Despite being over a decade old, blockchain has only really taken off within the last few years. During this time, it has moved from a fad to the subject of serious research by a number of organizations, including everything from startups to large tech companies to governments.
The primary goal of this research is to use blockchain as a distributed, immutable digital ledger for different applications. However, for this to be possible, it is essential for people to be able to trust in the security of the digital ledger.
The blockchain security ecosystem
Like most modern technology, blockchain is not a monolith. It is composed of multiple different layers, each of which contribute their own benefits and security concerns. Understanding how each level works — and the security assumptions that it makes — is essential to an understanding of the system as a whole.
Blockchain fundamentals: The building blocks
At the base layer, blockchain technology is composed of data structures and cryptographic algorithms. The “blocks” that make up a blockchain are designed to store information, including the actual transactions and additional metadata. The “chains” of the blockchain use cryptographic hashes to tie blocks together, making them much more difficult to modify after the fact.
At this level, blockchain security boils down to the security of the cryptographic algorithms in place. Blockchain relies heavily on public-key cryptography and if these algorithms are secure (and used correctly), the base layer of the blockchain is secure.
Blockchain consensus: Getting everyone in agreement
One of the major benefits of blockchain technology is the ability to implement a fully decentralized digital ledger. In order for this to be possible, a mechanism must exist to ensure that all parties agree on the current state of the ledger (the transactions contained in each block).
This is (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Howard Poston. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/6fl0YcN4h0E/