From a traditional cybersecurity perspective, how is blockchain security different?

Original Title: “What is the Difference Between Blockchain Security and Traditional Security”

Author: Wei Jianfan, Wei Sir Says

When it comes to traditional security, many friends are quite familiar with it. Essentially, it involves attacks on vulnerabilities (management, technology, human nature) and defenses against those attacks.

However, when it comes to blockchain security, many people are not as knowledgeable. Some say that blockchain itself is secure and that traditional attacks cannot affect it at all; yet, we often see security incidents within blockchains, seemingly without exception.

So what exactly is the difference from traditional security?

This article will discuss this.

1. Overall Perspective

Blockchain heavily utilizes cryptographic techniques in its design, employing encryption, signatures, hashing, and other technologies at the business, communication, and data layers. Coupled with the decentralized design of blockchain, the confidentiality, integrity, and availability of the business it carries have reached unprecedented heights.

However, fundamentally, blockchain is still a software system, and the security issues that can exist in software also apply to blockchain.

Even if the underlying blockchain is flawless, various DApps and Web3 applications running on top of it may still have numerous vulnerabilities.

This is akin to having a solid foundation; it does not guarantee that the structure built on it is free from safety issues.

The structure of this article is as follows:

• What should we primarily look at regarding security?
• Where are the main issues in traditional security?
• What security problems does blockchain solve? What problems does it not solve?

2. What Should We Primarily Look at Regarding Security?

In fact, when it comes to security, there are three key aspects that have not been surpassed:

Confidentiality, Integrity, Availability.

These three aspects are collectively referred to as CIA (the initial letters of the three English words).

Even if there are other terms, they do not operate on the same level, such as authenticity, controllability, auditability, non-repudiation, etc. These are all extensions or subsidiaries of CIA, serving CIA.

How to deeply understand CIA?

Those familiar with UNIX will find it easier to grasp. In UNIX thinking, everything is a file, and the security of a file ultimately boils down to read, write, and execute (rwx). A user's access permissions to a file correspond to whether it is readable, writable, or executable. This roughly corresponds to confidentiality, integrity, and availability.

Confidentiality means not letting others know what you do not want them to know.

The approaches to achieving this are generally a few:

• Not recording, leaving no written records, only keeping it in mind, and remaining discreet.
• Locking it up, whether with physical or technical locks, controlling access so that only authorized individuals can access it.
• Hiding it, letting only authorized individuals know where it is, while others do not know its location; steganography can also fall into this category.
• Encrypting, using codes or ciphers, requiring a password book or key for access.

Integrity is a concept that can be difficult to grasp. The simplest understanding is that without authorization, no part of something can be added, removed, or changed. If these actions are taken without authorization, integrity is compromised.

Additionally, integrity has a more intuitive meaning: consistency. That is, the system's data must be consistent with the real world. Just as the English word "integrity" has the connotation of "honesty," data that has been tampered with certainly undermines consistency.

Availability is relatively easier to understand. If the system is down or slow, and data is unavailable, then availability is the issue. Any service provided by the system that gives the impression of being "unusable," "not working," "ineffective," or "not functioning" indicates a problem with availability.

The three points that information systems must ensure are these.

Typically, the practices used to ensure CIA include authentication, authorization, access control, verification, encryption, detection, backup, and redundancy, among others. Of course, these tasks are often not done well, leading to various vulnerabilities. On one hand, when vulnerabilities are discovered, they should be patched quickly; on the other hand, efforts should be made to reduce the occurrence of vulnerabilities from the source.

The main subjects of traditional security are roughly these.

3. Where Are the Main Issues in Traditional Security?

If you are already an old hand in the security field, you can skip this section.

There are many types of security vulnerabilities; this article will not list them all but will provide a few examples to give a general idea.

At the highest level, the common characteristic of vulnerabilities is that the actions of attackers cause the behavior of hardware and software to exceed the expectations of the system designers, resulting in negative effects.

Example 1: SQL Injection

SQL injection occurs when a hacker inputs data that includes SQL keywords in a page input field or URL, rather than the normal data expected by the programmer. When the program processes the input data using SQL, it may execute SQL statements containing the cleverly inserted SQL content, allowing the hacker to perform database operations that the programmer did not intend.

