区块链网络安全保障：攻击与防御

江沛佩; 王骞; 陈艳姣; 李琦; 沈超

doi:10.11959/j.issn.1000-436x.2021035

您当前的位置：

首页 >

文章列表页 >

区块链网络安全保障：攻击与防御

综述 | 更新时间：2024-06-05

- 区块链网络安全保障：攻击与防御
- Securing guarantee of the blockchain network:attacks and countermeasures
- 通信学报 2021年42卷第1期页码：151-162
- 作者机构：
  
  1. 空天信息安全与可信计算教育部重点实验室，湖北武汉 430072
  2. 武汉大学国家网络安全学院，湖北武汉 430072
  3. 武汉大学计算机学院，湖北武汉 430072
  4. 清华大学网络科学与网络空间研究院，北京 100084
  5. 北京信息科学与技术国家研究中心，北京 100084
  6. 西安交通大学网络空间安全学院，陕西西安 710049
- 作者简介：
  
  [ "江沛佩（1997- ），女，湖北武汉人，武汉大学博士生，主要研究方向为应用密码学、网络安全等。" ]
  [ "王骞（1980- ），男，湖北武汉人，博士，武汉大学教授、博士生导师，主要研究方向为人工智能安全、云计算安全、无线系统安全、大数据安全与隐私、应用密码学等。" ]
  [ "陈艳姣（1989- ），女，山西代县人，博士，武汉大学研究员，主要研究方向为无线网络资源分配、网络安全、区块链等。" ]
  [ "李琦（1979- ），男，浙江临安人，博士，清华大学副教授、博士生导师，主要研究方向为网络安全、移动安全和大数据安全。" ]
  [ "沈超（1985- ），男，重庆人，博士，西安交通大学教授、博士生导师，主要研究方向为信息物理系统优化与安全、系统与软件安全、人工智能安全等。" ]
- 基金信息：
  
  国家重点研发计划基金资助项目(2020YFB1005500);国家自然科学基金资助项目(U20B2049);国家自然科学基金资助项目(61822207);国家自然科学基金资助项目(61972296);国家自然科学基金资助项目(61822309);国家自然科学基金资助项目(61773310);北京信息科学与技术国家研究中心基金资助项目(BNR2020RC0101)
- DOI：10.11959/j.issn.1000-436x.2021035
  中图分类号： TP309
- 网络出版日期：2021-01，
  
  纸质出版日期：2021-01-25
- 稿件说明：
移动端阅览
江沛佩, 王骞, 陈艳姣, 等. 区块链网络安全保障：攻击与防御[J]. 通信学报, 2021,42(1):151-162.

Peipei JIANG, Qian WANG, Yanjiao CHEN, et al. Securing guarantee of the blockchain network:attacks and countermeasures[J]. Journal on communications, 2021, 42(1): 151-162.
江沛佩, 王骞, 陈艳姣, 等. 区块链网络安全保障：攻击与防御[J]. 通信学报, 2021,42(1):151-162. DOI： 10.11959/j.issn.1000-436x.2021035.

Peipei JIANG, Qian WANG, Yanjiao CHEN, et al. Securing guarantee of the blockchain network:attacks and countermeasures[J]. Journal on communications, 2021, 42(1): 151-162. DOI： 10.11959/j.issn.1000-436x.2021035.

摘要

随着区块链技术的迅猛发展，区块链系统的安全问题正逐渐暴露出来，给区块链生态系统带来巨大风险。通过回顾区块链安全方面的相关工作，对区块链潜在的安全问题进行了系统的研究。将区块链框架分为数据层、网络层、共识层和应用层4层，分析其中的安全漏洞及攻击原理，并讨论了增强区块链安全的防御方案。最后，在现有研究的基础上展望了区块链安全领域的未来研究方向和发展趋势。

Abstract

While the security of blockchain has been the central concern of both academia and industry since the very start

new security threats continue to emerge

which poses great risks to the blockchain ecosystem.A systematic study was conducted on the most state-of-the-art research on potential security issues of blockchain.Specifically

a taxonomy was developed by considering the blockchain framework as a four-layer system

and the analysis on the most recent attacks against security loopholes in each layer was provided.Countermeasures that can strengthen the blockchain were also discussed by highlighting their fundamental ideas and comparing different solutions.Finally

the forefront of research and potential directions of blockchain security were put forward to encourage further studies on the security of blockchain.

