Blockchain Technology, Privacy, and Security in Data Transmission Over the Network. Part III

 

Introduction

In the first part we studied what regulatory compliance for the financial industry, which is subject to a wide range of regulations is, let's say we focus on 4 of them:

  • Anti-Money Laundering (AML) compliance.

  • Know Your Customer (KYC) compliance.

  • Compliance knows your transaction (KYT).

  • Privacy and data security.

In the second part, we covered AML and KYC compliance in great detail.

In this third part we will explain the tools that blockchain technology (TB) offers us, to comply with the regulations:

 

Privacy and data security “During transmission over the network”

This compliance requires applying three key measures such as:

  • Confidentiality or data encryption.

  • Authentication or access control.

  • Employee training.

 

Blockchain technology, privacy, and data security

Blockchain technology is permanently associated with privacy and data security due to its decentralized nature and extensive use of cryptography.

Decentralization:

  • The blockchain ledger works simultaneously or is distributed among thousands of nodes, for example, in the Ethereum blockchain as of March 2021, there were more than 200,000 nodes (computers or servers) located around the world.

  • The nodes work simultaneously, through smart contracts that automate operations.

  • To modify the Ethereum blockchain, 51% of the nodes must be modified at the same time, which is unlikely.

Cryptography:

An area of computer science that uses mathematical algorithms and protocols to secure information and protect it from unauthorized access or modification. Cryptography is used for several purposes, among them:

  • Integrity: to ensure that information has not been altered or tampered with during transmission or storage.

  • Authentication: to verify the identity of the parties involved in a communication or transaction.

  • Confidentiality: to keep information private and prevent unauthorized people from reading it.

These three purposes served by cryptography coincide with the purposes of regulatory compliance Privacy and data security that we described at the beginning of this article.

Note: Here we call the set of programs or smart contracts that automatically execute transactions or govern the blockchain a protocol.

Example of integrity and authentication:

Roberto wants to send a message to his friend Alicia, who in turn wants to make sure that:

  • The message comes from Roberto (authentication).

  • The message has not been altered (integrity).

Step 1: Roberto has a public key (Address) and its corresponding private key:

Private key: L1d2uVdAobUjTBU84qB8KWUR13W2wvnDGQcHLpCk85RiUW5gU55u

Address:    36e4yeKShaHEwLQYDDbNE9U4fWR1PEVtAX

Note: The private key should only be known by Roberto, the Address can be known by anyone.

Step 2: Roberto uses a program in the JavaScript language of the Bitcoin protocol, to sign the message with his private key:

  • On line 3 in the variable plaintext place the message (see red arrow).

  • On line 4 is the private key (blue arrow).

  • On line 7 sign the message (yellow arrow).

 Step 3: The blockchain protocol sends the encrypted and signed message:

Message Ciphertex =

H1E8apbIZ4plJ8Hx44t+TahH2skW9EV142PXYUKLHdSVJ47bQ0+g6OJlt3K

XA89hNHY0QmUQkYXoH/pYfZAhZv8=

 Step 4: Alice on her computer receives:

  • The message or plain text (see red arrow).

  • The ciphertext (blue arrow).

  • In addition, you know Roberto's public key or address (yellow arrow).

Run the digital signature verification program in JavaScript of the Bitcoin protocol:

And when Alice runs the program, she gets the response “true” (orange arrow), which means “true,” Alice confirms that Roberto digitally signed the message with his private key.

 

Final remarks:

  • Just as Alice concludes that the message was sent by Roberto and has not been altered, blockchain technology can help the financial sector to send secure data over the network.

  • Here I have used an example applying public and private key cryptography to sign messages and verify that it corresponds to the person who sent it, this process is called authentication, also that the message has not been altered.

  • In practice, TB has very powerful algorithms that make up the blockchain protocol, here I have used basic programs for educational purposes and aimed at blockchain technology enthusiasts.

 
Carlos Sampson