## Day11 – “Why?” & “What in?” Security & Blockchain?

#### author: aman

###### Blog III - Part I - Day 11

Hope the blogs are going pretty well.

In this very blog, divided into several micro-blogs, I'll be explaining about the Hyperproperties. This particular thing will take you to the most obvious level of understanding the computer systems. And in this particular micro-blog, I'll tell about hyperproperties, directly.

Most of the work will be taken from the teachings of my mentor Dr Pramod Subramanyan[1], IITK. He is Doctorate from UPenn and Post-Doctorate from UC, Berkeley, and one of the smartest individual I have ever met.

I will try to prepare everything from my understanding...

#### In this micro-blog

• Let us check this vaguely
• 2-trace property
• Hyperproperties
• How this could be so big?
##### Hyperproperties

This excerpt is from #Day08 blog, where I have tried to give a few intuitive explanations about Formal Methods and Verifications.

One more definition I want to speak about is traces, which are just the sequence of states.

e.g. for a system S the Trace(S) can be intuitively understood as,

t1 = S1 -> S2 -> S3....

where, Sn is the state of the system, at a certain point.

"A Trace Property is a set of Infinite states."

"A hyperproperty is a set of sets of infinite traces, or equivalently a set of trace properties."

{{S1, S2, S3, ...}, {S1, S2, S4, ...}, {S1, S4, S6, ...} ....}

The interpretation of a hyperproperty as a security policy is that the hyperproperty is the set of systems allowed by that policy. Each trace property in a hyperproperty is an allowed system, specifying exactly which executions must be possible for that system.

Trace properties are satisfied by traces, whereas hyperproperties are satisfied by sets of traces.

These hyperproperties are largely employed as a tool to measure Secure information flow, and many other security issues.

Actually I started in the exact order written in the above checkbox. But switched it to explaining the Hyperproperties first. Just try giving a thought over, "Hyperproperties and Blockchain"

See y'all on the next blog...

## Day10 – “Why?” & “What in?” Security & Blockchain?

#### author: aman

###### Blog II - Part III - Day 10

Apologies for not being able to write the #Day10 blog on time. But this blog will contain some wonderful things, actually applicable in the field of Security of blockchain.

I will pick up just one case I have worked on extensively, followed by the intuitive trails of other cases, you can think of logically. The blogs will be mostly texts so, just read.

Lets get through...

#### In this micro-blog

• Formal Methods
• Formal Verification
• First Order Logic
• Information Flow and Vulnerability : Just a CASE
##### Information Flow and Vulnerability : Just a CASE

The theory of Information Flow draws some important points in the direction of how the data flows, i.e. the access of information to different type of users. Let's try to understand it from a critical point of view...

##### The PLOT

Suppose you are an NSA Agent, just like Edward Snowden was, and you need to design a system that just have to fetch data to the other "normal" employees that serve the government.

Now the government employee simply query about the data and gets the required data. But it's perfectly normal right y'all... What is the problem?

##### The Challenge

The thing is that, there are a certain "high-level" access to information and certain "low-level" access to information. The critical point in Information Flow expresses the fact that, the high level access information should not be accessed by the people who have low-level access. In this case, the govt. employee should never access the information that only an NSA employee should have access to.

If there is anyway, the government employee is somehow able to find out the high level information, it is a security flaw.

There was this machine learning competition, where the people were given anonymised IMBD data(i.e. the identity of people were removed). One of the participant was able to apply some stastical techniques to deanonymise the data, i.e. he was able to identify the people. This is clearly a fault in securing information, which those participants should not have access to.

The participants applied the technique called "Differential learning" to de-anonymise the data. This is just a way in which a certain information can be exploited. But understanding this thing, will be a bit more complex.

Let me give you a simple example, of how the access to variables can be exploited to leak certain information.

example[1]
suppose there are 2 variable, l & h. l ->

Low-level variable, some info. that both the govt employee and NSA can know about
h -> high-level variable, some info. that ""only"" the NSA agent should know abt

now, being a government employee I write a certain program:

``````var l, h
if h = true:
l = 3
else
l = 42
``````

The govt. employee runs the program, and check the value of l after it finishes.
Now, by the value of l, whether it is 3 or 42, the govt. employee will be able to find the current state of value of h.

Isn't it much obvious? But it is clearly a big Vulnerability. The government employee should never come to know about the value of h. Now, he can make various queries to the NSA Database, and make certain conclusions of the results obtained. "The similar way the machine learning people were able to do." 😉

In the very next BLOG, I will tell about HYPERPROPERTIES, the very basic way to find out if a SYSTEM LEAKS SOME INFORMATION, the term was introduced by F B Scheidner and MR Clarkson, in 2010 in Cornell University.

I will also, cover, how this particular thing is used in Blockchain. This will be the very start where we will be employing BLOCKCHAIN examples, to understanf its seurity aspects.

Let us first get some responses on this blog.

