Securing Blockchain Networks like Ethereum and Hyperledger Fabric
eBook - ePub

Securing Blockchain Networks like Ethereum and Hyperledger Fabric

Learn advanced security configurations and design principles to safeguard Blockchain networks

Alessandro Parisi

Condividi libro
  1. 244 pagine
  2. English
  3. ePUB (disponibile sull'app)
  4. Disponibile su iOS e Android
eBook - ePub

Securing Blockchain Networks like Ethereum and Hyperledger Fabric

Learn advanced security configurations and design principles to safeguard Blockchain networks

Alessandro Parisi

Dettagli del libro
Anteprima del libro
Indice dei contenuti
Citazioni

Informazioni sul libro

Build secure private blockchain networks to handle mission-critical security challenges such as denial-of-service attacks, user wallets, and pool mining attacks

Key Features

  • Explore blockchain concepts such as cryptography, consensus algorithms, and security assumptions
  • Architect network security for mission-critical decentralized apps (Dapps) using design security considerations
  • Consider various deployment and operational aspects while building a blockchain network

Book Description

Blockchain adoption has extended from niche research to everyday usage. However, despite the blockchain revolution, one of the key challenges faced in blockchain development is maintaining security, and this book will demonstrate the techniques for doing this.

You'll start with blockchain basics and explore various blockchain attacks on user wallets, and denial of service and pool mining attacks. Next, you'll learn cryptography concepts, consensus algorithms in blockchain security, and design principles while understanding and deploying security implementation guidelines. You'll not only cover architectural considerations, but also work on system and network security and operational configurations for your Ethereum and Hyperledger Fabric network. You'll later implement security at each level of blockchain app development, understanding how to secure various phases of a blockchain app using an example-based approach. You'll gradually learn to securely implement and develop decentralized apps, and follow deployment best practices. Finally, you'll explore the architectural components of Hyperledger Fabric, and how they can be configured to build secure private blockchain networks.

By the end of this book, you'll have learned blockchain security concepts and techniques that you can implement in real blockchain production environments.

What you will learn

  • Understand blockchain consensus algorithms and security assumptions
  • Design secure distributed applications and smart contracts
  • Understand how blockchains manage transactions and help to protect wallets and private keys
  • Prevent potential security threats that can affect distributed ledger technologies (DLTs) and blockchains
  • Use pentesting tools for assessing potential flaws in Dapps and smart contracts
  • Assess privacy compliance issues and manage sensitive data with blockchain

Who this book is for

This book is for blockchain developers, security professionals, and Ethereum and Hyperledger developers who are looking to implement security in blockchain platforms and ensure secure data management using an example-driven approach. Basic knowledge of blockchain concepts will be beneficial.

Domande frequenti

Come faccio ad annullare l'abbonamento?
È semplicissimo: basta accedere alla sezione Account nelle Impostazioni e cliccare su "Annulla abbonamento". Dopo la cancellazione, l'abbonamento rimarrà attivo per il periodo rimanente già pagato. Per maggiori informazioni, clicca qui
È possibile scaricare libri? Se sì, come?
Al momento è possibile scaricare tramite l'app tutti i nostri libri ePub mobile-friendly. Anche la maggior parte dei nostri PDF è scaricabile e stiamo lavorando per rendere disponibile quanto prima il download di tutti gli altri file. Per maggiori informazioni, clicca qui
Che differenza c'è tra i piani?
Entrambi i piani ti danno accesso illimitato alla libreria e a tutte le funzionalità di Perlego. Le uniche differenze sono il prezzo e il periodo di abbonamento: con il piano annuale risparmierai circa il 30% rispetto a 12 rate con quello mensile.
Cos'è Perlego?
Perlego è un servizio di abbonamento a testi accademici, che ti permette di accedere a un'intera libreria online a un prezzo inferiore rispetto a quello che pagheresti per acquistare un singolo libro al mese. Con oltre 1 milione di testi suddivisi in più di 1.000 categorie, troverai sicuramente ciò che fa per te! Per maggiori informazioni, clicca qui.
Perlego supporta la sintesi vocale?
Cerca l'icona Sintesi vocale nel prossimo libro che leggerai per verificare se è possibile riprodurre l'audio. Questo strumento permette di leggere il testo a voce alta, evidenziandolo man mano che la lettura procede. Puoi aumentare o diminuire la velocità della sintesi vocale, oppure sospendere la riproduzione. Per maggiori informazioni, clicca qui.
Securing Blockchain Networks like Ethereum and Hyperledger Fabric è disponibile online in formato PDF/ePub?
Sì, puoi accedere a Securing Blockchain Networks like Ethereum and Hyperledger Fabric di Alessandro Parisi in formato PDF e/o ePub, così come ad altri libri molto apprezzati nelle sezioni relative a Computer Science e Cryptography. Scopri oltre 1 milione di libri disponibili nel nostro catalogo.

