A new security feature developed by IBM and Intel extends blockchain capabilities and helps increase trust in high-stakes markets such as wireless spectrum auctions.
As telecom companies start rolling out the fifth generation of wireless networks, the term 5G is becoming omnipresent in the news linking it to the prospect of higher data transfer speeds. The race is on for businesses to tap into the promised speed bonanza. And given the high expectations, there is a lot at stake when it comes to securing bandwidth to operate the new technology. A new, blockchain-based security feature called Fabric Private Chaincode and developed by scientists at IBM and Intel can help establish trust in applications with strong privacy requirements, such as in the auctioning of wireless spectrum.
The project will be presented on March 4 at the Hyperledger Global Forum in Phoenix, AZ.
Billions of dollars at stake
Bandwidth allocation involves auctions with companies bidding for portions of the spectrum and a government agency acting as the auctioneer. These spectrum auctions represent investments in the order of billions of dollars so there is a non-negligible incentive for participants to try to game the system. Cheating can be attempted through collusion among companies or with the auctioneer, as well as by watching the bids of opponents before submitting one’s own bid and trying to conceal one’s own valuation of an asset until the opponent has revealed their valuation. Therefore, making sure that all bids submitted are confidential and that not even the auctioneer can manipulate the outcome of the auction are crucial requirements.
No need to trust the auctioneer
Market designers usually take great pains to ensure that in this kind of auction collusion and other forms of cheating are impossible by design. But even the best-designed auction still typically relies on a model of security where the auctioneer must be trusted not to collude with a bidder. The strong incentive to cheat combined with a security model with a potentially large “attack surface” can add up to large insurance and legal costs for everyone involved.
Now, researchers at IBM and Intel have developed a solution that relies on blockchain technology to address such loopholes and increase trust in the context of high-stakes use cases such as private auctions. It is called Fabric Private Chaincode (FPC) and it can be added to the Hyperledger Fabric, a permissioned blockchain hosted by the Linux Foundation, as a modular security feature. FPC uses Intel® Software Guard Extensions technology (Intel® SGX) in a way that enhances privacy and integrity throughout the auction.
How FPC helps establish trust
There are two aspects to trust in the context of an auction: confidentiality and integrity.
Confidentiality means here that the bids are kept secret from both the bidders and the auctioneer.
Integrity, on the other hand, means that neither the chaincode used to run the auction nor the transactions containing the bids can be tampered with.
The Fabric Private Chaincode project is a great example of how a smart combination of chaincode and Intel SGX can boost the value of blockchain technology by enabling new business models based on a new model of trust. In existing Hyperledger Fabric architectures, the integrity of smart contracts is protected by having multiple peers(servers) execute the same chaincode and verify that their results match. This works well for many use cases, but doesn’t suffice in systems where private execution is required.
Using Fabric Private Chaincode system, it is possible to design a high-stakes auction in which the “auctioneer” is in fact a smart contract, for which the source code may be inspected beforehand by all parties to the auction. When the auction begins, the participants can use Intel® SGX to get a cryptographic attestation to help verify that the code hasn’t been modified, and also have more confidence that the auctioneer is not looking inside the program while it executes. Not even the government agency running the auction can look into the bids or tamper with the execution. This new trust model is more compatible with positive incentives to simply bid one’s true value of each asset.
Ready for pilot deployment
In many real-world use cases such as high-stakes auctions, we expect FPC to add value by removing incentives to game the system. Doing so strengthens trust in the system and can help cut costs by removing the need for expensive security measures, oversight, insurance, and legal fees.
IBM and Intel believe that in the future Fabric Private Chaincode can facilitate more widespread adoption of Trusted Execution Environments such as Intel SGX. We anticipate that the trend in exploiting the capabilities of TEEs will move beyond specific high-stake use cases towards widespread use in blockchain applications, similarly to what HTTPS did for the Web.
For decades, society has benefitted from modern cryptography to protect our sensitive data during transmission and at rest. It seems daily that we see news about data breaches, privacy lapses, and inadvertent disclosures of information. In a real sense data privacy has gone from boardroom discussion a decade ago, to dinner table discussion. For IBM […]
Work by our group at IBM Research Europe in Zurich has led to a new method for the rapid implementation of microfluidic operations. By tailoring the potential landscape inside a flow cell, we form so-called “virtual channels” on demand to perform high-precision guiding and transport, splitting, merging and mixing of microfluidic flows. This allows to […]
IBM published a new release of its IBM Differential Privacy Library, which boasts a suite of tools for machine learning and data analytics tasks, all with built-in privacy guarantees. It's not unlike the the differential privacy the US Census will use to keep the responses of its citizens confidential when the data is made available.