Integrity assurance that a piece of a binary is not modified, whether it is related to data or software, remains a significant challenge in the IT industry.
Integrity assurance is built into many databases; it helps ensure that data will not be changed unless done in a well-regulated/controlled manner. Furthermore, the proposals of Trusted Platform Module (TPM) and Secure Execution platforms like Intel SGX and ARM TrustZone provide integrity measurement and assurance. In these solutions, integrity measurement is not historical but related to the current state of either data or software.
However, if the question is how to maintain even historical integrity values that can easily be verified, simple hashing (hashing table) or Merkel Tree-style solutions have limited applications. Two considerations add even more complexity to this question; 1) no entity should be able to change the historical integrity and records, and 2) all the information is going to be in the public domain. People have put forward blockchain as a possible answer, but the question remains…
Is Blockchain the solution?
The task of designing a decentralized online (digital) currency involved addressing specific security challenges that included negotiating an immutable public transaction ledger. For the immutability feature, blockchain integrated into the bitcoin architecture. The blockchain is fundamentally a series of linked record lists referred to as blocks. Each block has a robust cryptographic property of immutability provided by the cryptographic hashing algorithms.
Immutability features do not protect against a powerful entity with total control of the blockchain. This is one of the main reasons why it’s essential in the bitcoin architecture to have a majority consensus when accepting a block onto the chain. With the mining community’s distributed nature, the bitcoin architecture tries to protect against powerful entities from modifying the block.
However, on a cautionary note, if a (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Babar Mahmood. Read the original post at: https://www.tripwire.com/state-of-security/featured/blockchain-revolutionising-technology-industry-hype/