2. Tentang Saya
u Kepala Pusat Studi Kriptografi dan
Keamanan Informasi, Universitas
Gunadarma
u Disertasi @Universitaet Bielefeld
(2007)
u Protokol Kriptografi Penyelesaian
Transaksi Keuangan Pada Sistem
Terdesentralisasi
u Protokol Cryptocurrency sebelum
Blockchain
u Pengalaman Mengajar
u Dosen Tetap, Universitas Gunadarma
u Dosen Pengampu MOOC APTIKOM
u Dosen Tamu, Blekinge Technische
Hogshkola (BTH), Sweden
u Dosen Tamu Pada Jurusan
Kriminologi – UI
u Konsultan Teknologi Informasi :
u Certification Authority System
u Payment System
u Information Security Audit & Security
Testing
u IPTV / OTT System
u Blockchain Implementation & DApps
Development
u National Roadmap for CSIRT
u National Cybersecurity Framework
for E-Government
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
3. Agenda
u How Blockchain Works
u Hands-on : Exploring Chain of Hash
u Exploring Ethereum Blockchain Networks
u Hands-on : Blockchain Explorer
u SmartContract
u Hands-on : Ether Wallet on a Private Blockchain (AAMAIBlockchain)
u Please download and install : https://metamask.io
u Tutorial : https://youtu.be/2n74ICcvNKk
u Exploring Possible Scenario of Decentralized Application in
Insurance Industry
u Hands-On : Executing Example DApps on Flight Delay Insurance
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
5. Sir Tim Bernes-Lee's vision of the INTERNET
u Back in 1994, he described the software system he was
about to develop as
u decentralization: no central authority, no single point of
failure, no central controlling node, no "kill switch"
u non-discrimination: everyone is free to choose how they
connect to the system
u openness: system will be developed in full view of
everyone, encouraging maximum participation and
experimentation
u universality: all computers on the network communicate
with each other regardless of hardware or location
u consensus: both systems and users will comply with
standards that are created through transparent,
participatory process based on consensus
u https://webfoundation.org/about/vision/history-of-the-
web
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
6. Motivation
u The Era of Digital
Economy and Industry 4.0
u Receives great deal of
Public Attention since
2014
u BlockChain might replace
Centralized System such
as Bank
u Recent Development of
Smart Contract
Technology
u Recent Research in
Decentralized Systems
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
7. BlockChain for Zero Hunger
World Food Programme
• Cash Transfer System for 100.000 Syrian Refugee in Jordan
• Iris data are acquired by UNHCR when refugee enter the
camp
• POS system with Iris scanner in every merchant / retailer
• Transactions are stored in the Permissioned BlockChain
using Parity Ethereum Client
• Transaction settlement every 2 weeks for the merchant
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
8. BlockChain for Zero Hunger
• Single ID using biometric
technology (Iris)
• Highly accurate
• No need to use cards or
tokens
• The ID represents Wallet in
Ethereum BlockChain
• Independent from any
central authority
• Direct cash distribution,
no intermediaries
• Transparent, traceable,
and accountable
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
9. How Blockchain Works
EVOLUTION OF DECENTRALIZED PROTOCOL
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
10. Centralized Systems
u Central Data Storage and Processing
u Users use dumb terminal
u Introduces Single point of failure
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
11. Internet as Large Scale Distributed
Systems
u Data stored in the
server and processing
are conducted both
in client and server
u Web 2.0 → social
network and B2B
u In E-Commerce :
u Payment gateway as
trusted third party for
completing
transactions
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
12. Decentralized Systems
u Peer to Peer
u Every node / peer has equal
role
u Self organization &
Community based
u No Central Authority
u Applications :
u File Sharing (back to the old
days)
u Independent data routing
(MANET) in wireless mesh
network
u NOW : Cryptocurrency and
Other Decentralized Apps
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
13. Research Question in Decentralized
System
“How can one complete transactions
when trusted authority or trusted
party is absent
or socially very weak”
Technically
“How to prevent double spending”
Since no central server for managing
the transactions
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
14. Some Proposals
1. Social Labelling Propagation. Information of
the financial balance is attached to the
label
2. Various Anonymous Protocols
u Cocaine Auction Protocol (Stajano &
Anderson, 1999).
3. Communal Key + Partial Community
Signature n-out-of-m to verify last state of
financial balance (2007)
u The ”Creation” and “Elimination” of
Institutional Money to complete
transactions
u https://pub.uni-
bielefeld.de/publication/2302717
4. BlockChain by a Pseudo Man called Satoshi
Nakamoto (Sept 2008)
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
15. What is BlockChain
u Satoshi Nakamoto (2008)
