This is an article following the announcement that Thai authorities had let a database containing information of 106 million visitors to the country out on the open web and indexed by a search engine.
Every day additional data leaks news are coming up and the last one is affecting passport numbers. Data leaks are unfortunately not uncommon but this is raising the need for a redesign of the internet as we know it.
It is time to make security part of the design and not an additional layer of the existing infrastructure. Gladly the technology to solve this issue already exists and it’s called “secured computer AKA Blockchain”. As you may know, a blockchain is a chain of digital blocks that contain records of transactions (information). Each block is connected to all the blocks before and after it. This makes it difficult to modify a single record because a hacker would need to change the block containing that record as well as those linked to it. Every single transaction is recorded on the blockchain.
How does blockchain enable secure computers?
Since all the information is recorded and distributed to thousands of computers (nodes) around the world it is almost impossible to hack the database (ledger). That is why blockchains are called decentralized systems and are by design much more secure than traditional systems.
Blockchain also launched a series of innovations (often called the Web 3.0) forecasting the web evolution that allows us to share and transfer information without compromising security.
In order to avoid data leaks, all the information could be embedded in the blockchain to rebuild trust by showing consumers exactly who has access and what personal information is shared. Any person can fully audit the system and verify that it indeed operates as intended by the company or authority that manages the data.
As everything is automated, there’s no need to rely on human operators to do their jobs correctly and no reason to fear that a human error could occur.
So can blockchain be the solution for data leaks?
Blockchain has moved on significantly from its early days with Bitcoin and the infrastructure that is being built today will soon enable large application and security features that were not possible without a decentralized infrastructure. In the case personal data and other leak information blockchains allow each individual to manage their own data and how it is shared. The data can be encoded in their blockchain wallets, similar to the Apple Pay wallet. People will then be able to share only the data that is needed, using cryptographically encoded and decentralized networks, to fulfill the purpose of the data collection.
While we’ve got a long way ahead of us, we also have an amazing arsenal of tools built by the blockchain, cryptography, and computer science communities. If we go back to the fundamental security properties that we require, we can pretty much map them one to one to some of the recent information technology innovations.
Integrity, just like blockchain records can represent ownership they can also represent arbitrary data. And when coupled with distributed file systems, we can now enable guaranteed data integrity. A number of companies have been doing this, including atato back in 2018. Yes, this is a shameless plug.
Availability, secure computers have very high availability guarantees, by being widely distributed. While this isn’t true for all blockchains, the Ethereum network is distributed across 9,214 computers as of writing this article. In 2017 Joseph Lubin stated, “we’ve built an unstoppable, uncensorable world computer”.
Confidentiality, we can perform computations while keeping the inputs and outputs private. This is done using fully homomorphic encryption and zero-knowledge-proofs, with companies like Aztec, Zama, and NuCypher demonstrating how this can be used already today for securing AI, or sharing secret information.
Authenticity, we know how to build verifiable decentralized identities too. They can be used to securely make and prove claims of authorship of information, and the covid-19 crisis demonstrates how a global identity system could allow global proofs of vaccine or test claims, for example.
Possession, we can now maintain distributed records of ownership and guarantee the security of transfers as no central authority can modify someone else’s records. Blockchains have been doing this for years with both fungible and non-fungible tokens.
Utility, we have created a machine that allows us to store and retrieve information anytime, anywhere using common standards, the internet. The information itself is increasingly standardized as well, and we have built ways to decouple the schema of information from its computer representation.
At atato we have the vision of an internet where security will not be an option but embedded in the design. That is why we are building a blockchain operating system with the first building block being an MPC custody solution. While crypto custody might sound far from data security it is actually an essential part of the future “secure computer” that blockchain enables. You can now store and manage tokens in a secure way while keeping information private and safe.
If you want to know more about blockchain, MPC cryptocurrency custody, or secure computers, and understand how atato sees the future of Web 3 you can check www.securecompute.org where we lay down our vision for a world more secure.
#atato #custody #securecompute