Last year, as was recently revealed, the SEC’s network was hacked, giving criminals access to non-public information before it became public, and potential access to lucrative and illegal trading opportunities. But if the SEC adopted technology similar to blockchains, where data must be secured while being stored on public networks, it could have prevented hackers from learning anything from the sensitive data they may have gotten their hands on.
The specific network, Electronic Data Gathering, Analysis and Retrieval (Edgar), is dedicated to the online collection of such information, which the SEC uses to watch actors on the financial stage and detect bad behavior. Financial regulations are full of reporting requirements related to data such as that collected by Edgar, and it is an implicit assumption in the financial world that the SEC, and all regulatory bodies, can be trusted to keep non-public data secret and secure. This trust is based on the SEC’s ability to monitor its network and stay ahead of any would-be attackers. While on the whole, the SEC does a commendable job at this, it is an ongoing battle in which both sides are continually improving their techniques.
In contrast to the carefully controlled information flows of traditional finance, on the Bitcoin blockchain, everything is public. It’s public because it is a decentralized and permission-less system: There are no central authorities to decide the validity of transactions, so everything must be publicly verifiable by the system’s users. Bitcoin has been criticized for its transparency, which leaves no room for confidentiality, or even personal privacy. Despite its reputation as an anonymous currency, Bitcoin is anything but, and researchers in the space are actively working to bring to Bitcoin the basic privacy technology it needs to work as a serious financial system.
Unlike the SEC, Bitcoin has no network boundary that can be secured. Anybody can join the system, every transaction is public, and its entire history is stored on the thousands of computers which comprise its peer-to-peer network. How, then, can security researchers prevent these sorts of unwanted disclosures?
Enter applied cryptography. This little-known field of mathematics deals with secure transmission of data across unsecured networks. It is the reason you can check your bank balance at a coffee-shop hotspot, or log into Facebook (FB) from a cell phone whose only communication medium—the air—can be tapped by anyone in a miles-wide radius. The data is still secure—what a hacker reads out of the air is random gibberish with no correlation to your Facebook data. In recent years, applied cryptographers have turned their attention to blockchains like Bitcoin, whose public nature makes them the ultimate unsecured network.
A lesson from their research, which the SEC may do well to take to heart, is that the easiest way to keep information private is to create systems in which there is no need for it to exist in the first place. As an example, consider one of the most basic rules written into the Bitcoin system: Transactions have to balance. The money that comes out of a transaction had better be matched by money that went into it. Today, Bitcoin solves this by publishing the exact amounts involved in every transaction, which verifiers download and check for equality. It’s easy to see that this works, but just as easy to see that it’s a privacy nightmare.
An alternate option, dubbed ”confidential assets” by its inventors at Blockstream, hides the amounts behind “homomorphic commitments,” a special way of scrambling numbers such that they can still be added together, even by someone who has no idea what those numbers were. Checking that a transaction balances is as simple as making sure that the input commitments add up to the same thing as the output commitments. In other words, the fact that a transaction balances is made public, but no other information about its amounts ever reaches the public eye.
Building on confidential assets, “Mimblewimble,” a form of applied cryptography (and alternate blockchain design to Bitcoin), goes one giant step further by breaking even the linkage between transactions’ inputs and outputs. It was invented by an anonymous cryptographer using the moniker Tom Elvis Jedusor, the birth name of Voldemort in the French Harry Potter books. While the identity of its creator may never be revealed, researchers have taken the idea seriously and are continuing to build on it.
Of course, the individuals who produce these transactions know the amounts, and they’re still able to provide that information to the SEC, which can later check mathematically that the reported data corresponds to the commitments on the blockchain. The difference is that these reporting requirements are no longer required in real time, since the rule they’re needed to enforce (that transactions must balance) can be checked using only the public blockchain. The need to report on sensitive data can therefore be satisfied by higher-latency, higher-security communication systems (such as hard drives transported to the SEC).
In a world where network boundaries are increasingly under attack, and information is harder to keep secret, it is worth looking at public blockchains, which have no network boundaries and therefore no secrets. In particular, techniques blockchains use to achieve confidentiality without the assumption of a secure border may prove to be useful in a world where this assumption too often turns out to be untrue.
Andrew Poelstra is a cryptographer at Blockstream.
