Date Published: May 2018
Comments Due: August 3, 2018 (public comment period is CLOSED)
Email Questions to: email@example.com
Richard Kuhn (NIST)
The European General Data Protection Regulation (GDPR) requires that organizations make it possible to delete all information related to a particular individual, at that person's request. This requirement may be incompatible with current blockchain data structures, including private (permissioned) blockchains, because blockchains are designed to ensure that block contents are immutable. Any change in a block will invalidate subsequent hashes in following blocks, losing integrity protection. This note describes a data structure that provides the capability of deleting specified blocks while retaining hash-based assurance that other blocks are unchanged. It is primarily designed to be implemented in a permissioned infrastructure, providing certain features of existing permissioned blockchains.
Keywords cryptographic hash; data structure; distributed ledger; integrity protection