Announcer: Welcome to What That Means with Camille, companion episodes to the Cyber Security Inside podcast. In this series, Camille asks top technical experts to explain–in plain English–commonly used terms in their field, then dives deeper, giving you insights into the hottest topics and arguments they face. Get the definition directly from those who are defining it.
Now, here is Camille Morhardt.
Camille: Hi, and thanks for joining me to figure out what that means. Each episode, I’ll introduce our guests and then they’ll have three minutes to define today’s topic. After that we’ll spend about 15 minutes diving a little deeper. Okay, here we go.
Today we’re going to interview Mic Bowman who spent over 20 years working on large-scale databases and distributed systems. He is Senior Principal Engineer at Intel Labs, and he runs a trusted and distributed systems research group with the focus on security and privacy. Mick has several patents and he has also served as a member of the Hyperledger Technical Steering Committee.
But more importantly, otherwise known as a bit of a block chain god. I went one time, went to a conference with him in on Cryptography and we had flown down separately and then joined up at the conference. And I noticed he was sitting just a few chairs away from me. So the first break that showed up, I went over to say hello to him. And he’s sitting there saying hi to me. I said, “how was your flight?”–your flight is good and all this. And I turned around and within about 10 or 15 seconds, there was a line 20 or 30 people long behind me waiting to talk to Mick. So I’m very happy to have him on today.
How are you doing Mic?
Mic: I’m doing really well.
Camille: Mic is a modest guy. He doesn’t like it—
Mic: Big eyeroll (laughs)
Camille: (laughs) Uh, Mick, I’m hoping that you can define block chain for us in under three minutes.
Mic: Well, let me give you two versions of the definition. The first version, as you know, as a sort of pure technology, a block chain is really just a way of using cryptography in order to make sure that we have a history that we can all agree to very, very quickly. And as a result of that, since we can detect differences, we can also detect that things are exactly the same. And that’s the sense of immutability that we get with a block chain as a data structure.
But really block chain is a lot more. It’s kind of a philosophy, an approach and it really represents the change in how inter-organizational trust works that the block chain access to substitute for–as a technology substitute for–organizational trust and allows us to have an authority, that’s outside any given organization. And that authority allows us to do some very interesting things with transactions that can either be public or private and agree on the outcome and have everyone who’s participating agree on the outcome.
Camille: So I hear people use the words, “distributed ledger technology” and “block chain” and “Bitcoin” all interchange sometime. Can you enlighten us as to some of those differences?
Mic: There are about as many different uses for those terms, as there are people who use those terms. Bitcoin is a very specific instance of a technology that uses block chain to create a cryptocurrency–digital assets that can be exchanged.
Um, when we talk about distributed ledger technology, we generally mean the sort of very generic there’s stuff happening. We all agree it happens. It changes some shared state in some way, and we all agree that the resulting computation or the resulting change status in has some truth associated with it.
So, the distributed ledger may be used for everything from, uh, playing decentralized games and creating really cool digital pets, or it can be used to do things like create cryptocurrencies. It’s a very generic technology. And, and like I said, underlying that as the block chain, which is really the kind of way and the protocol and the data structures in which we use to build that agreement.
Camille: And now let’s dive a little deeper. And is that fundamentally cryptography?
Mic: The block chain is usually involves a fair amount of difference techniques that we would call cryptographic. So it’s using techniques for signing data based on cryptography, so that we can identify that a particular action or chunk of data came from an individual like a source of a transaction.
We can use cryptographic, hashing–collapsing a big chunk of data down into a single number in a very unique way that doesn’t allow it to be reproduced. And we are also using cryptographic techniques for actually doing those transactions, especially in, when we talk about the distributed ledger technologies for doing very complicated things that allow us to hide the information, but still prove that it was done correctly.
And those homomorphic encryption and zero-knowledge proofs and others that people are starting to use in these places, along with what Intel spend doing and trusted execution environments.
Camille: Okay, so that last bit that you’re talking about, you’re saying, boy, when we have distributed databases–which is essentially this distributed ledgers or distributed ledger technolog– everybody is a part of that community or network has got to have an entire copy of the database and all of the information that’s on it, which can get heavy.
