In the first section, we briefly discuss Blockchain’s most recent security and privacy developments as well as its operation and security measures. We will quickly discuss the privacy and security features of Blockchain technology in this second section.
Security and privacy properties of Blockchain
Blockchain technology must fulfill a set of security and privacy requirements for online transactions. To date, seven well-known and extensively studied characteristics exist, which are briefly outlined below:
- Consistency of General Ledger between Institutions: This characteristic pertains to the reconciliation, clearing, and settlement processes among financial institutions. These entities have distinct architectures and business operations, which often necessitate manual processes. These manual processes not only contribute to high transaction fees for users but also make ledgers susceptible to errors and discrepancies among different institutions. Blockchain technology facilitates the standardization of a consistent general ledger across banking institutions while accommodating their unique processes.
- Transaction Integrity: When dealing with online transactions related to investment and asset management, multiple assets like stocks, bonds, notes, income statements, and depository receipts are overseen by a range of intermediaries. This situation not only escalates transaction expenses but also carries the potential for certificate forgery. By employing Blockchain technology, the integrity of transactions is maintained, and any manipulation is effectively prevented.
- System and Data Availability: Users of online systems must be able to access transaction data anytime, anywhere. Availability here refers to both the system level and transaction level. The system must function reliably at the system level, even during a network attack at the transaction level. Users can access transaction data without being unreachable, inconsistent, or corrupted.
- Prevention of Double Spending: Blockchain technology must prevent double spending, that is, spending a digital currency more than once. In the centralized environment, a trusted central third party is responsible for verifying whether or not a digital currency has been double-spent. We need robust security mechanisms and countermeasures to prevent double-spending transactions in a decentralized network environment.
Transaction Integrity: A number of intermediaries are in charge of managing a variety of assets, including stocks, bonds, notes, income statements, and depository receipts, when it comes to online transactions involving asset management and investing. In addition to raising transaction costs, this circumstance raises the risk of certificate fraud. The integrity of transactions is upheld and manipulation is effectively avoided by using Blockchain technology.
Transaction Confidentiality: In the majority of online financial transactions, users desire limited exposure of their transaction details and account information within an e-commerce system. This entails: 1) preventing unauthorized users from accessing transaction information; 2) prohibiting system administrators and network participants from disclosing user information to others without consent; and 3) ensuring consistent and secure storage and access to user data, even in cases of unforeseen failures or malicious cyber-attacks.
- User Identity Anonymity: Blockchain technology must respect users’ right of anonymity and solves the difficulty of efficiently and securely sharing user data among various financial institutions.
- Unlinking of Transactions: unlike anonymity, the Blockchain guarantees users that transactions related to themselves cannot be linked because otherwise, all transactions relevant to a user can be linked, making it easier to infer information about the user, such as account balance and the type and frequency of your transactions. The cyber attacker can confidently guess the user’s true identity using statistical data about transactions and accounts and previous knowledge about a user. For that reason, Blockchain technology must guarantee the aforementioned unblinking.
Basic security properties in Blockchain technology
The basic security properties of Blockchain technology stem from advances in cryptography, and its evolution increased with the design and implementation of Bitcoin. The set of basic security and privacy properties of Blockchain technology is summarized below:
- Consistency: In the context of Blockchain, this concept refers to the global ledger distributed system where all nodes simultaneously have the same ledger. There are Blockchains with eventual or weak consistency and other Blockchains with solid consistency. The eventual consistency model means that the blockchain on each system node becomes consistent eventually, although some read/write requests to the blockchain may return stale data. On the contrary, Strong consistency means that all nodes have the same ledger at the same time, and when the distributed ledger is updated with new data, any subsequent requests will have to wait until the commit of this update.
- Resistance to manipulation: This property refers to the resistance to any intentional manipulation or manipulation of an entity by users or cybercriminals with access to the entity, be it a system, a product, or another logical or physical object. Tamper resistance in the blockchain means that any transaction information stored in the blockchain cannot be tampered with during and after the block generation process.
