Why should feds care about blockchain?
Federal standards setters can't predict how blockchain might serve government ends, but secure voting, health records and identity management are possible applications.
As they wait to see how the world will wind up using blockchain, feds are tending to the underlying cryptography.
"From a standards perspective, our immediate goal is making sure that our set of cryptographic standards and guidelines cover what's needed to support blockchain," said Andrew Regenscheid, computer scientist in the National Institute of Standards and Technology's Computer Security Division.
Blockchain, the public ledger system underpinning Bitcoin, provides a cryptographically secured record of transactions.
The decentralized global system can handle roughly seven transactions per second, which are recorded into blocks every 10 minutes or so, Deputy U.S. Chief Technology Officer Ed Felten explained to NIST's Information Security and Privacy Advisory Board on June 16.
Each successive block contains a cryptographic hash of the prior blocks -- the whole record. Nothing is ever erased.
In the Bitcoin model, the ledger's accuracy is maintained by general consensus, – a surprisingly successful approach that Felten noted "works in practice, not in theory." But a blockchain could also be deployed by a central authority.
Some potential use cases: tracking the transference of titles or deeds, keeping electronic health records current, even managing voting.
The Department of Homeland Security has even expressed interest in using blockchain in identity management.
"These are talked about," noted National Telecommunications and Information Administration policy analyst Travis Hall. "We actually don't know how this is going to be used."
It would be "terribly premature" for government to overreact to blockchain, since the technology's applications are still being sorted out, Hall said.
Should it make its way into government, the technology could automate complicated functions at the cost of security and computing power.
Deputy U.S. CTO Felten, however, warned that maintaining the security of cryptographic keys will be crucial in blockchain use, and that ever-more computing power will be required.
"The official story is that Moore's Law is supposed to take care of it," Felten said, referring to the principle that computing speed doubles every two years. He noted that it has been "painful in practice" to verify the entire Bitcoin blockchain, especially as newer blocks get further and further from the original "genesis block."
For private sector and government alike, centrally managed blockchain details remain to be hashed out.
"[U]ltimately we're not expecting to see a single model of the blockchain for everyone," said NIST's Regenscheid. "We think that this is going to be something that's tailored for different applications, for different sectors."
On the cryptography front, Regenscheid said more complex models, such as those allowing multiple digital signatures, offer plenty of room for standards bodies to get to work.
"[A] lot of what we see being deployed today uses fairly basic cryptography that's based on cryptographic hashes, digital signatures," Regenscheid said. "Now that's starting to change."
NEXT STORY: Brennan warns on encryption