How to protect your data with the blockchain
Last year, 2016 was rich in news related to blockchain technology and cases of its use in real life. Barclays conducted the world's first real bargain between Irish dairy producer Ornua and Seychelles trading company, Commonwealth Bank of Australia, an Australian financial conglomerate, Wells Fargo, a US financial company, and Brighann Cotton Marketing Australia, for the first time in the world, issued a deal for the sale and delivery of cotton from the United States to China, and the airline S7 and Alfa-Bank conducted the first in Russia transaction-letter of credit . In this regard, it may seem that the scope of the blockchain is limited exclusively to the financial sector, but the blockchain has also affected the area of ​​data protection.
When the opportunity to register not only transaction data, but also various metadata, was opened in Acronis, we began to actively study the blockchain technology for its application in the direction of backup and information protection. We saw that thanks to it the user has the opportunity to guarantee not only the safety, but also the immutability / authenticity of the most important data.
In 2016, the development and testing of first solutions built on the open Ethereum platform, which at that time was one of the most advanced and convenient, and also allowed to bypass the limitations of the Bitcoin blockchain, began .
')
The first solution we put on the market was the Acronis Notary trusted timestamping service. The technology was implemented as part of the product functionality for individual users of Acronis True Image 2017 New Generation . With it, you can verify the authenticity of data stored in backup copies. For example, musicians or artists can confirm the date and time of the creation of their works, providing as evidence an Acronis Notary certificate indicating this information, along with metadata about the work itself.
The second solution, which we also demonstrated as part of the Acronis True Image 2017 New Generation product functionality, was Acronis ASign . The solution opened the possibility of electronic signing of backup copies of documents with automatic notarization. The user simply uploads documents signed for his part into the Acronis cloud and sends electronic invitations to other signatories. Each signer enters the cloud and, using a special interface, puts its electronic signature on the document. Thus, between the parties a kind of agreement is “signed”, which is automatically recorded in the blockchain.
As noted above, we managed to circumvent a number of restrictions of the blockchain, thereby creating a decent basis for the future. Data storage in our solutions is based on Merkle trees. Due to this, it is possible to significantly increase the speed of work and the amount of stored information about files, and also (which is very important in the long term) reduce the performance requirements of processing systems.
About Merkle trees aka "hash trees" has long been known, their concept was patented by Ralph Merkle in 1979. This is a special data structure containing summary information about a large amount of data and which can be used to verify it. In this case, a set of information can be very diverse: you can store any necessary data about the file, whether it is its size, date of creation or something else.
Thus, it is clear that the data structure has a tree form, in the nodes of which there are hashes created on the basis of data from other downstream nodes. In the final, root hashes are formed, which are written in the blockchain.
We use a binary structure, in which each higher hash consists of two downstream hashes. If we present this in the form of a diagram, we obtain the following.
One of the main properties of the Merkle tree is that, knowing data 1, hash 2, hash 02 and hash 001, you can confirm the authenticity of data 1, even if the rest of the data is not known. This means that if you place a file in Acronis Notary or sign a document with Acronis ASign, then give someone of friends / colleagues only a hash of the source file (hash 1), a “branch” with hashes from hash 1 to the root hash (hash 001) and root hash (this structure is called “Merkle's proof”), then a friend / colleague can easily check whether the file is currently in the repository or not.
If the technical side of the issue is more or less clear, then the legal side is a bit more complicated.
There are two legal issues that have in one way or another introduced and continue to introduce restrictions on the use of such solutions on the territory of Russia.
Firstly, and this was the main stopper, the position of the state regarding the cryptocurrency was not clear, and, as a result, the possibility of using the blockchain. At times, it was about a real criminal prosecution for conducting operations with the use of cryptocurrency.
Secondly, the position of the state regarding the recognition of records stored on the blockchain is incomprehensible.
Let's take a look at each of the questions in order.
