Blockchain Forensics

According to a patent application submitted in November 2017 but released yesterday, China’s Ministry of Public Security is interested in utilizing a time-stamped, blockchain-based system to store forensic evidence gathered in police investigations. The blockchain-based system will aid in preventing forensic data from being lost, tampered with, or being unreliable, problems currently faced by the Ministry which runs the country’s police forces.

China’s existing systems of data storage involve virtual disks, API logs, guest firewall logs and monitoring logs to ensure the reliability of forensics. However, the patent application refers to these existing methods as ‘difficult and cumbersome to operate’, and ‘easily tampered with’, providing impetus for a blockchain-based system.

China's Blockchain Invention

Under the new technology, forensic data will be sent to cloud providers, where they will be verified using multiple signatures, time stamped and then added to a blockchain.



Image: Recording of evidence on the blockchain network facilitated by joint signatures of the sender and receiver, verified by third-party Ombudsman (Source: Patent filing)

When a private investigator or receiver requires forensic data from a provider, he/she will request a list of evidence in a submission list, which will be filled by the provider. Upon ensuring the forensic data is acceptable, both parties sign the electronic list using their digital signatures, after which it is passed to a third-party Ombudsman for verification and publication on the blockchain, using the Chainpoint protocol to create a timestamp proof of the data.

Once the transaction is confirmed in the blockchain, the existence of relevant data can be proven by a blockchain receipt, which is issued by the Ombudsman to the sender and receiver. This details at least the submitted list hash, Merkle tree path, and transaction ID.



Image: Typical block containing two nonces, sender and receiver signatures, timestamp and hash values of forensic evidence files (Source: Patent filings)

In theory, this system will facilitate the rapid transfer, verification and confirmation of forensic data, eliminating threats of data tampering and violations of privacy when conducting criminal investigations.

Although it remains unclear how exactly China will use these data once added to the blockchain, the fact that it is being explored by one of China’s 26 cabinet-level ministries may have implications for how other countries apply blockchain technology to streamline the handling of evidence.

Follow our Steemit blog, @Cryptovate for daily cryptocurrency analysis, insights and opinions.

Disclaimer: Research publications are furnished by independent authors on the Cryptovate team. You are not obtaining any advice from Cryptovate Investments. You should always consult with your advisers before making any investment decisions and should you have any questions as to the laws that govern our cryptocurrency research, you should consult with your legal or investment advisers.