2. The Concept of Blockchain
“A blockchain is a digitized, decentralized, public ledger of all cryptocurrency transactions. Constantly growing as ‘completed’ blocks (the most recent transactions) are recorded and added to it in chronological order, it allows market participants to keep track of digital currency transactions without central recordkeeping. Each node (a computer connected to the network) gets a copy of the blockchain, which is downloaded automatically to maintain integrity when there is a new transaction. ” 5. Also, the point of failure arising from the dependency on a third party has been solved by using encryption technology which is make possible for all members to verify the reliability of transaction.
The blockchain has no third-party it is a peer to peer-based, So, it is no need to pay fees through peer to peer transactions, because the transactions are done without authorization by a third party. Since the ownership of the transaction information by many people make hacking difficult, saved the expense of security, transactions are automatically confirmed and recorded by all participats. In addition, the system can be easy to implement and expanded using an open source and transaction records can be openly accessed to make public transactions.
The blockchain is an organized list that save data in a form like to a distributed database and is designed to make the modifing difficult because the network participants saving and verifying of blockchain. The hash values are stored in each peer in the block which is affected by the values of the previous blocks, it is very difficult to falsify or alter the saved data. Moreover, data alteration is possible only if 51% of peers are hacked at the same time, the attack scenario is really very difficult.
Figure1: The structure of Blockchain.
2.1 How Blockchain Works?
The main processes of blockchain are as following:
a. The sending node records new data and broadcasting over network.
b. Then the receiving node checked the message which it received from sender, if the message was corrected then it will be stored to a block.
c. So, all receiving node in the network execute proof the algorithm to the block.
d. Finally, the block will be stored to the chain after algorithm was executed, and every node in the network admit this block and it will continuously extend the chain base on this block. 4
2.2 The Structure of Blockchain
Generally, in the block, it contains header which is contained hash of previous block, hash of current block and other information and body which is contain
transactions. Figure 1 shows the structure of block.
Header: When a transaction executed, it had been hashed to a code and then broadcasting to each node. Because it could be contained thousands of transaction records in each node’s block. blockchain used Merkle tree function to generate a final hash value, which is also Merkle tree root. This final hash value will be record in block header.
Body: Depending on what service is this blockchain applicate, for example: transaction records.
3. Application of Blockchain Technologies
Blockchain technologies can be using in many areas, here we will discuss one of the most famous is a bitcoin
Bitcoin: Bitcoin’s structure and transaction system was built by blockchain technologies, that was make a Bitcoin a digital currency and online payment system. By using encrypted technique, it can transfer money without need to rely on a central bank. Bitcoin used public keys to send and receive bitcoin, recorded the transaction and the personal ID was anonymous.
4. Security issues and challenges
Blockchain technology has been generated a bitcoin as a cyber-currency and it is actually used. However, that various security issues occurring in blockchain agreement, transactions, and wallet have been reported.
This paper shows some of the issues of security up to date and the security level of the current blockchain.
4.1. Security of Transaction
Due to the script that be used in inputs and outputs is a programming language with flexibility, there are different transaction can be created using such. A bitcoin contract is a process of applying bitcoin for the existing authentication and financial service. A broadly used process includes creating the contract using the script that includes a multiple signature technique. In spite of the scripts are used to resolve a wide range of bitcoin problems, the possibility of an improperly configured transaction has also been increased as the complexity of the script increases. A bitcoin is using an improperly configured locking script is discarded since no one can be using it as the unlocking script cannot be generated. To this end, there are studies that suggest models of bitcoin contract type transactions to check the precision of a script that is used in a transaction.
4.2. Security of Wallet
The bitcoin address is the hash value of a public key encrypted with a pair of public and personal keys. Therefore, the locking script of a bitcoin transaction with an address as output can be unlocked with an unlocking script that has the value signed with the public key of the address and the personal key. The bitcoin wallet stores information like the personal key of the address to be used for the generation of the unlocking script. That is mean if loss of information in the wallet it will be lead to a loss of bitcoin since the information is essential for using the bitcoin.
