information security in private blockchains
TRANSCRIPT
Information security in private blockchains
Dr Gideon Greenspan, Founder and CEO
Overview
• Blockchain databases • Internal risks • External risks • Mitigation strategies • Summary
Centralized databases
Client Server
Client
Request
Blockchain databases
Node
Node
Node
Node Transaction
Block
Blockchain databases
Node
Node
Node
Node Transaction
Block
Blockchain
Consensus created by validator nodes
Ledgers in regular databases
Account number Balance
04823872 £ 229.94
20956298 £ 431.05
38103749 £ 183.67
Ledgers in blockchains
Public key hash Balance
13B9cMd5Ch9fu6qU494gHTfAPFQfq3ZSGx £ 229.94
1FRZvSBc1cRFbmwbzNhhaQTyRJXRujN2Sq £ 431.05
1HDxhfeoSQmVNzTnZRLe2Z6nJ1LLAuGWpa £ 183.67
Ledgers in blockchains
Public key hash Balance
13B9cMd5Ch9fu6qU4 94gHTfAPFQfq3ZSGx £ 229.94
1FRZvSBc1cRFbmwbz NhhaQTyRJXRujN2Sq £ 146.83
1FRZvSBc1cRFbmwbz NhhaQTyRJXRujN2Sq £ 284.22
Multiple entries for one account ⇒ concurrent distributed transactions
Internal risks: regular node
• What can a bad regular node do? ⤫ Spend somebody else’s money ⤫ Create more money ⤫ Spend own money twice ⤫ Flood the network (denial of service) ⤫ Censor transactions
• Why are we so confident? ü 7 years of bitcoin history
Internal risks: validator node
• What can a bad validator node do? ⤫ Spend somebody else’s money ⤫ Create more money ⤫ Spend own money twice ⤫ Flood the network (denial of service) ⤫ Censor transactions ü Delay transaction confirmation ü Resolve conflicts with bias
Internal risks: validator majority
• What can a bad validator majority do? ⤫ Spend somebody else’s money ⤫ Create more money ⤫ Spend own money twice ⤫ Flood the network (denial of service) ü Censor transactions ü Delay transaction confirmation ü Resolve conflicts with bias
External risks: network violation
⤫ Denial of service – Peer-to-peer resilience
⤫ Wiretapping – Handshaking with digital signatures – Extend to encrypted communication
⤫ Spoofing / Man-in-the-middle – Impossible without key compromise – Transaction source irrelevant anyway
External risks: host violation
Blockchain node
Centralized client
Centralized server
Read mine ✓︎ ✓ ✓︎︎ Read all ✓ ✕ ✓︎
Write mine ✓ ✓ ✓ Write all ✕ ✕ ✓
Mitigation: Cold storage
• Offline “cold” private key (air gapped) – Most funds stored in cold address – Refill “hot” address as necessary
http
://b
itco
inga
rden
.tk/
trez
or-t
he-
hard
war
e-bi
tcoi
n-w
alle
t/
Mitigation: Multisignature
• Lock funds under n different keys – Stored on different nodes/devices
• Require m of those keys to spend – Special type of ledger entry
• Variations: – 1 of 2 for key loss – 2 of 2 for host security – 2 of 3 for escrow
Blockchain security: summary
Confidentiality ▼
Integrity ▲
Availability ▲
*
* Watch: zero-knowledge proofs