Position: Home page » Blockchain » Non secure environment of blockchain
Non secure environment of blockchain
Publish: 2021-05-04 14:13:29
1. The definition of Chongqing jinwowo analysis blockchain technology is as follows:
1. Blockchain is a distributed database (system) placed in a non secure environment
2. The blockchain uses cryptography to ensure that the existing data cannot be tampered with
3, the blockchain uses consensus algorithm to reach consensus on new data
the system with the above three properties is blockchain.
1. Blockchain is a distributed database (system) placed in a non secure environment
2. The blockchain uses cryptography to ensure that the existing data cannot be tampered with
3, the blockchain uses consensus algorithm to reach consensus on new data
the system with the above three properties is blockchain.
2. In the blockchain system, it is necessary to describe the ownership, protect the ownership, store the transaction data, distribute the ledger to an untrusted environment, add transaction records to the ledger, and decide which ledger determines the truth
bitcoin is a typical blockchain system, which can be studied carefully
bitcoin is a typical blockchain system, which can be studied carefully
3. When it comes to the nature of blockchain, several key words are familiar. For example, decentralization, distrust, consensus mechanism, asymmetric encryption, distributed accounting, tamper proof, absolute transparency, openness and so on. At the same time, some teaching posts also list the structure of blockchain, such as data layer, network layer, consensus layer, incentive layer, contract layer and application layer
however, it's easy for people with an eye to see why there is no security layer? In fact, several key features of blockchain have already solved the security problem. First, the blockchain uses asymmetric encryption technology. In fact, encryption and decryption are different keys, namely public key and private key. In short, the public key is open to the public, while the private key is absolutely confidential
secondly, distributed bookkeeping is a way for blockchain to store data. It can also be understood as distributed storage, which is consistent with the concept of decentralization. In the form of ledger, there is no central ledger in the network, and the ledger is stored in each node. Each node is not only independent, but also can act as the central node. Therefore, the central node will not be attacked, leading to the loss of core books or data, and the whole network will not be paralyzed
moreover, tamper proof is the basic feature of blockchain. As long as the chain can not be modified, and can not be deleted. If it needs to be changed, based on the principle of transparency and openness, the whole network and all nodes need to be informed. Therefore, under the democratic mechanism, the possibility of tampering with data at will is very low. Therefore, blockchain technology is applied in various instries, such as finance, payment, traceability, games, etc., such as the network "universe", Tencent's "come together to catch the demon", and Zhongan Huanyu blockchain "Dr dragon hunt" are the safe and high-quality procts under the blockchain technology.
however, it's easy for people with an eye to see why there is no security layer? In fact, several key features of blockchain have already solved the security problem. First, the blockchain uses asymmetric encryption technology. In fact, encryption and decryption are different keys, namely public key and private key. In short, the public key is open to the public, while the private key is absolutely confidential
secondly, distributed bookkeeping is a way for blockchain to store data. It can also be understood as distributed storage, which is consistent with the concept of decentralization. In the form of ledger, there is no central ledger in the network, and the ledger is stored in each node. Each node is not only independent, but also can act as the central node. Therefore, the central node will not be attacked, leading to the loss of core books or data, and the whole network will not be paralyzed
moreover, tamper proof is the basic feature of blockchain. As long as the chain can not be modified, and can not be deleted. If it needs to be changed, based on the principle of transparency and openness, the whole network and all nodes need to be informed. Therefore, under the democratic mechanism, the possibility of tampering with data at will is very low. Therefore, blockchain technology is applied in various instries, such as finance, payment, traceability, games, etc., such as the network "universe", Tencent's "come together to catch the demon", and Zhongan Huanyu blockchain "Dr dragon hunt" are the safe and high-quality procts under the blockchain technology.
