Home / Coin Payment / CableLabs tracks down the security threats of blockchain

CableLabs tracks down the security threats of blockchain

After keeping tabs for several years, CableLabs identified the major security threats blockchain in a recent blog post.

The blog published earlier this month by Brian Scriber of CableLabs, the leading security architect, is another sign that the cable industry, as well as the telecommunications industry in general, is starting to develop blockchain solutions. In May, Steve Goeringer, CableLabs' chief security architect, said the cable industry will begin integrating blockchain solutions, "but it will be quiet and subtle".

Brian Scriber, CableLabs

By creating virtual registers, companies will be able to monitor and manage information between the various parties involved in a value chain. Blockchain, which was developed for bitcoin, is a digitized and distributed ledger that tracks transactions as statements of facts that can be used in a digital economy by companies, regulators, operators and consumers.

FREE WEBINAR

New barriers – In Call "voice recognition services ready for mass markets

This webinar will evaluate the current market landscape and reveal some key strategies for service providers and system integrators to help reduce costs, improve accuracy, generate new revenue systems and scale economically your voice processing services.

Blockchain creates a shared ecosystem between the parties to exchange information in a way that grants permission, but the Security Technologies arm of CableLabs' research and development organization has identified several "hazard groupings" for blockchains that need to be monitored :

• Smart Contract Injection: "The Smart Contract engine is an interpreter for a programming language (sometimes new) and a data analyzer related to the decisions that the engine must take", according to Scriber. "The danger in this situation is when the executable code appears inside of smart contracts in an attempt to subvert the language or contract data. Implementers must consider the possibility to disinfect input for smart contracts, correct analysis and error handling. . "

• Replay Attacks – "There is not only a threat in the processing and validation of transactions, but also in the behavior of the nodes, in the authentication and in the protection of confidential messages. previous transactions is essential, "said Scriber.

• History Revision Attacks – "Blockchains that rely on fault-tolerant consent models work well when there are many participating nodes that process, compete and collaborate on the next block," according to Scriber. "When the number of nodes decreases, or if there is a predictable cyclic behavior, the calming periods can be exploited in a chronological revision attack in which a new branch is created, effectively eliminating a previously accepted transaction. they should consider how best to guarantee minimum support and diversity of nodes. "

• Permanent poisoning – "Due to the permanence of blockchain and the cost of the fork, it is possible to sabotage a chain with even illegal content claims to attract the lawmakers and order forces," said Scriber .

• Loss of confidential information – "Persistence increases the risk of extrapolating data out of the chain." Encrypted data is also at risk for future threats to those algorithms or brute force attacks, and designers must ensure that they understand the stored data, such as they are protected, who owns them and how they could be re-associated with any pseudonymised user, "wrote Scriber.

• Node Spoofing: "Nodes are the entities that create and agree on the next new blocks in a chain," said Scriber. "The nodes must be authenticated like any other user or system, and authentication must be verified, with multiple votes banned, and designers who fail to identify voting irregularities endanger their implementation".

Scriber has listed other areas of interest for blockchain security and issued a warning: "Blockchains can help fill the gaps of trust in an ecosystem, but security is critical to this trust," he said.

CableLabs is responsible for the promotion of innovation for the technologies used by its members, which have included the various DOCSIS implementations over the years and the most recent development of distributed access architecture technologies.

At CES at the start of this month, CableLabs, together with NCTA and SCTE, announced the 10 gigabit broadband of the cable industry, which is called 10G, initiative.

Blockchain is rampant in the telecommunications sector

As proof of the blockchain in the cable industry, Comcast, NBCUniversal, Viacom and Spectrum Reach, the advertising sales division of Charter, have announced their plans to implement a blockchain-based advertising platform in this year, according to a story by FierceVideo.

RELATIVE: ETSI launches the blockchain industrial group

At the MEF18 conference at the end of last year, several service providers and vendors demonstrated their proof-of-concept blockchain trials, while the European Telecommunications Standards Institute (ETSI) announced in December that it had launched a new industry specifications for blockchain.

In September, AT & T announced a suite of blockchain-based services designed to help its corporate customers reduce costs and accelerate automation processes.

Source link