Programmers should check this more thoroughly and must not allow such attack attempts in the input, but most programmers lack security knowledge, and even if they have some, they may not implement it well, leaving room for hackers to bypass defenses.

What security aspect did the hacker compromise? The hacker wrote data that was outside the system's expectations, compromising the system's integrity. If the hacker also manipulated the database through SQL statements, it further compromised the system's confidentiality.

Where did the program fail? Access control; it should not allow any data to come in.

Example 2: Buffer Overflow Vulnerability

A buffer is a place in memory where data is stored, usually with a preset size. If user input data is placed in memory without proper checks, it may exceed the pre-defined memory space, leading to a buffer overflow. Since the program's running code is also in memory, if the hacker designs it cleverly enough, they can overwrite the original code through the overflow, causing the computer to execute the hacker's code.

This is similar to SQL injection; the hacker takes advantage of the input data opportunity to write executable code, and the victim host ends up executing it!

Later, to mitigate such attacks, CPU manufacturers provided DEP (Data Execution Protection) functionality, marking whether memory pages are executable. If the operating system utilizes this feature, it can significantly prevent such attacks. Additionally, the operating system introduced ASLR technology, which randomizes the layout of linear areas such as heap, stack, and shared library mappings, making it more difficult for attackers to predict target addresses. However, using these two technologies does not mean that attackers cannot bypass them.

The hacker's arbitrary writing in the memory area also compromises the system's integrity.

The program did not implement access control properly.

Example 3: File Upload Vulnerability

For example, if a website allows users to upload JPG photos without checks, a hacker could successfully upload a JSP file. Then, if the hacker finds the URL of the uploaded file, they can execute their script, which could be a trojan.

As before, due to inadequate checks, the hacker exploited a loophole, wrote a file outside the designer's expectations, and ran a program outside the designer's expectations.

The program's access control was not done well.

Example 4: Man-in-the-Middle Attack Vulnerability

There are many types of hijacking, such as TCP hijacking, HTTP hijacking, DNS hijacking, certificate hijacking, key negotiation hijacking, etc.

The common characteristic is that A thinks they are interacting with B, and B thinks they are interacting with A, but in reality, they are both interacting with an intermediary C. All content between A and B passes through C, who can see the communication content and modify it.

This at least compromises the confidentiality of the communication between A and B; if C also modifies the data, it compromises integrity.

The program's authentication was not done well.

Example 5: Password Brute Force Attack

If a user's password is weak, after multiple attempts, a hacker may crack the password and gain access to the system.

Some may think the responsibility lies with the user, but generally speaking, modern application systems enforce strong password requirements on users.

Because once a hacker succeeds, the system's integrity is compromised (the system accepting the hacker indicates a failure of consistency), and further damage may occur, such as the hacker seeing things they should not see, compromising confidentiality.

The system's authentication was not done well.

Example 6: Privilege Escalation Vulnerability

In a certain website, users A and B are both ordinary users and should only be able to operate their personal information. If A can manipulate B's personal information through some hacking method, that is horizontal privilege escalation; if A is an ordinary user and B is an administrator, and A can perform operations that only B can do through some hacking method, that is vertical privilege escalation.

Privilege escalation vulnerabilities are usually caused by insufficiently rigorous permission verification logic.

The program's permission management was not done well.

Example 7: Website Crash During Peak Times

When a celebrity announces news on a website, a large crowd may flood in to watch, causing the website to crash or respond very slowly.

This is a typical issue of system availability.

What did the system fail to do? Scalability was not done well.

Example 8: Natural Disasters Leading to Data Loss

In 2015, Google's data center in Belgium was struck by lightning four times, damaging disks. Although Google performed emergency repairs on these disks, some data was still permanently lost. Google emphasized that the lost data was extremely minimal, accounting for only 0.000001% of the data center's total. Even so, some Google users permanently lost part of their personal data.

This typically compromises data availability.

The system's disaster recovery backup was not done well.

4. What Security Problems Does Blockchain Solve?

The biggest differences between blockchain and traditional systems are twofold: first, the extensive use of cryptographic techniques, and second, the decentralized structure.

The former greatly enhances confidentiality and integrity, while the latter significantly improves availability.

Let’s first discuss the benefits brought by the use of cryptographic techniques.

