Blockchain + Data Privacy Security: Breaking the weapon of the "ring prison" in the data age

In 1785, the British philosopher Bentham proposed the famous "ring prison" design: this prison consists of a central tower and a ring-shaped cell. The prisoner is in the cell on the edge of the ring and the monitor is in the central tower. This design allows only one monitor to know the prisoner 's every move, but the prisoner is not sure if they are being monitored.

The same thing seems to happen in today's Internet era: every search, click, and mobile transaction behavior on the network, these data are recorded and analyzed, and eventually become an important resource for personalized recommendation algorithms.

Personal behavioral information is on the fringe of the ring, easily collected, analyzed, used and even abused by the controllers of the various center watch towers. Cao Hejun, a professor of political diplomacy at Yonsei University, calls it the “information ring prison”.

In 2018, Facebook user information was exposed by hacker attacks, and nearly 50 million users were used by Cambridge Analytical Company to analyze and interfere with multinational elections. In the same year, the 500 million identity information leakage incident at Marriott International Hotel occurred; recently, Qiaoda Technology manipulated 200 million people. The resume identity information, the data of 800 million people, the gray business black screen surfaced…

With the advent of the 5G commercial era, with the support of the Internet of Things, AI, and cloud computing, data and intelligence are permeating all aspects of social life. In the era of digital economy, personal privacy is being seriously threatened.

However, there are views that data is a core asset in the data economy era. In real life, any single institution, even Internet giants such as Tencent and Ali, can only grasp part of the data and cannot exhaust the entire picture of the target group data.

What's more, the data accumulated by various industries, large and small organizations, like individual data islands, cannot be interconnected. Even with the advent of the 5G era, the birth of massive data under the Internet of Things technology, the confidential data under the control of various organizations wants to circulate, and all parties need to overcome the contradiction between data privacy and data sharing.

On March 31, at the 2019 China (Shenzhen) IT Leaders Summit, Li Xiaojia, Chief Executive Officer of the Hong Kong Stock Exchange Group, delivered a speech entitled "The Distance and Nearness of Data and Capital."

He proposed that blockchain technology can solve problems such as data validation, pricing, deposit, credit and traceability. In traceability, blockchain technology allows data owners' interests to be returned to data owners after several years, which is expected to break the data island.

Blockchain technology may be a weapon to break the "ring prison" of the data age.

Platform security, data security and privacy security

To explore how the blockchain empowers data privacy, it is necessary to understand the concept first.

As early as September 2018, the 4th blockchain global summit "blockchain and privacy protection" roundtable forum, Platon founder Sun Lilin, interesting chain technology CEO Li Wei and other guests believe that for security and privacy protection The relationship should be viewed separately: security means that data is not stolen in storage, and privacy is that data only exchanges the parts that need to be exchanged in the process of circulation, rather than revealing sensitive information.

China Telecom's "2018 Big Data Security White Paper" clearly states that in the era of big data, data as a special asset can continue to create new value in the process of circulation and use. The big data security technology system is divided into three levels: big data platform security, data security and personal privacy protection.

The platform operation security refers to “security protection for resources and functions such as transmission, storage and computing of big data platform”; data security refers to “security protection function provided by platform to support data flow”; privacy security refers to “utilization off Sensitive, anonymous, cryptographic and other technologies guarantee a dynamic protection strategy that privacy does not leak out during processing and circulation."

These three levels are not completely fragmented, but are often combined to become a "stereo" security project. For example, platform security and data security are superimposed and combined into blockchain asset security.

In this regard, Bepal CEO and the co-founder of the Black Shield Block Chain Security Research Center, Hu Yuanquan explained to the Zinc Link that there are many centralized service platforms in the decentralized platform ecosystem of distributed operation of blockchains. It belongs to the platform security category. In addition, due to the decentralization feature, users need to keep the “private key” in addition to using the central platform to entrust the management of assets, and the risk of “private key” directly leads to the risk of assets, which belongs to the category of data security.

Bepal (coin) is a company that provides digital asset management services. When Bepal was founded, the concept of blockchain was hot, blockchain assets were accepted by more and more Internet users, and various assets were lost. The incident of theft.