关键词

Keywords

references

NAKAMOTO S . Bitcoin:a peer-to-peer electronic cash system [R ] . Manubot , 2019 - 11 - 20 .

PAXFUL PRESS . Paxful celebrates its 5th year — Reveals hitting$4.6 billion USD in volume and reaching 4.5 million registered wallets [EB/OL ] . Paxful Press Paxful Press , 2020 - 07 - 14 .

IBM . Rewire your industry with IBM Blockchain [EB/OL ] . IBM IBM , 2020 .

余春堂 , 韩志耕 , 李致远 , 等 . 基于区块链的众包物流分级多层智能服务交易监管架构 [J ] . 网络与信息安全学报 , 2020 , 6 ( 3 ): 50 - 58 .

YU C T , HAN Z G , LI Z Y , et al . Blockchain-based hierarchical and multi-level smart service transaction supervision framework for crowdsourcing logistics [J ] . Chinese Journal of Network and Information Security , 2020 , 6 ( 3 ): 50 - 58 .

GOGO J . European Bitcoin exchange hacked for $1.4 million,claims it cannot afford to repay users [EB/OL ] . Bitcoin.com Bitcoin.com , 2020 - 08 - 04 .

HAIG S . 51% attack bleeds more than $5M from Ethereum classic [EB/OL ] . Cointelegraph Cointelegraph , 2020 - 08 - 06 .

袁勇 , 王飞跃 . 区块链技术发展现状与展望 [J ] . 自动化学报 , 2016 , 42 ( 4 ): 481 - 494 .

YUAN Y , WANG F Y . Blockchain:the state of the art and future trends [J ] . Acta Automatica Sinica , 2016 , 42 ( 4 ): 481 - 494 .

祝烈煌 , 高峰 , 沈蒙 , 等 . 区块链隐私保护研究综述 [J ] . 计算机研究与发展 , 2017 , 54 ( 10 ): 2170 - 2186 .

ZHU L H , GAO F , SHEN M , et al . Survey on privacy preserving techniques for blockchain technology [J ] . Journal of Computer Research and Development , 2017 , 54 ( 10 ): 2170 - 2186 .

韩璇 , 袁勇 , 王飞跃 . 区块链安全问题:研究现状与展望 [J ] . 自动化学报 , 2019 , 45 ( 1 ): 206 - 225 .

HAN X , YUAN Y , WANG F Y . Security problems on blockchain:the state of the art and future trends [J ] . Acta Automatica Sinica , 2019 , 45 ( 1 ): 206 - 225 .

斯雪明 , 徐蜜雪 , 苑超 . 区块链安全研究综述 [J ] . 密码学报 , 2018 , 5 ( 5 ): 8 - 19 .

SI X M , XU M X , YUAN C . Survey on security of blockchain [J ] . Journal of Cryptologic Research , 2018 , 5 ( 5 ): 8 - 19 .

KOGIAS E K , JOVANOVIC P , GAILLY N , et al . Enhancing Bitcoin security and performance with strong consistency via collective signing [C ] // 25th USENIX Security Symposium . Berkeley:USENIX Association , 2016 : 279 - 296 .

ALANGOT B , SURESH M , RAJ A S , et al . Reliable collective cosigning to scale blockchain with strong consistency [C ] // Workshop on Decentralized IoT Security and Standards,co-located with Proceedings of the Network and Distributed System Security Symposium . Reston:Internet Society , 2018 .

ZAMANI M , MOVAHEDI M , RAYKOVA M . Rapidchain:scaling blockchain via full sharding [C ] // Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security . New York:ACM Press , 2018 : 931 - 948 .

