Cryptocurrencies, especially Bitcoin, have been a hot topic in recent months. While Bitcoin is standing out as perhaps the most successful cryptocurrency, 各种各样的安全问题正在出现, as the currency can be vulnerable amid transactions or potentially attacked within its online storage pools and exchanges. 事实上, recent discoveries have indicated that Bitcoin is not fully secure against attackers who are attempting to steal from the “honest” Bitcoin participants (known as “miners”), sparking major research on the topic of cryptocurrency security.
以下是比特币的基本概述, cryptocurrencies, and what to know about the growing security concerns surrounding this new cultural wave.
什么是比特币和加密货币?
Bitcoin is viewed as the first successful employment of cryptocurrency, which relies on cryptography to produce “currency” and authenticate related transactions. While there were several attempts as far back as the 1990s to create forms of digital money, the concepts of Bitcoin were first introduced in early 2009 by a researcher using the pseudonymous name, “Satoshi Nakamoto.声称他从未打算发明一种货币, Nakamoto said he created a “Peer-to-Peer Electronic Cash System,“ with the main purpose of inventing what several others failed to create before digital cash. Perhaps the most important part of Nakamoto’s invention was that he discovered how to build a decentralized digital cash system, which goes against the standard system of a centralized server keeping record of the balances to prevent double-spending.
采矿是如何工作的?
Controlled by the users of the currency around the globe, cryptocurrencies-namely, Bitcoins—require confirmation from miners before being sealed/confirmed. If a transaction is unconfirmed, it is considered “pending” and can be counterfeit. 一旦确认, 比特币不能再被伪造或伪造, making it part of an unchangeable record of proven transactions in what’s known as a blockchain. (More discussion on blockchain’s relevance to cybersecurity coming in future articles.)换句话说, 矿工接受交易, 确认他们, 然后把它们分发到整个网络, 要求每台电脑, 或节点, 将其添加到其数据库. As this process occurs, miners are rewarded with a token of the cryptocurrency—Bitcoins, for example.
加密货币的安全问题
While still not fully understood by most people across the world, 重要的是要知道,许多银行, 政府, and worldwide organizations are aware of cryptocurrencies, and they are studying and evaluating their use and emergence as a viable currency on an ongoing basis. While the Bitcoin we know today was built on the proof-of-work principle that transactions can be 安全 在去中心化的点对点网络上处理, 不需要中央催收机构, the mining and transaction processes are not entirely secure. 事实上, conspiring participants can impose upon of the flaws found within the process.
Here are five key security concerns that can lead to potentially harmful attacks and threats with the use of cryptocurrencies:
- 自私的矿业— This allows a sufficient size pool of “selfish miners” to gain revenue larger than its ratio of mining power, which forces “honest miners” to spend their cycles on blocks that won’t make it to the blockchain.
- 双支出— This allows an attacker to successfully make more than one transaction using a single coin, 这使得“诚实”交易无效.
- Wallet Software/Distributed Denials of Service Attacks (DDoS)—“Wallets” are client-side applications used to manage Bitcoins and transactions of Bitcoins from/to the client and can be accessed online or via download. Online wallets are more vulnerable to DDoS attacks since they need encryption and are backed off-line.
- 获得大于50%的计算能力— This is when any conspiring user acquires more than 50% of the computing power in mining process, 这也会导致其他的攻击.
- Timejacking— This happens when an attacker announces an inaccurate timestamp while connecting to a node for a transaction, altering the network time counter and deceiving the node, 哪些会导致双重支出.
While the networks of cryptocurrency are still in development, 采矿过程面临的威胁正在逼近, and it’s important for individuals and organizations to not only be aware of this phenomenon but to also be prepared in the event of an attack, and to understand how this new form of currency could be manipulated for illicit gain. 明升体育app下载 today to learn how LBMC’s team is uniquely equipped to handle the most technical of IT security assessments.