The industry is plagued by digital asset security issues. A recent ransomware virus called "GandCrab V5.2" has attacked thousands of government and corporate computers in China.

According to Hu Yuanquan, Bepal currently offers two types of blockchain asset service methods: user self-management and custody.

Among them, self-management, "Bepal Pro, Bepal Q and other network isolation hardware devices and secure hot-end data services, private key management part uses hierarchical deterministic private key management technology, hot and cold separation private key security management technology, Security schemes such as private key chip-level secure storage technology to protect the security of users' self-managed assets.

Platform security and data security are more reflected in the static storage of data on hardware or software. Whether it is data isolation or data encryption, such technologies are more mature than privacy.

How does privacy computing achieve privacy?

Privacy security is based on data security and guarantees a deeper level of security for privacy information. There are not many companies doing such business in China, and the industry is in the early stages of development. To explore how privacy computing can achieve privacy, Zlink is linked to Xiao Zengwen, chief strategic officer of PlatON.

Xiao Ziwen introduced the zinc link. The privacy calculation is based on cryptography algorithm. It achieves the purpose of protecting data privacy and security through secure multi-party computing, proxy re-encryption, homomorphic encryption and zero-knowledge proof.

Taking the secure multi-party calculation as an example, under the premise that the local data is not collected and the privacy is not leaked, the third party is still not able to rely on the third party, and the parties can still obtain a common desired result by performing the operation of the predetermined logic. In the process, local and personal sensitive data will not be leaked.

In the medical field, data such as DNA and cases are very private data for individuals and are generally unwilling to sell. Some countries have very strict legal protection for such biological data. Once this data is leaked out, it may be threatened by biological weapons.

However, if medical organizations want to conduct data analysis and research on some rare diseases in the world and produce precise targeted drugs, then multi-country, multi-ethnic samples are needed to arrive at a more effective research program.

The safe multi-party calculation can solve the contradiction between the two. Even if the research institutions of different countries cooperate, they can conduct research and analysis under the premise of meeting the legal framework of each country.

Proxy re-encryption and homomorphic encryption are often combined with cloud computing to achieve technological breakthroughs for some of the insecure vulnerabilities in current cloud computing.

According to the PlatON project cryptography team, the actual solution of proxy re-encryption is how to share the original information of the data shared by the data owner except for the designated shareholder.

The data owner first uploads the shared data to the cloud, and the cloud cannot view the plaintext information of the data. The sharing party only needs to obtain the authorization of the data owner, and the data can be obtained after the cloud is converted.

This cryptographic algorithm not only protects data privacy and security, but also prevents data from being attacked and stolen by hackers due to multiple downloads, making data sharing more secure and convenient.

The homomorphic encryption solves the problem that when multiple parties want to share the results of some data operations, but the local computing power is not enough, using homomorphic encryption, get the cloud to calculate, and finally calculate the same result. It can expand the space of computing power and realize the confidentiality of data.

Zero-knowledge proofs are commonly used in the financial industry. When financial institutions transfer or trade in blockchains, they often do not want non-participating banks to see the plaintext of the transaction.

Zero-knowledge proof can be achieved: on the basis that you don't know the balance of my account, prove to you that I really have so much money to transfer to you, there will be no bad cheques, and also protect the privacy of user account information.

These four encryption technologies often complement the blockchain technology in the application of landing scenarios.

Blockchain and privacy security calculation

The distributed and multi-party nature of blockchain makes privacy computing particularly important.

Once the network is distributed and needs to be operated together by multiple parties, especially in a highly regulated industry like finance, privacy is very important. "However, most people are not prepared to expose their data to distributed networks," Xiao Ziwen said.

Therefore, when Platon provides customers with solutions for blockchain technology, privacy computing technology is often added to form a “privacy contract”. The input data is stored on the local data node, and the secure multi-party calculation is used under the chain. The results calculated under the chain can be verified and exchanged on the chain, forming a decentralized, trusted data privacy transaction market. .

The combination of blockchain and privacy security computing is often applied in the three fields of finance, transportation and medical care.