4. In view of the security characteristics and shortcomings of the existing blockchain technology, we need to build a security system around the physical, data, application system, encryption, risk control and other aspects to improve the security performance of the blockchain system as a whole
1. Physical security
the network and host running the blockchain system should be in a protected environment. According to the regulatory requirements of specific business, the protection measures can be used to protect the physical network and host by means of VPN, firewall, physical isolation, etc
2. Data security
in principle, the data exchange between nodes of the blockchain should not be transmitted in clear text. For example, asymmetric encryption can be used to negotiate key, and symmetric encryption algorithm can be used to encrypt and decrypt data. The data provider should also strictly evaluate the sensitivity and security level of the data, decide whether to send the data to the blockchain, whether to desensitize the data, and adopt strict access control measures
3. Application system security
application system security needs to start from the aspects of identity authentication, authority system, transaction rules, anti fraud strategy, etc.
relevant personnel, transaction nodes and transaction data involved in application operation should be controlled in advance and auditable afterwards. Taking financial blockchain as an example, consensus algorithm with stronger fault tolerance, anti fraud and higher performance can be adopted to avoid joint fraud of some nodes
4. Key security
to encrypt the communication data between the blockchain nodes and the key to encrypt the data stored on the blockchain nodes, the plaintext should not exist on the same node, and the private key should be properly saved by the encryption machine. When the key is lost or leaked, the system can identify the relevant records of the original key, such as account control, communication encryption, data storage encryption, etc., and implement response measures to make the original key invalid. The key should also be managed strictly in the life cycle, and should not be permanently valid. It needs to be replaced after reaching a certain time cycle
5. Risk control mechanism
there should be careful detection measures for the network layer, host operation, data access of application system, transaction frequency and other dimensions of the system. For any suspicious operation, alarm, record and verification should be carried out. If illegal operation is found, loss assessment should be carried out, remedial measures should be taken at the technical and business levels, and security measures should be strengthened, And trace the source of illegal operation to prevent further attacks
Article source: white paper on blockchain technology and application development in China
1. Physical security
the network and host running the blockchain system should be in a protected environment. According to the regulatory requirements of specific business, the protection measures can be used to protect the physical network and host by means of VPN, firewall, physical isolation, etc
2. Data security
in principle, the data exchange between nodes of the blockchain should not be transmitted in clear text. For example, asymmetric encryption can be used to negotiate key, and symmetric encryption algorithm can be used to encrypt and decrypt data. The data provider should also strictly evaluate the sensitivity and security level of the data, decide whether to send the data to the blockchain, whether to desensitize the data, and adopt strict access control measures
3. Application system security
application system security needs to start from the aspects of identity authentication, authority system, transaction rules, anti fraud strategy, etc.
relevant personnel, transaction nodes and transaction data involved in application operation should be controlled in advance and auditable afterwards. Taking financial blockchain as an example, consensus algorithm with stronger fault tolerance, anti fraud and higher performance can be adopted to avoid joint fraud of some nodes
4. Key security
to encrypt the communication data between the blockchain nodes and the key to encrypt the data stored on the blockchain nodes, the plaintext should not exist on the same node, and the private key should be properly saved by the encryption machine. When the key is lost or leaked, the system can identify the relevant records of the original key, such as account control, communication encryption, data storage encryption, etc., and implement response measures to make the original key invalid. The key should also be managed strictly in the life cycle, and should not be permanently valid. It needs to be replaced after reaching a certain time cycle
5. Risk control mechanism
there should be careful detection measures for the network layer, host operation, data access of application system, transaction frequency and other dimensions of the system. For any suspicious operation, alarm, record and verification should be carried out. If illegal operation is found, loss assessment should be carried out, remedial measures should be taken at the technical and business levels, and security measures should be strengthened, And trace the source of illegal operation to prevent further attacks
Article source: white paper on blockchain technology and application development in China
5. There are patches
this problem is actually very simple
your graphics card is OK! But the vertical synchronization of the graphics card is not off, so the FPS is very low. You can turn off the vertical synchronization in the properties of the graphics card
it must be this problem
the properties of the graphics card can be found by right clicking on the desktop, and then properties - Settings - Advanced<
vertical synchronization is off
in the 3D settings of the graphics card
this problem is actually very simple
your graphics card is OK! But the vertical synchronization of the graphics card is not off, so the FPS is very low. You can turn off the vertical synchronization in the properties of the graphics card
it must be this problem
the properties of the graphics card can be found by right clicking on the desktop, and then properties - Settings - Advanced<
vertical synchronization is off
in the 3D settings of the graphics card
6. 1. Blockchain is a distributed database (system) in a non secure environment
2. The blockchain uses cryptography to ensure that the existing data cannot be tampered with
3, the blockchain uses consensus algorithm to reach consensus on new data. The system with the above three properties is blockchain. Shengshi Huacai did a good job in this blockchain
2. The blockchain uses cryptography to ensure that the existing data cannot be tampered with
3, the blockchain uses consensus algorithm to reach consensus on new data. The system with the above three properties is blockchain. Shengshi Huacai did a good job in this blockchain
7. It can be said that it is very unsafe. The technology related to blockchain wallet has lost its original technical meaning in China. Now it has been reced to a means of money. Therefore, we must be very vigilant in this aspect. Anyway, I personally don't believe it.
