区块链技术概述（英文版）.pdf

Draft NISTIR 8202 1 Blockchain Technology Overview 2 3 4 Dylan Yaga 5 Peter Mell 6 Nik Roby 7 Karen Scarfone 8 9 10 11 12 13 14 15 16 Draft NISTIR 8202 17 Blockchain Technology Overview 18 19 20 21 Dylan Yaga 22 Peter Mell 23 Computer Security Division 24 Information Technology Laboratory 25 26 Nik Roby 27 G2, Inc. 28 Annapolis Junction, MD 29 30 Karen Scarfone 31 Scarfone Cybersecurity 32 Clifton, VA 33 34 35 36 37 38 January 2018 39 40 41 42 43 44 U.S. Department of Commerce 45 Wilbur L. Ross, Jr., Secretary 46 47 National Institute of Standards and Technology 48 Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology 49 National Institute of Standards and Technology Internal Report 8202 50 59 pages (January 2018) 51 Certain commercial entities, equipment, or materials may be identified in this document in order to describe an 52 experimental procedure or concept adequately. Such identification is not intended to imply recommendation or 53 endorsement by NIST, nor is it intended to imply that the entities, materials, or equipment are necessarily the best 54 available for the purpose. 55 There may be references in this publication to other publications currently under development by NIST in accordance 56 with its assigned statutory responsibilities. The information in this publication, including concepts and methodologies, 57 may be used by federal agencies even before the completion of such companion publications. Thus, until each 58 publication is completed, current requirements, guidelines, and procedures, where they exist, remain operative. For 59 planning and transition purposes, federal agencies may wish to closely follow the development of these new 60 publications by NIST. 61 Organizations are encouraged to review all draft publications during public comment periods and provide feedback to 62 NIST. Many NIST cybersecurity publications, other than the ones noted above, are available at 63 csrc.nist.gov/publications.64 65 66 67 68 69 Public comment period: January 24, 2018 through February 23, 2018 National Institute of Standards and Technology Attn: Computer Security Division, Information Technology Laboratory 100 Bureau Drive (Mail Stop 8930) Gaithersburg, MD 20899-8930 Email: nistir8202-commentsnist.gov All comments are subject to release under the Freedom of Information Act (FOIA). 70 71 NISTIR 8202 (DRAFT) BLOCKCHAIN TECHNOLOGY OVERVIEW ii Reports on Computer Systems Technology 72 The Information Technology Laboratory (ITL) at the National Institute of Standards and 73 Technology (NIST) promotes the U.S. economy and public welfare by providing technical 74 leadership for the Nations measurement and standards infrastructure. ITL develops tests, test 75 methods, reference data, proof of concept implementations, and technical analyses to advance 76 the development and productive use of information technology. ITLs responsibilities include the 77 development of management, administrative, technical, and physical standards and guidelines for 78 the cost-effective security and privacy of other than national security-related information in 79 federal information systems. 80 81 Abstract 82 Blockchains are immutable digital ledger systems implemented in a distributed fashion (i.e., 83 without a central repository) and usually without a central authority. At its most basic level, they 84 enable a community of users to record transactions in a ledger public to that community such that 85 no transaction can be changed once published. This document provides a high-level technical 86 overview of blockchain technology. It discusses its application to electronic currency in depth, 87 but also shows its broader applications. The purpose is to help readers understand how 88 blockchains work, so that they can be appropriately and usefully applied to technology problems. 89 Additionally, this document explores some specific blockchain applications and some examples 90 of when a blockchain system should be considered for use. 91 92 93 Keywords 94 blockchain; consensus model; cryptocurrency; cryptographic hash; distributed ledger; mining 95 96 NISTIR 8202 (DRAFT) BLOCKCHAIN TECHNOLOGY OVERVIEW iii Acknowledgments 97 The authors wish to thank all contributors to this publication, and their colleagues who reviewed 98 drafts of this report and contributed technical and editorial additions. This includes James Dray, 99 Sandy Ressler, Rick Kuhn, Lee Badger, Eric Trapnell, and Mark Trapnell. 100 101 Audience 102 This publication is designed for readers with little or no knowledge of blockchain technology 103 who wish to understand at a high level how it works and for what it can be used. It is not 104 intended to be a technical guide; the discussion of the technology is abstracted to provide a 105 conceptual understanding. Note that some figures and tables are purposefully simplified to fit the 106 intended audience. 107 108 Trademark Information 109 All registered trademarks and trademarks belong to their respective organizations. 110 111 NISTIR 8202 (DRAFT) BLOCKCHAIN TECHNOLOGY OVERVIEW iv Executive Summary 112 Blockchains are immutable digital ledger systems implemented in a distributed fashion (i.e., 113 without a central repository) and usually without a central authority. At their most basic level, 114 they enable a community of users to record transactions in a ledger that is public to that 115 community, such that no transaction can be changed once published. In 2008, the blockchain 116 idea was combined in an innovative way with several other technologies and computing concepts 117 to enable the creation of modern cryptocurrencies: electronic money protected through 118 cryptographic mechanisms instead of a central repository. The first such blockchain based 119 approach was Bitcoin. These currency blockchain systems are novel in that they store value, not 120 just information. The value is attached to a digital walletan electronic device (or software) that 121 allows an individual to make electronic transactions. The wallets are used to sign transactions 122 sent from one wallet to another, recording the transferred value publicly, allowing all participants 123 of the network to independently verify the validity of the transactions. Each participant can keep 124 a full record of all transactions, making the network resilient to attempts to alter that record (or 125 forge transactions) later. 