Professor Kanta Matsuura reviews the emerging research conducted by a wide range of academic institutions involving blockchain technology as part of the on-going BSafe.network initiative. Discover how this leading researcher is tackling the challenges around blockchain and its application to social systems in this interview with ActiveCyber.net.
I recently attended a University of Maryland workshop hosted by Professor Larry Gordon – one of my previous interviewees – where I heard a very interesting presentation by Professor Kanta Matsuura of the University of Tokyo’s Institute of Industrial Science on blockchain. Blockchain technology is emerging from the sole province of Bitcoin and other digital currencies to become a technology of interest in many domains including logistics, retail, social media and many others. From my own research I have been intrigued by the distributed security properties of blockchain and was eager to find out more about Professor Matsuura’s work. He graciously accepted my request for an interview despite his busy schedule. So read below to learn more about blockchain and the interesting work by BSafe.network.
Spotlight on Professor Kanta Matsuura, University of Tokyo, Institute of Industrial Science
» Title: Professor, University of Tokyo, Institute of Industrial Science
» Website: http://bsafe.network/; http://kmlab.iis.u-tokyo.ac.jp/index.html
» Linkedin: https://www.linkedin.com/in/kanta-matsuura-55a48418/
Read his bio below.
March 20, 2017
Chris Daly, ActiveCyber: I was fortunate to attend a presentation that you provided at the University of Maryland on some research you are leading on blockchain and its use as the foundation for a secure social system. Could you provide some background on the objectives of this research and what you have learned to date? How is blockchain being employed and what security attributes does blockchain provide?
Professor Matsuura, University of Tokyo: I would like to revisit a key paragraph of the white paper of BSafe.network:
This network’s short-term aim is to identify and engage academic interest in the emerging Bitcoin and blockchain technology space. By bringing academic rigor and excellence, it enables telemetry and a scientific approach to long-term innovation and engenders societal trust in these new digital public platform technologies. The project aims to mimic the same degree of impact that BSD (Berkeley Software Distribution) and the NSFNET (The National Science Foundation Network) had on the evolution of the Internet. The former provided robust, liberally licensed software that put into practice the many theoretical advances made by academia. The latter scaled expertise, experience and resources.
What I have learned to date is a difference between the case of the Internet and the case of blockchain. The former took an appropriate set of steps:
- scientific research by academia,
- development and deployment by companies,
- standardization,
- commercialization and monetization by companies, and
- new requirements for research.
However, the latter is rushing into Step (2) without sufficient activities of Step (1). This can be very dangerous.
For example, let us focus on your question of security attributes. No one can answer to this question rigorously because the security notions have not been well defined / established yet. I would like to combine fundamental theoretical research with the practical test bed activities of BSafe.network to solve the problem of this dangerous situation.
ActiveCyber: Quantum computing may have a dramatic impact on the security of blockchain and related distributed ledgers in the future. The n-hard problems related to public key algorithms such as elliptic curve and RSA, which are used extensively by blockchain, are reduced to transient computation using Shor’s and Grover’s algorithms. Has this potential impact affected your research? If so, what possible approaches are you considering?
Professor Matsuura: This is a common problem among applied cryptographic systems, and what we should do would be the same (or at least very similar). Some public-key cryptographic primitives are broken by known algorithms which can be implemented on quantum computers but others are not. Therefore, in the cryptographic research community, there is a lot of extensive research of the latter (e.g. lattice-based crypto, information-theoretic security, and so on). Research items particularly for blockchain would include a migration mechanism when we replace one paradigm of cryptographic primitives with another.
Considering the blockchain’s feature as an infrastructure, collaboration with the Internet community will be very important; they also would need a good migration mechanism. Anyway, problems can be a good news for security researchers; they provide new research opportunities.
In the BSafe.network activities, I have been collaborating with competitive Internet-engineering researchers from the beginning. This may help us in the future in a wide variety of perspectives.
ActiveCyber: It would seem that there is a growing need for good provenance and reputation systems given the increasing amount of fake news and other misinformation that is published on social media today. How does your research consider these needs and how could blockchain provide a foundation to deliver these capabilities?
Professor Matsuura: Considering the feature of blockchain as an Internet of trust, there is a possibility of inventing a blockchain application to tackle the above problem. In order to enhance research of such applications, the test bed activities must be associated with appropriate mechanism design. Otherwise, empirical studies would be quite hard.
ActiveCyber: Recently some innovations involving blockchain and the application of zero knowledge proofs for ensuring privacy have been announced. How does your research incorporate privacy in its design using blockchain for social systems?
Professor Matsuura: The same as the previous answer. We should pay attention to mechanism design. From the viewpoint of technology, there are a lot of privacy-enhancing technologies available. Cryptographic primitives and protocols with additional functions would help a lot.