And so we started to hear these words, redundant compute. Are you suggesting that these hashes or this homomorphic encryption that you’re talking about, help us point to the data or point to the original source and prevent everybody from having to have all the data?
Mic: So it depends a lot on how they’re used. There are some techniques that are being used that are based on computing, over portions of the block chain, and then coming to agreement on it. And those techniques would be things like sharding, for example. There are also techniques for doing off-chain–what we call “off-chain computation.” So we’re doing the compute that’s interesting to the transaction someplace else, but we’re providing a proof that we did the, the competition correctly. And that proof can be something that’s very small on it. Um, so in the sort of traditional block chain, if there ever was a traditional block chain and the traditional block chain sense, everybody has a copy because everybody has to do every compute.
That’s not realistic for things that are very compute intensive. And so we’re developing techniques for being able to split those up into two sub units.
Camille: Okay. So, so various people who are connected to the network would be doing the computation on their own and then proving to the network that they’ve done it.
Mic: Yep. And those techniques involve trade-offs between trustworthiness and computability. There’s no sort of one-size-fit-all here that each application has to be designed and its own within the context of its own community.
Camille: I want to back up just a little bit and kind of push a little bit more on why everybody’s so interested in block chain in the first place. One of the things I hear is that, uh, it allows you to remove the intermediary or remove the central authority (I think you referenced that). How is it allowing the removal of an intermediary or it, or a central authority.
Mic: The block chain, you know, like I said, it’s just basically, it’s a linked list of transactions that allows us to very quickly agree on the fact that we’re looking at the same thing. But the really challenging part is how you build this list. And that process is what we call “consensus.” And there are a variety of different kinds of consensus. Bitcoin chooses one, which is called “proof of work,” which involves a lot of computation, which makes it really hard for somebody who doesn’t have enough computation to, to cheat the network.
There are other techniques that are less decentralized, but provide better transaction rates and more power efficiency in order to it. But it’s that process of coming to agreement that we’re all looking at or changing that link list, that block chain in the same way, that’s really where the interesting part of the de-centralization comes in. It’s in that consensus stuff.
Camille: So we’re saying rather than all of we bankers are all of week, hospitals are all of the people in the supply chain sending our information to the single buyer or the government or the bank affiliation–I can’t think of the right word. But instead of doing that, we’re saying “no, no, either we don’t trust you to take our data and aggregated or make decisions based on it or we value our own IP and we’re scared to share it.” Either way, we kind of remove the idea that somebody kind of has the button that controls all of the data that we’ve all submitted to that person. And instead we each kind of have these checks and balances through mathematics that anything anybody’s adding to the database we can attest that that’s accurate.
Mic: Yeah. But it, that we all see the same thing, whether it’s true or not is a different question, but we all see the same thing. Yeah.
Camille: Okay. So what makes it untrue?
Mic: So, well, again let’s kind of go back and talk about what truth is, right? I can have a sense of the reports that the current temperature is 80 degrees. We all agree that that’s been some reports, 80 degrees, but the fact is that the thermometer might be broken. Right? So the fact that we all agree that on the same result for the sensor does not mean that the temperature is actually 80 degrees.
So, we do have that, that sense of, of agreements is not always truth, but for the purposes of things like digital assets and cryptocurrencies, agreement is truth as far as things like ownership goes and what the current balance is and what the available resources are.
A couple of things I wanted to just bring up based on your comments, Camille. What is de-centralization and why do we need it? What is its real value in this case? In some cases it’s, it’s about trust, right? Bitcoin clearly was a response to fears that governments would be able to control fiscal systems. That’s its core basis for it.
But there are a lot of things where we want a block chain and we want a community record that’s not based on distrust, but it may be based on longevity. So for example, a block chain lasts as long as any one of the organizations that’s participating in, it continues to exist. So it lasts as long as the community. So if we want to do– if we want to build, for example, on identity system, do I want to go to some big TSP or some big social network and say “you’re going to be my identity provider?” Well, that works as long as the, as long as the social network or the CSP, it continues to exist.