u Decentralized Ledger that promotes immutability
u BlockChain = Chain of Blocks that can be validated
u Transactions are stored in each Block
u Hash of Previous Block is Included in the Next Block
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
16. ü An algorithm to derive a
fixed length footprint /
digest of a message
ü One bit change in a
message cause more
then half change in the
digest
ü Used to prove integrity
of a message
ü Solve integrity problem
ü Algorithms: MD5, SHA1,
SHA256, TigerHash,
Kecak, etc
Hash Algorithm
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
17. How Blockchain Works ?
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
19. Hands on
u https://demoblockchain.org/hash
u https://demoblockchain.org/block
u https://demoblockchain.org/blockchain
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
20. BlockChain
u Consensus
Every peer has the same and exact copy of data
u Provenance
Chronology of Ownership
u Immutability
History can not be altered
u Finality
Once committed can not be revoked
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
21. The BlockChain
u A trades with B
u A send B a message : A gives 10 AAMAICoin to B digitally
signed by A
u B broadcast it to everyone on the network and ask to verify
u If there is enough verification -> everyone updates their copy
of ledger with consensus protocol
u Hash and Public Key promotes Non-Repudiation State
u Whole mechanism Prevent Double Spending
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
22. Merkle Tree
u A Tree structure in which
every leaf node is
labelled with the hash of
a data block and every
non-leaf node is labelled
with the hash of the
labels of its child nodes.
u Hash trees allow efficient
and secure verification
of the contents of large
data structures.
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
23. How to Verify Transactions in The Block
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
24. Consensus
u A blockchain is a decentralized peer-to-peer system with
no central authority :
u How are any decisions made?
u How does anything get done?
u To make decisions, peers using “consensus mechanisms” :
which candidate block is accepted by all peers to be the
next block
u The Bitcoin miners use proof-of-work protocol to construct
new blocks
u Others may have another methods / algorithm to conduct
concensus
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
25. Proof of Work
u Every node collect
transactions and form a
block
u The problem is to
determine whose block
will be accepted
u Criteria :
u True : every
transactions are
validated
u Has valid nonce in
corresponding to its
hash
u Nonce : a random
number
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
26. Proof of Work (2)
u Guess a random number (nonce)
where hash(hash(block+nonce))
< target_puzzle
u Target : hash with specified
number of zero in the hash
u For example :
0x0000f58283d63b7e8a9c
u In Bitcoin : Node who “wins” get
number of coin -> how coin is
minted
u When the node forms a block, it
asserts a transaction that he
receives number of coin
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
27. Proof of Work (3)
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
28. Consensus
u New transactions are broadcast to all nodes.
u Each node collects new transactions into a block.
u Each node works on finding a difficult proof-of-work for its block.
u When a node finds a proof-of-work, it broadcasts the block to all
nodes.
u Nodes accept the block only if all transactions in it are valid and not
already spent.
u Nodes express their acceptance of the block by working on
creating the next block in the chain, using the hash of the accepted
block as the previous hash.
u Nodes always consider the longest chain to be the correct one and
will keep working on extending it.
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
32. How the Network Converges
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
33. Mining and Miners Problem
u Successful miners are “rewarded” some
cryptocurrency
u it encourages participations
u It requires lots of computing power (
consumes lots of energy )
u It is a business for several people
u Other Algorithm does not need mining
(Tarigan, 2007)
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
34. Security
BlockChain employs
u RIPEMD-160 and SHA-256
for hash algorithm
u Elliptic Curve Digital
Signature Algorithm
Security :
u Prevent Double
Spending
u Can detect attempt of
forgery
u Accountability (we can
trace coin history)
u Problem :
u Private key stored in
Wallet are vulnerable
u Packet sniffing
u Sybill Attack
u DoS attack
u Illegal Content in
BlockChain
u Energy Consumption
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
35. Evolution of Trust
• Due to the inherent risk of
the lack of trust, today’s
economy is heavily
dependent on many
intermediaries
• It works relatively well
most of the time with
occasional scandals of
erosion of trust
• It adds on delays and
costs for the
intermediaries to validate
and enforce transactions
before the parties
Blockchain technology is the enabler for the future trust-
free sharing economy.
It is disruptive to existing business models that involve an
zero or low value-add intermediary.
36. Evolution of Trust
In blockchain
enabled economy,
information is
distributed and
trust is
decentralised and
formalised by smart
contracts
37. Use cases example for various industries
Financial Insurance Retail Manufacturin
g
Healthcare Public Sector
• Cross
border /
currency
payments
• Trade
Finance
• Loans
• KYC
• Claims filing
and
processing
• Risk
provenanc
e
• Fraud
detection
• Product
authenticity
and
provence
Ownership
&
attribution
• Supply
chain
provence
• Supply
Chain
Manageme
nt
• IoT
• Sharing of
patient
record
• Enable low
cost cross
border
treatment
• Asset
Registry
• Voting
• Identity
manageme
nt
38. What is “blockchain-able”?
u Blockchain is NOT the
panacea for every
problem!
u Need of a clear,
balanced method to
determine blockchain
suitability to a business
use-case
39. Business view of Blockchain
u In any blockchain applications, we need to identify
v Actors
v Actions / Transactions
v Business network
v Assets
v Agreement / contracts
v Ledger of transactions
40. Blockchain or not?
1. Can it be solved with more matured technology?
2. Can we clearly identify actors, assets and transactions?
3. Is there a need to have system enforced consensus, immutability, finality,
etc?
