FSB partaking in developing international blockchain standard
This will empower Russian authorities to use new technology in the future.
In 2016, the International Organization for Standardization (ISO) established an ad hoc committee to develop a standard for blockchain technology. It also included several representatives from Russia, such as FSB officer Grigory Marshalko, two people, familiar with the experts of the committee, told Vedomosti. Members of the committee first convened for a full-time meeting in April in Australian Sydney. The Russian delegation of four people was led by Marshalko, said a member of the ISO committee, deputy chief of the laboratory of company Infotex Maxim Shevchenko. Shevchenko did not say whether Marshalko was a FSB officer.
Marshalko himself told Vedomosti that he represented the FSB in the Russian committee of Rosstandart for the standardization of cryptography. He refused to comment on his participation in the ISO committee and advised Vedomosti to contact the FSB's public relations center. The representative of the center did not respond to the request.
Since cryptographic means of security are at the core of blockchain technology and crypto currencies, the delegation to the international committee consists of members of the Russian committee of Rosstandart for the standardization of cryptography, explains Shevchenko. The Committee develops standards in the field of cryptographic information protection. The FSB oversees its work, the regulations of the committee states, its chairman is an employee of the FSB. An ad hoc committee on blockchain will appear in Russia only in autumn, Rosstandart began to recruit experts on August 11.
The task of Russian representatives in the ISO committee is to include Russian cryptographic algorithms into the international standard of blockchain, says one of the experts of the committee and member of the committee Alexei Urivsky.
The lack of solutions certified by the FSB and FSTEC based on blockchain technology is one of the drawbacks of this technology, a representative of the Ministry of Communications told Vedomosti in May.
Legal regulation of blockchain in the world at large and in Russia in particular is only being formed, and the state regulates the turnover of cryptographic means of information protection quite strictly, Shevchenko said. For example, decisions certified by the FSB of Russia are provided for some systems that process personal data, 'bank-client' systems for legal entities, Shevchenko explains.
The state defined its plans for blockchain in the digital economy program, which the government approved at the end of July. According to the document, in the IV quarter of 2018 draft regulations should be prepared that would allow conducting a legal experiment on use of blockchain to certify the rights. By the end of March 2019, the documents are to be accepted, and the experiment itself is planned for the IV quarter of 2019. The experiment will last a year, and based on its results it will be necessary to consolidate the legal conditions for the use of blockchain in the legislation.
But without certified electronic signature means, which are used in the detachment, Russian state agencies are most likely not able to use blockchain, Urivsky continues. There is no place for Western cryptography, says the expert. The advantages of blockchain are impossibility to change past transactions and the ability to track all stages of the transaction, the representative of the Ministry of Communications said. By the same token, he called the inadequate elaboration of information dissemination mechanisms and the delineation of access to it, which may be fraught with its leakage. In addition, because of the novelty of the blockchain it is difficult to judge its scalability and performance. In the opinion of the Ministry of Communications, it is possible to use blockchain in transactions for the purchase and sale of real estate and even transfer of the funded part of pension to non-state pension funds. But there is no place for a blockchain, where there is one central service provider and there is no direct exchange of information or values between different participants, the representative of Sberbank noted.
Russian organizations have already started using blockchain. For example, in Sberbank's projects on blockchain, foreign means of cryptographic protection are predominantly used, says Igor Bulantsev, the senior vice president of Sberbank. According to him, several experiments with the Russian platform Masterchain, performed already on Russian GOSTs, were held in Sberbank. Masterchain is now being certified by the FSB, said a spokeswoman for the Fintech Association's Central Bank.
The FSB is trying to add Russian algorithms to international registries, so that the Russian user first voluntarily, and then forcibly select domestic blockchain, author of the book The Battle for Runet Andrey Soldatov noted. According to him, this fits into the state-developed concept of digital sovereignty.
What is blockchain
To understand the concept of the blockchain, you can draw an analogy with the card file, where each card belongs to the same owner, explains the KPMG senior manager of the consulting group for advanced technologies Vladislav Pavperov. All cards are linked (including chronologically) with each other so that if you change the record in one of them (for example, transfer of an asset to another owner) information about this is reflected in all the others. So the blockchain ensures the reliability of all records in the file cabinet and the reliability of their changes, stores the history of all changes. In the file cabinet, it is impossible to do anything retroactively - security is provided by cryptography. In each block of data, the calculated checksum of the previous block is built in - a similar technology is used in torrents. Thus, the blocks are aligned in a linked chain and it is impossible either to modify the block in its middle or to remove it - this will inevitably show up when checking subsequent blocks. Moreover, since this is a distributed technology, that is, the whole chain of encrypted data is stored by each participant of the process, their unauthorized modification and recalculation of the checksum become practically impossible.