Close this search box.

We are creating some awesome events for you. Kindly bear with us.

NIST report attempts to dispel common misconceptions about blockchain technology

NIST report attempts to dispel common misconceptions about blockchain technology

As hype around cyrptocurrencies and their underlying
technology, blockchain, reaches new heights, the National Institute of
Standards and Technology (NIST), a measurement standards laboratory, and a
non-regulatory agency of the United States Department of Commerce, has released
a report which attempts to dispel certain misconceptions around the technology.

The NIST document, titled Draft NIST
Interagency Report (NISTIR) 8202: Blockchain Technology Overview
, explains
blockchain architecture and its components, discusses its use in electronic
currency, and goes on to discuss broader applications in areas such as banking,
supply chain management and categories of blockchain.

The NIST report’s authors hope it will be useful to
businesses that want to make clear-eyed decisions about whether blockchain
would be an asset to their products.

Dylan Yaga, a NIST computer scientist who is one of the
report’s authors, said, “We want to help people understand how blockchains work
so that they can appropriately and usefully apply them to technology problems. It’s
an introduction to the things you should understand and think about if you want
to use blockchain.”

The report raises the question of when is the use of
blockchain appropriate, as there can be the temptation to use blockchain merely
for its novelty.

“In the corporate world, there’s always a push to adopt new
technologies. Blockchain is today’s shiny new toy, and there’s a big push to
adopt it because of that. We want to help people to see past the hype, as lofty
a goal as that is,” added Yaga.

One of the misconceptions the report talks about is that
permissionless blockchains are systems without control and ownership. However,
while no user, government, or country controls a blockchain, there is still a
group of core developers who are responsible for the system’s development.
These developers may act in the interest of the community at large, but they
still maintain some level of control.

The report asserts that the phrase “no one controls a
blockchain!” would be better stated as, “no one controls with whom and when you
can perform transactions, within the rules of the blockchain system.”

Another common misinterpretation the authors seek to address
is that there is no “trusted third  party” in a blockchain and assuming blockchain
systems are “trustless” environments. They point out that while there is no
trusted third party certifying transactions in permissionless blockchain
systems (in permissioned systems administrators act as an administrator of  trust by granting users admission and
permissions), there is still trust required to work within a blockchain system.
For example, there is trust in the cryptographic technologies, trust in the
developers of the software to produce software that is as bug-free as possible,
trust that most users of the blockchain are not colluding in secret, as well as
trust that nodes are accepting and processing transactions fairly.

If a single group or individual can control more than 50
percent of all block creation power, it is possible to subvert a permissionless
blockchain system. However, obtaining the necessary computational power is usually
prohibitively expensive. The authors also mention that cryptographic algorithms
utilised within most blockchain technologies for public/private key pairs will
need to be replaced if a powerful quantum computer becomes a reality.

The report highlights constraints in blockchain technology,
such as long processing time and high electricity consumption in blockchain
systems using a proof of work consensus method, where a user gets the right to
publish the next block by solving a computationally intensive puzzle. (A single
bitcoin transaction requires as much electricity
as the daily consumption
of 1.6 American households.)

Moreover, there are limitations on the amount of data that can
be stored on blockchains. They are not meant to be a general storage medium. In
order to quickly calculate hashes on transactions and distribute transactions
amongst the network, transactions need to be relatively small.

There’s also a security concern, as users must manage their
own private keys, in the absence of a centralised system. If they lose their
key, or it gets stolen, then digital assets related to that private key are
lost. Centralized key management solutions can be put into place, but then they
have the problem of having a central point of failure, which is a problem
blockchains are supposed to solve. (In the recent Coincheck hack, hackers stole
the private key for the hot wallet where NEM coins were stored, according
to Cointelegraph

Another important myth this NIST report takes up is that
blockchain intrinsically supports identity management. The authors explain
there is no one-to-one relationship of private key pairs to users (a user can
have multiple private keys), nor is there a one-to-one relationship between
blockchain addresses and public keys (multiple addresses can be derived from a
single public key).

A blockchain’s transaction signature verification process
links transactions to the owners of private keys, but does not provide any
facility for associating real-world identities with these owners. It might be
possible to connect real-world identities with private keys through processes
outside, but these are not explicitly supported by the blockchain. Typical
blockchain implementations are not designed to serve as standalone identity
management systems.

Finally, the report notes that blockchains will most probably
be another tool that can be used to solve newer sets of problems. Financial
organizations are most likely to experience greatest impact from blockchains,
possibly needing to adapt or even completely change their practices to focus on
being platforms for value exchange and not just places to store value.

Read the complete report here. 


Qlik’s vision is a data-literate world, where everyone can use data and analytics to improve decision-making and solve their most challenging problems. A private company, Qlik offers real-time data integration and analytics solutions, powered by Qlik Cloud, to close the gaps between data, insights and action. By transforming data into Active Intelligence, businesses can drive better decisions, improve revenue and profitability, and optimize customer relationships. Qlik serves more than 38,000 active customers in over 100 countries.


CTC Global Singapore, a premier end-to-end IT solutions provider, is a fully owned subsidiary of ITOCHU Techno-Solutions Corporation (CTC) and ITOCHU Corporation.

Since 1972, CTC has established itself as one of the country’s top IT solutions providers. With 50 years of experience, headed by an experienced management team and staffed by over 200 qualified IT professionals, we support organizations with integrated IT solutions expertise in Autonomous IT, Cyber Security, Digital Transformation, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Well-known for our strengths in system integration and consultation, CTC Global proves to be the preferred IT outsourcing destination for organizations all over Singapore today.


Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit


SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.


HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 


IBM is a leading global hybrid cloud and AI, and business services provider. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity and service.