The Blockchain is a peer-to-peer network consisting of interconnected nodes (users). As a peer-to-peer network, each participating node on the Blockchain is an equipotent participant containing a complete copy of an immutable ledger(block). The blockchain’s block is a data structure used to keep track of transactions performed on the network. Since all nodes must reference all transactions and have equal privileges on the network, transactions are committed based on a consensus algorithm.
The integrity and potency of the blockchain network lie in its ability to maintain an unbiased immutable ledger throughout the network. The consensus algorithm designed to manage the creation of a block (committing a transaction) must ensure that no block is illegally added.
Like any other computer network, the Blockchain is prone to security attacks. A major threat to the network will result from an attacker controlling a node or nodes with higher privileges than other nodes. To ensure that the Blockchain is secured, blockchains security is based on some principles such as consensus, decentralization, cryptography, and hashing.
Cryptography is the utilization of complex mathematical equations to secure data. Blockchain uses asymmetric cryptography involving a private and a public key to secure transactions taking place between two nodes. When nodes create transactions, a digital signature containing the transaction data and the public key of the sending node is created. This is done to guarantee the integrity of a transaction. This process is called authentication, a process used to determine a node’s integrity on the blockchain network.
After completing the authentification process, the corresponding block/transaction needs to be added to the chain. For a block to be added, Blockchain ensures security by enforcing an authorization algorithm involving the consensus of the majority of participating nodes. Nodes are given incentives to participate in the validation of a transaction or block. Validation of transactions is a major process in the blockchain network as a failure or improper validation will defy the chain. To ensure that only legitimate participants(nodes) of equal privilege validate a block, the network presents a complex mathematical equation for nodes to solve. Since this requires high processing resources, fair competition is distributed among participating nodes. Once a block is successfully mined(verified by participating nodes), the block is added to the existing chain. As earlier mentioned, verification is key in ensuring that the blockchain network remains secure. For this reason, most of the security breaches confronting the said security of the Blockchain attempt to target the verification process. The term commonly used in the verification process is “mining.” Mining seeks to achieve the following:
1. Permanently add a block(transaction) to the chain without the sole permission of any node
2. Reward coins to miners who spend resources such as electricity to help keep the network secure.
Mining is the process of computing a Hash. Miners compete in computing a hash by randomly guessing values if plugged into a mathematical equation results in the corresponding hash presented by the network. Using machines (computers) such as the Application Specific Integrated Circuits (ASICs), the competition to compute a hash begins. Different ASICs machines can have different hash rates. A hash rate determines the number of guesses a machine can make in a given time to solve a problem. Machines with higher hash rates have higher chances of solving the problem. The fact that hash rates of miners are not equal gives room for a monopoly of the network. Can this lead to insecurity? Imagine an attacker has a hash rate greater than that of the network? This is what the 51% attack is.
This attack is possible when an attacker takes control of more than 50% of the network’s total hashing power. An attacker who successfully does this can now perform criminal activities such as double spending on the network. Since all machines engaged in mining do not all have equal hash rates, as mentioned earlier, this attack is possible but not without a great cost. Chains of blocks isolated from the real chain are secretly(privately) created by the hacker and later presented to the network for acceptance. Since the PoW algorithm is designed to accept the longest/most recent chain, the chain created by the hacker is then accepted and added to the network as the real chain. Since the attacker has higher hashing power than the overall network, they are positioned to create the longest chain and present it for acceptance. The more a network’s hashing power increases, the more costly and unlikely the 51% attack will become.
Solutions to the 51% attack. Coming soon!