- Resistance to DDoS Attacks: A denial of service (DoS) attack disrupts hosted Internet services by making the host machine or network resource on the host unavailable to its intended users. DoS attacks attempt to overload the host system or host network resource by flooding it with superfluous requests, thus stalling the performance of legitimate services. A DDoS attack is referred to as a “distributed” DoS attack, that is, the attack floods a victim with incoming traffic originating from many disparate sources distributed across the Internet.
- The attacker can compromise and use an individual’s computer to attack another by taking advantage of security vulnerabilities or weaknesses. By leveraging a pool of computers, a DDoS attacker can send large amounts of data to a hosting website or spam particular email addresses. This makes it very hard to stop the attack by just jamming one source at a time.
- Resistance to double spending attacks: the double spending attack on the Blockchain refers to a specific problem unique to digital currency transactions. Note that the double spend attack can be considered a general security issue because digital information can be reproduced relatively easily. In particular, with transactions involving the exchange of Digital Tokens, such as electronic currency, there is a risk that the holder could duplicate the Digital Token and send identical Tokens to multiple recipients. If an inconsistency can be incurred due to duplicate Digital Token transactions. To avoid double spending, each transaction is evaluated and verified for authenticity using the transaction records on your blockchain with a consensus protocol.
- By securing all transactions in the blockchain, the consensus protocol allows everyone to publicly verify the transactions in a block before committing the block to the global blockchain, ensuring that the sender of each transaction only spends the digital currencies. That you rightfully own. Additionally, each transaction is signed by its sender using a secure digital signature algorithm. It ensures that the verifier can easily detect the transaction if someone falsifies it. The combination of digitally signed transactions and public verification of transactions with majority consensus ensures that the blockchain can withstand the attack of double-spending.
- Majority Resistance or Consensus Attack: this attack refers to the risks of cheating in the majority consensus protocol. One such risk is often referred to as the 51% attack, especially in the context of double-spending. For example, the 51% attack can occur in the presence of malicious miners if a miner controls more than 50% of the computing power to maintain the blockchain, the distributed ledger of all transactions of trading a cryptocurrency.
- Pseudonymity: this property refers to a state of disguised identity. For example, in Bitcoin, addresses on the Blockchain are hashes of the public keys of a node or user on the network. Users can interact with the system using their public key hash as their pseudo-identity without revealing their real names. Therefore, a user’s address can be seen as a pseudo-identity. We may consider a system’s pseudonym private property to protect a user’s actual name. Also, users can generate as many key pairs (multiple addresses) as they want, similar to how a person can create as many bank accounts as they want.
- Unlinkability: refers to the inability to establish the relationship between two observations or two observed entities of the system with high confidence. Anonymity refers to the state of being anonymous and unidentified. Although the blockchain ensures pseudonym by offering pseudo-identity as a support for the anonymity of a user’s identity, it does not provide users with the protection of untying their transactions.
- Intuitively, a user’s complete anonymity can only be protected by ensuring both the pseudonym and unlinking if the user always uses her pseudo-identity to interact with the system. This is because unbinding makes it difficult to launch anonymization inference attacks, which link a user’s transactions to discover their true identity in the presence of prior knowledge. Specifically, a user can have several pseudonymous addresses in systems similar to Bitcoin. However, this does not provide perfect anonymity for Blockchain users because each transaction with the sender and recipient addresses is recorded in the ledger and is freely traceable by anyone using the associated sender and recipient addresses. Thus, anyone can relate a user’s transaction to other transactions involving their accounts through a simple statistical analysis of the addresses used.
- Confidentiality of Transactions and Data Privacy: Data privacy in Blockchain refers to the property that can provide confidentiality for all data or certain sensitive data stored in it. For example, the blockchain can be used to manage smart contracts, copyrighted works, and the digitalization of commercial chains or organizations. Not surprisingly, a common security property across all Blockchain applications is the confidentiality of transaction information, such as transaction content and addresses.
In resume, data privacy in recent decades has shown the risks of privacy leakage due to various inference attacks, linking sensitive transaction data and/or pseudonyms to the true identity of real users, even if only used a pseudonym. Leakage can lead to a breach of confidentiality of transaction information. Thus, confidentiality and privacy pose a great challenge for Blockchain and its applications that involve confidential transactions and private data. We will dedicate a third section of this article to discuss Blockchain’s privacy and security techniques.