BLOCKCHAIN

CYBS 6350: DATA PROTECTION

 HISTORY OF BLOCKCHAIN

Stuart NEO,
Satoshi Chinese
Haber and
Nakamoto Ethereum
W. Scott Vitalik Facebook
invented
Stornetta 2008 - Buterin 15% Big IOTA formally
Bitcoin Ethereum
1991 conceived
blockchain 2013 released 2015 launched 2017 Banks use 2018 verification 2019 announces
of concept 2009 paper on Blockchain process for Libra on
and
later to be Ethereum Internet of June 18th
released
known as Thing
paper
Blockchain devices
How to time-stamp a digital https://bitcoin.org/bitcoin.pdf A NEXT GENERATION SMART CONTRACT &
https://fortune.com/2016/09/28
document DECENTRALIZED APPLICATION PLATFORM
/blockchain-banks-2017/
https://link.springer.com/article/1 https://bitcoincryptoadvice.com/the-ethereum-
0.1007/BF00196791 white-paper-by-vitalik-buterin/

Goyal, Swati (2018, November 3) The History of Blockchain Technology: Must

Know Timeline. Retrieved from: https://101blockchains.com/history-of-
Blockchain blockchain-timeline/
 DOUBLE-SPEND PROBLEM
I upload a picture of my dog to Facebook. This is a copy of a
picture I have on my phone, a copy of the picture now resides on
phone and on Facebook.
I upload the same picture of my dog to Instagram. This is a copy
of a picture I have on my phone, a copy of the picture now resides
on phone, Instagram and on Facebook.
No one is harmed by me having multiple copies of the same
picture of my dog. My dog is cute and everyone loves seeing
pictures of my dog. (Hosp, 2017)

What happens if I do the same thing with something of value, such as currency?

Hosp, Dr. Julian. (2017, December) Cryptocurrencies simply explained -

by TenX Co-Founder Dr. Julian Hosp: Bitcoin, Ethereum, Blockchain,
ICOs, Decentralization, Mining & Co (p. 36). Dr. Julian Hosp. Kindle
Edition.
Blockchain
 DOUBLE-SPEND PROBLEM
I send $100 to my friend Carol, I copy and paste it and send it on.
Basically duplicating the $100.

I send the same $100 to my friend Rebecca, I copy and paste it

and send it on. Duplicating the original $100 again.
This causes harm because currency represents value and trust.
Traditionally, in a centralized system the bank would validate I had
the $100 and transfer to Carol and Rebecca after validation.
In a decentralized system, a method to avoid the double-
spending problem without a governing body must be
identified.
In Satoshi Nakamoto 2008 paper provides a solution to the Hosp, Dr. Julian. (2017, December) Cryptocurrencies simply explained -
by TenX Co-Founder Dr. Julian Hosp: Bitcoin, Ethereum, Blockchain,
double-spending problem, known as Blockchain. (Hosp, 2017) ICOs, Decentralization, Mining & Co (p. 36). Dr. Julian Hosp. Kindle
Edition.
Blockchain
HOW BLOCKCHAIN WORKS

Dughi, Paul (2018, February 3) A simple

explanation of how blockchain works. Retrieved
from: https://medium.com/the-mission/a-
simple-explanation-on-how-blockchain-works-
e52f75da6e9a
Blockchain
 COMPONENTS OF A BLOCKCHAIN
• Block
– Similar to transactions recorded into a new page in a ledger
– These transactions have not been enter previously (not apart of a current block).
• Chain
– A list of blocks linked cryptographically
– i.e. Bitcoin uses SHA-256
• Network
– Composed of full nodes, computers running algorithms that secures the network
– Each node contains a record of all the transactions in that Blockchain (Laurence,
2019)
Laurence, Tiana. (2019) Blockchain For Dummies (For
Dummies (Computer/Tech)) (p. 11). Wiley. Kindle Edition.

