Security and Privacy-Enhancing Technologies for Blockchain and Cryptocurrency


Among recently technological advances, blockchain technology is an emerging new approach in the domain of information technologies. В lockchain is the use of advanced cryptographic proficiencies to implement a distributed system by a decentralized ledger of all existing transactions across a peer-to-peer (P2P) network, and allow fast processing of transactions in potentially trustless surroundings. It has firmly caught the imagination of cryptonerds, researchers, central bankers, and programmers, as well as politicians. By design, blockchain is a distributed decentralized tamper-proof ledger of records. Using blockchain technology, parties can control transactions without the need for a central certifying authority. Its potential applications allow fund transfers, voting, settling trades, and many other attractive uses. In blockchain, a transaction is the set of hash of the previous digitally signed transaction and the public key of the next owner. Each transaction is signed with a private key, and is verified by the public key [1], as shown in Figure 8.1.

Its working principle:

  • 1. Anyone can request a transaction.
  • 2. The requested transaction should broadcast to a P2P connection consisting of computers called nodes.
  • 3. The nodes validate the transaction and the user’s status using existing known algorithms.
Network of transactions in a blockchain

FIGURE 8.1 Network of transactions in a blockchain.

  • 4. A validated transaction can exhibit cryptocurrency, records, contracts, and/ or other important information. Cryptocurrency is a medium of exchange, generated and stored electronically in blockchain, using more secured encryption techniques to handle the generation of monetary units and to confirm the truth of the transfer of funds; bitcoin is the most suitable example.
  • 5. Once validated, this transaction is merged with other transactions to generate a new block of information for the ledger.
  • 6. The new data block is then combined to the existing blockchain permanently that is unalterable.
  • 7. The transaction comes to a finish or an end.

In blockchain technology, data is stored in the form of multiple required blocks and these blocks are connected with each other through a network. A newly generated block would be connected to its former block; in this way this method creates a chain of blocks, which is called a blockchain. The process of adding new blocks to the blockchain is called mining [2]. The data stored in the block is permanent as it cannot be easily and directly changed. It is a very critical task to make any alteration or modification to the stored data. This is so because it needs agreement from all participating nodes for any update in the blockchain.

Each block of the blockchain consists of a hash of the previous block. A hash is the sequence of multiple characters and numbers. The features of transparency and verifiability prevent unauthorized access to the blocks and hence do not allow any changes. “No brainer” use cases are offered for applying blockchain technology by capital and finance markets. Bitcoin has proved itself successful in producing digital money and tracking its ownership. Today, there exist hundreds of cryptocurrencies. These blockchain technologies have become very attractive and popular due to the following facts of multi-activities in terms of privacy and confidentiality in the field of transactions:

  • • Support for all digital transactions
  • • Transparency
  • • Accurate tracking
  • • Cost reduction
  • • Provenance
  • • Permanent ledger: Creates an open permanent ledger, which makes it safe and easier to share information within the network
  • • Auditability
  • • Elimination of middleman: Avoids the need of a middleman which is able to reduce cost
  • • Faster time to market

Projects involving blockchain concepts should strive to prepare protocols in a manner such that their participants are incentivized to maximize the value of the system as a whole; in other words, it should be more profitable to secure and create the blockchain ecosystem more valuable than it is to cheat and make profit for oneself. This idea should be the essence for the design of the protocol underlying bitcoin’s blockchain.

As the blockchain market has grown very quickly in the past few years, malicious people’s attacks on the blockchain system are becoming a serious threat to transactions. Hence it is urgent to conduct research on the security issues of blockchain.

The remainder of this chapter is organized as follows. Section 8.2 presents related work on bitcoin scalability trade-off. Different effective attacks associated with blockchain are elaborated in Section 8.3 along with their potential defenses in Section 8.4. Comparisons and results analysis is presented in Section 8.5. Finally, conclusions are drawn in Section 8.6.

Related Work on Bitcoin Scalability Trade-Off

Scalability is the strength of a system, process, or network to handle an increasing number of tasks with time, or its potential to be enhanced to adjust to that growth. For example, a network is considered scalable if it is capable of growing its total output when load is increased and resources such as hardware are merged with the system. Scalability is a substantial factor in computer systems, for example, databases, networking, and routers.

