Blockchain do not add additional security — Blockchain adds distributed trust

Privacy — Conventional central technology is superior

Privacy on public Blockchains is about no one knowing your identity by covering everyone behind their hashed public key, but the sequence and content of events stored on the Blockchain often reveal too much information and should be protected from untrusted viewers. For example, an untrusted viewer can use analytics to gain knowledge of the characteristic of the transactions that have happened and the likely future transactions.

In permission Blockchains where untrusted nodes cannot join, the transaction parties’ identity is known at least to each other, but the transaction details can be encrypted. Permission Blockchains allow fine-grained control over each element in a transaction, enabling detailed specification of each party’s access rights. However, in several use cases, the shared ledger requirement collides with the confidentiality requirement.

Examples are where it is relevant for several parties further down the value chain to know about transactions happened earlier, and these transactions do at the same time have to be kept confidential from actors not part of the value chain. These parties do not know each other and do they not know precisely who will be producing and consuming each event, e.g., the trucker handling a shipping container. To keep the shared version of the truth together with confidentiality, it will be necessary to implement a very sophisticated concept for distribution of encryption keys.

It is worth noting that with a central trusted solution there is only one point of attack for hackers to try to get access to the data, but in a permission Blockchain there is several points of attacks, one for each node, wherefore data is only protected as good as the weakest link in the chain

In Blockchain, it is just the owner of data that can update the values and the owner of a smart contract that can execute it. The identity of users is done via public-private key’s and is as such not protected or governed by the consensus algorithm. Like with central solutions the security of cryptographic solutions is only as secure as the way the private key is protected. So, all the traditional methods to steal private keys (malware, phishing, social engineering, etc.) is just as good on Blockchain based solutions as it is on a central system

read original article here