Blockchain
 VISUAL OF BLOCKCHAIN
Visualization of bitcoin transactions:
http://dailyblockchain.github.io.
LEGEND:
– Green = input
– Red = output
– Yellow = input+output
– Blue = transaction

Blockchain
 WHAT IS CRYPTOCURRENCY?
• A cryptocurrency is a unique bit of data that can be traded
between two parties
https://www.youtube.com/watch?v=6Gu2QMTAkEU

Blockchain
 TOP 100 CRYPTOCURRENCIES BY MARKET
CAPITALIZATION
https://coinmarketcap.com/

Blockchain
WHAT IS BLOCKCHAIN?

https://www.youtube.com/watch?v=WiRFuHXHBhk

Blockchain
 TYPES OF BLOCKCHAINS - PUBLIC
• Large distributed networks that use digital token
• Open to anyone to participate at any level
• Has open-source code a community maintains
• Examples: Bitcoin, Ethereum, Litecoin
(Laurence,2019)
For more information: Laurence, Tiana. (2019) Blockchain For Dummies
https://medium.com/coinmonks/public-vs- (For Dummies (Computer/Tech)) (p. 8). Wiley.
private-blockchain-in-a-nutshell-c9fe284fa39f Kindle Edition.
Blockchain
 TYPES OF BLOCKCHAINS - PERMISSIONED
• Large distributed networks that use digital token
• Roles are defined which limit participation
• May or may not be open-source code
• Example: Ripple, selects and limits participants
who may validate transactions (Laurence, 2019)
https://medium.com/coinmonks/pu
Laurence, Tiana. (2019) Blockchain For Dummies
blic-vs-private-blockchain-in-a- (For Dummies (Computer/Tech)) (p. 8). Wiley.
nutshell-c9fe284fa39f Kindle Edition.
Blockchain
 TYPES OF BLOCKCHAINS - PRIVATE
• Also known as distributed ledger technology (DLT)
• Do not utilize a digital token and are smaller
• Membership is controlled, trusted membership
• Example: Hijro (https://hijro.com) or consortiums
which need to exchange confidential information
(Laurence, 2019)
Laurence, Tiana. (2019) Blockchain For Dummies (For
Blockchain Dummies (Computer/Tech)) (p. 8). Wiley. Kindle Edition.
WHAT IS BLOCKCHAIN?

https://www.youtube.com/watch?v=3xGLc-zz9cA

Blockchain
 RIPPLE
• Developed by an official company called the Ripple company, founded in 2012
• Ripple company has offices in Australia, Luxembourg, and the UK
• Uses patented process to achieve consensus (instead of mining) – Ripple Protocol
Consensus Algorithm
• XRP Ripples cryptocurrency is used by financial institutions to quickly transfer funds
globally
– Settles payments in 4 seconds
– Processes 1,500 transactions per second
– Requires no mining
– Only needs 25 independent nodes to validate
– Nodes are managed by financial institutions, tech companies, and Ripple itself
• Bitcoin is much slower and requires millions of nodes to validate transactions (Chi, 2018)
Chi, Clifford (2018, October 11) Everything You Need to
Know About Ripple. Retrieved from:
Blockchain https://blog.hubspot.com/marketing/ripple
 USE CASES FOR BLOCKCHAIN
• Sharing information with • Examples include:
not fully trusted parties – Cryptocurrency
– Supply chains
• Data needs to be audited
– Healthcare
• Data at risk of being – Insurance
compromised internally – Transportation
or externally – Voting
– Contract management
Blockchain
 DHS SCIENCE & TECHNOLOGY
DIRECTORATE FLOWCHART

NISTIR 8202 Blockchain

Technology Overview
https://doi.org/10.6028/NIST.IR.82
02

Blockchain
Laurence, Tiana. (2019) Blockchain For
Dummies (For Dummies
(Computer/Tech)) (p. 23). Wiley. Kindle
Edition.

