Blockchain Security

Overview

    • Participants will be able to identify and differentiate between the security threats and security attacks on a Blockchain network.
    • Participant will be able to know Blockchain security methods, the best practices, the risk mitigation, and more.
    • Participant will also know how to perform risk analysis on Blockchain network security
    • Participants will be able to completely understand the Blockchain’s inherent security features and risks.
    • Participants will gain an excellent knowledge of best security practices for Blockchain System and Network Administrators.
    • Participants will be able demonstrate appropriate Blockchain data safeguarding techniques.

    Duration
    5 Days

    Pre-Requisites
    There are no Prerequisites for this training

Course Outline

  • Public Key Cryptography
  • Elliptic Curve Cryptography
  • A Brief Introduction to Blockchain the Blocks
  • The Chains
  • The Network
  • Promises of the Blockchain
  • Blockchain Security Assumptions Digital Signature Security
  • Hash Function Security
  • Limitations of the Basic Blockchain Security and Public Key Cryptography 
  • Real-Life Public Key Protection
  • Cryptography and Quantum Computers
  • Lab 1: Finding the Hash Function Collisions and also Reversible hash function
  • Hash function with poor non-locality
  • Hash function with small search space
  • Breaking the Public Key Cryptography
  • Brute Forcing a Short Private Key
  • Brute Forcing a Poorly-Chosen Private Key
  • Blockchain Consensus and Byzantine Generals Blockchain Networking Review
  • Byzantine Generals Problem Relation to Blockchain
  • Byzantine Fault Tolerance
  • Introduction to Blockchain Consensus Security Blockchain Consensus Breakthrough
  • Proof of Work What is Proof of Work?
  • How does Proof of Work Solve BGP?
  • Proof of Work Security Assumptions
  • Attacking Proof of Work
  • Proof of Stake What is Proof of Stake?
  • How does Proof of Stake Solve BGP?
  • Proof of Stake Security Assumptions
  • Attacking Proof of Stake
  • General Attacks on Blockchain Consensus
  • Other Blockchain Consensus Algorithms
  • Lab 2 – Attacking Proof of Work Performing a 51% Attack
  • Performing a Selfish Mining Attack
  • Attacking Proof of Stake Performing a XX% Attack
  • Performing a Long-Range Attack
  • Malleable Transaction Attacks
  • Checkpointing
  • Advanced Cryptographic Solutions Multiparty Signatures
  • Zero-Knowledge Proofs
  • Stealth Addresses
  • Ring Signatures
  • Confidential Transactions
  • Lab 3 – Permissioned Blockchains
  • 51% on a Checkpointed Blockchain
  • Data mining on a blockchain with or without stealth addresses
  • Zero-Knowledge Proof Simulation
  • Trying to fake knowledge of a ZKP
  • Module 4: Blockchain for Business and Introduction to Ethereum Security 
  • What is Ethereum?
  • Consensus in Ethereum
  • Smart Contracts in Ethereum
  • Ethereum Security
  • Pros and Cons of Ethereum Blockchains
  • Introduction to Hyperledger Security. What is Hyperledger?
  • Consensus in Hyperledger
  • Smart Contracts in Hyperledger
  • Hyperledger Security
  • Pros and Cons of Hyperledger Blockchains
  • Introduction to Corda Security. What is Corda?
  • Consensus in Corda
  • Smart Contracts in Corda
  • Corda Security
  • Pros and Cons of Corda Blockchains
  • Lab 4
  • Information Security
  • Information Sensitivity & Data being placed on blockchain
  • Risks of disclosure
  • Regulatory Requirements Data encryption
  • Data control
  • PII protection
  • Blockchain Architectural Design and details about Public and Private Blockchains
  • Open and Permissioned Blockchains
  • Choosing a Blockchain Architecture
  • Lab 5
  • Exploring public/private open/permissioned blockchains?
  • User Security Protecting Private Keys
  • Malware
  • Update
  • Node Security
  • Configuring MSPs
  • Network Security
  • Lab 6 (TBD)
  • Smart Contract Security Considerations Turing-Complete
  • Lifetime
  • External Software
  • Smart Contract Code Auditing Difficulties
  • Techniques
  • Tools
  • Lab 7 (Tentative)
  • Participants will Try a few of smart contract code auditing tool against different contracts with built-in vulnerabilities
  • Module 8: Security for Implementing Business Blockchains Ethereum and its Best Practices
  • Hyperledger Best Practices
  • Corda Best Practices
  • Lab 8
  • 51% Attacks
  • Denial of Service Attacks
  • Eclipse Attacks
  • Routing Attacks
  • Sybil Attacks
  • Lab 9
  • Perform different network-level attacks
  • The Bitcoin Hack
  • The Verge Hack
  • The EOS Vulnerability
  • Lab 10
  • Re-entrancy
  • Access Control
  • Arithmetic
  • Unchecked Return Values
  • Denial of Service
  • Bad Randomness
  • Race Conditions
  • Timestamp Dependence
  • Short Addresses
  • Lab 11
  • Exploiting vulnerable smart contracts
  • Introduction to Directed Acyclic Graphs (DAGs)
  • DAGs vs. Blockchains
  • Advantages of DAGs
  • DAG Vulnerabilities and Security
  • Lab 12
  • Exploring a DAG network

Stay updated about us!