8. Seven misunderstandings about blockchain
blockchain based systems have broad prospects in the future, but we need to be very clear about what blockchain can do. Imagine the blockchain technology in the next 20 years, its impact may be as big as the Internet
however, it is shocking that we mainly see today that the project seems to be based on decentralized design, but in fact there are some misconceptions about blockchain
if we want technology to continue to move in the right direction, we need to turn this craze into proctive and realistic expectations, so as to rece the possibility of the supply chain falling to the bottom. Once it falls to the bottom, it may be abandoned in the corner with meaningless proof of concept
let's take a look at the seven misconceptions of unrealistic expectations for blockchain:
misconception 1: highly scalable
compared with traditional (server based) trading methods, blockchain deployment does not have real scalability, and the current trading time depends on the slow party. They are only scalable for certain types of transactions, such as transactions with small payloads and transactions close to certain limits. You can't just pile up information on the blockchain
Myth 2: it is absolutely secure
although the blockchain is based on encryption standards, the method to ensure privacy is completely outside any blockchain standards and implementation. Only encryption experts can really understand and verify blockchain integration. However, each implementer has the responsibility to ensure security, so this approach is largely the same as the management of financial transactions in the old era
mistake 3: trustworthy
the blockchain ensures the integrity of transactions and information, otherwise anything stored in the blockchain cannot be trusted. You need to make sure that the parties that store the facts in the blockchain are trustworthy and that the facts are true to determine that they are truly trustworthy. This governance model allows multiple parties to be jointly and severally liable for the infrastructure, and requires secure access to store facts in the blockchain
myth 4: you can put anything in the blockchain
blockchain is a protocol represented by code, which is not defined according to any standard. There is no standard body to provide rules or guidance for the implementation of sanctions
generally, you can only handle small payloads, and you still need to reach an agreed standard among all participants so that anyone can understand what is stored
myth 5: you can express anything in a smart contract
although this is technically feasible, in practice, blockchain is limited to simple and easy to understand use cases. Smart contracts are very complex in nature. By design, once released, you cannot modify or repair them. They contain very complex interactions and irreversible results
myth 6: if you don't like public chain, please choose private chain
private chain is not a channel to obtain privacy or access restricted information. In fact, you can even think that private chain should not be an open option. Nevertheless, enterprise blockchains may not be able to realize any inherent advantages of blockchain technology, and privately developed blockchains may lack the community and academic review necessary to ensure their attributes
myth 7: the size of the community doesn't matter
the blockchain procts promoted by the community are being forked by private players in all aspects, and they strengthen their role in various ways. However, a large community composed of users, users, scholars and implementers is the only force to ensure the validity of password attributes. Only the open source blockchain with the largest community and installation base will last. The rest can be regarded as experiments in the laboratory, of which 99.9% will die
a smart technician will move forward based on use cases and a set of first principles in his mind. First, there may never be a blockchain to manage all of them. Two different use cases require different blockchains. Some participants are many, some are few, some need strong privacy around facts, and some are fully transparent
considering all the above, what we can do together now is to innovate, tackle real business problems, and initiate and promote proof of concept to better understand the power of blockchain.
