The purpose of this paper is to discuss about the role of cyber security in the field of crypto currency, figure out the current threats and vulnerabilities, and the countermeasures to minimize the cyber-attacks on them. There is a massive cyber crimes happening in crypto currencies like Coin check, Parity, Bitfinex, NiceHash, FacexWorm and CoinDash. Crypto currencies are digital money, which requires an encryption techniques and digital wallet to secure them. Unlike regular currencies these digital money does not come under the control of bank or any financial authorities. Instead, it depends on digital public ledger called blockchain. In this paper we have are providing a detailed description of how blockchain works and the future scope of cyber security in cryptocurrencies.
Crypto currency is a virtual or digital currency. It has value like money and can be lent, exchanged or borrowed but it doesn’t have a physical presence. Currencies are value deposits that we can use to buy goods or services and most cryptocurrencies cannot be exchanged for anything other than a cryptocurrency. This currency is not handled by banks or some central authority. The transactions get recorded in a digital public ledger called blockchain. It ensures the transactions occur without any interference.
The first crypto currency introduced was Bitcoin, in October 2008. This is believed to be done by a person or a group of people called Satoshi Nakamoto. Many other crypto currencies were launched following the success of bitcoin. There are around 1300 crypto currencies present today. All these currencies work using the block chain technology.
Blockchain is a chain of blocks where each block represents a transaction or record of exchange. It is a decentralized, distributed database that maintains a list of transactions. Each block consists of various valid transactions which are hashed and added to the list. Each transaction includes a timestamp and a link to the previous transaction. Hence, if someone tries to modify a record, a new hash will be produced even if a small change is made as it will not contain the information of the previous records. This method confirms the integrity of the previous block and all the way back to the original one.
A transaction requires two things: A wallet and a private key. A wallet is assigned to an individual, which is basically an address to uniquely identify a user. And this address is public, whereas the private key (i.e., a string of random numbers) must be kept a secret. Once the transaction is requested, it is broadcast to the blockchain network where it will be verified. After verification and validation, this transaction is added as a block and no changes can be made after that.
What makes this system theoretically tamper proof is the cryptographic fingerprint unique to each block, and a “consensus protocol,” by which the nodes in the network agree on a shared history.
The fingerprint i.e., the hash, takes a lot of computing time and energy to generate initially. It serves as a seal, since altering the block would require generating a new hash. Then whether or not the hash matches its block is verified and after that, the nodes update their respective copies of the blockchain with the new block. This is the consensus protocol.
These hashes also serve as links in the blockchain: each block includes the previous block’s unique hash. So if you want to change an entry in the ledger retroactively, you have to calculate a new hash not only for the block it’s in but also for every subsequent block. And you have to do this faster than the other nodes can add new blocks to the chain. So unless you have computers that are more powerful than the rest of the nodes combined, any blocks one adds will conflict with existing ones, and the other nodes will automatically reject the alterations. This is what makes the blockchain tamper proof, or “immutable.”
III. THREATS OF CRYPTO CURRENCIES
Crypto currency mining malware is a kind of software programs that exploit the resources of computer to perform mining without user’s knowledge. Cryptojacking is mainly deployed on electronic devices like Smartphones, PC’s, and IOT devices. The furtive nature of cryptojacking lured cyber criminals, which made them to stick to the devices for long time without any distrust from users end.
A.1 Methods of Cryptojacking:
Cyber criminals widely adapting various techniques such as incorporating cryptojacking modules into the following platforms like Cryptojacking in the cloud, Cryptojacking into the Existing Botnets and Exploit Kits,
Mobile Cryptojacking. Criminals have two major ways to attack a victim’s smart device. One is to provoke victim to download cryptomining code in their computers without their permission. This could be performed by phishing-like tactics, victims get a permissible email that lures them to click on a link, eventually the hacking script runs in the background when the victim works on it. The other method is transmitting a script via website or an ad, cryptomining scripts run automatically once victim visit an affected webpage “No Code is stored on victim’s computers.
Fig A.1: Methodology of Cryptojacking
Step 1: The threat actor incorporates a website
Step 2: Users connect to the toxic website created by threat actor and the cryptomining scripts executed
Step 3: Users start mining cryptocurrencies without their knowledge and threat actor receives rewards in the form of cryptocurrency.
A.2 Downfall in Cryptojacking:
The rate of deploying cryptocurrency mining malware is getting reduced due to two major reasons
1.) Competent anti-virus software enables to detect the threats at the earlier stage
2.) Cyber criminals find there is no good return of investment in cryptocurrency mining.
B. Wallet hacking:
B1. What is mean by cryptocurrency wallet:
Crypto currency wallet is a kind of software program consist of both private and public key. This wallet is a kind of key which enables users to link with various blockchain and make transaction and track their balance. Users can spend and unlock the fund when the private key stored inside the wallet syncs with the public address the currency assigned to. Types of cryptocurrency wallets: Desktop, online, mobile, hardware, paper.
