Tech Goliath’s Betting on Bitcoin

March 27, 2015

According to a number of reports, Intel and IBM are scouring the job market for Bitcoin experts. We, at the Kaspersky Daily, weren’t quite sure why the two tech giants are interested in the cryptocurrency, so we reached out to our own in-house Bitcoin expert, Stefan Tanase.

Tech Goliath's Betting on Bitcoin

As it turns out, according to Stefan Tanase, a senior security researcher on Kaspersky Lab’s global research and analysis team (GReAT), it’s not really the volatile cryptocurrency that these firms are after but the BlockChain.

“One thing which not many people realize, including some hardcore Bitcoin fans, is that the real innovation here, when talking about the whole ‘cryptocurrency revolution,’ is not Bitcoin or Litecoin per-se, but the blockchain technology instead,” Tanase told the Kaspersky Daily in an interview.

Let’s take a step back for a moment.

Bitcoin is a decentralized cryptocurrency that can be anonymously traded online. The core technology of Bitcoin is BlockChain, which acts as a decentralised transaction record for the currency. Advocates praise Bitcoin because it’s not controlled by a government or tied to a national currency or treasury while proponents claim it’s largely used to buy drugs, guns and other illicit goods online. These claims are not mutually exclusive. Both arguments hold equal merit.

Whatever your feelings are about Bitcoin itself, the BlockChain is fascinating. Somewhat simply put, the BlockChain is the official record of all Bitcoin transactions. Each new block records all the transactions that have taken place since the creation of the prior block and also all the transactions represented by previous blocks.

In other words, each new block contains the entire history of Bitcoin transactions. The creation of these blocks rely largely on game theory. Bitcoin enthusiasts or distributed groups thereof pour computing resources into solving highly complicated arithmetic problems, which can be cryptographically verified, in order to create new blocks. Block creators are awarded new Bitcoins.

The point of the BlockChain is essentially to combat double spending. It’s a defensive mechanism to ensure the integrity of the currency. And it works. It works not through a traditional top-down authority model but, as Swedish Pirate Party founder Rick Falkvinge famously puts it, through a distributed system of trust.

Tanase told us that BlockChain technology is so powerful because it essentially enables peer-to-peer networks to host a public database and transaction ledger, while maintaining the integrity and trustworthiness of the data without involving any central authority, but by using cryptography instead.

One thing which not many people realize is that the real innovation here is not Bitcoin or Litecoin per-se, but the blockchain technology instead

“In the case of Bitcoin, the blockchain technology is used to maintain the bitcoin transaction ledger,” Tanase explains. “But other interesting blockchain use cases can include, while not being limited to — contracts for buying and selling, voting, domain names.”

Revolutionary or otherwise, like all things online, the BlockChain is subject to the realities of security. New joint research by Kaspersky Lab and Interpol, presented at Black Hat Asia, revealed that the BlockChain isn’t without security vulnerabilities.

BlockChain leaves space for separate data storage, reference or hosting within encrypted transactions on the record. Kaspersky researcher Vitaly Kamluk and Interpol have determined that this feature could lead to a number of problems. For instance, it would be possible for an attacker to inject malware into the permanent BlockChain record. As of yet, there would be no known way of removing malicious code from it. It’s also possible that schemes could emerge for hosting and trading abusive images.

On the whole, this vulnerability in the BlockChain could enable the transfer of malicious data in an encrypted but centrally located and widely available format.

“The core principle of our research is to forewarn about potential future threats coming from decentralized systems based on blockchains,” said Vitaly Kamluk. “While we generally support the idea of blockchain-based innovations we think that it is our duty, as a part of security community, to help the developers make such technologies sustainable and useful for the purpose they were intended for. We hope that bringing potential problems to light now will help in improving such technologies in the future and will make it more difficult for them to be used for any malicious purpose.”

If the BlockChain is to become a versatile and multifunctional piece of technology moving forward, then, like many products and services that have come before it, we’re going to have to find a way of making it more secure.