Blockchain Insight Series #1: Securing Passports Through Distributed Trust
You have likely heard of Bitcoin in the news. Bitcoin is a digital currency implemented on top of an idea called a blockchain. Why did it use blockchain and what is blockchain? How could this technology be applied elsewhere?
Every physical dollar bill has a unique serial number printed on it. Imagine if instead of exchanging paper bills, we simply sent each other those serial numbers electronically. If I wanted to buy something for $20, I simply sent an online retailer the serial number off my $20 bill, destroyed the bill, and that value was now “theirs.”
Blockchain: Block means a group of records that are related, linked, and secured, and chain implies “bound together.” It is the technology that made Bitcoin possible.
If you have any real-world experience, you’re thinking this is a dumb idea. What’s to prevent me from sending the same number to two people? What if I make up a number? What if I keep the $20 bill and used it elsewhere?
Imagine if we had a globally distributed list or “ledger” of those serial numbers on dollar bills. Now imagine we had technology to validate every entry in that ledger via multiple parties so no one reused a serial number multiple times or made up numbers. That concept is the essence of blockchain.
Distributed ledger: A database that is consensually managed, shared, and synchronized across a peer-to-peer network whose trusted members collectively adhere to a protocol for validating new blocks.
Can this be applied to other fields? Yes! Passports are a means to enter or depart from a country as a person travels. They are among the oldest examples of a distributed ledger as each person carries their data with them. National governments issue passports without total coordination so there are a host of opportunities for fraud. For example, someone can “lose” their old passport, request a new one, and now they have two passports with which they can travel without border protection officials following their activities.
Imagine if instead of relying on these little paper books, a globally distributed blockchain of passport entry, exit, and visa actions was created. Countries could continue creating their own passports and stamping them at the border (just as multiple parties create Bitcoins). Border agents would have portable devices that could scan the machine readable data on the passport and concurrently upload that action to the blockchain.
A few potential issues stand in the way of using blockchain for passports.
Validation of the Accuracy of the Ledger. Bitcoin “miners” usually accomplish this task and are compensated financially. Rather than giving miners access to all this data, participating agencies may do the validation work themselves. Travelers might pay a nominal fee (under $1) to cover the electronic “proof of work” that supports blockchain validation.
Authentication and Authorization. Unlike Bitcoin and similar systems, we do not want the general public reading and writing transactions on this ledger, nor do we want rogue agencies issuing passports. A system of public and private keys would be needed to authorize who is adding transactions to the ledger and controlling access. Organizations like Chain, a private blockchain infrastructure provider, already perform this function for enterprise implementations. A centralized organization could manage the master list of keys by nation and revoke/reissue them if necessary. For instance, the International Civil Aviation Organization under the United Nations already sets passport standards and might perform this function.
Potential for Corruption – a theoretical problem called the 51% attack exists: if an organization became too influential in validating the blockchain, it could send false positives to other parties saying fake records were real. While theoretically possible, this is not technically different from an organization creating fraudulent passports en masse. We could mitigate this risk by authorizing access to the blockchain and validating the entries using key pairs. Even if an entity injected fake entries, they would be recognizable and falsifiable by the government that held the private key for those entries.
Public/Private Keys: The pair comprises two uniquely related cryptographic parameters (long, random numbers). Because they are mathematically related, whatever is encrypted with a Public Key may only be decrypted by its corresponding Private Key and vice versa.
Disrupted Communication with the Blockchain. The posting of entry/exit transactions needs reliable, secure communications. If communications go down, two options are:
- Have a resilient fallback connection, like satellite communication. Commercial organizations that must continue processing credit card transactions use this kind of link if their main Internet connection fails.
- Locally store transactions until network communications are restored. Though technically easier to do, this may introduce an opportunity for fraud while transactions are processed offline.
This kind of use of blockchain technology is within reach. In fact, blockchain is also being studied in the areas of:
- Lodging reservations
- Smart contracts
- Federal procurement