ActiveCyber: One capability offered by blockchain is that mobile users and devices can authenticate in an autonomous way without relying on a common authentication infrastructure. How do you feel this will change the overall application landscape and what impact will it have on social systems?
Professor Matsuura: I am not interested in the security properties of the resultant systems after that change but I am interested in the usability properties of them. Context-aware personalized services would not always require absolute identification of the users.
ActiveCyber: Some of the major cyber incidents involving blockchain reveal issues around the implementation of applications that run on top of blockchain, such as smart contracts and Bitcoin. What added security measures do you feel are important when designing blockchain applications? What process or policy changes do organizations or users need to make to use a blockchain application securely?
Professor Matsuura: We need research on cyber-physical systems and failure modes. In research papers of digital signatures, their verification algorithms output either OK or NG. That’s all. Suppose the signature is on a digital certificate. If the output is NG, then the certificate is simply rejected and nothing would happen after that. However, in the real world, some application would need a care after such rejection. Therefore, failure modes should be extensively studied, and then, your above questions can finally be discussed.
ActiveCyber: Blockchain-based identity is being explored and experimented with in a host of ways. How does your research incorporate blockchain to manage identity of a user or device in a social system? How does your previous research in identity-based encryption fit into or inform your current work on blockchain?
Professor Matsuura: My blockchain studies have not yet reached such particular application systems. However, I have a design of fundamental research which will explore the rigorous definition of “identity” in security engineering. I have published several papers on identity-based encryption (IBE). However, even in the case of IBE, the word “identity” is just used in an intuitive manner and not rigorously defined.
ActiveCyber: Peer-to-peer network protocols are often used for interacting with blockchain applications. What overall properties, including security properties, should these network protocols contain to provide assurance for these blockchain applications? What type of network protocol is your blockchain research exploring?
Professor Matsuura: Unfortunately, some universities do not allow computers inside their local network to open a port necessary for operating the currently major implementation of blockchain. This can be a hurdle when we want to enlarge the community of BSafe.network more and more. In order to solve this problem, peer-to-peer requirements might be reconsidered to some extent.
ActiveCyber: Private blockchains are being explored on many fronts. How do private blockchains differ from public blockchains and what are some of the key trust attributes that need to be examined when assessing a private blockchain?
Professor Matsuura: If we consider the above-mentioned failure modes, private blockchains can often be easier than public blockchains. For example, if a transaction needs prompt verification (and appropriate actions in the case of “NG”) by service providers rather than by other users, the blockchain protocol itself would need some changes.
In the case of private blockchains, such changes are relatively easy to deploy. In the case of public blockchains, standardization which would smoothly accept such changes is not trivial (some changes are even intrinsically impossible).
ActiveCyber: I understand that you are quite an accomplished long distance runner. How does your passion for running inspire your research efforts?
Professor Matsuura: I have a dream of being a man of a culture in terms of intellectual, moral, and physical aspects as a human being. In Japanese language, these three are summarized as Chi-Toku-Tai. I am exploring Chi as a researcher, Toku as an educator, and Tai as an athlete. My running and research share the same direction in this regard.
Thanks Professor Matsuura for describing your work around blockchain and the BSafe.network initiative. I look forward to following BSafe.network as it moves forward with its research in blockchain.
And thanks for checking out ActiveCyber.net! Please give us your feedback because we’d love to know some topics you’d like to hear about in the area of active cyber defenses. Also, email marketing@activecyber.net if you’re interested in interviewing or advertising with us at ActiveCyber.
About Professor Kanta MatsuuraKanta Matsuura received his Ph.D. degree in electronics from the University of Tokyo in 1997. He is currently a Professor of Institute of Industrial Science at the University of Tokyo. From March 2000 to March 2001, he was a visiting scholar at University of Cambridge. Dr. Matsuura has authored and co-authored more than 450 technical papers in the wide areas of information security: cryptography, computer/network security, and security management such as security economics. He was an Associated Editor of the Information Processing Society of Japan (IPSJ) Journal (2001-2005) and the Institute of Electronics, Information and Communication Engineers (IEICE) Transactions on Communications (2005-2008), and won Distinguished Service Award from the IEICE Communications Society in 2008. He was Editor-in-Chief of Security Management (2008-2012), and is an Editorial-Board member of Design, Codes, and Cryptography (2010-present). He is a member of IACR, and currently chairs SIG-SPT (Special Interest Group on Security Psychology and Trust) of IPSJ. He is a senior member of IEEE, ACM, IPSJ, and IEICE. He is a Vice President of JSSM (Japan Society of Security Management) (2016-present). |
