Remember PKI? Blockchain might go the same way.
Is history repeating itself with blockchain technology?
Blockchain – the online general ledger or database on steroids – is considered by its proponents to be inherently secure, because it has no single owner or point of control and immutable records of transactions are maintained by independent parties.
However, Luther Martin, distinguished technologist at HPE Security, says we’ve heard all this before – about two decades ago. We recently had the chance to catch up with Martin, who expanded on the similarities between blockchain and another blockbuster technology from the late 1990s.
Blockchain today “seems very much like the hype that drove interest in public-key infrastructure – PKI — technology back in the dot-com boom,” he opines. There are many similarities, he explains. For one, blockchain supporters “are suggesting that it can be used to solve all sorts of problems and that it will soon be ubiquitous. There’s even the suggestion that businesses need to start planning on how to use blockchain technology or end up being crushed by their competitors who will benefit from it.”
Those were the same arguments originally heard in the early days of PKI, he relates, and “just like PKI ended up having just a few useful applications and disappearing into the IT infrastructure in a decidedly non-flashy way, we’ll probably see the same thing with blockchain technology.”
Martin calls blockchain “the PKI of the 21st century.”
So, what happened with PKI? How did it evolve from disruptor to disappeared?
Blockchain challenges: legal
“Many of the failures of PKI were caused by its failure to address an important problem that businesses face,” Martin says, and that is regulatory and compliance requirements. “The technology could address actual problems, but other business process or regulatory issues turned out to make its use unappealing,” he explains. “We’ll probably see a similar outcome to many of the investigations into blockchain technology. For example, many hospitals are unwilling to digitally sign some documents because the codes that HIPAA mandates may need to be manually corrected, and those corrections will break a digital signature. Similarly, recording real estate transactions in a public ledger like a blockchain isn’t allowed in some countries because those transactions are considered private.”
This is fertile ground for lawyers and regulators to earn a living for some time to come, Martin adds.
“Just like it took lawyers a while to work out a reasonable way to provide a legal framework for the use of PKI — the now-familiar Certificate Policy and Certificate Practices Statement documents — it will probably take a while for lawyers to work out a reasonable legal framework for transactions involving blockchains,” he predicts.That’s because “transactions of any significance get tricky and need a robust legal framework for ensuring that they’re sound. That’s why important data like bank accounts are either heavily regulated or operated by government organizations.”
Blockchain, on the other hand, “does not currently have the same level of legal backing,” Martin continues. “It’s possible to undo lots of transactions in our current legal environment. Reversing charges on credit cards is possible, for example, and is a desirable feature of our current system. And paper contracts can be repudiated or otherwise undone in all sorts of ways. But it’s not clear how the immutable nature of blockchain technology would adapt to that sort of environment.”
Blockchain as a behind-the-scenes force
While PKI has disappeared into corporate infrastructure, he stresses that it isn’t useless or a failure of a technology. “PKI supports the secure connections to web servers that encrypt most of the world’s e-commerce,” he states. “It’s now a vital part of how the internet operates. But it also didn’t end up being as significant a technology as its supporters once thought that it would be.”
Martin adds that he was one of those supporters. “But I like to think that I’ve learned a thing of two from seeing my favorite technology fail to live up to its expectations.”
Ultimately, Martin predicts blockchain will be an important piece of global networks, supporting e-commerce and the Internet of Things. It will be a behind-the-scenes workhorse, but will not fulfill its hyped status as a “disruptive” technology.