B2. How the wallet password is hacked?
Criminals can fake open wi-fi network, so the victims connect to that wi-fi automatically. When user open a browser and data storage medium via wi-fi, hackers can get to know the all the wallet password without user’s knowledge. Special kind of malware is being used by the hackers which provides all the privilege to access the files from victim’s device. Hence hackers can easily steal user private key and public key details. There are several ways to steal wallet password like Email Phishing, Fake ads in search engines, copy paste trick, Changing URL’s and Bitcoin mining pool and Exchange hacking.
C. Double spending (Bitcoin)
Cyber criminals deliver same bitcoin to two different transactions in rapid attainment (same time) to purchase the products from two different merchants. Merchant (victim) delivers the product to cyber criminals but they will not receive the bitcoin in turn. For instance, Criminal (Bob) initiates a transaction (Bit1) at time T1 using bitcoins with recipient address of a Merchant 1 (M1) to buy a product from M1. Bob broadcast Bit1 in the bitcoin network, simultaneously at time T2 (T1=T2). Bob initiates another transaction using same bitcoins to buy different product from Merchant 2 (M2). In this entire scenario only one merchant will receive the bitcoins but criminals with get products from both the Merchant. This similar kind of double spending attack could be performed on several ways like Finney attack, Brute force attack and Vector 76 or one-confirmation attack.
Fig C1: Methodology of Double spending
IV. CRPTOCURRENCY SECURITY
Layers of Cryptocurrency security
1. Coins and Tokens- This layer consists of two types of currencies.
• The coins themselves (Bitcoin, Bitcoin Cash/Gold, Ethereum, NEO, etc.)
• All the ICO-issued tokens (EOS, MOBI, etc.)
2. Exchanges- These are written in custom code with infrastructure security that has nothing to do with blockchain. The exchange is a classic centralized web service deployed somewhere in a cloud or a data center
3. Your Wallet- There are two types of wallets.
• Hot wallet (like exchange account or a website-based wallet)
• Cold wallet (software, hardware or just paper)
V. BLOCKCHAIN SECURITY
Blockchain is a de-centralized distributed database. Computers linked with the network are called as ‘Nodes’. ‘Blocks’ are the records which are linked through a protocol. A ‘Protocol’ forms the software backbone of the network, where the major changes are affected by the different blockchain project teams. Below mentioned the 3 major protocols used:
A1. Bitcoin Protocol:
• It is a public blockchain which means it is an open network that can receive and send transactions from anybody in the world.
• It uses cryptographic hash function, digital signature, private-and-public key encryption, peer-to-peer (P2P) network, and proof of work (POW) consensus algorithm.
• The protocol allows users to manage one sided transactions which avoids the use of a third-party.
• It makes the blockchain centralized as every node maintains the complete information.
• It makes the transactions safe with unique transaction ID, input Bitcoin address, the number of Bitcoins to be transferred, and the output Bitcoin address of the recipient.
• The transaction process consists of ‘Initiator’ and the ‘miner’. The Initiator which starts the transaction pays the transaction fee to the miner which is the combination of software, powerful hardware and their user. The miner includes the transaction made to the next block. All the transactions are recorded in blockchain once the block id processed which happens every 10 minutes. A new block can be created if the details of the current transaction and the last recorded block are provided. The miner needs to solve complex cryptographic puzzle to find the last recorded block. This process involves large operations done at very high speed. For the current transaction to take place an approval is required from participating Nodes. Since this is a decentralized network, it isn’t possible for anyone to capture majority of the computing power on the network thus making the network very secure. POW mining maintains high security blockchain. ‘Segregated Witness’ (SegWit) technology has been recently introduced in Bitcoin blockchain which bypasses the limitation on block size, and separates signature information from the transaction data which improves the availability of the network.
Ethereum blockchain is like Bitcoin protocol is many ways. Details mentioned below:
• It is a public permission-less blockchain
• It uses the same technology i.e. cryptographic hash function, private-and-public key encryption, P2P network, etc;
• It uses POW consensus algorithm
Ethereum provides a blockchain platform called as ‘Ethereum Virtual Machine’ (EVM) which can be used by developers to launch their own cryptocurrency and their own blockchain projects. Approx. 1,000 DApps, VeChain and OmniseGo has been launched using EVM. Ethereum is also used to know how much computing power is required for a transaction. It can be measured by processing power called ‘Gas’ . The gas limit can be specified by the user. The transaction is executed if it is within the gas limit, if not then the transnational changes are reverted. Different transaction requires different limits of the gas. For eg: A simple transaction will need less gas whereas complex one will require more.
A3. Ripple Protocol:
Ripple Protocol is a combination of Bitcoin and Ethereum. Similarities like decentralized design, cryptographic hash functions, P2P network, private and public key encryption. Ripple was designed for fast transactions and cheap global transfer of money. Ripple users can use Ripple’s native cryptocurrency XRP for making payments to each other. All the transactions done are photographically signed and the protocol used enables real time gross settlement which hence make the global payments fast. RCPA, Ripple Protocol Consensus Algorithm has been designed by Ripple to achieve the same. It uses ‘proof of correctness’ concept,
. It works in the following manner:
• All nodes apply RPCA every few seconds.
