The purpose of this paper is to discuss about the role of cyber security in the field of cryptocurrency, figure out the current threats and vulnerabilities, and the countermeasures to minimize the cyber attacks on them. There is a plethora of cybercrimes happening in the area of cryptocurrencies like Coin check, Parity, Bitfinex, NiceHash, FacexWorm and CoinDash. Cryptocurrencies are digital money, which requires an encryption techniques and digital wallet to secure them. Unlike regular currencies these digital money does not come under the control of bank or any financial authorities. Instead, it depends on digital public ledger called blockchain. In this paper we have are providing a detailed description of how blockchain works and the future scope of cyber security in cryptocurrencies.
Cryptocurrency is a virtual or digital currency. It has value like money and can be lent, exchanged or borrowed but it doesn’t have a physical presence. Currencies are value deposits that we can use to buy goods or services and most cryptocurrencies cannot be exchanged for anything other than a cryptocurrency. This currency is not handled by banks or some central authority. The transactions get recorded in a digital public ledger called blockchain. It ensures the transactions occur without any interference.
The first crypto currency introduced was Bitcoin, in October 2008. This is believed to be done by a person (or a group of people) called Satoshi Nakamoto. Many other crypto currencies were launched following the success of bitcoin. There are more than around 1300 crypto currencies present today. All these currencies work using the block chain technology.
Blockchain is a chain of blocks where each block represents a transaction or record of exchange. It is a decentralized, distributed database that maintains a list of transactions. Each block consists of various valid transactions which are hashed and added to the list. Each transaction includes a timestamp and a link to the previous transaction. Hence, if someone tries to modify a record, a new hash will be produced even if a small change is made as it will not contain the information of the previous records. This method confirms the integrity of the previous block and all the way back to the original one.
A transaction requires two things: a wallet and a private key. A wallet is assigned to an individual, which is basically an address to uniquely identify a user. And this address is public, whereas the private key (i.e., a string of random numbers) must be kept a secret. Once the transaction is requested, it is broadcast to the blockchain network where it will be verified. After verification and validation, this transaction is added as a block and no changes can be made after that.
What makes this system theoretically tamper proof is the cryptographic fingerprint unique to each block, and a “consensus protocol,” by which the nodes in the network agree on a shared history.
The fingerprint i.e., the hash, takes a lot of computing time and energy to generate initially. It serves as a seal, since altering the block would require generating a new hash. Then whether or not the hash matches its block is verified and after that, the nodes update their respective copies of the blockchain with the new block. This is the consensus protocol.
These hashes also serve as links in the blockchain: each block includes the previous block’s unique hash. So if you want to change an entry in the ledger retroactively, you have to calculate a new hash not only for the block it’s in but also for every subsequent block. And you have to do this faster than the other nodes can add new blocks to the chain. So unless you have computers that are more powerful than the rest of the nodes combined, any blocks one adds will conflict with existing ones, and the other nodes will automatically reject the alterations. This is what makes the blockchain tamper proof, or “immutable.”
III. THREATS OF CRYPTOCURRENCIES
Cryptocurrency mining malware is a kind of software programs that exploit the resources of computer to perform mining without user’s knowledge. Cryptojacking is mainly deployed on electronic devices like Smartphones, PC’s, and IOT devices. The furtive nature of cryptojacking lured cyber criminals, which made them to stick to the devices for long time without any distrust from users end.