Informazioni

Editore
Packt Publishing
Anno
2020
ISBN
9781838646455
Edizione
1
Argomento
Computer Science
Categoria
Cryptography

Section 1: Blockchain Security Core Concepts

In this section, you will be introduced to the fundamental primitives of cryptography, along with blockchain's core concepts. With this information under your belt, you will be able to understand the specific design features the blockchains and distributed ledger technology.
This section comprises the following chapters:
  • Chapter 1, Introducing Blockchain Security and Attack Vectors
  • Chapter 2, Cryptography Essentials
  • Chapter 3, Blockchain Security Assumptions

Introducing Blockchain Security and Attack Vectors

In this chapter, we will introduce the fundamental constitutive elements of blockchain technology, such as distributed ledger, peer-to-peer network topology, and consensus algorithms, all of which will be further explored in depth in the chapters that follow.
These notions are essential to fully understand the aspects of cyber security associated with blockchain technology, especially with regard to identifying possible attack vectors.
In particular, we will cover the following topics in this chapter:
  • An introduction to blockchain
  • The building blocks of blockchain
  • Blockchain network topology
  • Establishing trust through consensus algorithms
  • Potential threats that affect trust

An introduction to blockchain

The blockchain is often compared to the internet in terms of innovation potential. Just as the network of networks has allowed information and ideas to circulate globally, allowing for the reduction of gaps in terms of space and time, in the same way, the blockchain proposes to become the Internet of Value.
Another aspect that unites the internet and blockchain is their ability to disintermediate the productive sectors (starting from the financial one) to reduce the areas of inefficiency and allow the emergence of innovative solutions, thereby overcoming the rigidity derived from the status quo preserved by incumbent operators.

Blockchain as the Internet of Value

Blockchain is commonly defined as the Internet of Value in comparison to the traditional internet. To understand the definition of the Internet of Value, let's briefly introduce the limitations of the traditional internet.
Since the first e-commerce experiments that were conducted on the traditional internet, a series of problems have emerged that have to do with the guarantee of authenticity. This involves various factors in the field, such as the following:
  • Identity of counterparties in transactions
  • Ownership of the rights of the transactions
  • Guaranteeing the financial solvency of counterparties
Intermediaries that traditionally guaranteed such factors (typically, banks) have proven to be ineffective in a dematerialized environment such as digital commerce on the internet. The need has, therefore, emerged not only to guarantee users immunity from identity theft, or the holders of copyright from infringement, but also to guarantee the reliability of the means of payment themselves.
By fulfilling this need, the blockchain has become the Internet of Value.

Understanding the emergence of Bitcoin

In coincidence with the financial crisis of 2007-2008, a digital currency, Bitcoin, was introduced for the first time. First and foremost, it was intended to ensure that its value was protected from inflation, without being conditioned by the monetary policies of central banks.
The protection that was provided regarding the value of the currency against erosion caused by inflation, together with its independence from the central monetary authorities, testifies to the aim of introducing a democratic means of payment, which can also act as an alternative (and in competition) currency to the traditional national currencies.
It is no coincidence that many citizens of politically unstable countries have decided to use Bitcoin as a reserve currency, precisely because of the guarantees that this digital instrument provides with respect to the fragility of national currencies.
Like any self-respecting coin, even Bitcoin is based on an essential element that is constituted by trust.
The concept of currency trust translates into practice as follows:
  • Conservation of currency value over time
  • Protection against possible counterfeiting attempts
  • A general acceptance of money as a means of payment
To this end, given the dematerialized nature of Bitcoin, it was necessary to set up a technological infrastructure that would guarantee these prerequisites and be responsible for preserving the trust in transactions between operators.
This technological infrastructure, which is the basis of Bitcoin, is the blockchain.

