Blockchain Technology in Networks

[Hellmut1956]

I have used spare time in December to start to look into Blockchain as a method to additionally protect my home network. The concept of having blockchains to ensure unaltered communication and to ensure only authorized sources to engage nodes in my home network in an exchange of information over the network seemed to be an attractive use of Blockchain technology.

I have started to deal with learning how to protect my home network after doing experiments with Raspis resulted in an inoperable Windows 7 Ultimate PC. Of course, I follow all the right procedures to protect my PC. But an attacker used the raw Linux on Raspi to penetrate my PC. I could recover my PC after deciding to upgrade my PC to Windows 10 Pro. That upgrade did really solve the actual problem. Now I have stopped experimenting with Raspis connected to the Internet and found it getting more and more interesting to study the topics of how to achieve a safe environment for my experiments.

For your understanding, I am retired and do studies and experiments for the fun of it.

The problems I have identified for my use of the Blockchain technology as a technology to add security to my home network is that historically it has been developing having cryptocurrencies in mind. Since a while, there are efforts going on to apply the Blockchain to other fields, but to my knowledge, the use of the Blockchain technology i.e. in the IOT area has heavy research going on.

I am opening this thread to exchange and track the developments of the Blockchain technologies in fields like IOT and networking, but not limited to those.

 

[kubeek]

Can you explain what are the benefits of using blokchain, instead of the good old proven methods like SSL and certificates?

 

[Hellmut1956]

To say it a simple as possible. As the name implies it is about linking blocks. Every Block in the chain requires all information so that it can detect if something incorrect happens. So if you have a PC communicating with another one each has at least one block which contains all information. If an intruder tries to breach into a PC using Blockchains it is unable to identify its the block on the destination.

The wording is taken from its development in a project to generate an ecosystem for cryptocurrencies. So blocks communicate with each other by a mean called "smart contract".

Phasing out the blockchain technology from a 20.000 miles view it makes it impossible to sense its contents or to block it. So parties that are able to monitor the internet and to block parts of the internet from being accessed becomes impossible. There is even the concept that a machine intelligence of the kind the Terminator movie shows. An intelligence spreading over every internet connected device could not be stopped and it could spread everywhere so that killing it becomes impossible.

When thinking about applying the Blockchain technology to networking in general and IOT device specifically a means has to be developed to improve the efficiency. Smart contracts could be a way to authorize communication between to or more parties.

 

[nsaspook]

Blockchain does not increase efficiency or provide additional security as the data on the Blockchain is not encrypted with usages like Bitcoin. What it does is to allow transactions to be validated as true and correct when 'untrusted' nodes are on the network without using a central authority as the grantor of trust.

Blockchain is really just a hype word used to hijack suckers from their money.

 

[kubeek]

AFAIK blockchain acually stores all the transactions that ever happened and is public to everyone. How does that help in securing any data connection?

 

[dknguyen]

I think it's intended to be used with SSL certificates to decentralize the certificate authority in order to prevent a single user from spoofing that they are a certificate authority. I guess it's kind of like asking for someone's government supplied ID to verify who they are versus asking everyone you know until you find a mutual acquaintance who can verify that someone is who claim to be?

 

[nsaspook]

Even if Blockchain technology was 100% secure the users are not.
Millions upon millions of real dollars worth of Bitcoin and other cryptocurrencies have been stolen from the compromised accounts of individuals and exchanges over the years.

 

[nsaspook]

Blockchain attack stole ~$460,000. edit: ~1.1 million.

https://www.zdnet.com/article/coinb...assic-etc-trading-after-double-spend-attacks/

Update, January 8, 06:00 AM ET: Bitfly, a fellow cryptocurrency trading platform, has also confirmed Coinbase's report. So did the Ethereum Classic team, which was immediately criticized for not spotting the attack on its own network in the first place. Coinbase, too, was criticized, but for failing to reveal the double-spend attacks on Saturday when they first happened, leaving ETC users at risk for three days, for no good reason. Coinbase also updated its original report with details on another 12 double-spend attacks, bringing the total of stolen funds to 219,500 ETC (~$1.1 million).

 

[Hellmut1956]

There is no technology that offers 100% security. my intention to initiate this thread is twofold:
One is to have a thread where Blockchain and similar technologies can be discussed aiming for learning about it from fellow users.
Second is that I want to emphasize if and how Blockchain, also called a member of "Distributed Ledger" technologies and what can be seen towards using this kind of technology for private networks.

 

[gophert]

There is no technology that offers 100% security. my intention to initiate this thread is twofold:
One is to have a thread where Blockchain and similar technologies can be discussed aiming for learning about it from fellow users.
Second is that I want to emphasize if and how Blockchain, also called a member of "Distributed Ledger" technologies and what can be seen towards using this kind of technology for private networks.

So, you want to use a documentation intensive method to record all transfers of data at every node. Where and how would the data that validates the transaction (transfer of data) be stored? Would the validation data transfer need its own set of transfer validations. Where would that data be stored (are you now in the loop?).

