Blockchain is a public set of records that link together over the internet. There are a few things that make Blockchain interesting to security researchers and technologists.
First of all, while the records are transparent to anyone on the Blockchain network, they are difficult if not impossible to alter. The name “Blockchain “is significant here, because these ‘blocks’ of data are ‘chained’ together. So let’s say there is block A and someone who is authorized wants to add block B, well they do it by using a digital hash that links it to block A, then let’s say someone else wants to add block C, it’s chained to block B by a digital hash. Now let’s say the author of block A wants to change it, well they would need to get approval of the authors of B and C, change A, then read B and C. So, think about now a chain of millions of blocks, how hard would it be for a bad actor to alter or change the chain, almost impossible. Adding yet another layer of assurance, before a block is added or altered (they almost can’t be altered but for arguments sake), a consensus must be reached and agreed upon by devices in the network.
Added to that is that these blocks are all built using a private encryption key, so unless the bad actor could steal thousands of private keys they wouldn’t be able to authorize changes. Plus, those changes are transparent and logged so if author C sees a change they didn’t authorize they could raise an immediate alarm.
Making this more resilient is there is no central database for a Blockchain, but rather it is stored in many places and when an authorized block is added these dispersed database update immediately, this way if one is brought offline the chain is still available and the integrity is maintained. Because of the consensus required if one place where the chain is stored is altered without agreement of the other databases the single change point loses and the chain is left unaltered.
So, let’s try to illustrate, imagine I have a set of Legos, I hand out one Lego to each of 100 people, and only they can place the Lego with the other Legos. Now when they go to place the Lego they can only do it by getting a secret code from the Lego they are about to attach it to, and at least 51 of the 100 people must agree. Now on top of that as the Lego project is being built there are 100 other copies of the project being done, so if a person wants to change their addition to the project, (where or how their Lego is attached) 51 of the 100 copies have to agree and of course if more Lego’s were stacked on top they all have to be removed and then re-added.
It’s easy to see why this technology is desirable for financial transactions, however what other way can blockchain be used in the future? Any database could in theory be secured by blockchain, so think of payment applications like PayPal, and how Blockchain could be used to fight fraud, device manufacturers could use it to secure the supply chain, accounting, intellectual property, and so on.
Right now Blockchain technology is a bit expensive to develop and implement so it is used sparingly usually for the highest of risk and value situations. As it gains marketplace acceptance and with some big players dumping tons of resources into development it is expected that in the future it will become common to utilize Blockchain to secure numerous applications. It will be interesting to see where this technology can go in the future.