The Strengths and Weaknesses of Blockchain on Privacy Protection
In the last medium, we discussed the definition and respective goals of privacy protection in the blockchain system while we also raised a question, that is, the native blockchain technology has shown both advantages and disadvantages for privacy protection. In this article, we will focus on explaining this topic in detail.
The strengths of blockchain in privacy protection
P2P network can prevent network eavesdropping. Blockchain is based on a peer-to-peer network, in which nodes communicate by relaying and forwarding mode [1]. For example, in a blockchain network, when two nodes need to make a transaction, the sender first passes the message to its nearby nodes. After receiving the data, these nodes send the message to their own nearby nodes and so on, making the transaction message slowly spread throughout the network. Finally, the receiver in the network can receive the transaction message transmitted by the sender. In this way, blockchain avoids direct communication between the two interacting parties, so that the attacker can not steal the data during transmission period.
Blockchain technology supports anonymous transactions. In general, user privacy is strictly protected in blockchain transactions. It is mainly because, the users build and save their transaction addresses on their own, which are related to a randomly generated number instead of associating with user privacy [2]. Thus, there is no need for any third-party interference. In addition, the length of the blockchain address is set long enough to allow huge volumes of users to build their various transaction addresses. Users can even use different addresses in different transactions. This not only protects the user‘s privacy but also ensures the security of blockchain transactions.
Decentralized architecture can prevent network attacks [3]. Although researchers have proposed several security strategies in the traditional Internet infrastructure, such as secure communication, trust management, to defend against some network attacks, including intellectual property disputes caused by sharing information, routing attacks, access attacks, inconsistent behavior attacks, target node overload attacks, traversing firewalls, and the spread of network viruses, it is still difficult to guarantee network security and user’s privacy due to central network defect. On the contrary, in terms of blockchain, which uses decentralized architecture, users no longer need to store private information on the center node and there is no worry about information leakage, scalability, single point attack, or any other inherent drawbacks of centralized framework.
The Weaknesses of blockchain in privacy protection
Nodes in blockchain networks are vulnerable to attack. Compared with the dedicated server in the traditional network, personal computers, which are widely used as blockchain nodes, have low performance and poor anti-attack capability. Furthermore, in a centralized architecture, managers only need to focus on one or several servers. On the contrary, since all the participation of blockchain entities is equal, the security policies are supposed to beared and benefited by all nodes. However, it costs a lot to apply the same security measures to many geographically dispersed nodes. Unfortunately, most of the common security algorithms present high requirements on the computing resources of the devices. Thus, attackers can invade the blockchain network by looking for nodes with poor defense.
The correlation between blockchain transactions can be used to infer sensitive information. The transparency of blockchain is a double-edged sword. All transactions in the blockchain are stored in the global ledger, which causes easy access to all transaction information. Attackers can analyze relations between transactions to decrease the anonymity of blockchain addresses [4]. Furthermore, the attacker may even speculate about the user’s information behind anonymous addresses. This point has already been discussed in this medium.
Blockchain applications face a variety of security threats. Blockchain technology is in its infancy, and there are still many loopholes in blockchain applications that have not been found and solved. For example, the crowdfunding application of ETF and hacker intrusion led to the theft of more than 3 million Ethereum Daos, which attracted worldwide concerns [5]. There is still a long way to go before blockchain technologies actually landed.
Zecrey official website: Zecrey
Welcome to join our communities and follow us on twitter:
Medium:https://medium.com/@zecrey
Twitter: https://twitter.com/zecreyprotocol
Telegram: https://t.me/zecrey
Discord: https://discord.com/invite/U98ghQsJE5
References
[1] https://bitcoinj.org/security-model
[3] Medhane D V, Sangaiah A K, Hossain M S, et al. Blockchain-enabled distributed security framework for next-generation IoT: an edge cloud and software-defined network-integrated approach[J]. IEEE Internet of Things Journal, 2020, 7(7): 6143–6149.
[4] Feng Q, He D, Zeadally S, et al. A survey on privacy protection in blockchain system[J]. Journal of Network and Computer Applications, 2019, 126: 45–58.