 

[Hellmut1956]

Nope gophert! I started to investigate Blockchain specifically and distributed ledger technologies because seeing so much hype I wanted to know first what it is, second which areas besides cryptocurrencies could benefit and IF there is development towards applying this technology to networks and as a consequence to network security.
Pretty soon I realized that what its mainstream uses are today Blockchain use is questionable in the area of networking and embedded systems, another term of IoT. Next was clear to me that use in networking in IoT environments needed to restrict the data that it would contain. For me use as part of an authorization process in IoT networks could be imaginable. This way use of this technology would have to be adapted to the specific needs of a specific network. Blockchain technology claims to be able to signal when data has been altered or rerouted. In the specific use, I do have in mind as my filter to follow up the development of this technology it would have to be limited to the nodes in my home network that does not include smart home use. As you might probably have read, Blockchain technology used with Cryptocurrencies has failed to resist attackers. But this is typical for an early adopter environment.
The Internet becomes more and more a very hostile environment and the parties fighting the war of security and penetration are developing their resources heavily! Security is a moving target that will probably be endlessly developed and improved so that attackers actions need to get prohibitively expensive when applied to private users.

 

[Hellmut1956]

Here an interesting document that presents and categorized the different kind of Blockchains, or should I name it "Distributed Ledger? It seems for my personal goals of keeping an eye on the technology to show where to look for.

 

[unclejed613]

typical IOT devices use somewhat low-horsepower CPUs. the process of creating blocks (i.e. mining) is basically brute forcing a cryptographic key for the data stored in the block. this is a very CPU-intensive process, and if your IOT devices are participating in the mining process aren't going to have much time or RAM left over for anything else. if you reduce the level of difficulty to the point where the IOT processors are running smoothly and able to do their own jobs plus providing hash power for mining, then the network is not going to be very secure. you also need to find a foolproof method of avoiding forks (low difficulty increases the chances of forks) or you will have half of your IOT devices off in the corner somewhere doing their own thing, and ignoring the rest of the network because it's gone a different direction. there's also the problem of orphaned data. if one of the IOT devices reports a measurement for instance, what insures that measurement gets stored in the next block? or the tenth block from now? is there a way the IOT devices can cross check against the blockchain to insure the data gets stored in the blockchain? you could possibly increase the transaction fee that the device offers to the network. you would need to work out how each device on the network gets "paid" so that if the device comes up with a bit of data that needs to be dealt with immediately (help, my cpu temperature is too high!!!!), it can "pay" a transaction fee according to the importance of the data. maybe there could be a central machine on the network that does all the mining, and the IOT devices just use a "wallet" application that sends and receives data and only needs access to blocks containing it's own data and transactions. i'm far from an expert on blockchain applications, but i have seen a couple that used interesting approaches (a good example would be LBRY, which is kind of a blockchain based alternative to youtube), but it would be interesting to see if an automation system could benefit from a blockchain. i can see some parts that might work, but i don't see how it would prevent an attacker from spoofing some of the devices in a network. getting the blockchain portion to work well as a part of the control system seems like it would slow things down a bit (i want the system to reset immediately because one of the devices has gone bonkers, but it takes 10 blocks to confirm the request is genuine).

 

[Hellmut1956]

unclejed613: It shows you have quite a bit of knowledge, at least compared to me! My first result to make myself familiar with Blockchain or Distributed Ledger was that as of now it is not yet appropriate for my workshop. I also got the perception that developing these technologies to be of benefit for use in my workshop means watching what is going on and to wait if an implementation shows to be more adequate. There is a lot of hype about this technologies and my personal goal is to at least have some knowledge of what is going on. There are also some interesting actions taking place around this technology in Europe. So my motivation to create this threat was to have a place where people interested can exchange information. What I found interesting in the article to which I did supply the link is a systematic presentation of this technology and the different kind of Blockchains identified together with an indication of the pros and cons of those different kinds of Blockchain technologies.

What I suppose is that the use of Blockchains adapted to the needs and constraints for a specific application will be implemented following the Layer structure in networks, where technologies are used where they are most beneficial. So the constraints you list above make clear to me that such a layer kind of approach will lead to an ever developing increase of efficiency and security.

 

[unclejed613]

also, the problem you had with the RPi machines might have been avoided. when a device goes live on the internet you have less than 30 seconds before it gets found and the beginnings of an attack occur. the attack is automated by a script, and there are likely thousands of bots running scans of the internet and attacking low hanging fruit. before a device is connected to the internet, the user password and root passwords should be set. the default password for a Pi is well known, and is the first password a bot will try upon discovering a new pi going live. in fact, killing all privileges for user "Pi" and creating a new user is the safer option. a root password must be set before connecting the pi to the internet. the attack bots run a dictionary attack, which means they use a list of words and other common passwords (such as "toor", or "12345678") to try to break into a pi. there are other things that can be done to "harden" a pi, but they must all be set up before the pi connects to the network for the first time. one of the tools run by attackers is "massscan", and it can search the whole internet in about 45 minutes. with thousands (or even millions) of bots running scans on the internet, and that leaves very little time before a new device is found and exploit scripts are begun in order to hammer away at the new device.

 

[rjenkinsgb]

you have less than 30 seconds before it gets found and the beginnings of an attack occur.

.... IF it's not protected by a firewall, such as the NAT firewall in any general home "router" unit.

Connecting any system to the internet without a proper firewall is a real bad idea, but luckily it's not easy to do with any normal home or business network...

 

[Hellmut1956]

Why?

 

[gophert]

.... IF it's not protected by a firewall, such as the NAT firewall in any general home "router" unit.

Connecting any system to the internet without a proper firewall is a real bad idea, but luckily it's not easy to do with any normal home or business network...

Why?

Because anything is hard if it is a mystery.

 

[rjenkinsgb]

Why?

Why what? It's not clear what info or which answer you are querying?