Asymmetric Cryptography
 IOT BLOCKCHAINS
• WaltonChain • VeChain
– Combines blockchain with IoT via RFID – Designed for advanced integration with
– Usages: proprietary IoT devices
• High-end clothing identification – Usages:
• Logistic tracking • Car passports
– Repair history,
• Food and drug traceability (Pauw, 2018)
– Insurance
• Streamer – Registration
– Empowers people to buy others information – Driver behavior throughout its lifecycle.
and sell their information • Healthcare
– Usages: – Patients can share biometrics with doctors
– Real-time monitoring (Pauw, 2018)
• Embedded into cars to record traffic, fuel
prices, potholes, etc..(Pauw, 2018) Pauw, Christjan (2018, December 4) How Significant Is Blockchain in
Internet of Things? Retrieved from:
https://cointelegraph.com/news/how-significant-is-blockchain-in-
Blockchain internet-of-things
 WHAT CRYPTOGRAPHIC ALGORITHMS DOES
BLOCKCHAIN USE
Different Blockchain applications use different
algorithms, Bitcoin will be used as an example for
purposes of this discussion.
• Hashing – SHA-256 to ensure data integrity
• Wallet addresses
• Transactions between wallets
• Verifies and validates wallet balances
• Used with block proposer selection algorithm –
Proof of Work (Voshmigr, 2018)
https://www.youtube.com/watch?v=_160oMzblY8&vl=en
Also at: https://anders.com/blockchain/

Voshmgir, Shirmin (2018, September 10) Token Security: Cryptography –

Part 2. Retrieved from:
https://blockchainhub.net/blog/blog/cryptography-blockchain-bitcoin/
Blockchain
 WHAT CRYPTOGRAPHIC ALGORITHMS DOES
BLOCKCHAIN USE
Different Blockchain applications use different algorithms,
Bitcoin will be used as an example for purposes of this
discussion.
• Public key cryptography
• Secure digital record for user
• Identifies the user
• Identifies what the user owns – proves
ownership of tokens
• Enables wallet and control of tokens stored in
wallet (Voshmgir, 2018) https://www.youtube.com/watch?v=xIDL_akeras
Also at: https://anders.com/blockchain/

Voshmgir, Shirmin (2018, September 10) Token Security: Cryptography –

Part 2. Retrieved from:
https://blockchainhub.net/blog/blog/cryptography-blockchain-bitcoin/
Blockchain
 ADDRESS DERIVATION
• Addresses are utilized as the to and from endpoints
of transactions
• In many cases it is derived from a hash of a users
public key

Cryptographic
Public Key Address
Hash

Blockchain
 WHAT CRYPTOGRAPHIC ALGORITHMS DOES
BLOCKCHAIN USE
Different Blockchain applications use different algorithms,
Bitcoin will be used as an example for purposes of this
discussion.
• Wallet stores:
• Private key
• Public key
• Blockchain address
• Wallet communicates with:
• Blockchain
• Digital signatures
• Send tokens https://www.youtube.com/watch?v=C8hfHYrkQDk
• Inspect tokens (Voshmgir, 2018)

Voshmgir, Shirmin (2018, September 10) Token Security: Cryptography –

Part 2. Retrieved from:
https://blockchainhub.net/blog/blog/cryptography-blockchain-bitcoin/
Blockchain
 CONSENSUS MODELS
PROOF OF WORK (POW)
• Method of choosing next block producer
• Cost is attached to selection through use of computing
power
• Process in Proof of Work (PoW) known as mining
– Miners compete by solving mathematical cryptographic
problem correctly
– First to solve is chosen
– Odds increase with more computing power; aka hash power
– Miners create mining pools – to increase hash power –
through distributing work load across other computers in a
pool (Dickson, 2019)
https://www.youtube.com/watch?v=-C19r0UsYws