In addition to the medical applications mentioned above, there is also the Internet of Things autopilot. In order to achieve automatic driving, a large amount of data is needed to support the intelligent algorithm of the car, which requires multiple different data application parties, such as a depot, to cooperate with each other under the premise of data privacy.

There are more applications in the financial sector, including precision marketing, risk control, and joint credit reporting. For example, joint credit information requires a number of banks, brokers and other financial institutions to jointly establish a credit information platform to reduce the cost of authentic information verification through data sharing.

Xiao Ziwen introduced to the zinc link that finance, transportation and medical care have become the main industries of blockchain + privacy computing. The core reason is that the data generated by these three industries is very large. "In an industry that can generate very large amounts of data, there must be pain points for data interaction. There are too many data silos, and data can only become assets and generate greater value after it is circulated."

The process of data circulation and interaction, with the help of blockchain and privacy security technology, makes sensitive data desensitized, and confidential data is not exposed, which casts a cover for personal privacy behavior in the “ring prison” of the data age.

However, even if privacy is protected, the data generated by personal actions will still be used by the organization. How to divide the ownership, use rights, execution rights and income rights of data in the digital economy era is an urgent problem to be solved.

Yuval Hulally even asserts that in the future, politics will be a struggle for control over data flow, and it is necessary to "be wary of the rise of data dictatorship."

In this regard, Jing Yinggang, a lawyer at Jingheng Law Firm, told Zinc Link that “data as a virtual property of the network has property attributes that are not controversial in law, but its ownership is still blank in our legislation. Usually, we believe that data has property rights and derives the power of property rights, such as possession, use, and income."

Relatively speaking, the formal implementation of Europe's GDPR in May last year meant that the first true privacy protection law in the world was put to the forefront, making up for the blank of privacy protection laws in the digital age.

At the 2019 IT Leaders Summit, Li Xiaojia said that blockchain technology can help solve problems such as data validation, pricing, deposit, credit and traceability, especially the issue of ownership after traceability of data has been reused many times. .

Image Source IT Leaders Summit

Perhaps, when the blockchain, the Internet of Things and other technologies have developed to a certain extent, the problem of digital identification has been resolved, and relevant laws and regulations will be followed up and improved.

The terminator of quantum computers, blockchains and privacy computing technology?

On January 5, 2019, IBM announced the successful development of a quantum computer prototype, which means that the era of commercialization of quantum computers is accelerating.

It is understood that the biggest difference between quantum computing and traditional electronic computers is that they use the unique "superimposed state" of quantum, and adopt parallel computing to increase the speed of computing by an order of magnitude, which is equivalent to a computerized body. Thousands of computers were started at the same time to solve problems.

The fear is coming. In the face of quantum computers, blockchain technology seems to be vulnerable.

Screenshot from zinc link

Xiao Ziwen believes that it is too early for the panic of quantum computer to subvert blockchain technology.

"Either the blockchain or the technology based on cryptographic algorithms is based on the assumption of cryptographic mathematical problems, and mathematics is the support of all these technologies. The assumptions given by these mathematical problems are based on current world computer technology. Levels cannot be solved. Therefore, when these problems cannot be solved, the blockchain or privacy computing technology constructed by cryptography is relatively safe. "

The emergence of quantum computers is not a completely unsolvable thing. According to Xiao Ziwen, in fact, many scientists and mathematicians all over the world are studying anti-quantum cryptography theory. Research in this area is slowly maturing.

Three hundred years ago, Leibniz put forward the idea of ​​"making everything possible to reason and calculate." Ray Dalio, the bridge fund, put forward such a viewpoint in the book "Principles": pain + reflection = evolution.

It seems that the scene of this era has not left the prophecy of the wise men. The evolution of history is constantly being updated and iterated, as is data security and encryption technology. The ultimate fate of a technology is the iteration of another technology.

In the cross-section of technical and historical iterations, blockchain technology may not completely break the cage of the “information ring prison”, but at least it can put a barrier on the individual's life, leaving a space for free breathing.

The other pictures above are from unsplash, pixabay, network

Text: Yi Baizhen

Editor: Wang Qiao