AL-BASSAM M , SONNINO A , BANO S , et al . Chainspace:a sharded smart contracts platform [C ] // 25th Annual Network and Distributed System Security Symposium . Reston:Internet Society , 2018 : 1 - 6 .

COURTOIS N T , VALSORDA F , EMIRDAG P . Private key recovery combination attacks:on extreme fragility of popular bitcoin key management,wallet and cold storage solutions in presence of poor RNG events [J ] . IACR Cryptol.ePrint Arch , 2014 ( 2014 ): 848 .

BRENGEL M , ROSSOW C . Identifying key leakage of bitcoin users [C ] // International Symposium on Research in Attacks,Intrusions,and Defenses . Berlin:Springer , 2018 : 623 - 643 .

APOSTOLAKI M , ZOHAR A , VANBEVER L . Hijacking bitcoin:routing attacks on cryptocurrencies [C ] // 2017 IEEE Symposium on Security and Privacy . Piscataway:IEEE Press , 2017 : 375 - 392 .

LUU L , VELNER Y , TEUTSCH J , et al . Smartpool:practical decentralized pooled mining [C ] // 26th USENIX Security Symposium . Berkeley:USENIX Association , 2017 : 1409 - 1426 .

BORGE M , KOKORIS-KOGIAS E , JOVANOVIC P , et al . Proof-of-personhood:redemocratizing permissionless cryptocurrencies [C ] // 2017 IEEE European Symposium on Security and Privacy Workshops . Piscataway:IEEE Press , 2017 : 23 - 26 .

EYAL I , SIRER E G . Majority is not enough:Bitcoin mining is vulnerable [C ] // International Conference on Financial Cryptography and Data Security . Berlin:Springer , 2014 : 436 - 454 .

EYAL I , . The miner’s dilemma [C ] // 2015 IEEE Symposium on Security and Privacy . Piscataway:IEEE Press , 2015 : 89 - 103 .

KWON Y , KIM D , SON Y , et al . Be selfish and avoid dilemmas:Fork after withholding (FAW) attacks on bitcoin [C ] // Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security . New York:ACM Press , 2017 : 195 - 209 .

BUTERIN V . A next-generation smart contract and decentralized application platform [R/OL ] . White Paper , 2014 .

GREEN M , MIERS I . Bolt:anonymous payment channels for decentralized currencies [C ] // Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security . New York:ACM Press , 2017 : 473 - 489 .

MALAVOLTA G , MORENO-SANCHEZ P , KATE A , et al . Concurrency and privacy with payment-channel networks [C ] // Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security . New York:ACM Press , 2017 : 455 - 471 .

MALAVOLTA G , MORENO-SANCHEZ P , SCHNEIDEWIND C , et al . Anonymous multi-hop locks for blockchain scalability and interoperability [C ] // 26th Annual Network and Distributed System Security Symposium . Reston:Internet Society , 2019 : 1 - 6 .

KALRA S , GOEL S , DHAWAN M , et al . ZEUS:analyzing safety of smart contracts [C ] // 25th Annual Network and Distributed System Security Symposium . Reston:Internet Society , 2018 : 1 - 15 .

KRUPP J , ROSSOW C . TEETHER:Gnawing at Ethereum to automatically exploit smart contracts [C ] // 27th USENIX Security Symposium . Berkeley:USENIX Association , 2018 : 1317 - 1333 .

RODLER M , LI W , KARAME G O , et al . Sereum:protecting existing smart contracts against re-entrancy attacks [C ] // 27th Annual Network and Distributed System Security Symposium . Reston:Internet Society , 2020 : 1 - 15 .

ZHANG M , ZHANG X , ZHANG Y , et al . TXSPECTOR:Uncovering attacks in Ethereum from transactions [C ] // 29th USENIX Security Symposium . Berkeley:USENIX Association , 2020 : 2775 - 2792 .

KAPPOS G , YOUSAF H , MALLER M , et al . An empirical analysis of anonymity in Zcash [C ] // 27th USENIX Security Symposium . Berkeley:USENIX Association , 2018 : 463 - 477 .

BIRYUKOV A , FEHER D , VITTO G . Privacy aspects and subliminal channels in Zcash [C ] // Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security . New York:ACM Press , 2019 : 1813 - 1830 .

TRAMÈR F , BONEH D , PATERSON K G . Remote side-channel attacks on anonymous transactions [C ] // 29th USENIX Security Symposium . Berkeley:USENIX Association , 2020 : 2379 - 2756 .

DECKER C , WATTENHOFER R . A fast and scalable payment network with bitcoin duplex micropayment channels [C ] // Symposium on Self-Stabilizing Systems . Berlin:Springer , 2015 : 3 - 18 .

POON J , DRYJA T . The Bitcoin lightning network:scalable off-chain instant payments [R/OL ] . Bitcoinlightning.com , 2016 - 01 - 14 .

DUFFIELD E , DIAZ D . Dash:a payments-focused cryptocurrency [R/OL ] . White Paper,GitHub , 2015 .

HOPWOOD D , BOWE S , HORNBY T , et al . Zcash protocol specification [R/OL ] . White Paper,GitHub , 2020 - 01 - 15 .

MÖSER M , SOSKA K , HEILMAN E , et al . An empirical analysis of traceability in the Monero blockchain [J ] . Proceedings on Privacy Enhancing Technologies , 2018 , 2018 ( 3 ): 143 - 163 .

BITANSKY N , CANETTI R , CHIESA A , et al . From extractable collision resistance to succinct non-interactive arguments of knowledge,and back again [C ] // Proceedings of the 3rd Innovations in Theoretical Computer Science Conference . New York:ACM Press , 2012 : 326 - 349 .

RIVEST R L , SHAMIR A , TAUMAN Y . How to leak a secret [C ] // International Conference on the Theory and Application of Cryptology and Information Security . Berlin:Springer , 2001 : 552 - 565 .

ROSENFELD M . Analysis of hashrate-based double spending [J ] . arXiv Preprint,arXiv:1402.2009 , 2019 .

KARAME G O , ANDROULAKI E , CAPKUN S . Double-spending fast payments in Bitcoin [C ] // Proceedings of the 2012 ACM Conference on Computer and Communications Security . New York:ACM Press , 2012 : 906 - 917 .

WUILLE P . BIP32:Hierarchical deterministic wallets [R/OL ] . Bitcoin Improvement Proposal , 2012 - 02 - 11 .

BREITNER J , HENINGER N . Biased nonce sense:Lattice attacks against weak ECDSA signatures in cryptocurrencies [C ] // International Conference on Financial Cryptography and Data Security . Berlin:Springer , 2019 : 3 - 20 .

BREITNER J , HENINGER N . Biased nonce sense:lattice attacks against weak ECDSA signatures in cryptocurrencies [C ] // International Conference on Financial Cryptography and Data Security . Berlin:Springer , 2019 : 3 - 20 .

REKHTER Y , LI T , HARES S . RFC 1771:a border gateway protocol 4 (BGP-4) [R/OL ] . IETF RFC 1771 . 1995 - 03 .

VASEK M , THORNTON M , MOORE T . Empirical analysis of denial-of-service attacks in the Bitcoin ecosystem [C ] // International Conference on Financial Cryptography and Data Security . Berlin:Springer , 2014 : 57 - 71 .

JOHNSON B , LASZKA A , GROSSKLAGS J , et al . Game-theoretic analysis of DDoS attacks against Bitcoin mining pools [C ] // International Conference on Financial Cryptography and Data Security . Berlin:Springer , 2014 : 72 - 86 .

DOUCEUR J R , . The sybil attack [C ] // International Workshop on Peer-to-Peer Systems . Berkeley:USENIX Association , 2002 : 251 - 260 .

GAO S , LI Z , PENG Z , et al . Power adjusting and bribery racing:Novel mining attacks in the bitcoin system [C ] // Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security . New York:ACM Press , 2019 : 833 - 850 .

