Question

Discuss how Bitcoin blockchain addresses the five security objectives.

Answer 1

What is Blockchain? As a secure ledger, the blockchain organizes the growing list of transaction records into a hierarchically expanding chain of blocks with each block guarded by cryptography techniques to enforce strong integrity of its transaction records. New blocks can only be committed into the global block chain upon their successful competition of the decentralized consensus procedure. Concretely, in addition to information about transaction records, a block also maintains the hash value of the entire block itself, which can be seen as its cryptographic image, plus the hash value of its preceding block, which serves as a cryptographic linkage to the previous block in the blockchain. A decentralized consensus procedure is enforced by the network, which controls:

(i) the admission of new blocks into the blockchain,

(ii) the read protocol for secure verification of the block chain, and

(iii) the consistency of the data content of transaction records included in each copy of the blockchain maintained on each node.

As a result, the blockchain ensures that once a transaction record is added into a block and the block has been successfully created and committed into the blockchain, the transaction record cannot be altered or compromised retrospectively, the integrity of the data content in each block of the chain is guaranteed, and the blocks, once committed into the blockchain, cannot tampered by any means. Thus, a blockchain serves as a secure and distributed ledger, which archives all transactions between any two parties of an open networked system effectively, persistently, and in a verifiable manner. In the context of Bitcoin systems, the blockchain is employed as its secure, private and trusted public archive for all transactions that trade bitcoins on the Bitcoin network. This ensures that all bitcoin transactions are recorded, organized and stored in cryptographically secured blocks, which are chained in a verifiable and persistent manner. Blockchain is the pivotal guard in securing bitcoin transactions from many known and hard security, privacy and trust problems, such as double spending, unauthorized disclosure of private transactions, reliance of a trusted central authority, and the untrustworthiness of decentralized computing. The bitcoin way of deploying blockchain has been the inspiration for many other applications, such as healthcare, logistics, education certification, crowd sourcing, secure storage. The blockchain ecosystem is growing rapidly with increasing investment and interests from industry, government and academia.

Consistency of The Ledger across Institutions: In the processes of reconciliation, clearing, and liquidation between financial institutions, due to the architecture and business processes vary from different financial institutions and the involvement of manual processes, it not only leads to high transaction fees generated from the client and the background business side of financial institutions, but also is prone to errors and inconsistencies between ledgers hold by different finance institutes.

The integrity of Transactions: When using online transactions for investment and asset management, equity, bonds, notes, income vouchers, warehouse receipts, and other assets are managed by different intermediaries. It not only increases the transaction costs, but also brings the risk of deliberately falsifying or forging the certificates. Thus, the system must guarantee integrity of transactions and prevent transactions from being tampered with.

Availability of System and Data: The users of online system should be able to access the data of transactions at any time, in anywhere. The availability here refers to both system level and transaction level. At the system level, the system should run reliably even in the event of a network attack. At the transaction level, the data of transactions can be accessed by authorized users without being unattainable, inconsistent, or corrupted.

Prevention of Double-Spending: An important challenge in trading digital currency in a decentralized network is how to prevent double-spending, namely spending a coin more than once. In the centralized environment, a trusted central third party is responsible for verifying whether a digital currency has been double-spent or not. For transactions performed in a decentralized network environment, we need robust security mechanisms and countermeasures to prevent doublespending.

Confidentiality of Transactions: In most of the financial online transactions, users wish to have the minimal disclosure of their transactions and account information in an online trading system. The minimal disclosure includes (1) users’ transaction information cannot be accessed by any unauthorized user;

(2) the system administrator or the participant of the network cannot disclose any user’s information to others without his or her permission;

(3) all user data should be stored and accessed consistently and securely even under unexpected failures or malicious cyberattacks. Such confidentiality is desirable in many non-financial scenarios.

Anonymity of Users’ Identity: The difficulty of efficient and secure sharing of user data among various financial institutions may result in a high cost of repeated user authentication. It also indirectly brings the disclosure risk of users’ identity by some intermediaries. In addition, one or both parties to the transaction may be reluctant to let the other party know their real identity in some cases.

Unlinkability of Transactions: Different from identity anonymity (not revealing real identity), users should require that the transactions related to themselves cannot be linked. Because once all the transactions relevant to a user can be linked, it is easy to infer other information about the user, such as the account balance, the type and frequency of her transactions. Using such statistical data about transactions and accounts in conjunction with some background knowledge about a user, curious or adversarial parties may guess (infer) the true identity of the user with high confidence.

