, the limited bandwidth available among them, and the impact of network partitioning. In this report, the development and principles of blockchains are presented, along with an overview of their weaknesses and vulnerabilities. There is a huge level of interest in this technology across many sectors, and this is reflected in the breadth of the referenced material. Weaknesses in design and implementation can make blockchains vulnerable to attack, and their interfaces are particularly at risk. A range of possible applications in tactical networks is explored, from supply chain management, to network management and application data immutability. Finally, a simple blockchain architecture for mobile tactical networks is developed, to illustrate the potential and challenges of this technology. Overall, it is clear that blockchain technology provides a potential avenue for solving some problems in the tactical network context, but it is not yet clear whether it is the best such solution.

The key feature of blockchain technology is data integrity in a trustless environment: transaction or data records included on the blockchain are timestamped, cryptographically protected and stored by many distributed nodes, reducing the risk of total loss. For a sufficiently long blockchain, with a large number of nodes, the records can be considered immutable, in the sense that any tampering will be evident. This integrity can be exploited in different ways to enhance the robustness and resilience of tactical networks, and some of these are discussed in Section 5.1.

Smart contracts, described in Section 3.2, also provide opportunities for robust resource management in tactical networks, particularly in complex operational conditions where many users interact in the electromagnetic (EM) spectrum. Possible applications of blockchain to resource management are discussed in Section 5.2.

Tactical environments pose particular challenges for the introduction of blockchain technology, as devices are constrained in size, weight and power, and there are physical limitations on node connectivity. These challenges are considered in Section 5.3.

An example architecture for applying blockchain technology to support tactical operations is described in Section 5.4, taking into account the opportunities and challenges outlined thus far.

In this section, network nodes are considered to be the devices or platforms connected to the blockchain network; these are not (just) the radio interfaces themselves, but may be auxiliary equipment such as biometric devices, weapons or communication platforms.

5.4 Example tactical blockchain architecture

Based on the preceding, we propose an example architecture for a tactical blockchain system. The scenario we consider consists of a unit of dismounted soldiers, each carrying several devices connected on a personal network: a weapon, a radio, a camera, a radio frequency (RF) sensor and a computer (similar to a smart phone), sharing a battery and a memory drive such as a flash card. The soldier is also considered a network component, as they are a source and sink of data, and their identity is confirmed using a networked biometric sensor such as a fingerprint or iris scanner. The other devices may be authenticated using a radio frequency identification (RFID) chip or imaging as described in Section 5.1.4; authentication will only be required if the networked component has been disconnected from the personal network and attempts to rejoin.

We assume that the weapon tracks the ammunition it uses, and records the amount remaining. The camera may be continually recording, but to limit memory usage, only a few seconds before and after the weapon is fired are retained. C2 and other messages, either digital voice or data to and from the computer, all passed via the radio, are recorded for post-action analysis. SA in the form of RF sensor data is sampled periodically, and transferred via the radio to other soldiers in the unit and recorded locally. These different sources of data all use the computer’s memory for storage; both the memory and battery usage are tracked.

We use blockchains to provide authentication and identification management for the soldiers and devices engaged in the operation, an auditing function to track cyber SA and C2, resource usage tracking, and a policy management function, which is used to support resource loading decisions across the unit. As noted in Section 5.3.6, the longer the blockchain, the stronger it is, so all these functions use the same blockchain within their cluster (Section 5.4.1).

This is a simplified scenario, intended to give insight into the potential application of blockchain technology in tactical networks. Note that, as discussed in Section 6, the fact that this technology might be used to address these problems does not mean it is the best choice. Note also that the exchange of transactions and blocks among the users is assumed to be secure.

Advertisements