blockchain based systems have broad prospects in the future, but we need to be very clear about what blockchain can do. Imagine the blockchain technology in the next 20 years, its impact may be as big as the Internet
however, it is shocking that we mainly see today that the project seems to be based on decentralized design, but in fact there are some misconceptions about blockchain
if we want technology to continue to move in the right direction, we need to turn this craze into proctive and realistic expectations, so as to rece the possibility of the supply chain falling to the bottom. Once it falls to the bottom, it may be abandoned in the corner with meaningless proof of concept
let's take a look at the seven misconceptions of unrealistic expectations for blockchain:
misconception 1: highly scalable
compared with traditional (server based) trading methods, blockchain deployment does not have real scalability, and the current trading time depends on the slow party. They are only scalable for certain types of transactions, such as transactions with small payloads and transactions close to certain limits. You can't just pile up information on the blockchain
Myth 2: it is absolutely secure
although the blockchain is based on encryption standards, the method to ensure privacy is completely outside any blockchain standards and implementation. Only encryption experts can really understand and verify blockchain integration. However, each implementer has the responsibility to ensure security, so this approach is largely the same as the management of financial transactions in the old era
mistake 3: trustworthy
the blockchain ensures the integrity of transactions and information, otherwise anything stored in the blockchain cannot be trusted. You need to make sure that the parties that store the facts in the blockchain are trustworthy and that the facts are true to determine that they are truly trustworthy. This governance model allows multiple parties to be jointly and severally liable for the infrastructure, and requires secure access to store facts in the blockchain
myth 4: you can put anything in the blockchain
blockchain is a protocol represented by code, which is not defined according to any standard. There is no standard body to provide rules or guidance for the implementation of sanctions
generally, you can only handle small payloads, and you still need to reach an agreed standard among all participants so that anyone can understand what is stored
myth 5: you can express anything in a smart contract
although this is technically feasible, in practice, blockchain is limited to simple and easy to understand use cases. Smart contracts are very complex in nature. By design, once released, you cannot modify or repair them. They contain very complex interactions and irreversible results
myth 6: if you don't like public chain, please choose private chain
private chain is not a channel to obtain privacy or access restricted information. In fact, you can even think that private chain should not be an open option. Nevertheless, enterprise blockchains may not be able to realize any inherent advantages of blockchain technology, and privately developed blockchains may lack the community and academic review necessary to ensure their attributes
myth 7: the size of the community doesn't matter
the blockchain procts promoted by the community are being forked by private players in all aspects, and they strengthen their role in various ways. However, a large community composed of users, users, scholars and implementers is the only force to ensure the validity of password attributes. Only the open source blockchain with the largest community and installation base will last. The rest can be regarded as experiments in the laboratory, of which 99.9% will die
a smart technician will move forward based on use cases and a set of first principles in his mind. First, there may never be a blockchain to manage all of them. Two different use cases require different blockchains. Some participants are many, some are few, some need strong privacy around facts, and some are fully transparent
considering all the above, what we can do together now is to innovate, tackle real business problems, and initiate and promote proof of concept to better understand the power of blockchain.
9. 1. Blockchain is a distributed database (system) in a non secure environment
2. The blockchain uses cryptography to ensure that the existing data cannot be tampered with
3. Blockchain adopts consensus algorithm to reach consensus on new data
in the future, jinwowo will continue to tap the value of blockchain technology in the commercial field, give full play to the advantages of big data services, add value to user behavior, break the ice for the development of small and medium-sized enterprises, and build a real, efficient, safe and honest Internet community of destiny.
2. The blockchain uses cryptography to ensure that the existing data cannot be tampered with
3. Blockchain adopts consensus algorithm to reach consensus on new data
in the future, jinwowo will continue to tap the value of blockchain technology in the commercial field, give full play to the advantages of big data services, add value to user behavior, break the ice for the development of small and medium-sized enterprises, and build a real, efficient, safe and honest Internet community of destiny.