Consistency:

The concept of consistency in the context of blockchain as a distributed global ledger refers to the property that all nodes have the same ledger at the same time. The consistency property has raised some controversial debate. Some argue that Bitcoin systems only provide eventual consistency , which is a weak consistency. Other claim that Bitcoin guarantees strong consistency, not eventual consistency . Eventual consistency is a consistency model proposed for distributed computing systems by seeking a tradeoff between availability and consistency. Formally, it ensures that all updates to replicas are propagated in a lazy fashion and all read access to a data item will eventually get the last updated value if the item receives no new updates. In other words, eventual consistency makes sure that data of each entry at each node of the system gets consistent eventually, and thus achieves high availability and low latency at the risk of returning stale data. With eventual consistency, time taken by the nodes of the system to get consistent may not be defined. Thus, data getting consistent eventually means that

(1) it will take time for updates to be propagated to other replicas; and

(2) if someone reads from a replica which is not updated yet (since replicas are updated eventually), then there is some risk of returning stale data .

Within a blockchain network system, the strong consistency model means that all nodes have the same ledger at the same time, and during the time when the distributed ledger is being updated with new data, any subsequent read/write requests will have to wait until the commit of this update. In contrast, the eventual consistency model means that the blockchain at each node of the system gets consistent eventually, even though some read/write requests to the blockchain may return stale data. The key challenge for strong consistency is that the performance cost (w.r.t. latency/availability) is too high to be affordable for all cases.

The key challenge for eventual consistency is how to remove the inconsistency that may be caused by stale data. The blockchain in Bitcoin adopts a consistency model that seeks a better tradeoff between strong consistency and eventual consistency for achieving partition tolerance (P) and consistency (C) with deferred availability. In Bitcoin, transactions are grouped in blocks. When a sender node sends a transaction to the blockchain network, miner nodes will mine it by adding it to a block with other unverified transactions and performing a proof of work challenge game. Upon completing its proof of work challenge, a miner sends its block and its proof to the network to solicit acceptances from other nodes, which will verify all transactions in the block. The other nodes accept the block by working on generating the next block using the hash of the accepted block as its previous hash.

The miner whose block is contained in the longest chain and who is the first to obtain ω confirmations (a.k.a. ω blocks are appended on the top of the block, and ω = 6 by default in Bitcoin consensus protocol) is the winner for chaining this transaction into the distributed global ledger. We can view the ω parameter as a mechanism to provide configurable or parameterized strong consistency in blockchain. In summary, blockchain is an elegant approach to addressing the CAP problem for storing a distributed ledger in a decentralized system. For Bitcoin, blockchain implements the partition tolerance (P) while supporting consistency (C) and availability (A) on the clipped blockchain with the most recent ω blocks disregarded. In short, the consensus protocol accepts an update to the blockchain (the distributed global ledger) only when a number of confirmations received by a miner on its challenge solution is equal to or higher than ω, thus, the update availability is delayed until the ω confirmations is obtained from the network. The read protocol reads only the blockchain with the last ω blocks on the chain clipped to ensure the strong consistency and the read availability on the ω-clipped blockchain. Thus, some has argued that blockchain in Bitcoin guarantees far stronger than eventual consistency. It offers serializability with a probability that is exponentially decreasing with latency . On the other hand, certain blockchain applications are less risk-averse and may benefit from a weaker consistency guarantee for convenience and performance. For instance, when ω = 0, it means that zero-confirmation is required for both the consensus protocol and the read protocol. This may be a practical choice for those risk-free distributed applications.

e.g., 10 minutes on average of generating a block in Bitcoin, and this high latency is aggravated when ω is configured with higher value. Recently, some research efforts try to build much faster, much higher throughput blockchain systems that provide better guarantees than Bitcoin’s 0-confirmation transactions. PeerCensus extends the Bitcoin blockchain to support strong consistency and to decouple block creation and transaction confirmation.

Tamper-Resistance:

Tamper-resistance refers to the resistance to any type of intentional tampering to an entity by either the users or the adversaries with access to the entity, be it a system, a product, or other logical/physical object. Tamper-resistance of blockchain means that any transaction information stored in the blockchain cannot be tampered during and after the process of block generation. Specifically, in a Bitcoin system, new blocks are generated by mining nodes. There are two possible ways that the transaction information may be tampered with:

(1) Miners may attempt to tamper with the information of received transaction;

(2) Adversary may attempt to tamper with the information stored on the blockchain. We analyze why such tampering attempts are elegantly prevented by the blockchain protocols in Bitcoin. For the first kind of tampering, a miner may attempt to change the payee address of the transaction to himself. However, such attempt cannot be succeeded, since each transaction is compressed by a secure Hash function, such as SHA-256, then signed by the payer using a secure signature algorithm, such as ECDSA, in a Bitcoin network, and finally, the transaction is sent to the entire network for verification and approval through mining. Thus, multiple miners may receive and pick up the transaction to mine, which is done in a non-deterministic fashion. If a miner alters any information of the transaction, it will be detected by others when they check the signature with payer’s public key, since the miner cannot generate a valid signature on the modified information without the payer’s private key. This is guaranteed by the unforgeability of the secure signature algorithm.

