Course Overview
- Public Key Cryptography
- Participants can Identify and differentiate between security threats and attacks on a Blockchain network.
- Participant will know Blockchain security methods, best practices, risk mitigation, and more.
- Participant will know how to perform Blockchain network security risk analysis.
- A complete understanding of Blockchain’s inherent security features and risks.
- An excellent knowledge of best security practices for Blockchain System/Network Administrators.
- Participants can demonstrate appropriate Blockchain data safeguarding techniques.
Requirements
- There is no Prerequisites for this training
Curriculum
-
Blockchain Risk Assessment
- What are the risks of the Blockchain?
- Information Security
- Information Sensitivity Data being placed on blockchain
- Risks of disclosure
- Regulatory Requirements Data encryption
- Data control
- PII protection
- Blockchain Architectural Design Public and Private Blockchains
- Open and Permissioned Blockchains
- Choosing a Blockchain Architecture
- Lab 5
- Exploring public/private open/permissioned blockchains?
-
Fundamental Blockchain Security Cryptography for the Blockchain Hash functions
- Public Key Cryptography
- Elliptic Curve Cryptography
- A Brief Introduction to Blockchain The Blocks
- The Chains
- The Network
- Promises of the Blockchain
- Blockchain Security Assumptions Digital Signature Security
- Hash Function Security
- Limitations of Basic Blockchain Security Public Key Cryptography Review
- Real-Life Public Key Protection
- Cryptography and Quantum Computers
- Lab 1 (Tentative) Finding Hash Function Collisions Reversible hash function
- Hash function with poor non-locality
- Hash function with small search space
- Breaking Public Key Cryptography Brute Forcing a Short Private Key
- Brute Forcing a Poorly-Chosen Private Key
-
Consensus in the Blockchain
- Blockchain Consensus and Byzantine Generals Blockchain Networking Review
- Byzantine Generals Problem Relation to Blockchain
- Byzantine Fault Tolerance
- Introduction to Blockchain Consensus Security Blockchain Consensus Breakthrough
- What is Proof of Work?
- How does Proof of Work Solve BGP?
- Proof of Work Security Assumptions
- Attacking Proof of Work
- What is Proof of Stake?
- How does Proof of Stake Solve BGP?
- Proof of Stake Security Assumptions
- Attacking Proof of Stake
- General Attacks on Blockchain Consensus
- Other Blockchain Consensus Algorithms
- Lab 2 (Tentative) Attacking Proof of Work Performing a 51% Attack
- Performing a Selfish Mining Attack
- Attacking Proof of Stake Performing a XX% Attack
- Performing a Long-Range Attack
- Malleable Transaction Attacks
-
Advanced Blockchain Security Mechanisms Architectural Security Measures Permissioned Blockchains
- Checkpointing
- Advanced Cryptographic Solutions Multiparty Signatures
- Zero-Knowledge Proofs
- Stealth Addresses
- Ring Signatures
- Confidential Transactions
- Lab 3 (Tentative) Permissioned Blockchains
- 51% on a Checkpointed Blockchain
- Data mining on a blockchain with/without stealth addresses
- Zero-Knowledge Proof Simulation
- Trying to fake knowledge of a ZKP
- Blockchain for Business Introduction to Ethereum Security What is Ethereum
- Consensus in Ethereum
- Smart Contracts in Ethereum
- Ethereum Security
- Pros and Cons of Ethereum Blockchains
- What is Hyperledger Security?
- Consensus in Hyperledger
- Smart Contracts in Hyperledger
- Hyperledger Security
- Pros and Cons of Hyperledger Blockchains
- What is Corda?
- Consensus in Corda
- Smart Contracts in Corda
- Corda Security
- Pros and Cons of Corda Blockchains
- Lab 4
-
Basic Blockchain Security and Architecture
-
Introduction to Smart Contracts
- Smart Contract Security Considerations Turing-Complete
- Lifetime
- External Software
- Smart Contract Code Auditing Difficulties
- Techniques
- Tools
- Lab 7 (Tentative)
- Try a couple of smart contract code auditing tool against different contracts with built-in vulnerabilities
- Security Implementing Business Blockchains Ethereum Best Practices
- Hyperledger Best Practices
- Corda Best Practices
- Lab 8
-
Network Level Vulnerabilities and Attacks
-
System Level Vulnerabilities and Attacks
-
Smart Contract Vulnerabilities and Attacks
-
Security of Alternative DLT Architectures
