The Department of Defense is looking into blockchain technology as a way to modernize its approach to cryptography and cybersecurity, according to a report released this month.
Uses of blockchain could include securing communications between military units in the field and their headquarters, and allowing intelligence officers to safely transmit sensitive information to the Pentagon, according to the DoD Information Resource Management Strategic Plan FY19-23, released on July 12. The project is part of the DoD’s Digital Modernization Strategy, which is focused on four areas: cloud computing, artificial intelligence, cybersecurity, and C3: command, control, and communications.
Specifically, the report notes that the Defense Advanced Research Projects Agency (DARPA) has started to experiment with blockchain to create a secure communications system in which messages can be verified through a decentralized ledger—the technology blockchain is built on.
DARPA is attracted to three aspects of blockchain technology, according to the report. First, they are “trustless,” which means they “assume compromise of the network by both insiders and outsiders,” it said. “Second, blockchains are transparently secure: they do not rely on failure-prone secrets, but rather on a cryptographic data structure that makes tampering both exceptionally difficult and immediately obvious. Finally, blockchain networks are fault tolerant: they align the efforts of honest nodes to reject those that are dishonest.”
Taken together, the result is that blockchain technology not only makes it less likely communications will be compromised, it makes the process of compromising them much harder and more costly, the report notes.
DARPA is interested in zero-knowledge proofs, which can be used to verify a fact without revealing any details of the underlying information used to verify it.
“A zero-knowledge proof involves a statement of fact and the underlying proof of its accuracy,” said Dr. Josh Baron, a program manager in DARPA’s Information Innovation Office (I2O), in a July 18 release. “The holder of the fact does not want to reveal the underlying information to convince its audience that the fact is accurate. Take, for example, a bank withdrawal. You may want a system that allows you to make a withdrawal without also having to share your bank balance. The system would need some way of verifying that there are sufficient funds to draw from without having to know the exact amount of money sitting within your account.”
While noting that the cryptocurrency market has been the source of “a marked increase in the efficiency and real-world use of zero-knowledge proofs,” DARPA said that its cryptology needs are slightly different from those required by Bitcoin and other tokens.
Cryptocurrencies “prioritize communication and verification efficiency but do not necessarily scale for transactions that are more complex,” said the release. “For highly complex proof statements like those that the DoD may wish to employ, novel and more efficient approaches are needed.”
In order to facilitate this, DARPA has created the Securing Information for Encrypted Verification and Evaluation (SIEVE) program. It aims to “develop computer science theory and software that can generate mathematically verifiable statements that can be shared publicly without giving sensitive information away.”
Nonetheless, the DoD’s embrace of blockchain technology remains very experimental. While DARPA’s credits include creating the Internet, its directive is to experiment with and advance potentially useful new technologies, often well before industry would invest heavily in them.
According to the DoD strategic plan, DARPA has also been “trying to develop an unhackable code—which blockchain could facilitate—because the technology offers intelligence on hackers who try to break into secure databases.”