At the beginning of this year, within the framework of the Gaidar Forum, the Deputy Chairman of the Central Bank Olga Skorobogatova said : “The position of the regulator and the department is that we don’t want to specifically ban something, but to understand how to relate to this and build a regulatory base on this basis . The Ministry of Finance chose a similar position, suspending the work on the draft law, which provides for very harsh penalties for the circulation of cryptocurrency.
The issue of recognition of records in the blockchain in court is still open. On the one hand, there is no law in Russia yet, which somehow defines the legal status of such records. On the other hand, there is a feeling that the state has ceased to perceive distributed registries as an “absolute evil” and is ready to take steps towards the emerging industry, especially since interesting cases have already appeared in the world.
For example, recognition by the US states of Arizona and Vermont of the validity of entries in the blockchain. In Arizona, smart contracts will now be equated to all other types of contracts, and in Vermont, entries in the blockchain can be used as evidence in court. It is highly likely that blockchain recognition will continue to move along the United States. Somewhere such data will immediately be recognized, and in other states, IT specialists will be invited to court proceedings, who will act as experts, as it once was with DNA tests.
The near future. Spaceships travel through the Bolshoi Theater, Nike self-tiered sneakers are commercially available, and entries in the blockchain are recognized by the judicial system of our country.
You have decided to purchase a car / apartment / cottage, find a suitable option and contact the seller. It was decided to sign the sale contract using electronic signatures and enter the data into the blockchain. You took a sample text of the contract, made the necessary details, saved it in a secure cloud and sent it using Acronis ASign to sign the seller. He carefully studied the contract, drew your attention to a typo in the names and signed a revised version.
Car / apartment / your cottage. But some time passes, and suddenly the last owner is announced, declaring that you have not paid, owe him X rubles, and illegally took away his property. You paid for everything on time, you are not going to go on about the fraudster and go to court.
The contract exists only in electronic form, it was not certified by a notary and it is not so easy to bring it to court. This means that before you looms a very interesting quest, in which you will need to prove three things:
Most likely, it will be necessary to invite an expert to the trial, who will tell the representatives of justice what the blockchain technology is, how the data is stored and why it cannot be imperceptibly forged / modified. After a brief educational program, the expert will ask you to submit an electronic document to the court, and then the most interesting things will begin.
When signing a document in Acronis ASign, the user is issued a special PDF file containing “Signature Certificate” and “Audit Trail”.
The Signature Certificate contains the following information:
The “Audit Trail” contains a detailed history of events occurring with the document (creation, sending to signatories, signing), including time stamps and IP addresses of signatories. It is necessary that the supplied electronic signature complies with the requirements of the international “Electronic Signature Law” and is recognized in court.
The easiest way to confirm that the special file issued to you is authentic and, accordingly, confirms the authenticity of the contract, is that you upload it to the Acronis Notary verification page .
After the file is uploaded, the status of this document will be shown on the site. Thus, you will prove in court that the contract of sale was signed by both parties at a certain time. Part of the quest is passed!
In addition to the status, there will also be provided a link to the Acronis Notary certificate containing all the information about the document in the secure vault. With this certificate you prove authenticity, that is, the authenticity of the signed contract. Victory!
There is another way, somewhat more difficult, but much more interesting.
You take a document and independently calculate its hash. Then, from the Acronis Notary certificate, the transaction address in the blockchain is taken (Transaction ID) and is located in an online service, such as Etherscan.io , which allows you to confirm the existence of a transaction in the Ethereum blockchain. In the data field of this transaction, you find Merkle Root and check for the hash that you calculated for your document in the tree with such a root element using the open source utility verifyhash . If the verification is successful, the authenticity of the signed document in the repository is confirmed. Victory again!
Having implemented Acronis Notary and Acronis ASign in our Acronis True Image 2017 New Generation product, we collected a huge amount of positive feedback from individual users. In fact, we conducted extensive testing in real conditions. And now, having processed all the results and eliminating the roughness as much as possible, we have implemented these solutions in our corporate product - Acronis Backup 12.5 .