But if we can get an aggregate of CSPs or an aggregate of social networks together and that they all support it, then as long as any one of them–as long as the community–continues to exist, we have a valid source of information about identities. So we manage de-centralization sometimes because it’s the only cost effective way of doing it. Because nobody would buy into to owning the centralization of it.
But sometimes we do it for longevity, as well. For persistence. That it ties that record to a community rather than tying it to any individual organization.
Camille: Okay. So what if there’s a mistake? You claimed it. I verified it and then we both agreed that wasn’t right. I shouldn’t have transferred you the a hundred dollars. We made a mistake. So let’s just go back and delete that.
Mic: Yep. So in, in a financial system, the advantage of a centralized financial system is that I can call up one of the banks and I can say, “Hey, look, there’s a transaction that took place. It was fraudulent. It didn’t really happen.” They do the investigation, they can reverse it.
At the other end of spectrum is Bitcoin and frankly, whatever the record says is truth whether it really happened or not. That is, if you’re claiming ownership of it, and you’ve got the keys, you’ve got the cryptographic keys in order to perform the transaction, then it’s yours and there’s no disputation on it.
But there are these sort of gray areas in the middle where interesting things have happened. There were, for example, some attacks on a smart contract and Ethereum several years ago. And the Ethereum community agreed that they would roll back a set of transactions to a period before that attack took place and re-established truth. And that was a tough thing to do in that space.
So there are some times we can kind of break the rules, but the whole point of the block chain is it’s really hard to break the rules. You’re going to have to be very intentional about it.
Camille: And it’s really hard to push delete. Right? I mean, when we say I keep hearing immutable.
Mic: Really there’s no delete. There’s no removing something from the record. There may be reversing it, but removing from the records very, very difficult.
Camille: Okay. So what are people arguing about these days in the block chain world?
Mic: What are they arguing about? Um, well, there are a lot of things, a lot of things that they argue about. There continues to be the, the kind of value of cryptocurrencies and in particular cryptocurrencies that get pegged to fiat currencies. Right? So that there’s a, there’s a tight binding between the value of a digital coin and the value of a physical coin that of corresponds to. In some sense we want those because they got a legitimacy to the, to the cryptocurrency that makes it less, it’s less venture driven and more value driven. So there’s that kind of whole class of things.
But there’s another class of problems that’s related to, how do we do scalable transactions? The famous Crypto Kitties application on Ethereum several years ago was really creating digital pets. But at the time we had 25 to 30,000 Ethereum servers that were running, which means that every single one of those 25 or 30,000 servers was running every single crypto community transaction. And this is just, uh, it’s just the game, right? It’s just an online, fun digital pet. It was fun by the way.
Camille: By the way, I saw a digital kitty that sold for 125,000 fiat dollars (laughs).
Mic: I’m not even gonna go there with it. But we, we know that we can’t do these sort of power inefficient applications. That we have to find some way to make those things more– to make those kinds of decentralized transactions, more efficient. How we do that? Well, oftentimes it means that we give up some of the decentralization. That we move a consortium or define a consortium to take responsibility for it. So we’re back to some organizational trust, but with kind of one level of proxy in place for us.
Camille: So public is sort on the sort of far one side Bitcoin side, which is like, well, even if you hacked somebody to get the keys, it’s yours now complete freedom. And then on the other side is, well we’re back to centralization here, the centralized model. And so you’re saying there could be maybe some kind of a hybrid with known trade-offs that a community has made. Maybe this happening in the enterprise space where people are trying to run business?
Mic: Yes. We see a lot of this on the enterprise space. And it has to do with the specifics of the technology, how to do with the applications. And we’re, we’re learning how to build the applications that are sort of right sized– or the technology that’s right sized for the application. That sometimes it’s okay to have consensus among 25 or 30 organizations as a proxy for something that’s much larger–in supply chain spaces, for example. That’s usually sufficient for it. Where it wouldn’t be sufficient for a public cryptocurrency like Bitcoin, where even that, that sense of proxying is still too much centralization.
Camille: Okay, let’s swing to the other side. I want to talk about internet of things and maybe supply chain and other enterprise use cases here. So can you please explain what is a smart contract?
