Inventors of Blockchain Explain Project's Humble Beginnings, Sound Warnings About Its Future
and
"You can see, in here, is an ad. A number. Every bit of which depends on every single bit of every single timestamp registration request received by Surety since this was first deployed in 1995," he said.
Thirteen years later, Haber and Stornetta were surprised to see themselves cited in the white paper written by Satoshi Nakamoto (the almost-surely pseudonymous inventor of Bitcoin) explaining how a digital currency could work.
"As in any financial system, Satoshi needed a way to write down transactions, hopefully in a secure manner. So my promise to send you 17 bitcoin, ... you can't turn around and show that as a promise to send 170 bitcoin, and I can't show the same record to someone else that it was a promise to send 17 thousand thousands of a cent's worth of bitcoin. What did Satoshi use as the integrity mechanism for Bitcoin? He used the blockchain mechanism, the data structure, and use of digital fingerprinting exactly as I just described it to you," he said.
Since then, Haber has watched the growth of blockchain and cryptocurrencies with great interest, but also great concern. One of his chief concerns is the apparent confidence people have that blockchain can never be compromised. Bluntly, he said this was wrong.
"Spend enough time talking about blockchain stuff, you hear lots of claims about immutability. You say say to me, 'Stuart, say it ain't so,' but in fact it is not [completely immutable]," he said.
Thirteen years later, Haber and Stornetta were surprised to see themselves cited in the white paper written by Satoshi Nakamoto (the almost-surely pseudonymous inventor of Bitcoin) explaining how a digital currency could work.
"As in any financial system, Satoshi needed a way to write down transactions, hopefully in a secure manner. So my promise to send you 17 bitcoin, ... you can't turn around and show that as a promise to send 170 bitcoin, and I can't show the same record to someone else that it was a promise to send 17 thousand thousands of a cent's worth of bitcoin. What did Satoshi use as the integrity mechanism for Bitcoin? He used the blockchain mechanism, the data structure, and use of digital fingerprinting exactly as I just described it to you," he said.
Since then, Haber has watched the growth of blockchain and cryptocurrencies with great interest, but also great concern. One of his chief concerns is the apparent confidence people have that blockchain can never be compromised. Bluntly, he said this was wrong.
"Spend enough time talking about blockchain stuff, you hear lots of claims about immutability. You say say to me, 'Stuart, say it ain't so,' but in fact it is not [completely immutable]," he said.
Blockchain, he said, relies on what's called "hash functions" in the cryptography world, which functionally allow the system to make unique identifiers for files; no two files will have the same one, if the hash function works. Blockchain has one, which is what allows for its functionality, but there are several others in wide use, such as the MD5 algorithm. This, he said, is the "most ubiquitously used hash function" in the world, noting that it's still used in the code of most cellphones and laptops as a digital fingerprinting measure. This, he said, is unfortunate because cryptographers like himself have known MD5 can be broken since the mid-'90s and have been urging companies to not use it ever since.
"That can be broken. There are plenty of pairs of files with the same MD5 fingerprint," he said.
While blockchain's hash function hasn't suffered the same massive attack as the MD5, said Haber, this does not mean it won't sometime in the future. He was disappointed to find that when Satoshi Nakamoto outlined how Bitcoin could work, there was no mention at all of ensuring the longevity of the algorithm, nor anything that accounted for an MD5-like event. While the current hash function is apparently secure, he said, "You should plan that the particular one you're using today might not be so good tomorrow."
"Very few people in the blockchain world are talking about algorithmic agility, as it's called, thinking about engineering things for hash function attacks to come," he said.
Stornetta also spoke at the end of the discussion, leading the audience in a practical hands-on exercise in building their own blockchain as a way to demonstrate how it works.
"That can be broken. There are plenty of pairs of files with the same MD5 fingerprint," he said.
While blockchain's hash function hasn't suffered the same massive attack as the MD5, said Haber, this does not mean it won't sometime in the future. He was disappointed to find that when Satoshi Nakamoto outlined how Bitcoin could work, there was no mention at all of ensuring the longevity of the algorithm, nor anything that accounted for an MD5-like event. While the current hash function is apparently secure, he said, "You should plan that the particular one you're using today might not be so good tomorrow."
"Very few people in the blockchain world are talking about algorithmic agility, as it's called, thinking about engineering things for hash function attacks to come," he said.
Stornetta also spoke at the end of the discussion, leading the audience in a practical hands-on exercise in building their own blockchain as a way to demonstrate how it works.