Bypassing Blockchain BS

AusCERT 2016

If you spend any time talking with people in the finance and banking sectors about technology, it’s inevitable you’ll end up in a discussion regarding blockchain. And, at some point, this relatively new technology will be held up as a panacea for many of the challenges faced by the people we trust for holding and moving our money around.

Steve Wilson (@Steve_Lockstep), Principal Analyst at Constellation Research, has a different view. We spoke with him at AusCERT 2016 about blockchain.

Steve Wilson speaking at AusCERT2016
Steve Wilson speaking at AusCERT2016

“Almost everything you hear about blockchain is wrong,” says Wilson. “The use-cases and metaphors used to describe blockchain have a life of their own. It’s a very unusual piece of cryptography”.

One of the challenges, according to Wilson, is that blockchain is hard to explain and the metaphors people use don’t accurately describe what it does.

“When you design a piece of software, the very first thing you do is state the problem, define the problem space, do a requirements analysis and work your way through to the technology options. It seems, with blockchain, that they’ve completely skipped this”.

Wilson says by looking at what Bitcoin is designed to do you can get an accurate picture of what blockchain is designed to.

“It’s an incredibly elaborate solution that does one thing and it doesn’t even do that very well. Yet people have run away with this metaphor of decentralised ledgers. Any use-case outside Bitcoin is flimsy, sometimes dangerously flimsy,” he says.

Steve Wilson speaking at AusCERT2016
Steve Wilson speaking at AusCERT2016

One of the business cases made for blockchain is financial settlement processes where one party collects money from a number of parties, passes it to another party who then disperses the funds. But Wilson says even that scenario, which is often held up as an optimal use-case for blockchain is flawed.

“One of the problems the mysterious Nakamoto [the inventor of Bitcoin] was trying to solve was how do you have frictionless money transfers. It’s really important for the health of the blockchain network that anybody can do it and share the workload,” says Wilson.

This is where Wilson diverges from many in his view of blockchain. The value of the blockchain protocol is in allowing legitimate transactions between unidentified parties. But with banks and other financial institutions the parties engaged in the transaction are typically known to each other and regulated.

These financial activities can envisage a “permissioned blockchain” – one where a third party authorises parties who add transactions to the blockchain. This is exactly what Nakamoto was trying to avoid. With Bitcoin, Nakamoto’s blockchain served as the validated transaction record between unidentified peers. But banks are already identified and regulated which negates the need for such a complex cryptographical solution.

Despite this, about 40 large banks from across the world, including the Commonwealth Bank and Westpac, have come together to form the R3 consortium. The group recently announced that it had completed a trial of blockchain solutions offered by Eris Industries, IBM, Intel and Chain to facilitate the trading of debt instruments. It involved 40 banks during the last two weeks of February. In January, the group conducted an 11-bank trial which used Ethereum hosted on Microsoft Azure.

Steve Wilson speaking at AusCERT2016
Steve Wilson speaking at AusCERT2016

Wilson thinks efforts such as this “take inspiration” from blockchain as they solve the problem of distributed ledgers and understanding the state of complex transactional chains so that all the parties involved can have a common view of the state of a transaction.

“I love their style. They sitting back and asking what problem they are trying to solve,” says Wilson.

However, Wilson notes there are some efforts to apply blockchain in situations where it is unnecessary. For example, some jurisdictions are looking at using blockchain for storing records such as birth certificates. But this makes little sense, says Wilson, as the creation of a birth certificate requires the input of a certified party such as a doctor. And there’s little need for that database to be distributed.

“People lose their grip on how blockchain works,” Wilson says.

Join the CSO newsletter!

Error: Please check your email address.

Tags microsoft azureBlockchainIBMAusCERT2016Steve WilsonFinancial ServicesintelBitcoinAusCERT conference

More about Commonwealth BankIntelinventorMicrosoftWestpac

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Anthony Caruana

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts