Blockchain and Distributed Ledger Technology allow us to trust a system of data/money/software, even if we don’t trust any particular participant in it. Thuis makes the technology attractive; but how secure is the technology? Some providers guarantee Byzantine Fault Tolerance. However, here there are actually different kinds of Byzantine and the differences between these security protocols are significant, especially when it comes to distributed denial of service attacks and botnets, and their ability to interrupt an entire blockchain network.
To understand more about blockchain security, Digital Journal spoke with Dr. Leemon Baird, founder and CTO of Swirlds, former professor of computer science at the Naval Academy. Dr. Baird has recently presented this topic at Berkeley.
Digital Journal: Dr. Baird, what are the advantages of Blockchain and Distributed Ledger Technology?
Dr. Leemon Baird: Blockchains, and more generally Distributed Ledger Technologies (DLTs) allow multiple parties to come to agreement on the order of some set of transactions, and to do so without needing to empower a single party with special privileges & trust. While so called Trusted Third Parties have been the historical default for enabling business between otherwise untrusting participants – they can introduce costs, risks & inefficiencies through their mediation. DLTs promise to eliminate those inefficiencies & costs by replacing Trusted Third Parties in some cases.
DJ: Do you see this type of technology becoming more commonplace?
Dr. Baird: We expect DLTs to quickly become a popular alternative to centralized databases across a variety of verticals and use cases. Critically though, for most real-world applications, the limitations of the currently best known DLTs for scaling & efficiency must be resolved.
DJ: Does this type of technology appeal to a certain demographic?
Dr. Baird: DLTs are optimized for cases where the transactions between participants are not mediated by some centralized third party . Such third parties have been the historical default for business between otherwise untrusting participants. But third parties typically charge for their service, can be compromised, and may introduce inefficiencies into the transaction processing. For some applications and demographics, these challenges can be unacceptable. DLTs promise to play the role of third parties in facilitating secure & trustworthy business transactions across a business network, but without those tradeoffs.
DJ: Are these types of technologies secure?
Dr. Baird: Security is a big category. DLTs on their own provide (to varying degrees) protection against malicious members of a business network inappropriately influencing, or modifying the contents and ordering of a shared database of transaction data. As such, DLTs are focused on protecting the integrity of that shared database. DLTs do not inherently provide for confidentiality of that data. That requires additional protections.
DJ: What are the major security risks?
Dr. Baird: For any financial system, there are risks that of an attacker may compromise the system by hacking computers to get cryptographic keys, or by errors in the procedures used. For a DLT in particular, the security risks are an attacker:
1. Freezing the network so the shared data never changes (by stopping it from reaching consensus on the transaction order)
2. Confusing the network so some participants think the shared data has one value and others thinking it has a different value (by causing some members to think there was one consensus, and causing others to think there was a different consensus on the transaction order)
3. Subverting the network so there is corruption of the shared data (such as by changing a supposedly-immutable audit log, or spending the same cryptocurrency twice)
DJ: Where do the main security risk come from? Are there countries of concern?
Dr. Baird: The security risks specific to DLTs come from both internal and external attacks. An internal threat can include a computer in the network that is infected with a virus or worm or other malware, or is run by a malicious party, or is run by an honest corporation that has a malicious insider with access to the computer. An external threat can include a Distributed Denial of Service (DDoS) attack, where the attacker floods one or more computers with enough messages to temporarily shut it down. Another external attack is if an adversary owns a firewall surrounding some of the nodes in the network, which it can use to block or delay messages.
The well publicized previous breaches of Bitcoin & Ethereum have not been due to limitations of the security of the underlying blockchain, but rather due to either poor protection of the private keys within bitcoin wallets or sloppy programming in Ethereum smart contracts.
DJ: Does the technology community take the security risks seriously?
Dr. Baird: The DLT community for the most part does indeed take security seriously. The arguably greater challenge is providing the necessary level of security without unacceptable trade-offs in transaction processing speed & latency. As an example, while Bitcoin itself has not been successfully compromised (despite the well publicized breaches due to weak security at the edges), it is based on an extremely inefficient Proof of Work (PoW) mechanism, and is confronting scaling challenges that will prevent it from expanding its useswithout significant modifications.
DJ: What can be done to strengthen security? Some talk of Byzantine Fault Tolerance, is this appropriate?
Dr. Baird: There are a variety of consensus algorithms – each offering different features & characteristics. A consensus algorithm is characterized as Byzantine Fault Tolerance (BFT) if it guarantees that there will come a definite moment in time when all participants unequivocally know that consensus has been reached, and they are never wrong. This can be contrasted with consensus algorithms based on PoW, where participants slowly become more and more confident that consensus is near, but may still not be correct. There are different levels of BFT, depending on the sorts of assumptions made about the network and transmission of messages. The strongest type of BFT is asynchronous BFT. Hashgraph is unique in supporting this degree of protection while still being very efficient.
Dr. Leemon Baird, what are your current research interests and what other areas of technology are of interest to you?
Dr. Baird: My main research now is various ways to optimize and extend Hashgraph, and systems to build on top of it. I’m also working on formal methods, having a math proof that a computer can check, showing our algorithms are correct, and that our code implements them correctly. But that’s still in the very early stages.
That takes almost all my time. Though in my free time, I sometimes think about some of the math problems in other areas of technology that are interesting. I’m interested in virtual reality, robotics, jam resistance, computer graphics, human computer interaction, and various other things. Each of those fields have interesting math and algorithm problems to solve. But mostly, these days I’m focusing on Distributed Ledger Technology and its applications.
Dr. Leemon Baird is the inventor of the hashgraph distributed consensus algorithm, and is the Co-founder and CTO of Swirlds Inc. He holds multiple patents and publications in peer-reviewed journals and conferences in computer security, machine learning, and mathematics.
