Securing Blockchain Networks like Ethereum and Hyperledger Fabric
eBook - ePub

Securing Blockchain Networks like Ethereum and Hyperledger Fabric

Learn advanced security configurations and design principles to safeguard Blockchain networks

Alessandro Parisi

Buch teilen
  1. 244 Seiten
  2. English
  3. ePUB (handyfreundlich)
  4. Über iOS und Android verfügbar
eBook - ePub

Securing Blockchain Networks like Ethereum and Hyperledger Fabric

Learn advanced security configurations and design principles to safeguard Blockchain networks

Alessandro Parisi

Angaben zum Buch
Buchvorschau
Inhaltsverzeichnis
Quellenangaben

Über dieses Buch

Build secure private blockchain networks to handle mission-critical security challenges such as denial-of-service attacks, user wallets, and pool mining attacks

Key Features

  • Explore blockchain concepts such as cryptography, consensus algorithms, and security assumptions
  • Architect network security for mission-critical decentralized apps (Dapps) using design security considerations
  • Consider various deployment and operational aspects while building a blockchain network

Book Description

Blockchain adoption has extended from niche research to everyday usage. However, despite the blockchain revolution, one of the key challenges faced in blockchain development is maintaining security, and this book will demonstrate the techniques for doing this.

You'll start with blockchain basics and explore various blockchain attacks on user wallets, and denial of service and pool mining attacks. Next, you'll learn cryptography concepts, consensus algorithms in blockchain security, and design principles while understanding and deploying security implementation guidelines. You'll not only cover architectural considerations, but also work on system and network security and operational configurations for your Ethereum and Hyperledger Fabric network. You'll later implement security at each level of blockchain app development, understanding how to secure various phases of a blockchain app using an example-based approach. You'll gradually learn to securely implement and develop decentralized apps, and follow deployment best practices. Finally, you'll explore the architectural components of Hyperledger Fabric, and how they can be configured to build secure private blockchain networks.

By the end of this book, you'll have learned blockchain security concepts and techniques that you can implement in real blockchain production environments.

What you will learn

  • Understand blockchain consensus algorithms and security assumptions
  • Design secure distributed applications and smart contracts
  • Understand how blockchains manage transactions and help to protect wallets and private keys
  • Prevent potential security threats that can affect distributed ledger technologies (DLTs) and blockchains
  • Use pentesting tools for assessing potential flaws in Dapps and smart contracts
  • Assess privacy compliance issues and manage sensitive data with blockchain

Who this book is for

This book is for blockchain developers, security professionals, and Ethereum and Hyperledger developers who are looking to implement security in blockchain platforms and ensure secure data management using an example-driven approach. Basic knowledge of blockchain concepts will be beneficial.

Häufig gestellte Fragen

Wie kann ich mein Abo kündigen?
Gehe einfach zum Kontobereich in den Einstellungen und klicke auf „Abo kündigen“ – ganz einfach. Nachdem du gekündigt hast, bleibt deine Mitgliedschaft für den verbleibenden Abozeitraum, den du bereits bezahlt hast, aktiv. Mehr Informationen hier.
(Wie) Kann ich Bücher herunterladen?
Derzeit stehen all unsere auf Mobilgeräte reagierenden ePub-Bücher zum Download über die App zur Verfügung. Die meisten unserer PDFs stehen ebenfalls zum Download bereit; wir arbeiten daran, auch die übrigen PDFs zum Download anzubieten, bei denen dies aktuell noch nicht möglich ist. Weitere Informationen hier.
Welcher Unterschied besteht bei den Preisen zwischen den Aboplänen?
Mit beiden Aboplänen erhältst du vollen Zugang zur Bibliothek und allen Funktionen von Perlego. Die einzigen Unterschiede bestehen im Preis und dem Abozeitraum: Mit dem Jahresabo sparst du auf 12 Monate gerechnet im Vergleich zum Monatsabo rund 30 %.
Was ist Perlego?
Wir sind ein Online-Abodienst für Lehrbücher, bei dem du für weniger als den Preis eines einzelnen Buches pro Monat Zugang zu einer ganzen Online-Bibliothek erhältst. Mit über 1 Million Büchern zu über 1.000 verschiedenen Themen haben wir bestimmt alles, was du brauchst! Weitere Informationen hier.
Unterstützt Perlego Text-zu-Sprache?
Achte auf das Symbol zum Vorlesen in deinem nächsten Buch, um zu sehen, ob du es dir auch anhören kannst. Bei diesem Tool wird dir Text laut vorgelesen, wobei der Text beim Vorlesen auch grafisch hervorgehoben wird. Du kannst das Vorlesen jederzeit anhalten, beschleunigen und verlangsamen. Weitere Informationen hier.
Ist Securing Blockchain Networks like Ethereum and Hyperledger Fabric als Online-PDF/ePub verfügbar?
Ja, du hast Zugang zu Securing Blockchain Networks like Ethereum and Hyperledger Fabric von Alessandro Parisi im PDF- und/oder ePub-Format sowie zu anderen beliebten Büchern aus Computer Science & Cryptography. Aus unserem Katalog stehen dir über 1 Million Bücher zur Verfügung.

