Application of blockchain in security
1. Blockchain links
as the name suggests, blockchain is a chain composed of blocks. Each block is divided into block head and block body (including transaction data). The block head includes the prevhash value (also known as hash value) of the previous block used to realize the block link and the random number (nonce) used to calculate the mining difficulty. The hash value of the previous block is actually the hash value of the head of the previous block, and the random number calculation rule determines which miner can obtain the right to record the block
2. Consensus mechanism
blockchain is accompanied by the birth of bitcoin, which is the basic technology architecture of bitcoin. Blockchain can be understood as an Internet-based decentralized accounting system. A decentralized digital currency system like bitcoin requires the consistency of accounting of honest nodes without a central node, which needs blockchain to complete. Therefore, the core of blockchain technology is a consensus mechanism to reach a consensus on the legitimacy of transactions between indivials without mutual trust without central control
there are four main types of consensus mechanisms in blockchain: pow, POS, dpos and distributed consistency algorithm
3. Unlocking script
script is an important technology to realize automatic verification and contract execution on blockchain. Every output of every transaction does not point to an address in the strict sense, but to a script. A script is like a set of rules that constrain how the receiver can spend the asset locked on the output
the validation of transactions also depends on scripts. At present, it depends on two kinds of scripts: Lock script and unlock script. Locking script is a condition added to the output transaction, which is realized by a script language and located in the output of the transaction. The unlocking script corresponds to the locking script. Only when the conditions required by the locking script are met can the assets corresponding to the script be spent, which is located in the input of the transaction. Many flexible conditions can be expressed by script language. Interpretation script is similar to the "virtual machine" in our programming field, which runs in every node of the blockchain network in a distributed way
4. Transaction rules
blockchain transaction is not only the basic unit of a block, but also the actual effective content recorded by the blockchain. A blockchain transaction can be a transfer, or the deployment of smart contracts and other transactions
as far as bitcoin is concerned, a transaction refers to a single payment transfer. The transaction rules are as follows:
1) the input and output of the transaction cannot be empty
2) for each input of a transaction, if its corresponding utxo output can be found in the current transaction pool, the transaction will be rejected. Because the current transaction pool is the transaction not recorded in the blockchain, and each input of the transaction should come from the confirmed utxo. If it is found in the current trading pool, it is Shuanghua trading
3) for each input in a transaction, the corresponding output must be utxo
4) each input unlocking script must verify the compliance of the transaction together with the corresponding output locking script
5. Transaction priority
the priority of blockchain transaction is determined by the blockchain protocol rules. For bitcoin, the priority of a transaction to be included in a block is determined by the time when the transaction is broadcast to the network and the amount of the transaction. With the increase of transaction broadcast time on the network and the increase of transaction chain age, the priority of transaction will be improved and eventually be included by the block. For Ethereum, the priority of the transaction is also related to the transaction fee that the publisher is willing to pay. The higher the transaction fee that the publisher is willing to pay, the higher the priority that the transaction is included in the block
6. Merkle proof
the original application of Merkle proof is bitcoin, which was described and created by Satoshi Nakamoto in 2009. Bitcoin blockchain uses Merkle proof to store transactions in each block. So that the transaction can not be tampered with, but also easy to verify whether the transaction is included in a specific block
7. RLP
RLP (recursive length prefix) is one of the main encoding methods of object serialization in Ethereum. Its purpose is to encode the sequence of arbitrary nested binary data.
blockchain is a decentralized and distributed electronic classified accounting method based on the model of providing absolute security and trust. Using encryption technology, transactions are recorded chronologically and publicly, and each block has a timestamp and a link to the previous block. Importantly, these digital "blocks" can only be updated through the consensus of all participants, and data interception, modification and deletion are almost impossible.
