The objective of the journal article Where Is Current Research on Blockchain Technology? written by Jesse Yli-Hummo, Deokyoon Ko, Sujin Chio, Sooyon Park, and Kari Simolander is to “understand the current research topics, challenges and future direction of Blockchain technology from the technical perspective” (Yli-Huumo et al., 2016). The peer-reviewed article covers research combined from fourty-one papers from scientific databases such as IEEE Xplore, ACM Digital Library, Springer Link, Science Direct, Ebsco, and PLOS One. Two papers were published in 2013, sixteen papers were published in 2014, and twenty-three papers were published in 2015. Thirty of the papers were produced by an academia source. The others were produced by an industry source. 80% of the papers focused on bit coin; the other 20% focused on other applications. Improving the limitations of privacy and security are the primary focus of the current research according to all of the research gathered.
Summary of the Journal Article
The paper discusses how, through research, it is determined that more research is needed for anonymity, data integrity, and security. There are many technical limitations to Blockchain technology such as latency, throughput, and bandwidth. Scalability is also an issue that needs to be researched further. The paper uses systematic mapping of research methodology to provide an overview of the current research in Blockchain technology.
The combined research from the article and other journal articles describe Blockchain as technology used for keeping track of record. “Blockchain is a decentralized transaction and data management technology” which was first developed for use of the Bitcoin in 2008 (Yli-Huumo et al., 2016). Blockchain provides data security, transaction anonymity, and data integrity without the control of a third party. Blockchain is also known as distributed ledger technology. Blockchain is a way of storing data to perform a trusted transaction between two parties wishing to preform transactions. The Blockchain database holds a ledger system to store the blocks of data in a register that is transparent and accessible. “Once the information has been entered into a block, it cannot be altered, only added to” using cryptography (Norberg, 2019). The data is time stamped and linked to a previously written block. The information is distributed to nodes on the network through a public broadcast. The node collects the new information into a block. The data block of new information is checked for correctness by using the information in the block from the previous block. Each node works on finding a Proof-of-Work that is broadcast to all other nodes (Nakamoto, 2008). The nodes accept the block only if all transactions in it are valid and not already used. Once all the nodes have received the block, the block is closed and practically immutable (Bashir, 2017, p.23). A new block is created for the next record in the ledger which are also linked to a previous block so the data is in one continuous chain. “If two nodes broadcast different versions of the next block simultaneously, some nodes may receive one or the other first. In that case, they work on the first one they received, but save the other branch in case it becomes larger [with the hash]. The tie will be broken when the Proof-of-Work is found” (Nakamoto, 2008). Actors can have privileges to add to the ledger to update the record for information; others may only have view access. The actors that have privileges to add and view information are, for example, inspectors to verify regulation of a shipment, IoT (Internet of Things) sensor, a banking system’s creditor, a carrier verifying a bill of landing, or a GPS (Global Positioning Satellite) tracking movement (Norberg, 2019).
Security was a major concern in the papers found in the research. Fourteen of the forty-one papers were related to security in the Blockchain technology. “We identified various topics on security, including trends and impacts of security incidents, 51% attacks, data malleability problems, and authentication and cryptography issues” (Yli-Huumo et al., 2016). Blockchain runs on Grover’s Algorithm and Shor’s Algorithm for security (Rodenburg, PhD & Pappas, PhD, 2017). Grover’s Algorithm provides computational hashes to provide security against modification of previous blocks. The chain of blocks can theoretically not be re-computed. Modification of a single block is made difficult by the finding the hash collision. Shor’s Algorithm provides efficiency in factoring large prime numbers. However, modifications in Shor’s Algorithm to make discrete logarithm problems can be used to attack RSA encryption as RSA is 4096 bits and cannot withstand a quantum computation attacks. The existence of Shor’s Algorithm demonstrates that ElGamal, D-H (Diffie-Helman) key exchange, DSA (Digital Signature Algorithm), and ECC (Elliptic Curve Cryptography) are insecure. A quantum computer opens the possibilities of vulnerabilities beyond hash collisions of Grover’s Algorithm.
As the use of Bitcoin increases, so does the security incidents. There are several types of attacks on the Bitcoin in the Blockchain network. There direct attacks such as DDos attacks on Bitcoin exchanges and mining pools, Ponzi scams, mining scams, scam wallets, and fraudulent exchanges. And, there are indirect attacks such as private account hacking, Trojans, and viruses. Between September 2013 and September 2014, there was $11 million loss to scans by 13,000 victims (Yli-Huumo et al., 2016).