## Day09 – “Why?” & “What in?” Security & Blockchain?

#### author: aman

###### Blog II - Part II - Day 09

Hope you people got an intuition about the Formal Methods & Verifications in the latest blog. However, if you feel like having a query, that possibly I can solve, please drop an email to aman0902pandey@gmail.com.

This blog will cover the explanation about what is known as, First-Order Logic. Plus in the very next micro-blog, most importantly what was my approach, with Dr Pramod, at IIT Kanpur. And the applications of Formal Methods in it. This one will only roam around the First-Order-Logics....

Lets get in...

#### In this micro-blog

• Formal Methods
• Formal Verification
• First Order Logic
• Information Flow and Vulnerability
##### First Order Logic

Well, the first order logic has several philosophical theories. I'll stay with the one most understood by me.

The FOL, are the extensions of the logics, to what we call as Propositional Logics. The only difference is that the FOL also covers the predicates and quantifications.

Quite confusing, right!?

Lets break them into smaller parts.

1. Propositional Logics: These logics only covers the "propositional arguments", which are the statements which are logical(i.e. they can be true or false). The propositional formulas, are written by using certain symbols.

*remember the same thing you've learned in your school times....

here, p,q,r,s are the predicates, for eg.(p -> people who are quarantined for 6 days), and the complete notation in the above image is the propositional formula.

1. Predicates: can be simply defined as a few functions/operations with have either of the 2 values: 0 or 1. This is very important when we will be discussing the satisfiability in checking the systems. That will eventually lead to an understanding of how these are applied to the real world problems, and security, as we'll be discussing in case of blockchain.

2. Quantifications: simply stands for "quantifying" things or better to say objects. The FOLs also try to give no. to the objects. and that's it.

So, the FOLs are the way to represent a few conditions, with the use of propositional symbols, predicates, functions & Symbols, quantifiers. These representations lead to some "understanding", and this understanding is called as "interpretations".

These interpretations are the whole lot which governs the mathematical science behind using these logics while describing a secure systems.

Propositional logics are also known as zeroth-order-logic as it is extending the First-Order-Logic

Don't lose your heart, if you were not able to understand somethings, or anything at all. A few examples, and applications have got your back.

Keep Up....

## Day08 – “Why?” & “What in?” Security & Blockchain?

#### author: aman

###### Blog II - Part I - Day 08

The last blog was written by Kaushik, the Applied Physics Freshman student, beautifully covered the diverse applications of Blockchain and the challenges/risks involved with the use of the current form of Blockchain technology..

This blog will cover straight definitions and their super intuitive explanations(as far as I can make), about the FORMAL METHODS & VERIFICATIONS. What are they? and Why are they?

Plus I'll try to give a brief about my work, in the later part of this blog.(in another micro-blog)

Buckle up a bit, the logics and thinking coming up...

#### In this micro-blog

• Formal Methods
• Formal Verification
• First Order Logic
##### -----

There was a series of events which motivated me to begin this series.

This was when I was talking to one of the Sophomore year members in CEV, Shtakshi, Comps. Shtakshi has a huge interest in mathematics and love logics, but as a normal sophomore problems, she has a lot of options to explore because of which she didn't have any particular choice.

As a normal 3rd year member's job suggests, I tried explaining her about the field I have worked on, The FORMAL METHODS, and how crucial is it for Computer Researches.

I will put up a more "formal" definition and a more "informal" definition. You can always miss the formal definitions.

#### Formal Language:

##### Formal Definition says: (You can skip though)

In mathematics, computer science, and linguistics, a formal language consists of words whose letters are taken from an alphabet and are well-formed according to a specific set of rules. The alphabet of a formal language consist of symbols, letters, or tokens that concatenate into strings of the language.[1]

##### Informal Definition says:

It is just like, when you use normal languages(say english), what you brain really comprehends is only what that sentence "actually" means, and not the meaning of each word (eg. "the boy is running" your brain comprehends it to the "boy" & "running") or You say "I have Ice-cream rolls, the roll, x, such that 1cm3 < x < 5cm3, goes to box A, <1cm3 goes to B, and >5cm3 goes to C..... What brain really comprehends here is 3 boxes, 3 categories, and place the ICE-CREAM rolls accordingly."

The first formal language is thought to be the one used by Gottlob Frege in his Begriffsschrift (1879), literally meaning "concept writing", and which Frege described as a "formal language of pure thought."

This is the formal languages are all about. You just have to write what actually exists and is important. Just in case you need actual example[2]

#### Formal Methods:

Formal Definition says: (You can skip this one too) Find wikipedia definition here[3]

Informal Definition says: Whenever you try to use these formal languages to represent "states" (or say various computer states), and derive a few specifications of the computer systems, then the representation is called as the Formal representation and the deriving specifications and using them is called Formal Methods.

States are the condition in which a system currently is. For e.g. ""A light switch can be either on or off, and it can be toggled from one or the other. The current position of the switch (on or off) is the state of the switch. If you change the position of the switch you have changed it’s state.