10. In short, blockchain can be defined as follows:
1. Blockchain is a distributed database (system) placed in a non secure environment
2. The blockchain uses cryptography to ensure that the existing data cannot be tampered with
3, the blockchain uses consensus algorithm to reach consensus on new data
the system with the above three properties is blockchain
1. Blockchain is a distributed database (system) in a non secure environment
there are two main points here: (1) distributed environment and (2) non secure environment. First, it's a distributed, decentralized system. Therefore, a central server or node is not a blockchain. Nodes are safe and harmless, so this is not a blockchain. Similarly, from the perspective of application, if your application has to use the central node (for example, to do deep learning with supercomputers) or does not need to consider the node insecurity (for example, the sensor in a secure factory), then you do not need to consider the blockchain technology
2. The blockchain uses cryptography to ensure that the existing data cannot be tampered with
the two key points of this part are: (1) cryptographic hash function, (2) asymmetric encryption. Cryptography hash function is mainly used to verify the integrity of information - put the hash value of the information after a message, which is very small. For example, 256bit is convenient to calculate. After receiving the message, the receiver calculates the hash value again, and compares the two to know whether the message has been tampered with. If it is tampered with, even if it is only one bit, the whole hash value will be different. According to the nature of hash function, no one can forge another message with the same hash value, that is to say, the tampered data can not pass the hash check at all
asymmetric encryption: This is very easy to understand - symmetric encryption is to have a key, which can be understood as a safe key. You encrypt the message into ciphertext, and no one can understand what it is, and then the same key decrypts the original message. Asymmetric encryption means that there are two keys, one is called public key, the other is called private key. If one key is used for encryption, the other key can only be used for decryption, and vice versa. Another important property is that if you are given ciphertext, plaintext and one of the keys, you still can't figure out what the other key is
3, the blockchain uses consensus algorithm to reach consensus on new data. The purpose of consensus algorithm is to let all nodes reach a consensus on the new block, that is to say, everyone should approve the new block.
1. Blockchain is a distributed database (system) placed in a non secure environment
2. The blockchain uses cryptography to ensure that the existing data cannot be tampered with
3, the blockchain uses consensus algorithm to reach consensus on new data
the system with the above three properties is blockchain
1. Blockchain is a distributed database (system) in a non secure environment
there are two main points here: (1) distributed environment and (2) non secure environment. First, it's a distributed, decentralized system. Therefore, a central server or node is not a blockchain. Nodes are safe and harmless, so this is not a blockchain. Similarly, from the perspective of application, if your application has to use the central node (for example, to do deep learning with supercomputers) or does not need to consider the node insecurity (for example, the sensor in a secure factory), then you do not need to consider the blockchain technology
2. The blockchain uses cryptography to ensure that the existing data cannot be tampered with
the two key points of this part are: (1) cryptographic hash function, (2) asymmetric encryption. Cryptography hash function is mainly used to verify the integrity of information - put the hash value of the information after a message, which is very small. For example, 256bit is convenient to calculate. After receiving the message, the receiver calculates the hash value again, and compares the two to know whether the message has been tampered with. If it is tampered with, even if it is only one bit, the whole hash value will be different. According to the nature of hash function, no one can forge another message with the same hash value, that is to say, the tampered data can not pass the hash check at all
asymmetric encryption: This is very easy to understand - symmetric encryption is to have a key, which can be understood as a safe key. You encrypt the message into ciphertext, and no one can understand what it is, and then the same key decrypts the original message. Asymmetric encryption means that there are two keys, one is called public key, the other is called private key. If one key is used for encryption, the other key can only be used for decryption, and vice versa. Another important property is that if you are given ciphertext, plaintext and one of the keys, you still can't figure out what the other key is
3, the blockchain uses consensus algorithm to reach consensus on new data. The purpose of consensus algorithm is to let all nodes reach a consensus on the new block, that is to say, everyone should approve the new block.
Hot content