A 51% attack gives a bad actor control over the Blockchain network and capability to manipulate data. The Blockchain is based on the assumption of honest nodes. The 51% attacks happens when the bad actor gains more computational power and takes over a node. A node is tricked into connecting to the attacker’s node IP (Bashir, 2017, p.454). When the bad actor takes over, the decentralized network becomes centralized in context. Bad actors can take over honest nodes with the Binomial Random Walk. This is extending the network lead by +1. “The probability of an attacker catching up from a given deficit is analogous to a Gambler’s Ruin problem” (Nakamoto, 2008).
Blockchain ledger cannot be deleted after the nodes have received the block and the block is closed. The block is practically immutable (Bashir, 2017, p.23). This provides strong data integrity for the data in the ledger. The data in the ledger’s block is protected with a time stamped hash based Proof-of-Work. The hash can be SHA256 which has no known security flaws as of yet. However, the data can be altered before it is written. Bitcoin uses the public key infrastructure (PKI) for security (Nakamoto, 2008). PKI is based on a public key and a private key. With Bitcoins, the public key is used to access the Bitcoin wallet and the private key is used to authenticate the user. PKI has vulnerabilities. PKI is susceptible to key mismanagement, key spoofing, certificate authority verification issues, DoS attacks, and client side weaknesses of the private certificate. A bad actor can intercept the transaction and rebroadcast a transaction. Strengthening PKI to ECC will not provide the required randomness. Hardware mechanisms have been suggested for confidentiality of a transaction because the Trusted Platform Model provides unique encryption (Bashir, 2017, p. 452). Quantum cryptography is another solution. In Quantum cryptography, the encryption key is created as a snapshot in a system state and will be changed at the change of the system state. It cannot be duplicated. Only the reader with other snapshot of the quantum state will be able to decrypt the data. “As of now, no functional quantum computer exists that is so sophisticated enough to perform such computations, though there is no doubt as to the efficacy of the algorithms themselves and of their threat to cryptographic systems” (Rodenburg, PhD & Pappas, PhD, 2017).
The Blockchain network relies on a distributed consensus network that is without a trusted intermediator. The information is announced to the network publicly. The privacy is maintained by maintaining the flow of information. Anonymity of the block can be compromised by tracing the origins of the IP address in observing the transaction of the traffic. Studies have been done to increase anonymity by mixing services to allow users to move from one address to another without a clear linking between (Yli-Huumo et al., 2016). Blind signatures can also be used with public append only logs so a third party can verify the validity of the transaction. “Some linking is unavoidable with multi-input transactions, which necessarily reveal that their inputs were owned by the same owner” (Nakamoto, 2008). If the key is revealed, the owner is compromised.
The research indicates there are wasted resources in the area of Blockchain when it comes to Bitcoin. Bitcoins are mined by individuals. The computers that are computing the mining algorithms require a high degree of computational power for efficiency of mining and Proof-of-Work. The paper’s research results shows that as an individual increases their power, the total computational power of the Bitcoin network increases. This in turn increases the difficulty to maintain a steady Bitcoin creation speed which reduces the Bitcoin mining rate of the miners (Yli-Huumo et al., 2016). As Blockchain in general grows more complex, it requires more computational power to confirm more blocks.
The throughput of the Bitcoin network is 3tps-7tps (Bashir, 2017, p.445) compared to Twitter at 5,000tps (Norberg, 2019). It takes about ten minutes to complete a transaction with Bitcoin (Yli-Huumo et al., 2016). To provide the adequate PKI security, there is the public key of the sender, multiple keys of the receiver, and the transferring value. The block then needs to be checked for double-spending to ensure the bitcoin has not already been spent. The Bitcoin transaction takes a long time compared to Visa which happens within seconds. Bandwidth needs to be improved to provide more and faster Bitcoin transactions. The size of the Bitcoin network is 50,000MB (Yli-Huumo et al., 2016). One block is 1MB (Bashir, 2017, p. 445). Since one block is created every ten minutes, the network is limited to 500 transactions in one block.
“When the size of the Blockchain increases, it has a direct impact on scalability” (Yli-Huumo et al., 2016). Scalability issues revolve around the limitations in latency, block size, bandwidth, throughput, and multiple chains. One solution to Blockchain limitations in scalability is proposed by Miller in the paper On Scaling Decentralized Blockchains (Bashir, 2017, p. 444). Miller proposes dividing Blockchain into various abstract layers called planes. Each plane is responsible for its own function. “These include the network plane, consensus plane, storage plane, view plane, and side plane” (Balkin, 2017, p. 444). The structure will allow bottlenecks in the infrastructure to be addresses individually.