Specifications are simply a few states that a system "must follow" and a few that a system "must not follow".

If you wonder this thing can be applied to literally anything. Computer Sciences are just an application.

For e.g. "A machine in a factory has a lever, a grinder and a conveyer belt" So, you may "always want" a state when the following happen -> Lever is lifted up (i.e. the machine is on) -> Conveyer belt is running -> Grinder is running

could be represented as follows:

###### Unfaulty state
Part(1-> on, 0-> off)
Lever1
Conveyer Belt1
Grinder1

but, you may never want a state where the lever is ""off"" but the conveyer belt is running. i.e.

###### faulty state
Part(1-> on, 0-> off)
Lever0
Conveyer Belt1
Grinder1

Similarly, this works for every computer system. And thus, used largely in Computer Science Researches, specially when researching for bugs and vulnerabilities in the system.

#### Formal Verifications:

When you use, these methods to "Verify that the system under observations is following certain specfications or not", these methods are called the Formal Verifications.

Hope that gets clear.

Please share the blog to make its reach high.

Thank you for your time. Gears down!!!

## Day07 – “Why?” & “What in?” Security & Blockchain?

Blockchain is often described as merely the technology behind the “Cryptocurrencies” and people fail to perceive the avenues it opens for the greater good of mankind. In reality, Blockchain is to cryptocurrency as to what the Internet is to email.

You never thought about applying blockchain in different domains for the upliftment of the society because you were too busy trading in Bitcoins and ether to mint money since that’s what you think the most about. (pun intended)

Do you know why blockchain is one of the hot research topics?  Well, you don’t need to worry because we have got you covered. In this blog, we’ll go through the various prospects Blockchain offers to us, the challenges which can be tackled with the proper implementation and the hindrances which raise questions on its viability.

## Applications of Blockchain

The reason you’re familiar with blockchain is probably because of cryptocurrencies but it turns out that blockchain is actually a pretty reliable way of storing data about other types of transactions, as well. In fact, blockchain technology can be used to store data about property exchanges, stops in a supply chain, and even votes for a candidate. Still wondering how? Let’s explore…

### Confidentiality

• Aadhar and security of the citizens, from birth to death, all changes in our circumstances would be stored in a global decentralised system that cannot be altered without a trace that would log everything about that alteration. You get married? You insert the info. You need to provide proof for the taxman to get a deduction? You give him a code that would access only this information and nothing else. No more ID theft.
• One of the challenges hospitals face is the lack of a secure platform to store and share data, and they are often victims of hacking because of outdated infrastructure. Blockchain technology can allow hospitals to safely store data like medical records and share it with authorized professionals or patients. Moreover, this can improve data security and even help with accuracy and speed of diagnosis. For instance, your file would be online and your doctor will not have access to your cigarette addiction unless it will interfere with your liver treatment.
• Blockchain can come handy in Property rights. For instance, your step brother sells your garage but keeps the house of your grandmother? Recorded and accessible only for the potential buyer. The DNA analyser discovered your step brother has a stepbrother i.e. you then you will be added automatically to the property title even if you’re in Zambia and your phone will beep to give you the good news. (See how blockchain can make you rich even without Bitcoins)

### Transparency

• Tired of not getting the RTI response on the latest government deal and expenditure? Blockchain allows you to check online what has been done on the 27.01.20 between 10.20 and 10.30 and see where is your tax money and what has been done (or not) with it.
• You give your 100 bitcoins for water infrastructure in Nigeria? You will see exactly where your money went and you won’t have the surprise of discovering that 99 went for the wages of the charity and one for the corrupted mayor that needed a pool in his garden.
• Blockchain potentially allows us the ability to vote in a manner that’s impervious to outside meddling or the influence of corruption. Creating an immutable, publicly-viewable ledger of recorded votes would be a massive step toward making elections fairer and more democratic.
• Even if your government is defaulting on its loans or your bank fails, you will still have an unaffected backup pool of money to draw from since many people were restricted to withdraw cash from PMC Bank and the most recent case being Yes Bank which can cause inconvenience to the ones who truly need it.

### Payments and Transactions

• We don’t want foreign companies to track our day to day transactions like Gpay, PayPal or Paytm (Yeah Paytm is owned by Alibaba and Softbank) plus transaction costs are way lower.
• You don’t need to convert your rupees to dollars or yen every now and then. Blockchain can let you get rid of fiat money and lead to a much-stabilised exchange rate in future (no relation with “Future Markets”) unaffected by the happenings in the global trade and commodity markets.
• When you use credit and debit cards to make purchases (especially online), you’re trusting the vendor with information that other people could use to steal from you. This means that, if your financial information is stolen from the vendor, your money will be at risk.

