Blockchain beyond business: a look at ASU’s relationship with cybersecurity technology
Ethical concerns surrounding cryptocurrency and NFTs have brought blockchain, the technology that links them together, to the center stage of cybersecurity solutions. Despite its fame, blockchain is not the only viable option for cybersecurity.
While blockchain occupies a unique space between science and culture, its popularity should not obscure other solutions to cybersecurity challenges. ASU’s efforts to research blockchain and other technologies focus almost exclusively on advances in the technology, not the business, creating room for more complex research.
Blockchain
Blockchains work by giving data a unique name, then concatenating the names so that the name cannot be changed without changing all the other attached blocks. The blockchain is also stored on a decentralized network of users, with partial duplications and copies of data to ensure consistency.
The Blockchain Research Lab was started in 2017 to study the ways of these systems could offer more privacy and transparency. It was established with a grant from the Dash Treasury Fund to study potential mass adoption of the Dash Network. Dragan Boscovic is co-founder of the laboratory and research professor at the School of Computing and Augmented Intelligence.
“(Dash Treasury Fund was) very interested in doing something with ASU and me, and they offered the first grants for the students to work on the blockchain-related project. So during 2017, I think we got almost $400,000 from them for to start the project,” said Boscovic.
While the lab was supported by the Dash Network, it covers a variety of projects. One of these projects was MedFabric4Me, which won the Community Choice Award at the NuCypher + CoinList Spring Hackathon. The project investigated how blockchain could be used to protect privacy and efficiently send records in the medical system.
“It could be an NFT digital twin of you or your house stored in a wallet. And every time you go to a particular doctor, you can give them access to a piece of history on a need-to-know basis, ” Boscovic said.
Like all of the lab’s projects, this one focuses on the technical aspect of blockchain, even as it is applied to other fields.
“Here at ASU, I’m more on the technology side. Just being a member of the faculty at SCAI makes me focus more on the technology side, because that’s what students expect to learn,” Boscovic said. In this lab, blockchain is seen as the ideal tool for privacy and security.
Reliable execution environments
However, blockchain is not the only tool for cybersecurity. Adil Ahmad is assistant professor at the School of Computing and Augmented Intelligence. He teaches at ASU and conducts research in the rapidly growing field of hardware-assisted trusted execution environments (TEE). TEEs use the hardware of a computer to build trusted enclaves for data that cannot be accessed by unauthorized software, including from the cloud or from system software.
“As a result, we can use these cryptographic capabilities and these cryptographic mechanisms to know exactly what software is running on this machine and send our data only to software that we actually end up trusting,” Ahmad said.
This type of security is notable because it uses the hardware your computer is already running on.
“My work is definitely always looking at it from a hardware perspective. Like how can we use, how can we leverage the existing hardware that we have and retrofit it for more secure computation, or exploitation, or design,” Ahmad said.
The research of TEE is a rapidly growing field.
“It was a new area when I started my PhD, which was back in 2016. But over the years we’ve seen a lot of updates,” Ahmad said.
For example, in 2020, Intel initiated the IntelSGX program to use TEEs to protect the security of patient data while allowing it to be transferred to other healthcare providers. This approach does not use the blockchain, like MedFabric4Me, and shows the field-wide interest in health data cybersecurity research.
Privacy and future concerns
Outside of the Blockchain Research Lab, law students and Barrett, The Honors College students can learn about blockchain technology and relevant law in the Blockchain and Cryptocurrency class. David Mccarville is adjunct faculty at ASU and one of the founders of the Class of 2018. Mccarville teaches the Bitcoin unit, primarily focusing on the legal aspects of the rapidly changing technology.
“It’s an intersection of a lot of different areas of law … it raises questions related to constitutional law, to free speech. Of course, it also raises securities law issues, commodity law issues, federalism issues,” Mccarville said.
Mccarville also focuses on the connection between blockchain and the cypherpunk movement. In the 1990s, the cypherpunk movement saw the digital age as a threat to privacy, and saw encryption and anonymity as the solution.
“The whole cypherpunk mentality is that we should think about how we can use encrypted communications to protect ourselves and our freedom from manipulation by third parties. It’s bigger than just bitcoin and cryptocurrency prices going up and down,” Mccarville said.
Despite its prevalence as a security solution, Ahmad referred to one of the future risks for bitcoin and cybersecurity as a whole, which is the eventual development of quantum computers. Although they don’t exist yet, quantum computers could crack the cryptography that most computers and systems, including blockchains, rely on.
Ahmad’s previous research also shows the connection between TEEs and blockchain in the wider context of cyber security. This research focused on building an enclave into the wallet services that people use to view their cryptocurrency account balances and make transfers.
“The (wallet) service will then try to go through the blockchain and figure out who you are and how much balance you have by looking at the entire database together,” Ahmad said. “It’s a problem because it inherently defeats the idea or purpose of cryptocurrencies, which is to maintain anonymity.”
“So what if we create a hardware-isolated blockchain on a cloud machine? So we can be able to use that blockchain itself while avoiding the pitfalls of actually leaking our information. That’s generally how I look at all the different areas of computer security. The idea of computer security is frankly that there are no one-size-fits-all solutions for anything,” Ahmad said.
Rather, technologies must be combined and layered. Ahmad said: “There are so many factors that come into play that what we really end up doing today is using a lot of these technologies together… We know for sure that it’s not good to have a single point of failure or a single security point. .”
So while ASU is increasingly researching and covering blockchain as a source of security and privacy, it is critical to consider that it is not the only solution or research point.
Edited by Annie Graziano, Piper Hansen, Reagan Priest and Grace Copperthite.
Reach the reporter at [email protected] and stay tuned @nerdyoso on Twitter.
Like the Norwegian Press on Facebook and follow along @statspressen on Twitter.
Continue to support student journalism and donate to Statspressen today.