IBM recently patented a technology which would help the firm with permissioned blockchains to resist replay attacks. The IBM Patents were published last week by the US Patent and Trademark office who first filed the blockchain patent back in October 2016.
According to experts, network security management is quite complex:
- Rising threats from IoT devices and third party networks
- Cybercriminals implementing unusual ways and tools to attack.
- Networks are getting more complex with the implementation of newer technologies
Furthermore, in Database management experts have found similar complexities and contingencies:
- Lack of scalability
- Cybersecurity issues
- lack of maturity in Back-up processes
- High integration requirements in complex environments.
Being entitled as, Resisting replay attacks efficiently in a permissioned and privacy-preserving blockchain network, the IBM patents highlights the security standards to cope with such attacks while sustaining the privacy and valid user permissions.
Basically, a replay attack is a valid data transmission that is fraudulently reiterated or delayed in the network. IBM’s purpose for its patent defined this vulnerability within the context of blockchain while stating:
In a replay attack the attacker simply ‘replays’ a message that was ‘eavesdropped’ on from the network or that the attacker ‘saw’ on the Blockchain. Such a replay would cause the blockchain validators to include this new transaction in the Blockchain, and thus repeat the result of that transaction without the original creator of the transaction intending this.
IBM’s effort for countering this attack within the context of a permissioned blockchain reveals communication methods and preserving the validation of all transactions within the blockchain network:
In a network of computer systems, a method of communication may comprise at a user computer system, generating a security value that is to be used only once, generating a message signed with a security certificate and including the security value, and transmitting the message over the network of computer systems.
This kind of attack involves a hacker repeating or delaying information across a blockchain. This tricks the receiver into believing they have received the information they were expecting.
This IBM protocol will generate another channel of communication where transactions can be validated on the network. Each transaction will then receive a security certificate and value which validates it. This will then indicate if the network can execute a transaction before it is carried out.
Securing blockchain is a major task for the companies which are on board in the decentralized technology. January of 2019 saw a double spend attack on the Ethereum Classic network. IBM has been adding to the blockchain patents to their growing list in an effort to stay ahead of a technological curve. This comes alongside their work will Stellar Lumens to create an international money transfer platform.
Earlier, IBM also has a patented supply chain solution to improve the Bill of Lading (BoL) process.
Furthermore, IBM has also partnered with Maersk to shorten the shipping time using its service. They are also using their blockchain technology to make a transparent jewellery supply chain so that the owners can get to know about the origin and production process of the precious items.
Needless to say, IBM stands to gain a great deal in developing their ability to protect themselves from the malicious attack.