
- Participants can Identify and differentiate between security threats and attacks on a Blockchain network.
- Participant will know Blockchain security methods, best practices, risk mitigation, and more.
- Participant will know how to perform Blockchain network security risk analysis.
- A complete understanding of Blockchain’s inherent security features and risks.
- An excellent knowledge of best security practices for Blockchain System/Network Administrators.
- Participants can demonstrate appropriate Blockchain data safeguarding techniques.
5 Days
There is no Prerequisites for this training
- Public Key Cryptography
- Elliptic Curve Cryptography
- A Brief Introduction to Blockchain The Blocks
- The Chains
- The Network
- Promises of the Blockchain
- Blockchain Security Assumptions Digital Signature Security
- Hash Function Security
- Limitations of Basic Blockchain Security Public Key Cryptography Review
- Real-Life Public Key Protection
- Cryptography and Quantum Computers
- Lab 1 (Tentative) Finding Hash Function Collisions Reversible hash function
- Hash function with poor non-locality
- Hash function with small search space
- Breaking Public Key Cryptography Brute Forcing a Short Private Key
- Brute Forcing a Poorly-Chosen Private Key
- Blockchain Consensus and Byzantine Generals Blockchain Networking Review
- Byzantine Generals Problem Relation to Blockchain
- Byzantine Fault Tolerance
- Introduction to Blockchain Consensus Security Blockchain Consensus Breakthrough
- Proof of Work What is Proof of Work?
- How does Proof of Work Solve BGP?
- Proof of Work Security Assumptions
- Attacking Proof of Work
- Proof of Stake What is Proof of Stake?
- How does Proof of Stake Solve BGP?
- Proof of Stake Security Assumptions
- Attacking Proof of Stake
- General Attacks on Blockchain Consensus
- Other Blockchain Consensus Algorithms
- Lab 2 (Tentative) Attacking Proof of Work Performing a 51% Attack
- Performing a Selfish Mining Attack
- Attacking Proof of Stake Performing a XX% Attack
- Performing a Long-Range Attack
- Malleable Transaction Attacks
- Checkpointing
- Advanced Cryptographic Solutions Multiparty Signatures
- Zero-Knowledge Proofs
- Stealth Addresses
- Ring Signatures
- Confidential Transactions
- Lab 3 (Tentative) Permissioned Blockchains
- 51% on a Checkpointed Blockchain
- Data mining on a blockchain with/without stealth addresses
- Zero-Knowledge Proof Simulation
- Trying to fake knowledge of a ZKP
- Module 4: Blockchain for Business Introduction to Ethereum Security What is Ethereum
- Consensus in Ethereum
- Smart Contracts in Ethereum
- Ethereum Security
- Pros and Cons of Ethereum Blockchains
- Introduction to Hyperledger Security What is Hyperledger
- Consensus in Hyperledger
- Smart Contracts in Hyperledger
- Hyperledger Security
- Pros and Cons of Hyperledger Blockchains
- Introduction to Corda Security What is Corda
- Consensus in Corda
- Smart Contracts in Corda
- Corda Security
- Pros and Cons of Corda Blockchains
- Lab 4
- Information Security
- Information Sensitivity Data being placed on blockchain
- Risks of disclosure
- Regulatory Requirements Data encryption
- Data control
- PII protection
- Blockchain Architectural Design Public and Private Blockchains
- Open and Permissioned Blockchains
- Choosing a Blockchain Architecture
- Lab 5
- Exploring public/private open/permissioned blockchains?
- User Security Protecting Private Keys
- Malware
- Update
- Node Security
- Configuring MSPs
- Network Security
- Lab 6 (TBD)
- Smart Contract Security Considerations Turing-Complete
- Lifetime
- External Software
- Smart Contract Code Auditing Difficulties
- Techniques
- Tools
- Lab 7 (Tentative)
- Try a couple of smart contract code auditing tool against different contracts with built-in vulnerabilities
- Module 8: Security Implementing Business Blockchains Ethereum Best Practices
- Hyperledger Best Practices
- Corda Best Practices
- Lab 8
- 51% Attacks
- Denial of Service Attacks
- Eclipse Attacks
- Routing Attacks
- Sybil Attacks
- Lab 9
- Perform different network-level attacks
- The Bitcoin Hack
- The Verge Hack
- The EOS Vulnerability
- Lab 10
- Reentrancy
- Access Control
- Arithmetic
- Unchecked Return Values
- Denial of Service
- Bad Randomness
- Race Conditions
- Timestamp Dependence
- Short Addresses
- Lab 11
- Exploiting vulnerable smart contracts
- Introduction to Directed Acyclic Graphs (DAGs)
- DAGs vs. Blockchains
- Advantages of DAGs
- DAG Vulnerabilities and Security
- Lab 12
- Exploring a DAG network