LUU L , NARAYANAN V , ZHENG C , et al . A secure sharding protocol for open blockchains [C ] // Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security . New York:ACM Press , 2016 : 17 - 30 .

LUU L , CHU D H , OLICKEL H , et al . Making smart contracts smarter [C ] // Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security . New York:ACM Press , 2016 : 254 - 269 .

FINLEY K . A $50 million hack just showed that the DAO was all too human [EB/OL ] . WIRED WIRED , 2012 - 06 - 18 .

SYTA E , TAMAS I , VISHER D , et al . Keeping authorities “honest or bust” with decentralized witness cosigning [C ] // 2016 IEEE Symposium on Security and Privacy . Piscataway:IEEE Press , 2016 : 526 - 545 .

SCHNORR C P , . Efficient identification and signatures for smart cards [C ] // Conference on the Theory and Application of Cryptology . Berlin:Springer , 1989 : 239 - 252 .

INAMURA M , IWAMURA K , WATANABE R , et al . A new tree-structure-specified multi-signature scheme for a document circulation system [C ] // Proceedings of the International Conference on Security and Cryptography . Piscataway:IEEE Press , 2011 : 362 - 369 .

CORBETT J C , DEAN J , EPSTEIN M , et al . Spanner:Google’s globally distributed database [J ] . ACM Transactions on Computer Systems , 2013 , 31 ( 3 ): 1 - 22 .

GILAD Y , HEMO R , MICALI S , et al . ALGORAND:scaling byzantine agreements for cryptocurrencies [C ] // Proceedings of the 26th Symposium on Operating Systems Principles . New York:ACM Press , 2017 : 51 - 68 .

KOKORIS-KOGIAS E , JOVANOVIC P , GASSER L , et al . Omniledger:a secure,scale-out,decentralized ledger via sharding [C ] // 2018 IEEE Symposium on Security and Privacy . Piscataway:IEEE Press , 2018 : 583 - 598 .

赖英旭 , 薄尊旭 , 刘静 . 基于改进PBFT算法防御区块链中sybil攻击的研究 [J ] . 通信学报 , 2020 , 41 ( 9 ): 104 - 117 .

LAI Y X , BO Z X , LIU J . Research on sybil attack in defense blockchain based on improved PBFT algorithm [J ] . Journal on Communications , 2020 , 41 ( 9 ): 104 - 117 .

WANG J , WANG H . Monoxide:Scale out blockchains with asynchronous consensus zones [C ] // 16th USENIX Symposium on Networked Systems Design and Implementation . Berkeley:USENIX Association , 2019 : 95 - 112 .

GUTOSKI G , STEBILA D . Hierarchical deterministic bitcoin wallets that tolerate key leakage [C ] // International Conference on Financial Cryptography and Data Security . Berlin:Springer , 2015 : 497 - 504 .

FAN C I , TSENG Y F , SU H P , et al . Secure hierarchical Bitcoin wallet scheme against privilege escalation attacks [J ] . International Journal of Information Security , 2020 , 19 ( 3 ): 245 - 255 .

SCHNELLI J . BIP 151:peer-to-peer communication encryption [R/OL ] . Bitcoin Improvement Proposal , 2016 - 03 - 23 .

叶聪聪 , 李国强 , 蔡鸿明 , 等 . 区块链的安全检测模型 [J ] . 软件学报 , 2018 , 29 ( 5 ): 1348 - 1359 .

YE C C , LI G Q , CAI H M , et al . Security detection model of blockchain [J ] . Journal of Software , 2018 , 29 ( 5 ): 1348 - 1359 .

DANNEN C . Introducing Ethereum and solidity [M ] . Berkeley : Apress , 2017 .

浏览量

2122

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于多方计算的安全拜占庭弹性联邦学习

面向医疗数据分享的轻量级且安全的搜索方案

基于预训练与新型时序图神经网络的智能合约漏洞检测方法

基于加性秘密共享的洗牌协议的设计

基于秘密共享的轻量级隐私保护ViT推理框架