### Transforming the Economy

• Bitcoin’s value doesn’t fluctuate like market collapse like black Monday. In fact, Bitcoin emerged right after the 2008 crisis. Since cryptocurrency is still an emerging technology, the value of the various digital currencies can be volatile (discussed below), but the system was designed to not be inflationary in the long run. There are many aspects of cryptocurrency which contribute to its non-inflationary nature.
• Each cryptocurrency has a finite, set limit on the total number of coins that will come into existence. For example, the total number of bitcoins that can ever come into existence is 21,000,000
• There are controls and techniques in each cryptocurrency’s protocol that ensure that the process by which new coins come into existence is controlled and predictable over time. This means that we can accurately predict how much of a certain cryptocurrency will exist at any given time in the future.
•  There is no money-issuing agency which can decide to mint more currency or enact fiscal policy that decreases the value of the currency. Just imagine the future where everyone will be trading in cryptos and not deal through dollars, yen and other troublesome conversions.

### Eliminating Middlemen

• Eliminating the middleman (I call them leeches). You want to sell something, you access a free site powered by blockchain, list your item and sell it without having to pay ebay and PayPal commission. You want to sell a book? You can do it for 0.01\$ and you could have 1m readers that would be willing to pay that 0.01\$, not 1000 that would pay 10\$ from which 9.9 go to the publisher and 1m that would download it from piratebay because they cannot afford to pay \$10.
• You don’t need to purchase the expensive Netflix and Prime subscription to binge watch your favourite movies and series. Blockchain will give rise to the “Wikileaks of the common”.
• FACEBOOK owns three of the most popular social media platforms with in-app messaging service, Facebook, WhatsApp and Instagram respectively. Giving a private entity this much power is insanity at peak provided the recently infamous “Cambridge Analytica data crisis”.

### Decentralisation

• Energy management has been a highly centralized industry for a long time. Energy producers and users cannot buy it directly from each other and have to go through the public grid or a trusted private intermediary. For example, “TransactiveGrid” is a startup using Ethereum that allows customers to buy and sell energy from each other in a peer-to-peer way.
• A completely decentralized internet, where ISPs aren’t needed anymore. This is what “Skycoin” does with Skywire. They will soon provide their custom built 1Gbps antennas for \$100, which have a range of 10 miles and provide high speed internet to 7,000 people and with their mesh network on top probably 20,000 people. You only need 2,000 antennas per European country to cover the whole continent and the data is stored on Skyminers.

### Information Security

• It’s interesting to note that multiple types of information theft keep occurring, way more than most people realize. A good example of this is the April 2014 “Heartbleed” bug in the openSSL cryptographic software. Hundreds of popular online services were hacked before the bug was disclosed, including big names like Facebook, Google, Instagram, Pinterest, Tumblr, Twitter, Yahoo, Yahoo Mail, Gmail, Dropbox, TurboTax, and GoDaddy.
• With the increasing role of IoT in our lives, it’s high time we stop trusting Siri and Alexa. Blockchain is one of the ways to protect our virtual presence and stop the ways MNCs manipulate us through the data they receive in various forms. Remember, data is the most precious thing out there.

## CHALLENGES OF BLOCKCHAIN

A blockchain is a kind of database and computational platform, with advantages and disadvantages compared to conventional technologies. Sometimes a blockchain may be an appropriate choice in the design of a software system, but for many purposes, conventional technologies will be more appropriate. Let’s explore the challenges further.

### Wastage of Energy

• The public Bitcoin and Ethereum blockchains use a consensus mechanism called ‘Proof of Work’ which requires all mining nodes to compete to solve a difficult cryptographic puzzle. However, the world-wide pool of computers performing this cryptographic puzzle creates significant electricity usage, most of which is ‘wasted’ by not leading directly to a successful puzzle solution.
• Though alternative consensus mechanisms are being developed for public blockchains, such as ‘Proof of Stake’, which do not use a computationally expensive puzzle, and will be markedly more energy-efficient, the massive redundancy in the large number of processing nodes in a blockchain system will always mean that more electricity is used than in a centralised non-replicated database. This is an inevitable trade-off for the distributed trust and increased availability offered by a blockchain.

### Criminal Activity

• Through some third-party trading platform which supports cryptocurrencies, the user can either buy or sell any product. Since there is a high level of anonymity in this process, it would be very difficult to track the behaviour of the user, let alone the subject to legal sanctions.
• There are several methods fraudsters use to conceal their criminal activities, including altering or deleting information in a company’s accounting systems, changing electronic or paper documents and creating fraudulent files.
• However as pointed out by Ross Mauri of IBM Systems, “Using a shared digital ledger can help reduce fraud because it increases the visibility and transparency of the transactions made throughout a supply chain and between members of a business network. Participants can see the history and transfer of assets, so fraudulent transactions are easier to identify. Plus, to tamper with the transaction records on a blockchain, an individual or group of individuals in collusion would have to control a majority of the system.” So, the security claims remain disputable and prone to attacks.