Dickson, Ben (2019, June 6) How Chinese hackers turned

50,000 servers into cryptocurrency miners. Retrieved
from: https://www.dailydot.com/layer8/china-hackers-
turtlecoin-mining/
Blockchain
 CONSENSUS MODELS
PROOF OF STAKE (POS)
• Method of choosing next block producer
• Cost is attached cryptocurrency - wealth
– PoW is indirectly related to wealth, which is
needed to purchase computing power
• Reduces energy consumption Vitalik Buterin, inventor and co-founder of Ethereum
• Ethereum, second largest cryptocurrency, plans
to move to PoS selection and reduce blockchain Vitalik Buterin, inventor and co-founder of Ethereum
energy consumption by 99% (Gil-Pulgar, 2019)

Gil-Pulgar, Julio (2019, January 4) ETHEREUM 2.0’ POS

BLOCKCHAIN AIMS TO CUT ENERGY USE BY 99%. Retreived from
https://bitcoinist.com/ethereum-pos-blockchain-cut-energy/
Blockchain
 WHAT IS SHARDING?

• Method of addressing scalability and latency

issues
• Partitions the Peer to Peer network so that not
all the nodes are responsible for the entire
networks transactional and storage load
• Shards share information, so solution is still
considered decentralized
– All nodes can see all transactions in the ledger
(Mearian, 2019)
https://www.youtube.com/watch?v=WI6pE5nFeFI
https://www.youtube.com/watch?v=WI6pE5nFeFI

Mearian, Lucas (2019, January 28) Sharding: What it is and why

many blockchain protocols rely on it. Retrieved from:
https://www.computerworld.com/article/3336187/sharding-
what-it-is-and-why-so-many-blockchain-protocols-rely-on-it.html
Blockchain
 WHAT IS A FORK?

• Forks software updates

• Decentralized systems determine software updates by
consensus
• Hard forks
– Change rules so that breaks backward compatibility
– Ethereum’s Casper update which moves from PoW to PoS is an
example
• Contentious hard forks
– Disagreements which produce new blockchains
– Examples Ethereum Classic and Bitcoin Cash,
• Soft forks
– Software updates that are backward compatible (Maddrey, 2018)

https://www.youtube.com/watch?v=XqEOVphSy7A

Maddrey, Nate (2018, September 18) Blockchain Forks Explained.

Retrieved from:
https://medium.com/digitalassetresearch/blockchain-forks-
explained-8ccf304b97c8 Blockchain
 DECENTRALIZED AUTONOMOUS ORGANIZATIONS
(DAO)
• Establishment of a company without hierarchical
management
• Pre-defined or programmed set of rules
• Functions autonomously
• Uses consensus, programed in a distributed
consensus protocol
• Not the same as The DAO name of an organization
that’s framework type is DAO https://www.youtube.com/watch?time_continue=441&v=Pyi8-qm02hs

Blockchain
 CASE STUDY: THE DAO – HACK OR FOLLOWING
RULES
• First Ethereum DAO built
• Flaw in the code (rules) which stated:
– How the organization would be governed
– How funds would be distributed
• Flaw allowed any sophisticated user to withdraw funds
– Unknown user removed ~$50MM
• Community decided, after long debate, to shut down The DAO.
– A new Ethereum was created
– Hard fork reversed the transactions the unknown user committed
Laurence, Tiana. Blockchain For Dummies (For
Dummies (Computer/Tech)) (p. 64). Wiley. Kindle
Edition.
Blockchain
 GROUP EXERCISE
• Divide up into 3 groups. Each group read the article associated with their
group. Discuss as a group a synopsis of your article. Be prepared to
provide key points to class.