Blockchain guard your data
When the opportunity to register not only transaction data, but also various metadata, was opened in Acronis, we began to actively study the blockchain technology for its application in the direction of backup and information protection. We saw that thanks to it the user has the opportunity to guarantee not only the safety, but also the immutability / authenticity of the most important data.
In 2016, the development and testing of first solutions built on the open Ethereum platform, which at that time was one of the most advanced and convenient, and also allowed to bypass the limitations of the Bitcoin blockchain, began .
')
The first solution we put on the market was the Acronis Notary trusted timestamping service. The technology was implemented as part of the product functionality for individual users of Acronis True Image 2017 New Generation . With it, you can verify the authenticity of data stored in backup copies. For example, musicians or artists can confirm the date and time of the creation of their works, providing as evidence an Acronis Notary certificate indicating this information, along with metadata about the work itself.
The second solution, which we also demonstrated as part of the Acronis True Image 2017 New Generation product functionality, was Acronis ASign . The solution opened the possibility of electronic signing of backup copies of documents with automatic notarization. The user simply uploads documents signed for his part into the Acronis cloud and sends electronic invitations to other signatories. Each signer enters the cloud and, using a special interface, puts its electronic signature on the document. Thus, between the parties a kind of agreement is “signed”, which is automatically recorded in the blockchain.
The technical side of the issue
As noted above, we managed to circumvent a number of restrictions of the blockchain, thereby creating a decent basis for the future. Data storage in our solutions is based on Merkle trees. Due to this, it is possible to significantly increase the speed of work and the amount of stored information about files, and also (which is very important in the long term) reduce the performance requirements of processing systems.
About Merkle trees aka "hash trees" has long been known, their concept was patented by Ralph Merkle in 1979. This is a special data structure containing summary information about a large amount of data and which can be used to verify it. In this case, a set of information can be very diverse: you can store any necessary data about the file, whether it is its size, date of creation or something else.
Thus, it is clear that the data structure has a tree form, in the nodes of which there are hashes created on the basis of data from other downstream nodes. In the final, root hashes are formed, which are written in the blockchain.
We use a binary structure, in which each higher hash consists of two downstream hashes. If we present this in the form of a diagram, we obtain the following.
One of the main properties of the Merkle tree is that, knowing data 1, hash 2, hash 02 and hash 001, you can confirm the authenticity of data 1, even if the rest of the data is not known. This means that if you place a file in Acronis Notary or sign a document with Acronis ASign, then give someone of friends / colleagues only a hash of the source file (hash 1), a “branch” with hashes from hash 1 to the root hash (hash 001) and root hash (this structure is called “Merkle's proof”), then a friend / colleague can easily check whether the file is currently in the repository or not.
De Facto / De Jure
If the technical side of the issue is more or less clear, then the legal side is a bit more complicated.
There are two legal issues that have in one way or another introduced and continue to introduce restrictions on the use of such solutions on the territory of Russia.
Firstly, and this was the main stopper, the position of the state regarding the cryptocurrency was not clear, and, as a result, the possibility of using the blockchain. At times, it was about a real criminal prosecution for conducting operations with the use of cryptocurrency.
Secondly, the position of the state regarding the recognition of records stored on the blockchain is incomprehensible.
Let's take a look at each of the questions in order.
At the beginning of this year, within the framework of the Gaidar Forum, the Deputy Chairman of the Central Bank Olga Skorobogatova said : “The position of the regulator and the department is that we don’t want to specifically ban something, but to understand how to relate to this and build a regulatory base on this basis . The Ministry of Finance chose a similar position, suspending the work on the draft law, which provides for very harsh penalties for the circulation of cryptocurrency.
The issue of recognition of records in the blockchain in court is still open. On the one hand, there is no law in Russia yet, which somehow defines the legal status of such records. On the other hand, there is a feeling that the state has ceased to perceive distributed registries as an “absolute evil” and is ready to take steps towards the emerging industry, especially since interesting cases have already appeared in the world.