### Blockchain Efficiency

• The efficiency of blockchain themselves may become overloaded with complex consensus mechanism as well as invalid data. For example, most popular consensus mechanisms which are used in blockchain are proof of work, which is referred to as a “waste of computing resources” by the researcher.
• It is usually said that there are efforts to develop more efficient and hybrid consensus mechanisms that combine PoW and Proof of Stake (PoS). In addition to that, blockchain will produce a lot of information, data, transaction data, contract bytecode which may be useless and outdated.
• “There are several smart contracts which contain no code or totally the same code in Ethereum, and many smart contracts won’t be executed after its deployment. An efficient data cleanup and detention mechanism can be used to enhance the execution efficiency of the blockchain systems.”

### Private Key Security

• Access to a blockchain requires both a public and a private key (the private key of the user is the identity and security credential). Keys are cryptic strings of characters of sufficient length to make the odds of guessing them truly astronomical. However, the user generates and maintains these rather than a third-party agency.
• An attacker can recover a user’s private key because it may not have enough randomness during the signature process. Once the user’s private key is lost, the user won’t be able to recover it again. Since blockchain does not depend on any centralized third-party trusted institutions, if the private key of the user is stolen, it would be very difficult to track the behaviours of the criminal to recover the modified blockchain information.

### 51% Vulnerability

• The level of vulnerability for attackers to control and exploit the entire blockchain in the consensus mechanism is 51%.To be specific, in the PoW-based blockchain, if a single miner’s hashing power accounts for more than 50% of the total hashing power of the entire blockchain, then it can result to the launching of the 51% attack.
• Hence, the concentration of mining power in some mining pools may result in the fear of an inadvertent situation, such as a single pool controlling more than half of all the computing power.”

### Double Spending

• Though the consensus mechanism of the blockchain can validate a transaction, it’s still possible to avoid double spending or using the same cryptocurrency myriad times for transactions.
• The attacker can exploit the intermediate time between the two transactions initiated and confirmation so that an attack can be launched quickly.

### Smart Contracts Vulnerability

• Smart contracts aren’t that smart after all. While being executed, smart contracts may have security vulnerabilities which are caused by program defects.
• A survey by ScienceDirect shows that 8,833 out of 19,366 Ethereum smart contracts are vulnerable to bugs like transaction-ordering dependence, timestamp dependence, and mishandled exceptions. Not to mention that smart contracts are also pretty under-optimized.

### Untested Code

• Despite the nearly 8-year history of Bitcoin, blockchains not dedicated to cryptocurrencies are still heavily experimental. As such, some DLT creators are tempted to deploy insufficiently-tested code on live blockchains. One now-infamous example is that of The DAO attack. Aman already discussed this in his blog which you can access here.
• The hack resulted from the attacker exploiting two vulnerabilities in The DAO code. The hacker knew that the code was designed to allow both a split, and a transfer of tokens between accounts. The hacker also realized that the code would not update account balances fast enough to prevent transferring the same tokens more than once. Since the code did not decrement the original account balances after each transfer, there was nothing to stop the same tokens from being replicated about 40 times each, without the original tokens being destroyed and it was exploited to the extent that \$55 Million worth of ether was transferred.

It was very exciting for me to come up with this and I hope you enjoyed it.

In future blogs, I would talk about the impact of blockchain in the economy and what it holds for us in the future.

– Kaushik Chandra

Ist year : MSc – Physics

## Day06 – “Why?” & “What in?” Security & Blockchain?

#### author: aman

###### Blog I - Part VI - Day 06

This blog will cover the motivation to what lead me write this blog series. I will be covering a few intriguing bugs(in the very next BLOG), which could seriously be enlightening to the people reading, and yeah, may serve the target of this blog series, of showing the people to what is called as "The road not taken"

Let's go through...

#### In this micro-blog

• What am I talking about?
• Why am I talking about it?
• Have you heard before? (The "goto fail;", Heartbeat, Meltdown, Spectre)
• What the world is upto against such ____ ?
• Basic Challenges faced
• Unimportant sounding complete terms
• Motivation behind
##### Motivation Behind

The motivation to start this blog series came right from the incident where, PRIYANSH, the same 2nd year CEV members, who reached out to me regarding the BACKDOOR thing.

Just give it a clear view, everyone is now using the tech to transfer money, to share data, to create a "online portfolio" on instagram, ... bla bla bla.. almost everywhere. The people are more accepting towards new technology, for ex. the UPI, initially people resisted, now using it almost everywhere. Atleast in my city, Surat.

You are so surrounded by data exchange, that a day without internet is honestly a day spent sleeping.

Since, blockchain hype has caught a boom, just like Machine Learning, people still can't come over from learning to make applications, and actually focusing on the very ways they can make it safe to use.

It is clearly demand > supply.

So much work in developing applications and so less in securing them. The reason why the most of the BIG Institutions spend a lot of time in doing these critical researches.

The DAO bug I had talked about caused nearly \$50 million worth ETH lost in the hands of attacker. Just because he was able to find and exploit the smart contract. The another attack famously called "Parity WAllet MULTI-SIG attack", frozen the use of around 500,000ETH. The bug caused due to improper checks in the smart contract functions.