Bitcoin scalability trade-off refers to the discussion regarding the constraints on the number of transactions a bitcoin network can handle to process and execute successfully. It is related to the fact that records (known as blocks) in the bitcoin blockchain are limited in size and frequency. Blocks of bitcoin contain the transactions on the bitcoin network. The on chain transaction processing capacity of the bitcoin network is limited by the average block creation time of ten minutes and the block size limit. These jointly constrain the throughput of network. The transaction processing capacity maximum is estimated between 3.3 and 7 transactions per second. There are various proposed and activated solutions to address this issue efficiently.

Enhancing the transaction processing limit of a network demands various improvements to the technical principles of bitcoin, in a process known as a fork. Forks can be classified into two types: soft fork and hard fork.

Soft Fork

A soft fork is any change of rules that enable recognition of newly produced blocks as valid by the old software. Thus it is backward-compatible. A soft fork is also able to split the blockchain when newly generated blocks not considered valid by the non- upgraded software and the new rules.

Hard Fork

In contrast to a soft fork, a hard fork is a software upgrade introducing new rules to the network, thus abolishing the old software that is not able to recognize new blocks as valid [3]. In case of a hard fork, all nodes meant to work in accordance with the new rules need to update their software.

If one group of nodes continues to follow the non-upgraded old software while the other group of nodes uses the new updated software, a split will take place. For example, platforms such as Ethereum, introduced in Vitalik Buterin’s paper [4], that can allow for the production of smart contracts; digital entities with ingrained computer code that execute contractual agreements based on future events [5]. These entities represent financial instruments, currency, and land ownership, etc. Ethereum has hard-forked to make all the investors in the DAO, which had been hacked due to a vulnerability in its code [6]. In this case, the split creates Ethereum and Ethereum Classic chains by the fork.

In 2014, the NXT community considered a hard fork that could have led to a rollback of the blockchain records to mitigate the effects of a theft of 50 million NXT against a major cryptocurrency exchange. The hard fork proposal was rejected, and a few funds were retrieved after negotiations and ransom payment [7]. Alternatively, to assure from a permanent split, maximum nodes using the new upgraded software can return to the old rules, as was the case in the bitcoin split [8]. Bitcoin Cash is a hard fork of bitcoin enhancing the maximum block size. Bitcoin XT, Bitcoin Classic and Bitcoin Unlimited all supported an enhancement to the maximum block size through a hard fork.

Lei et al. [5] suggested a technique for secure key management in an Intelligent Transportation System (ITS). In [9], Khan et al. proposed that the intrinsic features of blockchain technology can be exploited to address many privacy and security related problems of IoT systems. In [10], a decentralized system is suggested which combines Inter Planetary File System (IPFS), Ethereum blockchain, and Attribute Based Encryption (ABE) to assure fine-grained access control to the owners and the users of the stored data.

Finally, Guo etal.[ 11] approach the combined blockchain with an Attribute Based Signature (ABS) mechanism to prevent collusion attacks in multiple authority parties.

Efficiency Improvements

Transaction throughput is limited practically by a parameter known as block size limit. Various increases to this limit, and proposals to remove it completely, have been proposed over bitcoin history.

Effective Attacks on Blockchain

Blockchain has successfully started up a brave new world to create, hold, and distribute digital values in the world of business. Some are too afraid of blockchain to consider it to be the next wave of technology revolution; others dismiss this concept as a passing craze for the underworld of “crypto-cyber criminals”. Figure 8.2 and Figure 8.3 summarize the different types of the emerging blockchain threats, vulnerabilities, and attacks that are described in the following sections. Many of the following problems and solutions described in this article are anticipatory in nature; we pose these problems based on our best knowledge of how current transaction systems work and extrapolate from the existing security literature. However, the ideas put forth in this research article are not intended to replace existing works. Instead, these hardware-based countermeasures can be used to bolster system security or provide assurances of security that would otherwise be unachievable to the blockchain world.

Blockchain security and trust consist of a diverse array of threats, vulnerabilities, and attacks

FIGURE 8.2 Blockchain security and trust consist of a diverse array of threats, vulnerabilities, and attacks.

Different possibilities attacks on blockchain platform

FIGURE 8.3 Different possibilities attacks on blockchain platform.

Blockchain technology is secured intrinsically. In blockchain, the data or ledger are distributed across several computers, and hence it has removed any single point failure. Furthermore, a blockchain is scarcely possible to hack due to the implementation of cryptographic proofs and consensus mechanisms such as game theory within it. With the above underlying security features; nevertheless, blockchain security issues still prevail.

< Prev   CONTENTS   Source   Next >