Security with Block Chain Technology:Part 2

Security Testing on Block Chain:

By- Samrat Das

Now since we have our fundamentals clear on block chain, let’s proceed for understanding the security concepts of block chain penetration testing:

Even though block chain is secure with lots of conceptualized security controls, there are quite a few places where an attacker can extract information or attack the nodes. A few of such attack vectors are:

·         Block chain permissions escalation

·         Crypto Key Tampering

·         Inappropriate consensus mechanism

·         Lack of block chain security program plan

·         Lack of block chain integrity

·         Lack of malicious code protection

·         Misused timestamps

·         Genesis block tampering

·         Denial of service (DOS) attacks

·         Packet sniffing & MITM attacks

In order to perform a holistic review of Block Chain Technology, we can break our assessment step to four parts:

·         Design review with security controls

·         Review of deployed technology

·         Performing compliance with respect to data

·         Security assessment of platform, applications and smart contracts

·         Framework review of APIs/ SDKs and VMs

Each of the above elements are explained below:

Design review with security controls: Eliminate security risks at inception and enhance ease of scalability by assessing the design and architecture of the block chain ecosystem to eliminate possible loopholes from the initial design. The review encompasses the operational models, network architecture, and transaction flow, with design and implementation models with the below activities:

·         Secure Design

·         Secure Architecture Review

·         Review Consensus Networks

Review of Deployed Technology: Eliminate technology and process risks. Review the technology and processes in the block chain system e.g. application platforms, distributed ledgers, consensus protocols, smart contracts, cryptography etc. using a governance framework on the below scope:

·         Payment Platforms

·         Ledger, Node Applications

·         Crypto Services

Performing compliance with respect to data: Check regulatory compliance of PII and other critical data, including a review of the genesis block, chain code, algorithms, membership service providers (MSP) etc on:

·         Data Security Compliance

·         Compliance Audit for PII

Security assessment of platform, applications and smart contracts: Attempt to exploit any vulnerability or weakness discovered during the previous stages. The goal of this stage is to find issues relating to compromise or takeover of peers, tampering blocks, manipulate the consensus, which can disturb the ecosystem. Strategy based use cases will be designed for assessment and PoC will be captured.

·         Smart Contracts

·         Platforms and Apps

·         Consensus Networks

Framework review of APIs/ SDKs and VMs: This phase includes assessment of the services hosting the platform, SDKs, and APIs used by the applications to communicate with the block chain ecosystem.

Secure Block Chain Cycle:

·         Security audit of block chain platform covering people, process, and technology areas

·         Secure design and architecture review of block chain Platform and communications

·         Penetration testing for underlying block chain infrastructure including hyper ledger, Docker etc.

·         Review of integrations and payloads in transit between the bank's system and the aggregator

·         Advisory services and security best practices to design and implement block chain infrastructure

Key areas for security testing in block chain:

Nodes:

·         Vulnerability Assessment and Build Review

·         Redundancy Testing

·         Synchronization Testing

·         Consensus Algorithm Testing

·         Private Keys (The Wallets) • Password Strength Review

·         Key Storage Review

Shared Ledger/ Storage:

·         Information Disclosure Checks

·         Smart Contracts (The Functionality) -Secure Code Review

Application Security Testing:

·         API Testing

·         Web Application Security Testing

·         Mobile Application

Anatomical Break up of Block Chain Security Testing:

Nodes

The nodes on the block chain provide redundancy, synchronization and communication to the block chain ledger. The greater number of nodes within a network, the more secure and redundant the network becomes.

Vulnerability Assessment and Build Review

All nodes hosting a private block chain application can be assessed to detect and remove exploits.

Proof Of Work Algorithm:

As a GPU mining activity, it is vulnerable attacks where an attacker gains access to 51%+ of the network nodes and attempting to change the block chain via majority consensus.

Proof of Stake Algorithm:

This is mining via stake power. The more crypto coin owned on a network, the more staking power one has. The potential vulnerability here lurks as one user may be able to gain access to a large amount of coin, gain a big staking power and attack the block chain.

Private Keys /Wallets

Inside all nodes there is a program running which has access to each node’s individual wallet using its private key and password.

The wallet can be used to gain a user’s block chain “account” and any potential currency inside the wallet. Depending on the block chains application.

Here is the key is to ensure that the private key is hardened, leading to two below cases:

Password Strength Review

The passwords implemented should be tested across with brute force approach and dictionary attacks upon the private key to try and crack the password.

Key Storage Review

Review needs to be conducted to understand how organizations are storing their wallet private keys and look at the storage implementation..

