Healthcare Blockchain Security Risk with and without Economic Incentives

Initially, a private blockchain sounds more secure because we associate privacy with security. The term security means the state of being free from danger or threat. We will explain here why a private blockchain is counterintuitive and how public blockchains are the safer, more secure system.

To establish a truly secure, decentralized and automated trust provider network with unprecedented security guarantees, combining both cryptographic guarantees and economically incentivized consensus mechanisms is required.

The paradigm shift to trust without third-parties makes it possible for new organizational forms to appear worldwide which are decentralized, trusted, stable, and scalable, thus creating new and unprecedented operating efficiencies and savings.

Blockchain technology’s innovation of combining technology at an atomistic level (i.e., at the protocol level) allows significant security guarantees as to provenance and the creation of new peer to peer business models that are fundamentally different from existing models. It is possible now to create a security exchange without central operators or clearinghouses as settlement happens without intermediaries. Private healthcare consortia and private chains which have emerged need to be reviewed carefully in relation to the full counter party risk of all operations on the system. The value-at-risk for 3rd party operators or controlled blockchains/distributed ledger technology will rapidly increase over time.

Economic security guarantees are necessary for several reasons under the assumption that cryptography can be hacked, and economic incentives significantly influence human behavior. The latter assumption is illustrated as economic incentives drive human behavior to stake networks (via a bond or compute power) and strengthen the protocol’s security and stability.

Examples of this economic incentive can be found in many public blockchains such as Bitcoin, Ethereum, Zcash, Dash, etc. via either a Proof-of-Work or Proof-of-Stake consensus. These two consensus mechanisms, however, are not represented by most private or DLT protocols. Those protocols often use the Practical Byzantine Fault Tolerance (PBFT) algorithm which lacks an economic incentive. The main argument for taking this approach is that all the nodes are known and trusted. This sounds sensible but places any blockchain-based production environment for permissioned or private solutions without economic incentivization at significant risk. As of March 2018, how many capital market permissioned distributed ledgers are in production today?

We can assume that cybersecurity breaches will and can happen if the economic gain or political value are large enough. There are several possible scenarios where one or more of the private blockchain or DLT nodes can be compromised. Typically, the compromised node’s private key has been jeopardized. There are many ways in which this can happen including a malware or rootkit hack to social engineering.

Under the above assumptions, there are many possible scenarios following a breach including blocking consensus, manipulating consensus, transaction censoring, manipulating smart code contracts, manipulating data oracles, and others. Man-in-the-middle attacks can trigger smart contract actions at the wrong time or not at all, false broadcasting of votes, bad transactions accepted as good, etc.

With the aforementioned attack scenarios, the marginal cost of malicious behavior of network nodes must be higher than any possible gain from such nefarious behavior.

We contend that the only way to achieve security optimization is through designing economic incentives into the network itself to thwart unethical behavior. This can be achieved by requiring network nodes to put up a bond or stake that is proportional to the economic value the node underwrites for a certain length of block history while agreeing to the consensus algorithm’s rules. This mitigates the risk of long-range attacks on the network which is in line with many Proof-of-stake algorithms.

Nodes should be held accountable for any transactions they validate. Forfeiting of a node’s bond needs to be enforced by the consensus protocol upon discovery of malicious behavior, hence eliminating any unnecessary off-chain legal expense.

Economic incentives add economic security guarantees to technology security. New platforms need to be analyzed from a game theory perspective to ensure that all stakeholders reach their Nash Equilibrium. This is a big task. Participants and developers of these networks need to understand all the edge cases on the network that can be exploited by its users.

There are many ways to design, build, and deploy public networks that can be used to connect disparate health records, reduce the cost of payment administration, reduce operating expense, and curb abuse in a highly secure, confidential, and efficient manner.

The author is the founder and CEO of HealthCombix, Inc, a healthcare blockchain development company based in Nashville, Tennessee.

Copyright © ​HealthCombix 2018