Next one is even more interesting, When a user submits a transaction with no to field, it is interpreted as a contract deployment. If they also leave out the data field this results in a contract being deployed with no code. If the transaction has ETH attached to it then the ETH becomes inaccessible as it is given to the "contract" even though the contract has no code associated with it. This problem most commonly occurs when someone constructs a transaction incorrectly (accidentally leaving off the to field) but can also occur when someone attempts to create a contract but accidentally leaves out the data. In either case, it is easy to identify and the proper owner is obvious (transaction submitter).

These motivated me enough to work in that directed. In the direction of security DISTRIBUTED LEDGER TECHNOLOGY, in general. BLOCKCHAIN, is just a type of DLT.

Cheers...!!!

## Day05 – “Why?” & “What in?” Security & Blockchain?

#### author: aman

###### Blog I - Part V - Day 05

The challenges faced while creating a secure software is quite straight, and so straight are the solutions. This blog covers the very two terms to tell about how to measure the realiability of a secure system.

Plus, after covering a lot of scenarios, I will try to connect the dots for you people, to be able to comprehend the further blogs.

It gotta be a little boring one. But very essential.

#### In this micro-blog

• What am I talking about?
• Why am I talking about it?
• Have you heard before? (The "goto fail;", Heartbeat, Meltdown, Spectre)
• What the world is upto against such ____ ?
• Basic Challenges faced
• Unimportant sounding complete terms
• Motivation behind
##### Unimportant sounding complete terms

So, there could be two ways, either you take the code of the software you want to check vulnerability of, and check its path on various and varying input sets or just run the program under "instrumented" conditions and check for likely bugs. Simple to understand, take program and try to understand its structure and the critical conditions it can reach, or, make a sandbox(a testing environment to isolate your program from rest of the system), and test your program for faults.

The terms used for this are Static and Dynamic,

• Static analysis
• Inspect code or run automated method to find errors or gain confidence about their absence
• Try to aggregate the program behavior over a large number of paths without enumerating them explicitly
• Dynamic analysis
• Run code, possibly under instrumented conditions, to see if there are likely problems
• Enumerate paths but avoid redundant ones

The two following terms, tells about the measure of a "should be used", software analysers. There is always a great deal of researches in the Universities across the globe, to create the better software.

Soundness “Sound for reporting correctness”

or equivalently There is a bug  Analysis finds a bug Completeness “Complete for reporting correctness”

PropertyDefinition
SoundnessAnalysis says no bugs -> No bugs
CompletenessNo bugs -> Analysis says no bugs

In a funny manner, it simply means that if a program analyser says that a program has no bugs, it "actually doesn't have any bug". And, completeness is when if there are "NO BUGS", the program analyser should be able to tell that there are no bugs.

Think for a while, how these terms are so powerful, in context of an efficient program analyser.

During my research at IITK, Dr Pramod took me to work on a FUZZER, which is simply a Dynamic kind of software analyser, which fuzz(input) the software program with random inputs, and checks for its failure in accordance with the INVARIANTS(specifications) provided.

a lot more to cover, before ending this major blog, and starting with the new one.

See ya.. Cheers.!!

## Day04 – “Why?” & “What in?” Security & Blockchain?

#### author: aman

###### Blog I - Part IV - Day 04

The process to create a secure system, requires the knowledge of almost every domain in periphery of the application you are making, and the conjunction of that every technology. For eg. working on a Blockchain systems requires you to have an idea about what goes on in the Distibuted networks, the data structures, the contract flow, the cryptographic key generation, and a lot more.

The most important thing to create a secure system is reaching out to the edges of the softwares use cases, the absolute critical thinking. This blog covers a few very basic challenges faced in making and checking the softwares build. Following blogs will then cover the terms, very important to create great security softwares. We'll also cover(at the end of this BIG blog), the working of a few good analysers and bug finders.

Let's get on ramp...

#### In this micro-blog

• What am I talking about?
• Why am I talking about it?
• Have you heard before? (The "goto fail;", Heartbeat, Meltdown, Spectre)
• What the world is upto against such ____ ?
• Basic Challenges faced
• Unimportant sounding complete terms
• Motivation behind
##### Basic Challenges faced

It is really simple to understand how does a program analyser works? It is a pretty vague and straight approach. There is a code that you want to check and certain "specifications" for what you want to look into the program. These specifications are also known as invariants. In mathematics, invariants are the properties of any "object" that remains unchanged.

Leaving a very short note here as I have not discussed about Formal languages and methods, "In formal languages, the invariants can be used to prove, what is called as correctness".

Chuck the above line off for a while.

This is simply what a program analyser does.

Now what will a program analyser be exactly working on. As a simple guess, it will "detect" a certain inputs for the feeded program -> check the program for crashing -> show reports.

This works easily for a simple 10 line code, but, what if the program goes ~10,000 lines, and a variety of input cases and boundary conditions. And the biggest doubt, How will you make the analyser to "detect" the inputs?.

Machine Learning?

