How The NSA Can Use Blockchain To “Connect The Dots” Securely—With Smart Contracts

    Salvatore Babones

    Security, Americas

    A general view of the large former monitoring base of the U.S. intelligence organization National Security Agency (NSA) in Bad Aibling south of Munich, June 18, 2013. German Chancellor Angela Merkel defended government monitoring of Internet communications on Monday, saying a day before President Barack Obama visits Berlin that Washington's cyber-snooping had helped prevent attacks on German soil. Obama has come under fire for the scope of surveillance by the NSA revealed by former government contractor Edw

    Mass security breaches like the 2013 Snowden data dump could be prevented by putting classified documents on the blockchain.

    When National Security Agency (NSA) contractor Edward Snowden walked off with 1.5 million classified documents in May 2013, he exposed the weakness of the U.S. government’s jerry-rigged security systems. Instead of iron-clad double-key encryption, the NSA relied on home remedies like regular password changes and the prohibition of thumb drives.

    When your home network has better security than the NSA, something has to change. That change may come from an unlikely source: Bitcoin. No, the NSA is not likely to start making its analysts mine Bitcoins to pay for data access. But the NSA could adopt Bitcoin’s underlying database architecture, the encrypted blockchain database management system.

    In a typical database structure, each user needs a password to access the database. Once in, users can access anything their security clearances allow. The security is on the user, not on the data. The files themselves, like those stolen by Snowden, are not encrypted.

    Blockchain databases reverse that logic. The blockchain lets anyone in — you can view the entire Bitcoin database right now — but all the data are encrypted. The files are useless to anyone who doesn’t have the right encryption key.

    More importantly, blockchain also supports the use of smart contracts for access to data files. A typical smart contract for a classified government document might allow access only if two keys are presented at the same time: the user’s key and the current NSA system key. The NSA system key could be updated every minute according to a seemingly random algorithm generated by a super-secure server. So even if a future Snowden were somehow able to download millions of documents, they would be locked forever once taken offline.

    Read full article

    Loading...

    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here