Mic: So a smart contract is really a chunk of code. But that chunk of code modifies some state in some way that you and I, or our community of users agrees is an acceptable way of doing things. You know, a simple, smart contract is that if I pay you Camille, my balance goes down and your balance goes up. It’s a really simple contract between us. And as long as we agree on the code that does that, you know, everything is fine.
The more complex contracts can come into play for things like, look, if, if you, you can submit a bid and I can submit a bid and, uh, Pam can submit a bid to an auction and whoever has the highest bid is going to win the prize, whatever the prize is. And so the details of how the auction works–so for example, an auction might be set up in order to pick the second highest bit, which actually turns out to have some very nice properties for it. And we’ve done some work with, um, some of the other companies in, in Hyperledger, building out a blind auction that’s very similar to what might be used for doing spectrum auctions, for wireless spectrum auctions. And that contract is a very complex contract because it encodes all of the characteristics of what is historically a very complex process for auctioning off the spectrum that way.
So the smart contract is basically an encoding of a set of behaviors that we all agree are acceptable for our community.
Camille: And then what happens if somebody violates the contract?
Mic: Um, in theory, that contract is truth, you know, in the same sense that the block chain is truth. That whatever the contract does, that’s what’s supposed to happen. And so at some level there is no violation. It’s not like you can walk away from a contract in a kind of institutional sense today; but because the contract is encoded as behavior, you get what you get. And this is actually it’s, it’s both a positive and a negative because sometimes the contracts aren’t well-written and people find the loopholes, um, and they manipulate them.
Camille: Or the world changes and suddenly the contract doesn’t make sense, but you can’t renegotiate because you’re pushed to go (laughs).
Mic: It’s very hard to evolve them. Yes.
Camille: Okay. Um, I want to ask you one last question, which is if you were giving the CEO of a fortune 100 company advice as he or she was about to walk into a board meeting where the topic of conversation was going to be block chain and our plans and what they should be. This person isn’t going to become an expert, um, during your elevator ride. But what would you tell the person to think about or what kind of questions should they be asking?
Mic: So I would remind this person, that the block chain is not the application. Right? Did you have to think about what the application is? What is the problem you’re trying to solve? Solve the problem?
Block chain is a useful technology for addressing some problems, but it’s not the solution for all problems. There are almost always ways that are going to be more efficient, more cost-effective, but they may require us to buy into a little bit of trust.
We have to understand what their problem is we’re trying to solve. Maybe block chain and decentralization is the right solution. In some cases that absolutely is, but not in every case.
Camille: Okay. So in what cases is it absolutely the right decision?
Mic: Um, when you need persistence that outlasts a single organization. When you would not trust any organization with the kind of power that would be given to somebody who can control those transactions. So for example, in a supply chain space, do I want one organization being responsible for an end-to-end– all of the information and an end-to–end supply chain? Hmm. In one of those situation it doesn’t take a lot of, sort of just trust to see that you need something that’s going to be more decentralized than that.
Identity systems are another situation where we get a little uncomfortable if one organization controls, identity and identity management that way.
And I think the final thing is where we really need something that doesn’t require us to stand up and organize a single organization in order to make it happen. That there are just times when we want to have something that spans the organization. We want it to be lightweight that we can spin up very quickly. And again, that’s not, that’s not really what Bitcoin is trying to solve, but many of the enterprise block chain solutions are looking at exactly those kinds of things. So we can stand something up very quickly, get some agreement on some things and then tear it down if we’re done with it.
Camille: So is it relatively quick to set it up? What do you do?
Mic: There a lot of these places that are providing block chain in a box. that you can stand up and you can very quickly stand up a solution experiment with it, figure out what works for you, and then tear it down if you don’t like it, or if you’re done with it.
Camille: Okay, well, thank you very much, Mic. Appreciate the talk.
Mic: Absolutely. Thanks Camille.
Camille: Thanks joining us today on what that means. We’ll dissect more terms in the weeks ahead and for more discussions about technology and security, be sure and catch the next episode of Cyber Security Inside.
Announcer: Subscribe and stay tuned for the next episode of cyber security inside. Follow at Tom M Garrison on Twitter to continue the conversation. Thank you for listening. .