Blockchain use cases beyond Bitcoin

The blockchain is a technological infrastructure through which it is possible to certify value transactions (which are not limited to the exchange of currencies but can include any type of asset) between trusted counterparties, without the need for the intervention of a central authority (be it banks, government regulators, brokers, and so on).
To perform these tasks, the blockchain is organized into a sequence of blocks (hence the name, block and chain) that contain the references of the transactions that took place over time. For each transaction that's entered into the blocks, a reference is associated with the previous and subsequent transactions. Finally, the blocks are stored in a shared register (blockchain ledger).
The main feature of the blockchain ledger is that it is append-only; that is, each registration is appended to the pre-existing ones, and the integrity of the ledger is guaranteed by the use of the cryptographic primitives offered by the Public Key Infrastructure (PKI), which we will cover in more depth in Chapter 2, Cryptography Essentials.
The other element that characterizes the blockchain is its network topology, which follows the peer-to-peer protocol. This is used to realize the decentralization of the infrastructure, thereby eliminating the need for a central authority that guarantees the reliability and integrity of transactions.
In practice, a copy of the ledger is saved at each node of the peer-to-peer network; in this way, users taking part in the blockchain can always obtain a copy of the ledger by contacting any of the peer-to-peer network nodes without needing to contact a predefined central node.
Whenever a new transaction is added to the blockchain, all copies of the ledger that are saved within the nodes of the peer to peer network are updated accordingly.
To summarize, the blockchain is characterized by the following elements:
  • The presence of a shared ledger within a peer-to-peer network.
  • Value transactions are recorded in append-only mode within the ledger.
  • The reliability and integrity of the transactions recorded within the ledger is guaranteed by the use of cryptography.
Each new transaction that's entered into the blockchain determines the corresponding update for the ledger and the copies of it present in each node of the peer-to-peer network. In this way, it is possible to do without a central authority that guarantees the reliability and integrity of the transactions that are carried out within the network.

The role played by the distributed ledger

One of the revolutionary ideas of the Bitcoin blockchain was to introduce the distributed ledger mechanism. Satoshi (the pseudonym that the creator of Bitcoin is hidden behind) had, in fact, realized that the main reason for the intervention of intermediaries (in particular, banks) in transactions between private individuals was linked to the management of such transactions. These were recorded in a centralized ledger book. Satoshi's intuition was to replace the centralized ledger, which was managed by the corresponding central authorities, with a shared public ledger that's updated by the same subjects participating in value transactions.
However, with this, a series of problems remained to be solved:
  • How to ensure that this shared ledger is tamper-proof and that it is robust with respect to arbitrary changes
  • How to guarantee an adequate degree of confidentiality to the subjects who carry out value transactions
  • How to properly manage the size of the ledger, since each transaction must be registered in it
To solve these problems, the blockchain was created. Now, let's take a look at the building blocks of blockchain.

The building blocks of blockchain

Now, we're going to analyze the constituent elements of the blockchain and start with the blocks. As we mentioned earlier, transactions are stored within the blockchain blocks, so each block is composed of two parts:
  • A block header, in which the link to the previous block is stored in the form of a hashing checksum digest. This is done to prevent the possibility of altering the transactions stored in the previous block.
  • A block body, containing the list of transactions, complete with relevant information (including the amount transferred, the addresses of peers, and so on).
The following diagram shows the structure of Bitcoin blocks and their mutual relationships within the blockchain:
You can check out the image in the following link, https://commons.m.wikimedia.org/wiki/File:Bitcoin_Block_Data.png. As a consequence of how the blocks of the blockchain are...

Indice dei contenuti