The biggest feature of blockchain technology is decentralization, which will rece a lot of costs for the banking instry
First of all, decentralization means that the trust building mechanism between banking systems no longer needs intermediary, which saves the cost of intermediary Secondly, the development of digital currency will realize the real-time digital transaction of banks. For example, in bill transaction, bank's bill transaction always relies on the third party to realize the transfer of valuable documents. Even for electronic bill transaction, it also needs the information of central bank's ECDs system for mutual authentication. The blockchain technology can realize the point-to-point value transmission, which no longer needs centralized system control. This not only speeds up the bill transmission speed, but also reces the mistakes caused by human factors. The rection of process will naturally rece the demand of the bank for personnel and save the labor cost of the bankfinally, it will also have an impact on clearing and settlement. The bank's clearing and settlement business has always been completed by the central settlement, with low efficiency. Settlement through blockchain technology will greatly improve the efficiency of banks
blockchain technology also plays an important role in the cross-border payment business of banks. Today, with the highly developed global trade, cross-border payment is becoming more and more frequent. Banks often act as third-party services in cross-border trade, such as electronic transfer, asset custody and so on. However, cross-border payment generally takes about two days to get to the account, which is inefficient and reces the utilization rate of funds in transit. In the blockchain technology, both sides of cross-border payment can complete through the point-to-point way, realize all-weather payment and real-time arrival, thus speeding up the speed of clearing and settlement, and improving the efficiency of bank business processing
another feature of blockchain technology is de risking. Banks can establish their own blockchain, which can ensure that the transaction information and transaction records of bank customers are true and effective, and will not be tampered with arbitrarily. Banks can effectively identify customers' information, understand all aspects of customers' situation, identify abnormal transactions of customers, and prevent being cheated by customers, So as to rece the cost of bank supervision
Blockchain technology can help us improve the security of encryption, authentication and other protection mechanisms, which is absolutely good news for the Internet of things security and DDoS Defense Community
blockchain has the potential to become an important solution for safe communities, as well as for the financial, energy and manufacturing instries. At present, verifying bitcoin transaction is one of its main uses, but this technology can also be extended to smart grid system, content delivery network and other application scenarios
how to apply blockchain to network security
whether it's protecting data integrity or using digital identification technology to prevent Internet of things devices from DDoS attacks, blockchain technology can play a key role, at least now it has shown this ability
Internet of things security and DDoS Defense Community
a blockchain startup claims that its decentralized "billing" system can help users resist DDoS attacks with traffic over 100gbps. Interestingly, the company said that this decentralized system allows users to rent their own extra bandwidth and submit their bandwidth access rights to the distributed nodes of the blockchain. When a website suffers from DDoS attacks, the website can use the leased bandwidth to mitigate DDoS attacks
improve confidentiality and data integrity
although the original design of blockchain did not consider the specific access control, now some blockchain technology implementation has solved the problems of data confidentiality and access control. In this era, any data may be tampered, which is obviously a serious problem, but the complete data encryption maliciously guarantees that the data will not be accessed or tampered by others through man in the middle attack in the transmission process
the whole IOT instry needs data integrity protection. For example, IBM's Watson IOT platform allows users to manage IOT data in a private blockchain network, which has been integrated into their big blue cloud service. In addition, Ericsson's blockchain data integrity service provides comprehensive audit, compatible and reliable data services to allow developers to use predix PAAS platform for technical implementation
one of the best applications is the transformation of our public sector and the creation of citizen centered infrastructure. This will enable the public to have their own identity and every transaction can be verified. We can use smart contracts and signed assertions to formulate elements of public services, such as benefits, etc
Internet of things & amp; Smart devices
now the attention of the whole IT community has begun to shift to the Internet of things & amp; Smart devices are on the rise, and security is absolutely one of the primary considerations. Although the Internet of things can improve our work and proction efficiency, it also means that we need to face more security risks. As a result, many companies seek to apply blockchain to protect IOT and instrial IOT (iiot) devices because blockchain technology can enhance authentication, improve data traceability and mobility, and assist record management
according to Alexey malanov, an anti-virus expert at Kaspersky laboratory, blockchain technology helps to track hacker attacks, adding:
"network intruders usually clear the permission log to hide traces of unauthorized access to devices. But if the logs are distributed in multiple devices (for example, through blockchain Technology), the risk can be reced as much as possible. "
German Klimenko, chairman of the digital economy development fund, said: "at present, the Ministry of defense is vigorously promoting it development and research, which is a good thing for the instry."
NATO and the Pentagon are also studying the "defensive" Application of blockchain. This technology is actively used to protect the system from network attacks. NATO will use blockchains to protect financial information, supply and logistics chains, while the Pentagon is developing a data transmission system to prevent hackers
in general, blockchain technology is not omnipotent, at least not yet. Whether from the perspective of technical integrity or system implementation, the current blockchain technology can not guarantee the security of the device 100%. Note: the above content comes from the Internet
332588;<24049;<30475;<26377;<35828>
China's blockchain instry ecology has initially taken shape, and the number of enterprises has increased rapidly. According to the white paper on China's blockchain instry in 2018 previously released by the information center of the Ministry of instry and information technology, as of the end of March 2018, the number of blockchain companies with blockchain business as the main business in China has exceeded 450, and the instry has initially taken shape
the Ministry of instry and information technology proposes that the blockchain instry is still in the initial stage, and the positive value of technology is graally emerging, but there are still risks that can not be ignored in the development process, such as challenges to the current system and norms, technical loopholes, etc. The Ministry of instry and information technology proposed that it will accelerate the innovation and application of blockchain technology, especially strengthen the improvement of computing capacity, storage capacity and integration penetration capacity, build a good instrial ecology, and promote the healthy development of blockchain instry
one is to use professional code audit services,
the other is to understand the security coding specifications and take preventive measures
the security of cryptographic algorithm
with the development of quantum computer, it will bring great security threat to the current cryptosystem. Blockchain mainly relies on elliptic curve public key encryption algorithm to generate digital signature for secure transactions. Currently, the most commonly used ECDSA, RSA, DSA, etc. can not withstand quantum attacks in theory, and there will be greater risks. More and more researchers begin to pay attention to cryptographic algorithms that can resist quantum attacks
of course, in addition to changing the algorithm, there is another way to improve the security:
refer to bitcoin's treatment of public key address to rece the potential risk of public key disclosure. As users, especially bitcoin users, the balance after each transaction is stored in a new address to ensure that the public key of the address where bitcoin funds are stored is not leaked
security of consensus mechanism
the current consensus mechanisms include proof of work (POW), proof of stake (POS), delegated proof of stake (dpos), practical Byzantine fault tolerance (pbft), etc.