**1. Introduction**

Blockchain is a very-known term, which was used for the first time in [1], where Satoshi Nakamoto described Bitcoin in 2008. Bitcoin is the best-known implementation of blockchain, and it is basically the implementation of a cryptocurrency. However, blockchain is much more than that, being seen as the service and structure behind cryptocurrencies to maintain records for currency transactions between untrusted participants. Nowadays, in addition to cryptocurrencies (hundreds of currencies exist today that use blockchain technology or derivatives), many other application areas rely on blockchain technology like energy trading, health, supply chain, manufacturing, identity management, e-government, etc.

Blockchain presents itself as a distributed ledger, referring this concept to the way a database is shared between several participants on a peer-to-peer network, without a central authority overseeing the process. In the case of blockchain, this ledger is arranged, as its name suggests, in an ordered chain of blocks, each of which agglutinates transactions in order. A block, therefore, is basically a structure composed of a header and a body containing transactions in order. Blocks are timestamped and signed by its creator. The way these blocks constitute a chain is through a pointer to the previous block; the header of each block contains a cryptographic hash of the previous block so that a block is linked to the previous one (while ensuring the immutability of that previous block). The very first block from which a blockchain is constituted is known as the "genesis block" (**Figure 1**).

**Figure 1.** *Blockchain as a chain of blocks.*

It should be noted again that a blockchain is a type of Distributed Ledger Technology (DLT) with a series of specific features. By DLT, we mean any type of technology that makes use of a distributed ledger and, therefore, not all DLTs are blockchains. As an example, new generation technologies, such as IOTA or Hashgraph, are based on DLT different from the blockchain, being named blockless technologies, which are out of the scope of this document.

As mentioned, in blockchain, the ledger is distributed between participants of a decentralized network without any central authority. In a public non-permissioned blockchain, all participants in the network keep a copy of the ledger, while in other more complex or restrictive kinds of blockchain, different ledgers can be held by subsets of participants. As an example of this statement, Hyperledger Fabric is presented as a permissioned blockchain technology, which allows us to separate the different nodes into different channels, having the nodes in the same channel the same copy of the ledger. At first sight, such kind of systems could be prone to issues related to the ledger synchronization. If any participant had the ability to promote their own version of the ledger and thereby their own version of the transactions, they could try to make a profit from it. However, how blockchain avoids this sort of incidences is through consensus mechanisms.

Consensus mechanisms govern the way participants storing and verifying blocks agree on one common version of the facts (a shared truth). The Consensus allows nodes to reliably validate new blocks in the network. There are a variety of proven types of consensus mechanisms, such as Proof of Work (PoW), Proof of Stake (PoS), Practical Byzantine Fault Tolerance (PBFT) or Proof of Elapsed Time (PoET), among other not-so-known ones, such as [2, 3], for example.

The most widely adopted consensus algorithm today is Proof of Work, used in both Bitcoin and Ethereum. Proof of Work basically consists of the resolution of a computationally complex challenge (related to the block itself) as a condition for the insertion of a block in the chain. The participants of the blockchain compete for the resolution of this challenge in return for a reward. The challenge is difficult to solve, but easy to verify so that the rest of the participants can easily verify the resolution of the challenge and agree on the new block. This algorithm guarantees consensus as long as no participant has more than half the computing capacity of the network, at the cost of high energy consumption. This high energy consumption and wastage of computing capacity is driving blockchain networks like Ethereum to migrate to lighter consensus algorithms, such as Proof of Stake.

The most used cryptographic function in Proof of Work is the hash. Hashes are trapdoor functions, which mean they are really easy to compute in one direction, but really hard in the opposite (find its inverse). When a participant of the network (called miner) finds a solution for a hash matching certain properties, it is enabled to assemble a new block and broadcast it. Upon reception, every other participant

**75**

about privacy).

*Blockchain Applications in Cybersecurity DOI: http://dx.doi.org/10.5772/intechopen.90061*

of a third party.

can efficiently check that the block is valid given that is linked to the last one and matches the properties required by the network. This validation can be computed efficiently due to hashes being trapdoor functions. The consensus is reached when every participant has the same blocks, in other words, every participant agrees on the chain composition (longest blockchain). Hashes are also key tools for verifying

All this said, what advantages do we get with the use of blockchain? What leads

More technical information has been presented by [4, 5] so that the reader can

Once blockchain technology has been introduced, the focus is on the fulfillment

Focusing on data integrity, blockchain ledger is immutable. Every transaction in a block is cryptographically signed by its sender, every block in the blockchain is cryptographically signed by its miner, every block contains a hash of the immediately preceding block and all the participants in the blockchain network reach a consensus about the chain as the shared truth. To alter a single transaction in the blockchain, an attacker should alter each subsequent block accordingly, resolve the consensus challenge of that block and subsequent blocks, and persuade more than 50% of network participants to adopt the new chain. That situation is closeto-impossible, due to the hashing properties and the amount of computational and electrical power required to achieve this goal. Blockchain is tamper-resistant and

Merkle trees are a fundamental use of hashing in blockchain technologies that have not been mentioned before in the article. Merkle tree summarizes all transactions in a block into a single fingerprint, allowing to verify that all transactions in the block have been included without modification. Below we can find an example

