TY - GEN
T1 - On the security and privacy of hyperledger fabric
T2 - 2020 IEEE World Congress on Services
AU - Brotsis, Sotirios
AU - Kolokotronis, Nicholas
AU - Limniotis, Konstantinos
AU - Bendiab, Gueltoum
AU - Shiaeles, Stavros
N1 - Funding Information:
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement no. 786698. The work reflects only the authors’ view and the Agency is not responsible for any use that may be made of the information it contains.
Publisher Copyright:
© 2020 IEEE.
Copyright:
Copyright 2021 Elsevier B.V., All rights reserved.
PY - 2020/12/21
Y1 - 2020/12/21
N2 - In the last few years, a countless number of permissioned blockchain solutions have been proposed, with each one to claim that it revolutionizes the way of the transaction processing along with the security and privacy preserving mechanisms that it provides Hyperledger Fabric is one of the most popular permissioned blockchain architectures that has made a significant impact on the market However, there are only few papers of finding architectural risks regarding the security and the privacy preserving mechanisms of Hyperledger Fabric This paper separates the attack surface of the blockchain platform into four components, namely, consensus, chaincode, network and privacy preserving mechanisms, in all of which an attacker (from inside or outside the network) can exploit the platform's design and gain access to or misuse the network In addition, we highlight the appropriate counter-measures that can be taken in each component to address the corresponding risks and provide a significantly secure and enhanced privacy preserving Fabric network We hope that by bringing this paper into light, we can aid developers to avoid security flaws and implementations that can be exploited by attackers but also to motivate further research to harden the platform's security and the client's privacy
AB - In the last few years, a countless number of permissioned blockchain solutions have been proposed, with each one to claim that it revolutionizes the way of the transaction processing along with the security and privacy preserving mechanisms that it provides Hyperledger Fabric is one of the most popular permissioned blockchain architectures that has made a significant impact on the market However, there are only few papers of finding architectural risks regarding the security and the privacy preserving mechanisms of Hyperledger Fabric This paper separates the attack surface of the blockchain platform into four components, namely, consensus, chaincode, network and privacy preserving mechanisms, in all of which an attacker (from inside or outside the network) can exploit the platform's design and gain access to or misuse the network In addition, we highlight the appropriate counter-measures that can be taken in each component to address the corresponding risks and provide a significantly secure and enhanced privacy preserving Fabric network We hope that by bringing this paper into light, we can aid developers to avoid security flaws and implementations that can be exploited by attackers but also to motivate further research to harden the platform's security and the client's privacy
KW - chaincode risks
KW - consensus protocols
KW - cyber-security
KW - Hyperledger Fabric
KW - network threats
KW - privacy
UR - http://www.scopus.com/inward/record.url?scp=85099266012&partnerID=8YFLogxK
UR - https://conferences.computer.org/services/2020/
U2 - 10.1109/SERVICES48979.2020.00049
DO - 10.1109/SERVICES48979.2020.00049
M3 - Conference contribution
AN - SCOPUS:85099266012
SN - 9781728182049
T3 - IEEE SERVICES Proceedings Series
SP - 197
EP - 204
BT - Proceedings - 2020 IEEE World Congress on Services, SERVICES 2020
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 18 October 2020 through 24 October 2020
ER -