Information

Verlag
Packt Publishing
Jahr
2020
ISBN
9781838646455
Auflage
1
Thema
Computer Science
Thema
Cryptography

Section 1: Blockchain Security Core Concepts

In this section, you will be introduced to the fundamental primitives of cryptography, along with blockchain's core concepts. With this information under your belt, you will be able to understand the specific design features the blockchains and distributed ledger technology.
This section comprises the following chapters:
  • Chapter 1, Introducing Blockchain Security and Attack Vectors
  • Chapter 2, Cryptography Essentials
  • Chapter 3, Blockchain Security Assumptions

Introducing Blockchain Security and Attack Vectors

In this chapter, we will introduce the fundamental constitutive elements of blockchain technology, such as distributed ledger, peer-to-peer network topology, and consensus algorithms, all of which will be further explored in depth in the chapters that follow.
These notions are essential to fully understand the aspects of cyber security associated with blockchain technology, especially with regard to identifying possible attack vectors.
In particular, we will cover the following topics in this chapter:
  • An introduction to blockchain
  • The building blocks of blockchain
  • Blockchain network topology
  • Establishing trust through consensus algorithms
  • Potential threats that affect trust

An introduction to blockchain

The blockchain is often compared to the internet in terms of innovation potential. Just as the network of networks has allowed information and ideas to circulate globally, allowing for the reduction of gaps in terms of space and time, in the same way, the blockchain proposes to become the Internet of Value.
Another aspect that unites the internet and blockchain is their ability to disintermediate the productive sectors (starting from the financial one) to reduce the areas of inefficiency and allow the emergence of innovative solutions, thereby overcoming the rigidity derived from the status quo preserved by incumbent operators.

Blockchain as the Internet of Value

Blockchain is commonly defined as the Internet of Value in comparison to the traditional internet. To understand the definition of the Internet of Value, let's briefly introduce the limitations of the traditional internet.
Since the first e-commerce experiments that were conducted on the traditional internet, a series of problems have emerged that have to do with the guarantee of authenticity. This involves various factors in the field, such as the following:
  • Identity of counterparties in transactions
  • Ownership of the rights of the transactions
  • Guaranteeing the financial solvency of counterparties
Intermediaries that traditionally guaranteed such factors (typically, banks) have proven to be ineffective in a dematerialized environment such as digital commerce on the internet. The need has, therefore, emerged not only to guarantee users immunity from identity theft, or the holders of copyright from infringement, but also to guarantee the reliability of the means of payment themselves.
By fulfilling this need, the blockchain has become the Internet of Value.

Understanding the emergence of Bitcoin

In coincidence with the financial crisis of 2007-2008, a digital currency, Bitcoin, was introduced for the first time. First and foremost, it was intended to ensure that its value was protected from inflation, without being conditioned by the monetary policies of central banks.
The protection that was provided regarding the value of the currency against erosion caused by inflation, together with its independence from the central monetary authorities, testifies to the aim of introducing a democratic means of payment, which can also act as an alternative (and in competition) currency to the traditional national currencies.
It is no coincidence that many citizens of politically unstable countries have decided to use Bitcoin as a reserve currency, precisely because of the guarantees that this digital instrument provides with respect to the fragility of national currencies.
Like any self-respecting coin, even Bitcoin is based on an essential element that is constituted by trust.
The concept of currency trust translates into practice as follows:
  • Conservation of currency value over time
  • Protection against possible counterfeiting attempts
  • A general acceptance of money as a means of payment
To this end, given the dematerialized nature of Bitcoin, it was necessary to set up a technological infrastructure that would guarantee these prerequisites and be responsible for preserving the trust in transactions between operators.
This technological infrastructure, which is the basis of Bitcoin, is the blockchain.