The Shared Ledger

A ledger is the database which stores the data to be used by an application apart from storing smart contracts which are pieces of code written to perform functionality in use by the application. Ledger testing is done on mainly two initial points:

Information Disclosure

Data blocks being stored on the block chain can have data written into them which is then used by an application to perform functionality. All data written to the ledger can be seen by all parties that use it. It is thus important to check no sensitive information gets disclosed within its blocks.

Smart Contract Code Review

Some blocks hold smart contracts which can be executed for complete functionality to an application. It may thus hold implement logic flaws like any other coding language.

As a result, a secure code review should be conducted to identify its flaws.

Block Chain Hacking

Let’s now wrap up our block chain concepts with some attacks which can be launched to hack into block chain network:

Sybil Attack

An attack where huge number of nodes on a single network are owned by the same party and attempts to disrupt network activity through flooding the network with bad transactions or manipulating the relaying of valid transactions are done.

Most theoretical and not yet exploited in the wild. Bitcoin prevents them through its Proof-of-Work algorithm, requiring nodes to spend resources (in the form of energy) to receive coins, thereby making owning the vast majority of nodes very expensive.

Routing Attack

An attack made by compromising of an Internet Service Provider (ISP). As per ETHZurich, 13 ISPs host 30% of the Bitcoin network, while 3 ISPs route 60% of all transaction traffic for the network. This a major point of failure if an ISP were to be compromised to corrupted.

How does it work?

Routing attack work by intercepting internet traffic being sent between Autonomous Systems, top-level nodes in the architecture of the internet, of which there are few enough to intercept with relative ease. This can certainly be used against Bitcoin or other cryptocurrency traffic.

A cryptocurrency network could be partitioned into two or more separate networks using this technique, exposing either side of the partition to double-spending attacks because they cannot communicate with the entire network to validate transactions. Once coins were spent on one side of the network and goods or services received, the partition could be removed and the side of the network with the shorter chain would be rejected by the network as a whole and those transactions would be wiped out.

This kind of attack has not occurred but does have possibility of being carried out.

Direct Denial of Service

We all know what a DOS attack is. It is an attempt by attackers to cripple a server by flooding it with high volumes of traffic. In the case of a Bitcoin node, this looks like huge volumes of small or invalid transactions being sent in an effort to flood the network and prevent legitimate transactions from being processed.

Major networks like Bitcoin are constantly under attack from DDoS attempts, but design decisions made in the development of the Bitcoin network act to mitigate the risk of DDoS attempts.

51% or Majority Attack

As discussed before the mining concept, security of a block chain is directly linked to the computer power building the chain. Here, the threat of an attacker gaining control over a majority of the hash power on the network is a potential possibility.

The attacker can mine blocks faster than the rest of the network combined, opening the door to ‘double-spending.’

Double-spending is a method of defrauding a cryptocurrency that involves submitting transactions to the chain, receiving the good or service that transaction pays for, and subsequently using the majority hash power to fork the block chain at a point prior to the transaction. This effectively erases that transaction from the chain history, allowing the attacker to transact with those same coins a second time.

51% in the Wild

A group of hackers that called themselves the ‘51 Crew.’ in the second half of 2016, began holding small Ethereum clones for ransom, taking advantage on their low hash rates and centralized mining distribution to rent enough hardware to corner the network.

Their demand was Bitcoins in exchange for shutting down their operation and leaving the projects in peace. If not, they would fork the coin’s block chain to a point prior to the large sales the crew had already made on exchanges.

The projects, Krypton (now defunct) and Shift (still traded at small volume), both refused to pay the ransom and subsequently had their block chains forked.

Cryptographic Vulnerabilities

The major funds being siphoned off were often due to crypto bugs in the software of the coin itself which were security holes that can be discovered and exploited by hackers.

Split Return Exploit: Decentralized Autonomous Organization

The DAO (Decentralized Autonomous Organization) was built on top of Ethereum using smart contracts. The idea was to give anyone the ability to invest in the company and vote on projects they wanted to be funded, all managed securely and automatically by the DAO smart contract code.

If you invested in the DAO (by purchasing DAO tokens) and then later decided to pull out, there existed a process by which you could have your Ethereum returned to you in exchange for your DAO tokens. This is the mechanism called the ‘Split Return’ that was exploited by a pioneering DAOist on June 17, 2016.

Split Return is a two-step process:

- Return the right amount of Ethereum to the token holder triggering the return, post that retrieve the tokens and register the transaction on the block chain to update the DAO token balance.

- The hacker stumbled on the fact he could fool the system into repeating the first step without moving onto the second, which enabled them to sweep of $50million worth of Ethereum out of the DAO and into a separate DAO controlled only by the attacker!

Thus this was all about of Block Chain for now. Hope you found the article informative!