Estonia’s ID card system apparently has a security flaw, though it hasn’t been exploited yet. Technical details are not available, but Estonian World says “The ID-cards issued before 16 October 2014 use a different chip and are not affected,” which suggests this is more likely in the smartcard chip than in the underlying system.

Someone emailed this morning asking if this had anything to do with Estonia’s widely publicised blockchain infrastructure initiatives. I would say probably not … but the reason I can’t say “definitely not” is that Estonia’s Blockchain™ promotion mostly supplies excellent examples of the media game of “telephone” I talk about in chapter 11 of the book:

“Talking about” becomes “considering doing,” becomes “will do,” becomes “is doing.” Even if a given blockchain trial does in fact happen, later failure is not documented. The mainstream press assume this is specialist press rather than boosterism, and run stories taking all this at face value. As the buzzword “Blockchain” has gained currency, they have tended to run blockchain marketers’ press releases barely edited, assuming there must be something to all of this.

I tried tracing back through to the original press releases (since zero of the journalists running these stories ask them even slightly pointed questions). Everything from e-Estonia itself is long on hype, short on detail and furiously mixes present and future tense.

e-Estonia’s preferred Blockchain™ software is KSI Blockchain. Amongst the generic blockchain claims, the only specific claim on that page is that “KSI Blockchain scales to 1012 items of data every second.” This would be a remarkable number for an actual database — for comparison, the extreme limit of IOPS (I/O operations per second) for an Oracle database on fast solid-state disks is in the millions.

That e-Estonia page links to the company site for suppliers Guardtime. KSI stands for “Keyless Signatures Infrastructure®” and was started in 2007. Their “blockchain” achieves fast throughput by limiting the number of participants, which also means they don’t need a computationally expensive consensus mechanism. Now, you might think this was functionally indistinguishable from a database …

I did find a PDF which Guardtime provided to the US Government’s HealthIT.gov. I am not a cryptographer and don’t fully understand this; if anyone who is could tell me if this makes any sense, I’d be most grateful. The promise is:

Through the properties of verifiable authenticity, identity of the client, and non-global positioning system-based non-spoofable time; KSI provides provenance, integrity and identity associated with digital assets. This implementation consumes far less storage and bandwidth than widely proliferated blockchain technology and can provide the above defined attributes for thousands of files a second scalable to billions.

The “blockchain” bit of KSI appears to be that it’s got a Merkle tree. Indeed, the paper says:

Unlike traditional approaches that depend on asymmetric key cryptography, KSI uses only hash-function cryptography, allowing verification to rely only on the security of hash-functions and the availability of the history of cryptologically linked root hashes (the blockchain).

— that is, they redefine the word “blockchain” to mean “Merkle tree.” Specifically, “hash-linked time-stamping.” (What the e-Estonia claim presumably means, then, is that KSI Blockchain can scale up to calculating 1012 hashes a second.) So anywhere I see the words “Estonia” and “Blockchain” together in the near future, my first thought will be “ledger in a Merkle tree.” This makes sense of press releases such as “KSI Blockchain to Secure Driverless Buses in Tallinn” — what they mean is they’re storing at least some data from the buses in a ledger authenticated by hashes.

What I say in chapter 11 of the book still seems to hold:

Transaction ledgers in tamper-evident chains and trees of hashes are a good idea, and businesses are about to discover how to use them for tamper-evident ledgers. These will likely be branded “Blockchain,” whether or not the product has anything else to do with blockchains.

Per Guardtime’s site, “Cryptocurrency protocols are great for cryptocurrencies — not for building solutions for enterprise data management.” Pretty good for years of coverage in the bitcoin press, though.

So this is not in fact good news for blockchains. Though it might be for Blockchain™. Thanks to Paul Marsch for the good question.