Nah, this is no Machine Learning. Though it could carry an application of Machine Learning.

###### understanding challenges

Look at the following code, this will help you comprehend the further blog.

Suppose, we try to analyse this program by finding various paths that can be generated by different sets of inputs.
But, How will we able to find different inputs that will take different various paths? And, even we are able to write different inputs. Are we going to write those inputs manually?

No! not at all. These are the challenges, solved very gracefully.

Future blogs, will cover those techniques as well.

Lets keep the drill on and dive further.

Cheers!!!

## Day03 – “Why?” & “What in?” Security & Blockchain?

#### author: aman

###### Blog I - Part III - Day 03

As you have already seen, how critical the small bugs could be. The fatal injury they can cause to your data privacy can't be overlooked.

Creating a fault free system, is extremely tough, and this is what the world or your own startup demands from you. There has been a boom in AI startups. As simple as that, create an AI application(not talking about a few very intellectual startups like GENOME) and make your startup. Well, what if I tell you, even that one particular startup at some stage have to go through a few critical checks regarding privacy and security.

Well, this blog will cover a few things regarding What the world is currently doing against these bugs and vulnerability things.

#### In this micro-blog

• What am I talking about?
• Why am I talking about it?
• Have you heard before? (The "goto fail;", Heartbeat, Meltdown, Spectre)
• What the world is upto against such ____ ?
• Basic Challenges faced
• Unimportant sounding complete terms
• Motivation behind
##### What the world is upto against such ____ ?

Okay, turning over to my fav Blockchain, suppose you have created your very own Smart Contract, and ready to get into the business with quick trading of your Coins. But, how would you ensure that your smart contract is "ACTUALLY" safe to trade coins? Or it doesn't leak the information to a people where it shouldn't.

Let me tell you about an interesting case, The DAO Attack. If you have a little knowledge about the smart contract[1], you might be knowing that they are the simple rules governing an application on Blockchain. If not, watch a video.

The Decentralised Autonomous Organisations(DAO) is considered to be the very first large-scale Ethereum Application(the most famous Blockchain Application building and deployment platform). Let me first tell you about this very error that the smart contract creator made:

In ethereum blockchain, as these so called smart contracts are "public" they can be called by any other smart contract, anytime. So when in contract(look at the flow), you call a function `bankAddress.withdraw()`, the flow goes to `sender.call.value()`, which actually sends some currency(ETHER - the crypto Ethereum works on), to the contract on right-side. The flow goes to the payable given below, which is a kind of Necessary for the contract to accept the payment. If you look closely, the right hand contract, has another withdraw function!!!!!
This is called as the Reentrancy attack! Registered in the swcregistry (Smart Contract Weakness Classification and Test Cases).

Exciting, isn't it? This thing will actually make a loop of payments, without deducting the balance on the very next line of the left-contract.

This small bug actually drained of cryptocurrencies worth around \$50 Million to the attacker's account before the maintainers could fix it.

*you can have a look at this very video

A whole lot of research scientists are working on to preventing any such vulnerabilities and analsing the risks involved.

A small excerpt[2], to tell you people about the risk, vulnerabilities & bugs.

"Vulnerability (weakness) is a gap in the protection efforts of a system, a threat is an attacker who exploits that weakness. Risk is the measure of potential loss when that the vulnerability is exploited by the threat e.g. Default username and password for a server – An attacker can easily crack into this server and compromise it."

###### Now what the people are doing actually!

When the Modern Computer Science was actually developing(since 1980s or even earlier), there was a whole lot of research in defining standard definitions and notations, that is applicable to almost every computer science concepts. These notations involves the Formal Languages and the definitions of systems, states, properties, hyperproperties etc. are still followed to define secure systems standards.

The researchers usually rely on the program analysers, which actually look at he dark corners of the program and tell about the vulnarabilties, based on which the risk involved is decided.

There are always certain properties & conditions a program should follow and a program should not follow. For Ex. in DAO Reentrancy, it was analysed to be deducting the amount more than one time, while calling the withdraw function. This condition, that the contract should never transfer more than withdrawn amount, is framed within the program analyser, and checked for the failure. Such framed conditions are called as SATISFIABILITY. Softwares called SAT-SMT solvers are build for that purpose.

There are certain techniques, which are followed to detect vulnarabilities and calculating risks involved with these systems.

• Symbolic executions (looking for the flow of the program to check the failure points)(these are generally COMPUTATIONALLY expensive, so there are methods to make them more efficient)
• Model Checking Techniques ()
• Fuzzing systems , etc.

I have planned to write separate complete blogs for this(program analyser, formal methods, blockchain vulnerabilities) in the upcoming blogs(other than this very blog) in the upcoming days of this #20 Days series. Security tools available for Ethereum

Cheers!!!

## Day02 – “Why?” & “What in?” Security & Blockchain?

#### author: aman

###### Blog I - Part II - Day 02

At CEV, we basically focus on creating inquisitiveness rather than teaching a lot. After all we all are an autodidact, searching for motivation and peers around to learn, to what we call as "Classrooms".