126 Because there are countless news articles and videos describing the “magic” of the blockchain, 127 this paper aims to describe the method behind the magic (i.e., how a blockchain system works). 128 Arthur C. Clarke once wrote, “Any sufficiently advanced technology is indistinguishable from 129 magic” 1. Clarkes statement is a perfect representation for the emerging use cases for 130 blockchain technology. There is a high level of hype around the use of blockchains, yet the 131 technology is not well understood. It is not magical; it will not solve all problems. As with all 132 new technology, there is a tendency to want to apply it to every sector in every way imaginable. 133 This document attempts bring a high-level understanding of the technology so that it can be 134 applied effectively. 135 As stated above, blockchain technology is the foundation of modern cryptocurrencies, so named 136 because of blockchains heavy usage of cryptographic functions. Users utilize public and private 137 keys to digitally sign and securely transact within the system. Users of the blockchain may solve 138 puzzles using cryptographic hashing in hopes of being rewarded with a fixed amount of the 139 cryptocurrency. However, blockchain technology is more broadly applicable than its application 140 to cryptocurrencies. In this work, we try to show this broader applicability while still focusing to 141 a large extent on the cryptocurrency use case (since that is the primary use case today). 142 Organizations considering implementing blockchain technology need to understand important 143 aspects of the technology. For example, what happens when an organization implements a 144 blockchain system and then decides they need to make modifications to the data stored? When 145 using a database, this can be accomplished through a simple query (or major changes can be 146 made by updating the database schema or software). However, on a blockchain, it is much more 147 difficult to change data or update the database software. Organizations need to understand the 148 extreme difficulty in changing anything that is already on the blockchain, and that changes to the 149 blockchain software may cause forking of the blockchain. Another critical aspect of blockchain 150 technology is how the participants agree that a transaction is valid. This is called “reaching 151 consensus”, and there are many models for doing so, each with positives and negatives for a 152 specific business case. 153 NISTIR 8202 (DRAFT) BLOCKCHAIN TECHNOLOGY OVERVIEW v Some existing blockchain technologies focus on storing wealth, while others are a platform for 154 smart contracts (software which is deployed on the blockchain itself, and executed by the 155 computers running that blockchain). New blockchain technologies are being developed 156 constantly to enable new use cases and to improve the efficiency of existing systems. Some 157 blockchain implementations are permissionless, meaning anyone can read and write to them. 158 Other implementations limit participation to specific people or companies, allow finer-grained 159 controls, and may be managed by a central entity. Knowing these specifics allows an 160 organization to understand what will be most applicable to its needs. 161 Despite the many variations of blockchain systems and the rapid development of new 162 technologies, most blockchains use some common core concepts. Each transaction involves one 163 or more addresses and a recording of what happened, and it is digitally signed. Blockchains are 164 comprised of blocks, each block being a group of transactions. All the transactions in a block are 165 grouped together, along with a cryptographic hash of the previous block. Finally, a new hash is 166 created for the current blocks header to be recorded within the block data itself as well as within 167 the next block. Over time, each block is then chained to the previous block in the chain by 168 adding the hash of the previous block to the header of the current block. 169 Each technology used in a blockchain system takes existing, proven concepts and merges them 170 together in a way that can address problems that were previously difficult. This document 171 explores the fundamentals of how blockchain technologies work, how the participants in the 172 network come to agree whether a transaction is valid, what happens when changes need to be 173 made to an existing blockchain deployment, and how permissions work. Additionally, this 174 document explores specific blockchain applications and examples of when to consider using a 175 blockchain system. 176 The use of blockchain technology is not a silver bullet, and there are issues that must be 177 considered such as how to deal with malicious users, how controls are applied, and the 178 limitations of any blockchain implementation. That said, blockchain technology is an important 179 concept that will be a basis for many new solutions. 180 NISTIR 8202 (DRAFT) BLOCKCHAIN TECHNOLOGY OVERVIEW vi Table of Contents 181 Executive Summary . iv 182 1 Introduction . 9 183 1.1 Background and History . 9 184 1.2 Purpose and Scope . 10 185 1.3 Notes on Terms . 10 186 1.4 Document Structure . 10 187 2 Blockchain Architecture . 12 188 2.1 Hashes . 12 189 2.2 Transactions . 13 190 2.3 Asymmetric-Key Cryptography . 13 191 2.4 Addresses and Address Derivation . 14 192 2.4.1 Private Key Storage . 14 193 2.5 Ledgers . 15 194 2.6 Blocks . 19 195 2.7 Chaining Blocks . 23 196 3 Blockchains in Operation . 23 197 4 Consensus . 26 198 4.1 Proof of Work Consensus Model . 26 199 4.2 Proof of Stake Consensus Model . 29 200 4.3 Round Robin Consensus Model . 30 201 4.4 Ledger Conflicts and Resolutions . 30 202 5 Forking . 33 203 5.1 Soft Forks . 33 204 5.2 Hard Forks . 33 205 5.3 Cryptographic Changes and Forks . 34 206 6 Smart Contracts . 35 207 7 Blockchain Categorization . 36 208 7.1 Permissioned . 36 209 7.1.1 Application Considerations for Permissioned Blockchains . 36 210 7.1.2 Use Case Examples