42. Public, Consortium or Private
Blockchain?
https://medium.com/@sbmeunier/when-do-you-need-blockchain-decision-models-a5c40e7c9ba1
https://eprint.iacr.org/2017/375.pdf
43. Business view of Blockchain
Current Centralised model Future blockchain decentralised model
Actors Importer, Exporters, Banks, Insurance,
Credit Finance, Transportation, Custom
Remains unchanged, some players may
see take a lesser importance role
Actions /
Transactions
Purchase / Sales, Insure, Claim, Apply
credit, Deliver, Track
remains unchanged
Business network TradeNet, SWIFT, Individual bank, insurer,
transport operator portal, Government
custom portal
Consolidate into a single blockchain or
multiple blockchain working in harmony
Assets Goods of all types, sizes and values Digitised assets tracked on blockchain.
Different treatment for homogeneous and
heterogeneous assets
Agreement /
contracts
Purchase Order, Invoices, Letter of
Credit, Bill of Lading, Insurance policy
Simplified legal contract to complement
blockchain smart contract
Ledger of
transactions
Individual party books of account Blockchain keeps all transactions
Individual business continues to keep their
books of account for internal use.
Reconciliation is always against blockchain
45. To BlockChain or Not To BlockChain
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
46. BlockChain and Decentralized System
u Cryptocurrency is one of the application of
Decentralized System like BlockChain
u Many other applications are possible to be
applied on the decentralized network
u Most of Big IT Technology Company proposes
their solution on BlockChain : IBM, Microsoft, etc
u Supply Chain, Healthcare, Reward System,
MicroPayment System, Virtual Crowd Based
Networking, etc
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
47. Ethereum’s SmartContract
u Written in Turing Complete Machine
u The network can run “any code”
u Founder : Vitalik Buterin
u The Main cryptocurrency is called Ether
u We can write our own currency in Ethereum
network / Platform using ERC 20 specification
u It enables almost any application can be run on
decentralized network in a form of Smart
Contract
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
50. Server-centric architecture
u Web / App server
manages private keys
on behalf of users
u All blockchain
transactions are
initiated by app server
u A natural extension of
conventional web-app
architecture into
blockchain DAPP
Browser
HTML CSS JS
Web / App
server
Ethereu
m node
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
51. Web / App
server
Ethereum
node
Browser
HTML CSS JS
Metamask
DApps Architecture
u Metamask (Wallet)
manages user’s private
keys
u Web / App server
manages application
private keys
u Blockchain transactions
are initiated by browsers
and app server
depending on the
nature of transaction
u Recommended
architecture for
production grade
Blockchain application
AAMAI
International
Conference
on
DIGITAL
TRANSFORMATION
IN
FINANCIAL
INDUSTRY
55. Blockchain in Insurance
AAMAI International Conference on DIGITAL TRANSFORMATION IN FINANCIAL
INDUSTRY
Auditable SmartContract
promotes security and trust
•SmartContract can be
audited by third parties
•Once deployed can not
be modified
Advanced Automation
•Medical record view/edit
authorization for medical
purposes
•Claim automation
•Rule Based Claim
Processing
•Vote-Based Claim
Processing
Cybersecurity
•Blockchain promotes
immutability
•Changes are transparants
56. Blockchain in Insurance
AAMAI International Conference on DIGITAL TRANSFORMATION IN FINANCIAL
INDUSTRY
Etherisc
Etherisc builds decentralized,
blockchain-centric applications for
different sectors of the insurance
industry. The company is focused on
using ledger technology to cut down on
inefficiencies, namely high processing
fees and extensive claim-processing
times.
Beenest
The company is teaming up
with WeTrust to develop a blockchain-
based insurance for Beenest
homeowners. For now, the Bee Token
can currently be used to book rooms in
the San Francisco area with the
aspiration to expand their processes
abroad in the near future.
57. Blockchain in Insurance
AAMAI International Conference on DIGITAL TRANSFORMATION IN FINANCIAL
INDUSTRY
Guardtime
Guardtime recently teamed up with
logistics giant Maersk to implement a
blockchain-based maritime insurance
platform that will manage risk, use smart
contracts and establish an immutable
chain-of-shipping to help insurance
companies thoroughly provide
coverage.
Fidentiax
users are able to buy, sell or store their
insurance policies on the company’s
blockchain. Using tokenization, the
blockchain-powered marketplace takes
existing policies and puts them into the
encrypted database. In real-time, users
are able to cash out on their policies,
buy policies from others or just find all
their insurance information in one place.
58. Blockchain in Insurance
AAMAI International Conference on DIGITAL TRANSFORMATION IN FINANCIAL
INDUSTRY
Lemonade
The company’s business model takes a
fixed fee from each monthly payment
and allocates the rest towards future
claims. If a claim is made, the
blockchain’s smart contracts will
immediately attempt to verify the loss so
a customer can get paid quickly.
Fizzy
Fizzy uses blockchain to ensure that
members whose flights are delayed
more than two hours are immediately
compensated. The company’s
blockchain supplements travel insurance
that usually doesn’t cover financial loss
due to flight delays.