– Group 1: Can Libra and Other Crypto Find a Ground to Navigate Regulation?
• https://cointelegraph.com/news/can-libra-and-other-crypto-find-a-ground-to-
navigate-regulation
– Group 2: Game of Nodes – Who Will Win the Digital Throne
• https://cointelegraph.com/news/game-of-nodes-who-will-win-the-digital-throne
– Group 3: How Should Crypto Prepare for Google’s ‘Quantum Supremacy’?
• https://coindesk.com/how-should-crypto-prepare-for-googles-quantum-supremacy

Blockchain
TOP 5 KEY POINTS – LIBRA NAVIGATE REGULATION
1. No regulatory oversights, cryptocurrencies anonymity intrinsically leans to challenges
with regulatory oversight
2. Libra developed by Mark Zuckerberg, funding partners such as Paypal, Visa
Mastercard, and ebay.
• Due to concerns over money laundering and terrorist financing, along with congressional
concerns 7 of largest funding partners have left
3. Platforms that are middle ground that offer some regulation while still maintaining
anonymity, such as Particl and Verge, will most likely be better positioned, to obtain
mass adoption
4. DeepOnion is moving opposite direction then seeking middle ground; they want to
retain true to the original intent with no oversight or regulation
5. Author believes mass adoption and survivability would require some form of
regulation

Blockchain
 TOP 5 KEY POINTS – GAME OF NODES
1. Article compares several cryptocurrencies as to which one might become the ultimate leader –
uses Game of Thrones characters in comparison
2. Bitcoin original blockchain – open source peer to peer – slow – scalability issues
3. Ethereum – faster then bitcoin still has scalability issues; supports decentralized applications
(Dapps) such as smart contracts
4. Ripple - not decentralized enough more distributed; uses a patented consensus mechanism –
permissioned closed system – fast at 1,500 transactions per second (TPS)
5. Stellar – uses quorum slices also known as Federated Byzantine Agreement algorithm to reach
consensus much faster 10 TPS with multiple operations in a transaction can handle 1,000
operations per second – open source digital payment system targeting developing markets
6. Corda – developed by R3 for finance industry and has moved into other industries (i.e. Healthcare)
- more distributed ledger not all members need to know about all transactions – ~300 companies
developing apps for their industries – 1,678 TPS
7. Author has selected Ethereum as the winner and Stellar as the runner up. Flexibility and diversity
were key factors in his selection.

Blockchain
TOP 5 KEY POINTS – PREPARE FOR GOOGLE’S
1. Google claims to have proved quantum supremacy
2. Hard to prove due to length of time to solve by classical computers
3. Quantum computers are good at probabilistic computations and not so good at other
things like playing Doom – so comparison is not apples to apples
4. Quantum computers will potentially have the ability to break traditional cryptosystems
such as SHA-256 and public/private; utilized in most cryptocurrencies and blockchains
5. Miners with quantum abilities could take advantage of cryptocurrencies before they
are able to reach consensus to support quantum resistant algorithms
6. According to David Chaum, security wallets are more vulnerable then consensus
models, as they store key pairs for digital signatures and actual currency (tokens)
7. NSA halted work, more then 4 years ago, on quantum susceptible crypto, and is
focusing on finding standards for quantum resistant algorithms

Blockchain
 IMMUTABILITY
• Better verbiage is tamper evident and tamper
resistant
–Rule of adopting longest chain
–Most recently published (a.k.a tail blocks) are
subject to be replaced, by a longer chain with
different tail blocks

Blockchain
 BLOCKCHAIN ATTACKS
• Eclipse
• Sybil
•
For more information:
Selfish Mining Soundararajan, Abilash (2019, January 22) 10 Blockchain and
New Age Security Attacks You Should Know. Retrieved from:

• Mining Malware https://blogs.arubanetworks.com/solutions/10-blockchain-

and-new-age-security-attacks-you-should-know/

– Cryptomining Hollerith, David. (2019, October 19) Cryptomining Attacks

Remain One of the Nastiest Malware Threats of 2019.
Retrieved from:
– Cryptojacking https://bitcoinmagazine.com/articles/cryptomining-attacks-
remain-one-of-the-nastiest-malware-threats-of-2019