• Upon reaching consensus (described below), a ledger is considered ‘closed’, and then it’s the last-closed ledger.
• All nodes will have identical last-closed ledger.
• RPCA happens in rounds, and in each round
• Initially, each server takes all valid but unapplied transactions, and makes this list public in the form of a ‘candidate set’;
• Each server has a unique node list (UNL), where all other servers queried by this server are listed;
• Each server takes all candidate sets of all servers in its UNL, and makes a combined list, before voting on that list;
• Transactions that receive more than the threshold of ‘yes’ votes are taken to the next round, and the others are either discarded or moved to the candidate list for the next round;
• The final round requires 80% of the servers on a servers UNL to agree on the transaction, before being applied to the ledger;
• After applying all the approved transactions in the ledger, the ledger is closed, and becomes the new last-closed ledger.
Ripple is becoming increasingly popular, with more and more banks and payments providers using RippleNet to send money globally. XRP has the third highest market cap and is lower to Bitcoin and Ether only.
B. Companies using blockchain for the enhancement of security
1. Guardtime detects and mitigates cyberattacks in real-time
Guardtime, founded by Estonian cryptographer Ahto Buldas, is a date security company started in 2007. The company has created Keyless Signature Infrastructure (KSI), using blockchain which is a replacement for the more traditional Public Key Infrastructure (PKI). It uses asymmetric encryption and a cache of public keys maintained by a centralized Certificate Authority (CA). Guardtime is now the world’ largest blockchain company. In 2016 the company reached an incredible milestone as it secured all of Estonia’s 1 million health records with its technology.
2. REMME is making passwords obsolete
With REMME’s blockchain, businesses can authenticate users and devices without the need for a password. This eliminates the human factor from the authentication process, therefore preventing it from becoming a potential attack vector. Alex Momot, founder and CEO of REMME, says that the use of simple logins and a centralized architecture are a big weakness of traditional systems. “No matter how much money a company spends on security, all these efforts are in vain, if customers and employees use passwords that are easy to crack or steal. Blockchain takes the responsibility for strong authentication, resolving the single point of attack at the same time. In addition, the decentralized network helps us to provide consensus between parties for their identification.” REMME leverages a distributed public key infrastructure to authenticate users and devices. Instead of a password, REMME gives each device a specific SSL certificate. The certificate data is managed on the Blockchain, which makes it virtually impossible for malicious hackers to use fake certificates. The platform also uses two-factor authentication to further enhance security for its users.
3. Obsidian ensures the privacy and security of chats
Obsidian uses the blockchain-decentralized network, which cannot be censored or controlled by any single source. In addition, communications meta-data is scattered throughout the distributed ledger, and cannot be gathered at one central point, reducing the risk of surveillance through such digital fingerprints. Users need not link to their email addresses or telephone numbers, thereby increasing privacy.
VI. FUTURE OF CRYPTO CURRENCY
Yet the risks of fraud and theft may also prompt governments to regulate cryptocurrency completely out of existence. South Korea and India have signaled their readiness to outlaw crypto exchanges. Some EU countries have pursued strict regulation or blacklisting of crypto markets. Even the EU’s upcoming data privacy regulation, the Global Data Protection Regulation (GDPR), may be incompatible with blockchain’s decentralized and immutable structure. China has interestingly clamped down harshly on cryptocurrency ventures and markets while still indicating its support for blockchain technology. The following three could be the future of cryptocurrency:
A. Security Tokens: Security tokens are crypto tokens issued to investors in a token sale or ICO for the exchange of their money. Crypto tokens that pay dividends, share profits, pay interest or invest in other tokens or assets to generate profits for the token holders are deemed as ‘security tokens’.
B. Air Gapped Networks: This is the process of keeping the devices that have your wallets and cryptocurrencies disconnected from the internet. Otherwise called as cold storage, this is about the safest way to keep your cryptocurrency tokens safe and secure from security breaches.
C. Polymath Networks: Polymath network and its idea of creating a security token platform where an individual can hold its token sale for investors are far too unique. The company behind Polymath network is Saint George Barbados-based Software Company which was founded back in 2017. Polymath is the only crypto project which is aiming to create a link between securities and blockchain so as to keep the investments of a crypto trader safe and promote crypto trading by enhancing its security and lowering the risk.
The whole point of using a blockchain is to let people—in particular, people who don’t trust one another—share valuable data in a secure, way. This is possible because blockchains store data using sophisticated math and innovative software rules that are extremely difficult to be manipulated by attackers. But the security of even the best-designed blockchain systems can fail sometimes where the math and software rules come in contact with humans, who are skilled cheaters, in the real world, where things can get messy. But the blockchain technology used by bitcoin is by far the most secure way of transferring or sharing digital currency.