One of the biggest problems of modern instant messengers is an excessive desire to learn as much as possible of user data. Despite the fact that most products use advanced security technologies and strong encryption algorithms, all this does not mean the protection of user data. And the blockchain can become a tool for solving this problem.
Messengers and personal data
Today, dozens of different messengers are on the market. Many of them are positioned as safe and secure, but in practice everything is not so simple. And there are several reasons for this.
The first of these is a significant part of correspondence applications directly owned by corporations that want to collect as much user data as possible. Here, for example,
is Facebook's data usage policy . The social network, which owns both the messenger and WhatsApp, stores information and content created by users, data about their friends and acquaintances (connections), application usage, transactions and even information that other users published about the user.
Another problem - almost all of the most popular communication tools today - is closed products. Nobody has ever seen their source code; it is not available for auditing by independent information security researchers. This, in particular, leads to the fact that such products can reveal important data even against the wishes of the developers, for example, due to a software error. Attackers can find vulnerabilities and attack users, and until this becomes known to the developers themselves, they will not be able to close the gap.
In addition, the traditional model of instant messengers involves centralization, which is also not very good from a security point of view. Take, for example, Telegram - one of the most secure instant messengers. This tool is centralized, which means, among other things, that access to it can be blocked by the authorities - such attempts have already happened in more than one country. As a result, for end users, access to a secure communication tool is difficult or impossible, which forces them to switch to less secure alternatives. As a result, the overall level of communication security is reduced.
The question arises, can the blockchain technology, widely discussed recently, somehow help to solve them? One of its possible applications is data storage. Blockchain can be used to create distributed data warehouses. The main idea here is that instead of trusting the storage of correspondence to a certain central server (which, for example, belongs to Facebook), the data is distributed over the network from sites scattered around the world.
What are the pros and cons of this approach?
What can go wrong
“Storing all your sensitive data and private messages in an accessible to all blockchain is one of the most stupid things I've heard in my life,” the Reddit user
reacted to the offer to store correspondence data in the blockchain.
There is sound grain in this emotional comment. If we translate the objection into a more technical language, we can say that, in contrast to centralized instant messengers, which rely on the security of their own servers, applications on the blockchain provide free access to encrypted data. Thus, the general level of data security in this case is determined not by the level of server security, but by the cryptography used - and if the encryption algorithms are weak, then it is easy to steal the data.
In the blockchain data is stored forever. Does this mean that the data can be decrypted in the future (for example, when quantum computers appear)?
- Deciphering the data in the blockchain will not completely work out, because each of the participants will have their own key
- Even if the decryption method appears, its use will require resources and time, even when using quantum computers
- In principle, all traffic on the Internet is stored in any case: remember the PRISM program (or the law of Yarovoy - approx. Transl.). To think differently is to be very naive.
- Blockchain allows you to create chats that can be deleted (using the side chains approach)
- In general, if there are quantum computers that can break encryption algorithms, it will be a shock to the entire IT industry. There will be no security at all, because all of it today is provided by mathematics and cryptography.
In addition, the blockchain technology has its limitations. Even the fastest instant messengers on the blockchain will always be slower than traditional applications, since the delivery time for messages in them cannot be less than a few seconds (this is at least).
Pros of the approach
On the other hand, when user data is stored on the blockchain, it is distributed worldwide. When ensuring proper protection using encryption, interception of messages becomes a difficult task - or rather interception itself is possible, but decryption of encrypted communication fragments will be impossible, and keys are never sent over the network.
Moreover, the user can access his correspondence from any device. This is not possible in the case of secret chats in centralized applications - there messages are available only on the device from which correspondence was conducted. This, by the way, creates additional security risks - even disappearing messages can be read if you just physically possess the device. In the case of the blockchain, it will be possible to delete the entire history of correspondence from the device and each time download it again upon request with a password confirmation.
As a result, blockchain messengers like
Adamant may be more secure from the point of view of users. When communicating via Facebook or WhatsApp, no one knows what happens to the message, when it is sent to the servers of the companies, are they vulnerable, can someone manipulate the data? In the case of the blockchain, such manipulations are excluded by default. That is why, therefore, even
DARPA and the
UN create their own blockchain messengers.
In addition, the data in the blockchain database is distributed around the world, which increases their availability as compared to centralized solutions, which users may suffer if the servers fail. For example, not so long ago there was a massive failure of the Telegram messenger, as a result of which access to the application was difficult for users in Europe, the Middle East, Latin America and the countries of the former USSR.
Another plus is that the blockchain can be used as a platform for integrating the messenger with other useful services - for example, for transferring cryptocurrencies right in the chat.
Conclusion
Using the blockchain is a new approach to building a messenger. And despite the fact that this technology has some drawbacks, it also allows for a higher level of protection of personal data than popular centralized products do. Today, all instant messengers use similar security tools, but only those that are completely open and built on distributed correspondence storage can use full confidence.