For example, recognition by the US states of Arizona and Vermont of the validity of entries in the blockchain. In Arizona, smart contracts will now be equated to all other types of contracts, and in Vermont, entries in the blockchain can be used as evidence in court. It is highly likely that blockchain recognition will continue to move along the United States. Somewhere such data will immediately be recognized, and in other states, IT specialists will be invited to court proceedings, who will act as experts, as it once was with DNA tests.
The future has come
The near future. Spaceships travel through the Bolshoi Theater, Nike self-tiered sneakers are commercially available, and entries in the blockchain are recognized by the judicial system of our country.
You have decided to purchase a car / apartment / cottage, find a suitable option and contact the seller. It was decided to sign the sale contract using electronic signatures and enter the data into the blockchain. You took a sample text of the contract, made the necessary details, saved it in a secure cloud and sent it using Acronis ASign to sign the seller. He carefully studied the contract, drew your attention to a typo in the names and signed a revised version.
Car / apartment / your cottage. But some time passes, and suddenly the last owner is announced, declaring that you have not paid, owe him X rubles, and illegally took away his property. You paid for everything on time, you are not going to go on about the fraudster and go to court.
The contract exists only in electronic form, it was not certified by a notary and it is not so easy to bring it to court. This means that before you looms a very interesting quest, in which you will need to prove three things:
- The contract, located in a secure repository, no one changed;
- The agreement was read and signed by both parties;
- The contract was signed at a certain time.
Most likely, it will be necessary to invite an expert to the trial, who will tell the representatives of justice what the blockchain technology is, how the data is stored and why it cannot be imperceptibly forged / modified. After a brief educational program, the expert will ask you to submit an electronic document to the court, and then the most interesting things will begin.
When signing a document in Acronis ASign, the user is issued a special PDF file containing “Signature Certificate” and “Audit Trail”.
The Signature Certificate contains the following information:
- The name of the document that you signed and placed in the repository, for example, “Sale and Purchase Agreement No. 1”;
- Date of signing;
- Document size;
- Hash or “checksum” of the document;
- Current status;
- Information about signatories;
- Signature.
The “Audit Trail” contains a detailed history of events occurring with the document (creation, sending to signatories, signing), including time stamps and IP addresses of signatories. It is necessary that the supplied electronic signature complies with the requirements of the international “Electronic Signature Law” and is recognized in court.
The easiest way to confirm that the special file issued to you is authentic and, accordingly, confirms the authenticity of the contract, is that you upload it to the Acronis Notary verification page .
After the file is uploaded, the status of this document will be shown on the site. Thus, you will prove in court that the contract of sale was signed by both parties at a certain time. Part of the quest is passed!
In addition to the status, there will also be provided a link to the Acronis Notary certificate containing all the information about the document in the secure vault. With this certificate you prove authenticity, that is, the authenticity of the signed contract. Victory!
There is another way, somewhat more difficult, but much more interesting.
You take a document and independently calculate its hash. Then, from the Acronis Notary certificate, the transaction address in the blockchain is taken (Transaction ID) and is located in an online service, such as Etherscan.io , which allows you to confirm the existence of a transaction in the Ethereum blockchain. In the data field of this transaction, you find Merkle Root and check for the hash that you calculated for your document in the tree with such a root element using the open source utility verifyhash . If the verification is successful, the authenticity of the signed document in the repository is confirmed. Victory again!
To be continued
Having implemented Acronis Notary and Acronis ASign in our Acronis True Image 2017 New Generation product, we collected a huge amount of positive feedback from individual users. In fact, we conducted extensive testing in real conditions. And now, having processed all the results and eliminating the roughness as much as possible, we have implemented these solutions in our corporate product - Acronis Backup 12.5 .
Source: https://habr.com/ru/post/331326/
All Articles