Security Threats Classification in Blockchains

Blockchain, the foundation of Bitcoin, has become one of the most popular technologies to create and manage digital transactions recently. It serves as an immutable ledger which allows transactions take place in a decentralized manner. This expeditiously evolving technology has the potential to lead to a shift in thinking about digital transactions in multiple sectors including, Internet of Things, healthcare, energy, supply chain, manufacturing, cybersecurity and principally financial services. However, this emerging technology is still in its infancy. Despite the huge opportunities blockchain offers, it suffers from challenges and limitation such as scalability, security, and privacy, compliance, and governance issues that have not yet been thoroughly explored and addressed. Although there are some studies on the security and privacy issues of the blockchain, they lack a systematic examination of the security of blockchain systems. This research conducted a systematic survey of the security threats to the blockchain systems and reviewed the existing vulnerabilities in the Blockchain. These vulnerabilities lead to the execution of the various security threats to the normal functionality of the Blockchain platforms. Moreover, the study provides a case-study for each attack by examining the popular blockchain systems and also reviews possible countermeasures which could be used in the development of various blockchain systems. Furthermore, this study developed taxonomies that classified the security threats and attacks based on the blockchain abstract layers, blockchain primary processes and primary business users. This would assist the developers and businesses to be attentive to the existing threats in different areas of the blockchain-based platforms and plan accordingly to mitigate risk. Finally, summarized the critical open challenges, and suggest future research directions

Bitcoin Protocol Main Threats

In this paper we explain the basics of Bitcoin protocol and the state of the art of the main attacks to it. We first present an overview of digital currencies, showing what they are and the social need they aim to satisfy. We then focus on the main digital currency up to date, Bitcoin. We treat the basics of the protocol showing what are addresses and transactions and how they are used in a distributed consensus protocol to build the blockchain. After that the main part of this paper presents the state of the art of the three main attacks on the protocol: fraudulent mining techniques, double spending attempts and deanonymization attacks

TumbleBit: an untrusted Bitcoin-compatible anonymous payment hub

This paper presents TumbleBit, a new unidirectional unlinkable payment hub that is fully compatible with today s Bitcoin protocol. TumbleBit allows parties to make fast, anonymous, off-blockchain payments through an untrusted intermediary called the Tumbler. TumbleBits anonymity properties are similar to classic Chaumian eCash: no one, not even the Tumbler, can link a payment from its payer to its payee. Every payment made via TumbleBit is backed by bitcoins, and comes with a guarantee that Tumbler can neither violate anonymity, nor steal bitcoins, nor print money by issuing payments to itself. We prove the security of TumbleBit using the real/ideal world paradigm and the random oracle model. Security follows from the standard RSA assumption and ECDSA unforgeability. We implement TumbleBit, mix payments from 800 users and show that TumbleBits offblockchain payments can complete in seconds.https://eprint.iacr.org/2016/575.pdfPublished versio

FPGA based Blockchain System for Industrial IoT

Industrial IoT (IIoT) is critical for industrial infrastructure modernization and digitalization. Therefore, it is of utmost importance to provide adequate protection of the IIoT system. A modern IIoT system usually consists of a large number of devices that are deployed in multiple locations and owned/managed by different entities who do not fully trust each other. These features make it harder to manage the system in a coherent manner and utilize existing security mechanisms to offer adequate protection. The emerging blockchain technology provides a powerful tool for IIoT system management and protection because the IIoT nature of distributed deployment and involvement of multiple stakeholders fits the design philosophy of blockchain well. Most existing blockchain construction mechanisms are not scalable enough and too heavy for an IIoT system. One promising way to overcome these limitations is utilizing hardware based trusted execution environment (TEE) in the blockchain construction. However, most of existing works on this direction do not consider the characteristics of IIoT devices (e.g., fixed functionality and limited supply) and face several limitations when they are applied for IIoT system management and protection, such as high energy consumption, single root-of-trust, and low decentralization level. To mitigate these challenges, we propose a novel field programmable gate array (FPGA) based blockchain system. It leverages the FPGA to build a simple but efficient TEE for IIoT devices, and removes the single root-of-trust by allowing all stakeholders to participate in the management of the devices. The FPGA based blockchain system shifts the computation/storage intensive part of blockchain management to more powerful computers but still involves the IIoT devices in the block construction to achieve a high level of decentralization. We implement the major FPGA components of the design and evaluate the performance of the whole system with a simulation tool to demonstrate its feasibility for IIoT applications

Blockchain Technology and Trust Relationships in Trade Finance

Blockchain technology has been advocated as a possible solution to enduring trust issues among trading partners in trade finance. We conducted in-depth interviews with industry experts to examine how blockchain technology influences the trust relationships among trading partners. Our results show that the technology enhances trust relationships by (1) improving the security of transactions and data exchanges, (2) facilitating the expression of benevolence, (3) enhancing the efficiency and the quality of communication, and (4) increasing the predictability of trading partners. The paper concludes with implications for both research and practice

PUBLIC BLOCKCHAIN SCALABILITY: ADVANCEMENTS, CHALLENGES AND THE FUTURE

In the last decade, blockchain has emerged as one of the most influential innovations in software architecture and technology. Ideally, blockchains are designed to be architecturally and politically decentralized, similar to the Internet. But recently, public and permissionless blockchains such as Bitcoin and Ethereum have faced stumbling blocks in the form of scalability. Both Bitcoin and Ethereum process fewer than 20 transactions per second, which is significantly lower than their centralized counterpart such as VISA that can process approximately 1,700 transactions per second. In realizing this hindrance in the wide range adoption of blockchains for building advanced and large scalable systems, the blockchain community has proposed first- and second-layer scaling solutions including Segregated Witness (Segwit), Sharding, and two-way pegged sidechains. Although these proposals are innovative, they still suffer from the blockchain trilemma of scalability, security, and decentralization. Moreover, at this time, little is known or discussed regarding factors related to design choices, feasibility, limitations and other issues in adopting the various first- and second-layer scaling solutions in public and permissionless blockchains. Hence, this thesis provides the first comprehensive review of the state-of-the-art first- and second-layer scaling solutions for public and permissionless blockchains, identifying current advancements and analyzing their impact from various viewpoints, highlighting their limitations and discussing possible remedies for the overall improvement of the blockchain domain