Therefore, the bitcoin wallet has become the main subject of bitcoin attack through hacking.
To insure the security of the bitcoin wallet, the services introduced technique called multiple signature. Due to this technique only allows a transaction when there is more than one signature. It can be used it as the redundant security feature of the wallet.
For example, if multiple signature is set in an online bitcoin wallet and is configured to require the owner’s signature in addition to the signature of the online wallet site whenever a transaction is executed from the wallet, malicious bitcoin withdrawal can be prevented since the owner’s personal key is not stored, even when the online wallet site is taken over by a hacking attack. However, multiple signature is developing to services that allow withdrawal from the bitcoin wallet only by biometric data or some separate equipment using a two-way authentication and other measures.
As the primary solution to hacking attacks of a bitcoin wallet, remain offline, cold storage-type wallets such as a physical bitcoin coin wallet that is not connected to the Internet. Similar approaches include the hardware-type bitcoin wallets to reduce the risk associated with online transactions. The hardware wallet, such as Trezor, stores the key in a tamper proof storage unit connected to the computer via USB, that is, only when used and the signed transaction is transferred using the internally stored key and only when the user is authenticated.
In other words, the storage unit is connected only when there is a need to setup a bitcoin transaction.
5. Secure Blockchain Solutions in Cloud Computing
If the user information is disclosed in the cloud computing, monetary and psychological damages can occur due to the leak of users’ sensitive information. The security of the saving and transmitting data, like confidentiality and integrity in the cloud computing is mainly studied. In addition, the studies on privacy protection and anonymity are not enough. Blockchain is a technology to ensure anonymity. when combined it with the cloud computing, blockchain can be upgraded to a suitable service that provides stronger security. Can be ensured the User anonymity if the blockchain technology is used when storing the user information in the cloud computing. When using the blockchain technology the electronic wallet is installed directly. If the electronic wallet is not rightly deleted, the information of user can be remaining behind which can be used to guess the user information. To solve this problem, we suggest a solution that deletes the electronic wallet securely.
The cases of falsifying the ledger or bitcoin pose the biggest problem in Blockchain. We need a secure wallet to solve some security problems. “Though the electronic wallet installed in PC is generally used, the security of electronic wallets in mobile devices must be installed in the PC is generally used, the security of electronic wallets in mobile devices must be verified as mobile devices have become very popular. Since a transaction occurs based on the time value of a mobile device, the security of a transaction can be confirmed only when both the integrity value of a mobile device, the security of a transaction can be confirmed only when both the integrity and accuracy of a time stamp generated in a mobile device are guaranteed. and accuracy of a time stamp generated in a mobile device are guaranteed.”
Moreover, the technology must be verified since vulnerabilities differ according to the programming language and platform that used for the development of the electronic wallet.
A secure electronic wallet must be developed by minimizing and verifying problems that can at each step of planning, requirement analysis, implementation, Quality Assurance, and maintenance.
The electronic wallet must have measures for recoverying secure when the attacker infringed the wallet, verification of a binary installed for protection, and protection of the remaining data for recovering.
It must provide security for the data stored in the electronic wallet as well as the settings needed for the use of the electronic wallet. It must also be able to delete the remaining data securely when the electronic wallet is not used and must be discarded.
Figure2: Secure Bitcoin Transaction
A blockchain has done with the server to exclude the involvement of the central authority and has facilitated the transactions via the participants who jointly store the transaction records and, finally, approve the transactions using peer to peer network technology. The blockchain has a distributed structure not centralized. Technical measures like a proof of work and stack have been implemented to improve the security of blockchain.
In this paper, we discussed the concept of the blockchain technology, how does blockchain work, the structure and App of it, Also, the security challenges and solution in cloud computing.
Current issues should be taken into account to use blockchain in the cloud computing. The anonymity of user information must be ensured when using blockchain in cloud computing and the user information should be completely deleted when removing the service. Therefore, this paper discussed the method of providing security by presenting a method of secure blockchain use and remove protocol. It seems that we needed to study on efficiency needed beside security.