The research provided found Bitcoin is difficult to use. However, Blockchain APIs for the developer for Blockchain in other applications and services are easier to implement (Yli-Huumo et al., 2016). The users of Blockchain must be able to analyze the blocks in the chain. The supporting tools to do such are the APIs. Clusters of block addresses are likely to belong to the same users and labeled as such. The blocks are extracted from the network with the API for analysis. “The goal of the software is to provide solvency without publishing information” (Yli-Huumo et al., 2016). It provides a link between the two parties with limited anonymity.
Blockchain is not limited to Bitcoin or cryptocurrency. It is an application as a solution developed in environments such as “IoT, smart contracts, smart property, digital content distribution, Botnet, and P2P” (Yli-Huumo et al., 2016). It is a public ledger in a decentralized environment that can be applied to various industries in a wide variety of applications. One such example is in International trade which ties together hundreds of suppliers across multiple countries. It is extremely complex in planning the process and logistics along with the transactions needed. “Having to deal with various intermediaries is costly, inefficient and keeps information about the product in silos with each middleman” (Norberg, 2019). Blockchain allows the two parties to conduct a transaction from start to finish without a middleman. Blockchain allows for the product to be tracked efficiently and sufficiently from inception to completion, from the product line to the consumer, from farm to table.
Another example is in IoT devices. Devices such as automobiles, watches, thermostats, refrigerators, dishwashers, and surveillance cameras now have network connections to other physical devices. These devices can “connect and exchange data making it possible to control and monitor them remotely” (Norberg, 2019). Smart contracts between the devices tie together the Blockchain technology with AI (Artificial Intelligence) and the IoT. Smart contracts do not need human interaction. “Smart contract security is of paramount importance now” (Bashir, 2017, p. 455). Smart contracts are programs that run on top of Blockchain to provide “business logic to be executed when certain conditions are met”. (Bashir, 2017, p.21). The smart contract is what verifies the regulations and standards with an algorithm so the device can proceed to the next step of processing.
“A crucial point for policy makers is to get regulation to work across other issues that are fundamental to executing the Blockchain process” such as digital signatures (Norberg, 2019). Digital signatures are being recognized at a policy lever per organization, but they are not yet fully implemented into regulation. Regulating a new technology is about not having too much regulation to stifle development but also have enough regulation to prevent risks and promote adoption. It is about striking the right balance. The ISO (International Organization for Standardization) has a technical committee working on development standards covering terminology, security, interoperability, governance, and smart contracts (Norberg, 2019).
“Bitcoin was the first application to introduce Blockchain technology.” (Yli-Huumo et al., 2016). Blockchain created a decentralized environment where two parties could exchange digital currency to buy and sell goods. However, Blockchain technology can be used wherever there is a need to keep track of record.
More research needs to be conducted to overcome the challenges and limitations in Blockchain. There are many issues without solutions. The technology needs are scalability, interoperability, regulation, privacy, and adoptability. Most current research is on security and privacy (Yli-Huumo et al., 2016). Scalability issues, performance, and latency need to be addressed. Unfortunately, “There is currently a shortage of academic resources devoted to Blockchain” (Norberg, 2019). Many advancements have been made in the field of Blockchain technology in the recent years. However, Baskin mentions in the book Mastering Blockchain, the areas that need further research are: smart contracts, centralization issues, limitations in cryptographic functions, consensus algorithms, scalability, code obfuscation, Proof-of-Stake algorithm, and various specific applications that work with Blockchain. (Bashir, 2017, pp. 475-483).
Bashir, I. (2017). Mastering Blockchain. Birmingham, UK: Packt Publishing.
Nakamoto, S. (2008). Bitcoin: A Peer-to-Peer Electronic Cash System [PDF]. Satoshi Nakamoto
Institute. https://git.dhimmel.com/bitcoin-whitepaper .
Norberg, H. (2019). Unblocking the Bottlenecks and Making the Global Supply Chain
Transparent. The School Of Public Policy Publications, 12(9). https://doi.org/http://dx.doi.org/10.11575/sppp.v12i0.61839
Rodenburg, PhD, B., & Pappas, PhD, S. (2017). Blockchain and Quantum Computing [PDF].
The MITRE Corporation. https://www.researchgate.net/profile/Brandon_Rodenburg/publication/322132176_Blockchain_and_Quantum_Computing/links/5a46b9a00f7e9ba868aa5375/Blockchain-and-Quantum-Computing.pdf .
Yli-Huumo, J., Ko, D., Choi, S., Park, S., & Smolander, K. (2016). Where Is Current Research
on Blockchain Technology?—A Systematic Review. PLOS ONE, 11(10), e0163477. https://doi.org/10.1371/journal.pone.0163477
written by Heather Phillips, October 27, 2020