For the second kind of tampering, an adversary will fail its attempts to modify any historical data stored on the blockchain. This is because of the two protection techniques used in the distributed storage of blockchain in Bitcoin: the hash pointer, a cryptographic technique, and the network wide support for both storage and verification of the blockchain. Specifically, if an adversary wants to perform tampering with the data on some block (say k), the first difficulty encountered by the adversary is the mismatch problem, namely, the tampered block k has an inconsistent hash value compared to the hash of the preceding block k maintained in the k + 1 block. This is because using a hash function with collision-resistance, the outputs of the collision-resistent hash function with two different inputs will be completely inconsistent with an overwhelming probability, and such inconsistency can be easily detected by others on the network.

Even if the adversary attempts to disguise this tampering by cracking the previous block’s hash and so on along the chain, this attempt will eventually fail as the head of the list (a.k.a. genesis block) is reached. Moreover, in the blockchain of Bitcoin network, everyone has a copy of blockchain. It is very hard for an adversary to modify all copies in the entire network. In short, as every transaction in Bitcoin is signed and distributed over all nodes of the network through the blockchain, it is practically impossible to tamper transaction data without the network knowing about it, showing the power of crowd for storing and distributing the blockchain. This property is attractive to many applications. For example, in healthcare, the blockchain could help to create immutable audit trails, maintain the reliability of health trials, and uphold the integrity of patient data.

Resistance to DDoS Attacks:

A denial-of-service attack refers to as the DoS attack on a host. It is the type of cyber-attacks that disrupt the hosted Internet services by making the host machine or the network resource on the host unavailable to its intended users. DoS attacks attempt to overload the host system or the host network resource by flooding with superfluous requests, consequently stalling the fulfillment of legitimate services. DDoS attack refers to “distributed" DoS attack, namely, the incoming traffic flooding attack to a victim is originated from many disparate sources distributed across the Internet.

A DDoS attacker may compromise and use some individual’s computer to attack another computer by taking advantage of security vulnerabilities or weaknesses. By leveraging a set of such compromised computers, a DDoS attacker may send huge amounts of data to a hosting website or send spam to particular email addresses . This effectively makes it very hard to prevent the attack by simply jamming individual sources one by one. The arm-race depends on the repairing rate of such compromised nodes against the success rate of compromising computer nodes in the network. The serious concern in a DDoS attack is on the availability of blockchain and is related to the question of whether a DDoS attacker can make the blockchain unavailable by knocking out a partial or the whole network.

The answer to this question is no, thanks to the fully decentralized construction and maintenance of the blockchain and Bitcoin system and the consensus protocol for new block generation and addition to the blockchain, which ensures that the processing of blockchain transactions can continue even if several blockchain nodes go offline. In order for a cyber-attacker to succeed in making blockchain offline, the attacker would have to collect sufficient computational resources that can compromise overwhelmingly large portion of the blockchain nodes across the entire Bitcoin. The larger the Bitcoin network becomes, the harder it is to succeed in such large-scale DDoS attack.

Resistance to Double-Spending Attacks:

The double-spending attack in the context of Bitcoin blockchain refers to a specific problem unique to digital currency transactions. Note that the double-spending attack can be considered as a general security concern due to the fact that digital information can be reproduced relatively easily. Specifically, with transactions exchanging digital token, such as electronic currency, there is a risk that the holder could duplicate the digital token and send multiple identical tokens to multiple recipients.

If an inconsistency can be incurred due to the transactions of duplicate digital tokens (e.g., double spent the same bitcoin token), then the double-spending problem becomes a serious security threat. To prevent double-spending, Bitcoin evaluates and verifies the authenticity of each transaction using the transaction logs in its blockchain with a consensus protocol. By ensuring all transactions be included in the blockchain, in where the consensus protocol allows everyone to publicly verify the transactions in a block before committing the block into the global blockchain, ensuring that the sender of each transaction only spends the bitcoins that he possesses legitimately.

In addition, every transaction is signed by its sender using a secure digital signature algorithm. It ensures that if someone falsifies the transaction, the verifier can easily detect it. The combination of transactions signed with digital signatures and public verification of transactions with a majority consensus guarantees that Bitcoin blockchain can be resistant to the double-spending attack.

Pseudonymity:

Pseudonymity refers to a state of disguised identity. In Bitcoin, addresses in blockchain are hashes of public keys of a node (user) in the network. Users can interact with the system by using their public key hash as their pseudo-identity without revealing their real name. Thus, the address that a user uses can be viewed as a pseudo-identity. We can consider the pseudonymity of a system as a privacy property to protect user’s real name. In addition, users can generate as many key pairs (multiple addresses) as they want, in a similar way as a person can create multiple bank accounts as she wishes. Although pseudonymity can achieve a weak form of anonymity by means of the public keys, there are still risks of revealing identity information of users.