Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Blockchain overview - types, use-cases, security and usabilty

We review blockchain implementations, their components, how they work and how they can be used for solving real world problems with comparison to existing solutions.

  • Loggen Sie sich ein, um Kommentare anzuzeigen.

Blockchain overview - types, use-cases, security and usabilty

  1. 1. Blockchain overview: types, use-cases, security and usability Bozhidar Bozhanov, CEO @ LogSentinel
  2. 2. About me • Senior software engineer and architect • Founder & CEO @ LogSentinel • https://techblog.bozho.net • Twitter: @bozhobg
  3. 3. Blockchain in a nutshell Hash chain Merkle tree
  4. 4. Consensus Source https://medium.com/poa-network/proof-of-authority-consensus-model-with-identity-at-stake-d5bd15463256
  5. 5. Types of blockchain solutions Source https://medium.com/ltonetwork/the-rise-of-private-permissionless-blockchains-part-1-4c39bea2e2be
  6. 6. Terminology Blockchain DLT Cryptocurrencies Smart contracts
  7. 7. Important features Provably immutable* Distributed Trustless Hyped Public blockchain features
  8. 8. Main drawbacks of public blockchains Expensive Volatile Not scalable Not mature Hard do code and support
  9. 9. Usability Key management Decentralization How to make it usable? • Key management is hard (despite key management services) • Secure key storage, key rotation • Lost key = lost account, which is a no-go • Mobile phones and user laptops should not be nodes • Current blockchains don’t scale well, shared databases are huge • The user must not know they are using blockchain • Keys should be hidden & encrypted with password-derived keys • Services should be used via web apps or mobile apps
  10. 10. Security Cryptographic security Storage security Private blockchain security • The cryptography is sound • Keys are as secure as their storage • Semi-quantum-resistant (hashes are resistant, ECC is not) • It’s a bad idea to store sensitive data on a public blockchain • Even encrypted, as re-encryption is not possible • Fully decentralized apps are a risk • Consensus is sometimes not needed (e.g. for single-party) • PKI is a single point of failure -> HSMs are needed • Need for regular verification of local data
  11. 11. Key technology components Tamper-evident data structures Byzantine fault tolerance Shared database Distributed code execution
  12. 12. Immutable vs tamper-evident Immutable Tamper-evident • Tamper-resistant – nobody can modify data • Requires replication to multiple nodes with near real-time validation • Makes it possible to detect if tampering has occurred • Practical tamper-resistance is achieved through backups with integrity checks
  13. 13. Tamper-evident data structures Hash chain Merkle tree Patricia merkle trees Hash list Hash calendar
  14. 14. Smart contracts Neither smart, nor contracts  Distributed code execution Using the ledger as a database Written in specific languages (e.g. Solidity)
  15. 15. Blockchain, blockchain, blockchain
  16. 16. Proposed use-cases and their issues • E-voting – public bulletin boards have been around for a while. Blockchain can help, but doesn’t solve fundamental problems • Payments – it’s slow • Food quality provenance – sensors and data entry are the hard part • Item provenance – centralized database; physical identity != digital identity; cloning • Healthcare data – storing data on a public blockchain, even encrypted, is risky • Land or property registry – legal need for central authority (integrity is needed, though) • Hotel reservations, ride sharing – p2p reputation is the hard problem to solve • Many other usecases are just digital transformation + trusted timestamping (PKI)
  17. 17. Each component of blockchain can solve real world problems.
  18. 18. Blockchain can solve problems Prove unmodifiability Internal lack of trust Multi-stakeholder databases • Prove to 3rd parties that data has not been tampered with • Logs, documents • Internal actors modifying data • Anchor to public blockchain, avoid scalability and cost issues • Practically a signed, shared database. Enterprise integration. • Higher education diploma registers • Car manufacturer + dealers usecase
  19. 19. Conclusion 1. Cryptography is awesome 2. Data integrity is important 3. Use the right tool for the job
  20. 20. Thank you!