• 51%
• Finney
Blockchain
 ECLIPSE / SYBIL
• Attacker preforms a type of DDOS attack which
monopolizes all connections to the victim’s node
• Attacker manages direct the victim’s node to his
malicious node
• View of the legitimate distributed ledger is blocked and
the victim’s node is directed to the attacker’s
manipulated ledger
• Sybil similar to Eclipse but instead of blocking ledger it
blocks network – isolating a node
• Prevention – ensure connection to legitimate nodes
– Increase number of connections to node to prevent isolation
– Limit number of nodes per IP address
– Store information about other legitimate nodes (Soundararajan,
2019)

Soundararajan, Abilash (2019, January 22) 10 Blockchain and

New Age Security Attacks You Should Know. Retrieved from:
https://blogs.arubanetworks.com/solutions/10-blockchain-
Blockchain and-new-age-security-attacks-you-should-know/
 SELFISH MINING
• Miners exploit rules (code) to steal block rewards
• Miners collude provide incentives for other miners to join the
attackers coalition
• Many blockchains deem the longest chain to be true; attackers
stealthily build blocks waiting for a lead and then publish
– Effectively reverses miners blocks who publish as soon as they built the
block, thus no rewards for building block (Soundararajan, 2019)
Soundararajan, Abilash (2019, January 22) 10 Blockchain and
New Age Security Attacks You Should Know. Retrieved from:
https://blogs.arubanetworks.com/solutions/10-blockchain-
and-new-age-security-attacks-you-should-know/
Blockchain
 MINING MALWARE
• Malware installed enables mining on compromised servers
• February to May Chinese hackers turned 50,000 servers into
miners
• Used to mine lessor known cryptocurreny called TurtleCoin
• Prevention
– Strong authentication
– Patch systems (Dickson, 2019)

Dickson, Ben (2019, June 6) How Chinese hackers turned

50,000 servers into cryptocurrency miners. Retrieved
from: https://www.dailydot.com/layer8/china-hackers-
turtlecoin-mining/
Blockchain
 51%
• A miner or a group of miners controls 51% or more of the
mining power
• Difficult in large networks; more feasible in small networks
• Provides control over transactions
– Preventing specific transactions
– Reversing transactions (Soundararajan, 2019)
Soundararajan, Abilash (2019, January 22) 10 Blockchain and
New Age Security Attacks You Should Know. Retrieved from:
https://blogs.arubanetworks.com/solutions/10-blockchain-
and-new-age-security-attacks-you-should-know/
Blockchain
 FINNEY

1. Miner includes in a found block a

transaction which sends coins back to
themselves.
2. Miner does not immediately broadcast
the modified block
3. Miner sends coins to merchants for goods
4. Merchant accepts payment before
confirmation of the block; sends goods
5. After which the miner broadcasts the
block (Hackermoon, 2018) Hackernoon (2018, July 3) Hal Finney and
Blockchain hacking. Retrieved from:
https://hackernoon.com/hal-finney-and-
vulnerability-that-took-his-name-720ef6f90134
Blockchain
 REFERENCES FOR BLOCKCHAIN
• MIT
– http://blockchain.mit.edu/ • NIST
– https://www.technologyreview.com/blockchain/ – NISTIR 8202 Blockchain Technology Overview
https://doi.org/10.6028/NIST.IR.8202
• Official Reddit threads:
– https://www.reddit.com/r/Bitcoin/
– https://www.reddit.com/r/ethereum/
– https://www.reddit.com/r/ethtrader/
– https://www.reddit.com/r/TenX/
– https://www.reddit.com/r/cryptocurrencies
• YouTube Channels:
– https://www.youtube.com/tenxwallet
• Magazines:
– https://bitcoinmagazine.com/
– https://cointelegraph.com/
– https://www.coindesk.com/
• Facebook Groups:
– www.facebook.com/groups/cryptofit
• Lists & overviews:
– http://www.coinmarketcap.com
– https://www.smithandcrown.com/icos/

Blockchain
 BLOCKCHAIN

CYBS 6350: DATA PROTECTION