Blockchain use cases beyond Bitcoin

The blockchain is a technological infrastructure through which it is possible to certify value transactions (which are not limited to the exchange of currencies but can include any type of asset) between trusted counterparties, without the need for the intervention of a central authority (be it banks, government regulators, brokers, and so on).
To perform these tasks, the blockchain is organized into a sequence of blocks (hence the name, block and chain) that contain the references of the transactions that took place over time. For each transaction that's entered into the blocks, a reference is associated with the previous and subsequent transactions. Finally, the blocks are stored in a shared register (blockchain ledger).
The main feature of the blockchain ledger is that it is append-only; that is, each registration is appended to the pre-existing ones, and the integrity of the ledger is guaranteed by the use of the cryptographic primitives offered by the Public Key Infrastructure (PKI), which we will cover in more depth in Chapter 2, Cryptography Essentials.
The other element that characterizes the blockchain is its network topology, which follows the peer-to-peer protocol. This is used to realize the decentralization of the infrastructure, thereby eliminating the need for a central authority that guarantees the reliability and integrity of transactions.
In practice, a copy of the ledger is saved at each node of the peer-to-peer network; in this way, users taking part in the blockchain can always obtain a copy of the ledger by contacting any of the peer-to-peer network nodes without needing to contact a predefined central node.
Whenever a new transaction is added to the blockchain, all copies of the ledger that are saved within the nodes of the peer to peer network are updated accordingly.
To summarize, the blockchain is characterized by the following elements:
  • The presence of a shared ledger within a peer-to-peer network.
  • Value transactions are recorded in append-only mode within the ledger.
  • The reliability and integrity of the transactions recorded within the ledger is guaranteed by the use of cryptography.
Each new transaction that's entered into the blockchain determines the corresponding update for the ledger and the copies of it present in each node of the peer-to-peer network. In this way, it is possible to do without a central authority that guarantees the reliability and integrity of the transactions that are carried out within the network.

The role played by the distributed ledger

One of the revolutionary ideas of the Bitcoin blockchain was to introduce the distributed ledger mechanism. Satoshi (the pseudonym that the creator of Bitcoin is hidden behind) had, in fact, realized that the main reason for the intervention of intermediaries (in particular, banks) in transactions between private individuals was linked to the management of such transactions. These were recorded in a centralized ledger book. Satoshi's intuition was to replace the centralized ledger, which was managed by the corresponding central authorities, with a shared public ledger that's updated by the same subjects participating in value transactions.
However, with this, a series of problems remained to be solved:
  • How to ensure that this shared ledger is tamper-proof and that it is robust with respect to arbitrary changes
  • How to guarantee an adequate degree of confidentiality to the subjects who carry out value transactions
  • How to properly manage the size of the ledger, since each transaction must be registered in it
To solve these problems, the blockchain was created. Now, let's take a look at the building blocks of blockchain.

The building blocks of blockchain

Now, we're going to analyze the constituent elements of the blockchain and start with the blocks. As we mentioned earlier, transactions are stored within the blockchain blocks, so each block is composed of two parts:
  • A block header, in which the link to the previous block is stored in the form of a hashing checksum digest. This is done to prevent the possibility of altering the transactions stored in the previous block.
  • A block body, containing the list of transactions, complete with relevant information (including the amount transferred, the addresses of peers, and so on).
The following diagram shows the structure of Bitcoin blocks and their mutual relationships within the blockchain:
You can check out the image in the following link, https://commons.m.wikimedia.org/wiki/File:Bitcoin_Block_Data.png. As a consequence of how the blocks of the blockchain are...

Inhaltsverzeichnis