Security expectations of blockchains

TechNews Writer
Pronouns
(She/Her)
Mon Nov 14, 2022

The word blockchain is something we all have heard on different occasions. The very first thing that comes to our mind when we hear it is “decentralization”. In Layman's terms, blockchain is a means to perform secure computing in an open environment by establishing trust without the need of a centralized authority. 

Secure computing means it is used for storing information, executing transactions, and performing functions. Blockchain is used for such computations in various sectors. I have recently read a research paper called “The Upcoming Blockchain Adoption in Higher Education”. The researchers are trying to come up with the ways to implement blockchain to maintain student transaction records for universities, operating in different cities and different countries. But the most common sector where blockchain has been in use for quite some time is the cryptocurrency system.

Cryptocurrency systems such as Bitcoin makes use of blockchain technology as a secure digital ledger for storing its growing and evolving list of transaction records in a hierarchical order, and each block is protected with different cryptographic techniques.

Once a transaction has been added to a block, and that block has been successfully committed to the blockchain, the content in that block cannot be compromised. This is the main reason why Bitcoin uses blockchain technology: these security techniques make the transactions resistant to hacking.

Due to the fact that many computations happen in an open environment, there is a high chance of information leakage, and that is where the security and privacy techniques come into the picture. There is a great variety of security techniques that are currently being used such as Hash Chained Storage, Digital Signature, and Consensus Algorithms. 

Hash Chained Storage is made up of two fundamental building blocks, Hash Pointer and Merkle Tree. Hash Pointer is the hash of the data to be stored in the block along with the pointer of the data in the previous block. Therefore, if an adversary tries to modify the transaction data in one block, he has to change the content in all the previous blocks. This is extremely difficult, as the length of the blockchain adds more complexity. Thus, by using the hash pointer, the entire blockchain is made tamper resilient. 

The Merkle Tree is the data structure used for building the blockchain. It is a binary search tree with its tree nodes linked to one another using hash pointers. If any pair of the lower level nodes are merged into one parent node, for each parent node, a node is created, and the hash value of both the nodes is added to the new node. To explain it in simple terms, if an adversary tries to change any transaction in any blocks, he has to change all the parent nodes, which is tedious. Even if he succeeds in changing the values of the root node, the hash pointer of the root node will definitely not match with the hash pointer that has been stored. As a result, the blockchain is resistant to modifications.

Digital Signatures are made up of three basic algorithms: Key Generation, Signing and Verification. Bitcoin makes use of the Elliptic Curve Digital Signature Algorithm. It is used to verify the user’s impression of the transaction. Consensus Algorithms are a set of rules which are agreed upon by all the members in the group over the shared component. Apart from these three, there are additional security measures that are also executed such as Mixing, Group Signature, Ring Signature, Homomorphic Encryption, etc. 

These security techniques might seem like Greek or Latin when we hear about them for the first time, but they really are not that sophisticated. The real challenge is implementing all these security techniques in a system and enhancing the degree of trust in the network. With the growing interest in blockchain in both academia and industry, in-depth understanding of these security and privacy techniques is expected. It is not always essential to implement difficult or complicated algorithms, even a lightweight algorithm can be used, as long as the security and integrity of the system aren’t compromised.

 

Reference Links: 

https://dl.acm.org/doi/pdf/10.1145/3316481


 

 

 

 

Appears in
2022 - Fall - Issue 9
Tags
Channel