Considering that, I am adding a subpart to the list below, which will be telling about a few very "well-known" CVE registered bugs.

##### Prerequisites
• a basic flow with the text below

#### In this micro-blog

• What am I talking about?
• Why am I talking about it?
• Have you heard before? (The "goto fail;", Heartbeat, Meltdown, Spectre)
• What the world is upto against such ____ ?
• Basic Challenges faced
• Unimportant sounding complete terms
• Motivation behind
##### Have you heard before? (The "goto fail;", Heartbeat, Meltdown, Spectre)

So this all came from around 6 years back, where the "STATUS" device manufactures, the APPLE was diasgoned with a severe bug, that could have caused(or possibly have caused!), the loss to personal information of millions of users. The bug, could be a mere mistake of the programmer(a simple command + c mistake), which actually left the SSL/TLS layer between the client and the server, that would have lead to a middle-man attacking the system to steal the sensitive information of OSx and iOS users. The bug is famously known as the goto fail; bug, registered as CVE-2014-1266[1] in the Common Vulnarabilities and Exposures[2] forum.

"CVE® is a list of entries—each containing an identification number, a description, and at least one public reference—for publicly known cybersecurity vulnerabilities."

"CVE Entries are used in numerous cybersecurity products and services from around the world, including the U.S. National Vulnerability Database (NVD)."

Let's now go on with the first one

###### #1 goto fail; video

This came when, APPLE started rolling out an urgent security update in 2014, which caused a hot air among the security researchers. To make the stuff real clear, following is a code snippet from opensource.apple.com.

*Please ignore the random line no. I have put here, i have just put it for refering purpose in the follow up texts

``````static OSStatus
SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams,
uint8_t *signature, UInt16 signatureLen)
{
1	OSStatus        err;
...
34	if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0)
35		goto fail;
36	if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
37		goto fail;
38		goto fail;
39	if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0)
40		goto fail;
...
87    fail:
88	    SSLFreeBuffer(&signedHashes);
89	    SSLFreeBuffer(&hashCtx);
90	    return err;
}
``````

if you look very closely, you can find something strange in lines 37-38, and if you are aware about a normal if-else procedure, the flow will never reach line 39 and following up lines of code, as it is struck at an extra goto fail;, which makes the program flow jump directly to line 87, and thus skipping the very crucial signature verfication required for secure connetion.

Thus, compromising with the SECURITY & SAFETY of the APPLE DEVICES.. This vulnerability can be spotted "iOS from some point prior to 7.0.6 (I confirmed on 7.0.4) and also OS X prior to 10.9.2 (confirmed on 10.9.1). It affects anything that uses SecureTransport, which is most software on those platforms although not Chrome and Firefox"[3]

###### #2 HEARTBLEED video

What happens in a general communication between 2 devices, is called the HANDSHAKE, where Device-1 asks for something to Device-2 to ensure whether the other device is not-dead. This reciprocation of signals to assure the availabiilty of a device is called HEARTBEAT.

Now, this vulnerability, CVE-2014-0160[4], caused a major bug in usage of OpenSSL, which is usually an implementation to prevent MIDDLE-MAN Attackers from stealing the information between Device-1 & Device-2. In this, the signals are encrypted between the devices.

But during heartbeat suppose Device-1 says to Device-2 Hey! If you are online, send me back the word "HAT" 3 letters, the device-2 reciprocates with the same "HAT"!. [clear excerption from the video above]

But here, what if an attacker comes in between and modifies the messages to Hey! If you are online, send me back the word "HAT" 500 letters, the Device-2 returns HAT but this time with the following texts in its memory chunk, that could be any one, two or all of the following: • Primary key material: secret keys used for X.509 certificates • Secondary key material: user names and passwords • Protected content: personal and finance details like instant messages, emails and business critical documents. • Collateral: other details in the leaked memory content such as memory addresses, etc.

Doesn't it look scary people?

Well I have a lot to talk about bugs, I will just list the other two here, and will write another sublog to this if required. These are even more scary and super-advanced! Just think about the ability of people exploiting them.

###### #3 MELTDOWN, #4 SPECTRE [5]

I came across these "super-critical vulnerabilties" , when working with Dr Pramod, IITK, at his lab.

These vulnerabilities works in conjuction to one another. Their position of attack is the isolation between 2 application in your PC Processor. Whenever one app transmits data to another app, say browser to notepad, the information transferred goes through a transit, just where the MELTDOWN attack happens. (Since, already a very basic explanation is provided in the link above, I wish not to redundate the data.)

These bugs, are super-easy to make, but can have a catastrophic effects on the privacy of your sensitive data. Just as simple as they look(goto fail; bug), the higher vulnerability they carry!

Don't lose your heart, if you couldnt get the half of the content, just give it a re-read, with more focus, and if still not, wait more stuff to come.

Cheers!!!

CEV - Handout