In the early WEB world, such as in IP protocols, HTTP, FTP, and TELNET, cryptographic techniques were not widely used. At that time, the internet was in its infancy, primarily aimed at connectivity, and mainly used among universities and research institutions, with little attention paid to malicious attacks. Programmers in these areas often had pure intentions, believing that others could be trusted and that no one would be "that bored."

Later, they discovered that the real world is full of attacks, destruction, forgery, and intrusion, forcing programmers to introduce various security technologies, including cryptography, leading to the emergence of new generation network protocols like SSL, SSH, HTTPS, and IPSec.

However, most of these were at the transport layer, primarily encrypting data in transit, without reaching the business or user level, meaning end users could not feel the benefits of cryptography. What is user-level encryption? For example: password protection for office documents, WinRAR encryption, full disk encryption with TrueCrypt, U-shield in online banking, etc.

Blockchain, from the very beginning of its design, has built-in encryption algorithms, which means:

1. Blocks are linked together through hashing, allowing easy verification of the correctness of all blocks from the first block to the last, ensuring the integrity of all block data.

2. Forging a block's hash is not easy; only hashes that meet specific difficulty levels will be recognized. Forging such a hash requires a significant amount of computation, comparable to mining power.

3. Each user has a private key, which corresponds to a public key to generate a publicly accessible address. Attackers cannot obtain the private key through brute force methods.

4. Since the user system is based on a public key infrastructure, user authentication, user signatures, and the establishment of symmetric keys (if needed) become extremely easy and convenient.

5. Each transaction in a block must provide a signature to be completed. Attackers cannot sign without a private key, making it impossible to forge transactions; at the same time, with a signature, users cannot deny having initiated a transaction.

It can be seen that the built-in adoption of hashing and public key infrastructure in blockchain directly provides cryptographic-level integrity and confidentiality.

Cryptographic technology, after nearly a century of development, has established a solid foundation, with some publicly available algorithms in modern cryptography offering top-tier security guarantees globally. Among these algorithms, none can currently be cracked by any national power (even though there are some rumors of backdoors, they remain just rumors without clear evidence of their validity).

Now, let’s look at the benefits of decentralization:

1. More nodes mean more backups.

Taking Bitcoin as an example, nearly 10,000 nodes globally provide services, leading to the Bitcoin system running stably since its inception, with no one able to bring it down. Even if 8,000 nodes fail simultaneously, 2,000 are still operational. In fact, even if only a few nodes are working, the network can still operate.

2. Partial failure still allows operation.

The robustness of the system is not based on the security of a specific operating system or database but on its unique block-based data structure. Even if some nodes fail or act maliciously, it does not affect the overall situation. The specific number of failures that can be tolerated depends on the consensus algorithm used.

3. Not relying on any individual or institution.

As long as you are willing, you can download a piece of software (the code is open source), and you can join Bitcoin, Ethereum, or any public chain without needing anyone's approval. You will not worry about the future of the software due to anyone's disappearance or withdrawal; you simply run it based on your judgment, interests, and benefits, meaning no single person or institution can control it.

Decentralization greatly enhances availability.

5. What Security Problems Cannot Be Solved by Blockchain?

From a fundamental logical perspective, blockchain significantly enhances security but does not ensure that there are no problems.

We have already seen in classic cases of blockchain security, such as "922 Billion Bitcoins" and "The DAO Hack":

Bitcoin made a huge blunder because programmers failed to notice the integer overflow issue, resulting in a situation where the promised total of 21 million Bitcoins appeared as 184.5 billion Bitcoins in a transaction!

The DAO, built on Ethereum, lost over 3 million Ether raised by users due to developers' ignorance of reentrancy attacks, leading to an embarrassing outcome.

This tells us at least two things:

1. As for the blockchain itself, although it uses many cryptographic algorithms in its design, if the design or coding is careless, significant vulnerabilities may arise.

2. Even if the blockchain itself has been rigorously tested and provides a sense of complete security, the smart contracts running on it cannot guarantee safety.

Because if the logic in the smart contract code does not align with the expectations of requirements, design, and coding, problems will arise.

This is no different from traditional security.

Additionally, there is one very critical point:

3. The cryptographic techniques used in blockchain may also have vulnerabilities.

After all, cryptography is created by humans.

As long as something is made by humans, there will always be vulnerabilities.