As we can see above, each leaf in the Merkle tree is a hash of transactional data and hashing is applied recursively over each subset of hashes forming the tree structure. Merkle trees are not only applied to block transactions but sometimes also to

Non-repudiation is another information security property intimately linked to integrity. Since every transaction in the blockchain is cryptographically signed by its sender and the chain is immutable, the sender can never deny having ordered the transaction. However, that sender, in general, cannot be associated with a physical entity, but only with an account (as we will explain when discussing

the ledger state (the result of the execution of all ledger transactions).

us to adopt a network with such a load of processing and redundancy? All this complexity is necessary to constitute a decentralized network composed of multiple participants that reach a common consensus without the intervention of a central authority; to build a transparent and immutable ledger verifiable by itself; to establish a contract without the intervention of a notary (in fact, applications running on a blockchain are known as smart contracts). And all these goals are achieved with the highest level of trustworthiness and availability. Of course, blockchain is not the solution to everything. It is not the right solution for systems governed by a single central authority or to store data whose integrity and source is not relevant. It is a new paradigm that ensures the deterministic execution of a contract and the incorruptibility of the data in a ledger with full guarantees and without the intervention

data integrity and for the cryptographic signature process.

obtain further knowledge on the functioning of protocols.

of the information security properties it provides.

**2. Blockchain as a secure ledger**

integrity is the greatest of its merits.

of one of these Merkle trees (**Figure 2**).

#### *Blockchain Applications in Cybersecurity DOI: http://dx.doi.org/10.5772/intechopen.90061*

*Computer Security Threats*

*Blockchain as a chain of blocks.*

**Figure 1.**

It should be noted again that a blockchain is a type of Distributed Ledger Technology (DLT) with a series of specific features. By DLT, we mean any type of technology that makes use of a distributed ledger and, therefore, not all DLTs are blockchains. As an example, new generation technologies, such as IOTA or Hashgraph, are based on DLT different from the blockchain, being named blockless

As mentioned, in blockchain, the ledger is distributed between participants of a decentralized network without any central authority. In a public non-permissioned blockchain, all participants in the network keep a copy of the ledger, while in other more complex or restrictive kinds of blockchain, different ledgers can be held by subsets of participants. As an example of this statement, Hyperledger Fabric is presented as a permissioned blockchain technology, which allows us to separate the different nodes into different channels, having the nodes in the same channel the same copy of the ledger. At first sight, such kind of systems could be prone to issues related to the ledger synchronization. If any participant had the ability to promote their own version of the ledger and thereby their own version of the transactions, they could try to make a profit from it. However, how blockchain avoids this sort of

Consensus mechanisms govern the way participants storing and verifying blocks agree on one common version of the facts (a shared truth). The Consensus allows nodes to reliably validate new blocks in the network. There are a variety of proven types of consensus mechanisms, such as Proof of Work (PoW), Proof of Stake (PoS), Practical Byzantine Fault Tolerance (PBFT) or Proof of Elapsed Time

The most widely adopted consensus algorithm today is Proof of Work, used in both Bitcoin and Ethereum. Proof of Work basically consists of the resolution of a computationally complex challenge (related to the block itself) as a condition for the insertion of a block in the chain. The participants of the blockchain compete for the resolution of this challenge in return for a reward. The challenge is difficult to solve, but easy to verify so that the rest of the participants can easily verify the resolution of the challenge and agree on the new block. This algorithm guarantees consensus as long as no participant has more than half the computing capacity of the network, at the cost of high energy consumption. This high energy consumption and wastage of computing capacity is driving blockchain networks like Ethereum to

The most used cryptographic function in Proof of Work is the hash. Hashes are trapdoor functions, which mean they are really easy to compute in one direction, but really hard in the opposite (find its inverse). When a participant of the network (called miner) finds a solution for a hash matching certain properties, it is enabled to assemble a new block and broadcast it. Upon reception, every other participant

(PoET), among other not-so-known ones, such as [2, 3], for example.

migrate to lighter consensus algorithms, such as Proof of Stake.

technologies, which are out of the scope of this document.

incidences is through consensus mechanisms.

**74**

can efficiently check that the block is valid given that is linked to the last one and matches the properties required by the network. This validation can be computed efficiently due to hashes being trapdoor functions. The consensus is reached when every participant has the same blocks, in other words, every participant agrees on the chain composition (longest blockchain). Hashes are also key tools for verifying data integrity and for the cryptographic signature process.

All this said, what advantages do we get with the use of blockchain? What leads us to adopt a network with such a load of processing and redundancy? All this complexity is necessary to constitute a decentralized network composed of multiple participants that reach a common consensus without the intervention of a central authority; to build a transparent and immutable ledger verifiable by itself; to establish a contract without the intervention of a notary (in fact, applications running on a blockchain are known as smart contracts). And all these goals are achieved with the highest level of trustworthiness and availability. Of course, blockchain is not the solution to everything. It is not the right solution for systems governed by a single central authority or to store data whose integrity and source is not relevant. It is a new paradigm that ensures the deterministic execution of a contract and the incorruptibility of the data in a ledger with full guarantees and without the intervention of a third party.

More technical information has been presented by [4, 5] so that the reader can obtain further knowledge on the functioning of protocols.
