DOCSLIB.ORG

D7.1 Distributed Ledger State-Of-The-Art Report

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
D7.1 Distributed Ledger State-Of-The-Art Report Ref. Ares(2019)652909 - 05/02/2019 D7.1 Distributed ledger state-of-the-art report Advanced Cyber-Threat Intelligence, Detection, and Mitigation Platform for a Trusted Internet of Things Grant Agreement: 786698 D7.1 Distributed Ledger state-of-the-art report Work Package 7: Distributed ledger technology for enhanced accountability Document Dissemination Level P Public ☒ C Confidential, only for members of the Consortium (including the Commission Services) Ο ☐ Document Due Date: 31/01/2019 Document Submission Date: 31/01/2019 Co-funded by the Horizon 2020 Framework Programme of the European Union Copyright Cyber-Trust Consortium. All rights reserved. 1 D7.1 Distributed ledger state-of-the-art report Document Information Deliverable number: D7.1 Deliverable title: Distributed ledger state-of-the-art report Deliverable version: 1.0 Work Package number: WP7 Work Package title: Distributed ledger technology for enhanced accountability Due Date of delivery: 31/01/2019 Actual date of delivery: 31/01/2019 Dissemination level: PU Editor(s): Pierre Gerard (SCHAIN) Laurent Kratz (SCHAIN) Grégoire Marchal (SCHAIN) Clément Pavué (SCHAIN) Contributor(s): Nicholas Kolokotronis, Nicholas Kalouptsidis, Konstantinos LimnIoTis, Konstantinos Ntemos, Sotirios Brotsis (UOP) Reviewer(s): Olga Gkotsopoulou (VUB) Bogdan Ghita (CSCAN) Project name: Advanced Cyber-Threat Intelligence, Detection, and Mitigation Platform for a Trusted Internet of Things Project Acronym Cyber-Trust Project starting date: 01/05/2018 Project duration: 36 months Rights: Cyber-Trust Consortium Version History Version Date Beneficiary Description 0.1 15/10/2018 SCHAIN Proposed deliverable’s outline 0.2 10/12/2018 SCHAIN Intermediate version 0.3 17/12/2018 SCHAIN Amendment of the Table Of Content based on UoP feedback 0.4 01/01/2019 UoP Contribution to Blockchain Security 0.5 18/01/2019 SCHAIN Intermediate version 27/02/2019 UoP Contribution to Blockchain applications, key technical evolutions, Privacy preserving protocols, Quantum resistant-protocol, blockchain security, blockchain and Cyber-Trust. 0.7 28/02/2019 SCHAIN Intermediate version for reviewers 0.8 30/01/2019 UOP Unify the referencing style 0.9 31/01/2019 SCHAIN Update of the documents according to the feedback from the reviewers 1.0 31/01/2019 KEMEA Quality review and submission Copyright Cyber-Trust Consortium. All rights reserved. 2 D7.1 Distributed ledger state-of-the-art report Acronyms and terminologies ACRONYM EXPLANATION [1] ABS Attribute-Based Signatures AMI Advanced Measurement Infrastructure AML Anti-Money Laundering refers to a set of practices including procedures, laws, and regulations to prevent income through illegal actions. API Application programming interface. ARP Address Resolution Protocol ASIC Application-Specific Integrated Circuit Bitcoin Bitcoin with capital “B” refers to the network. bitcoin bitcoin with lower case “b” refers to the currency. Blockchain A Blockchain is an implementation of a “distributed ledger” using a list of chained blocks. Each block encapsulating validated transactions. BPQS Blockchained Post-Quantum Signatures BSS Business Support Systems CA Certificate Authority CIDN Collaborative Intrusion Detection Networks CoC Chain of Custody Consensus A Blockchain is a distributed ledger that relies on nodes to store independently a copy of a ledger representing the state of a system. Users can read or write to the ledger without the control of a trusted third party. The state of the system is the result of an agreement of the nodes, also called consensus. CRS Common Reference String CSPs Communications service providers CVP Closest Vector Problem DSA Digital Signature Algorithm ECC Elliptic Curve Cryptography ECDSA Elliptic Curve Digital Signature Algorithm. ECDSA is a Digital Signature Algorithm which uses elliptic curve cryptography. EHRs Electronic Health Records FDIA False Data Injection Attack Fee (transaction fees) Transaction fee is a fee that the initiator of a transaction includes for on-chain transaction. The fee is collected by the node that includes the transaction in a blockchain block. FHIR Fast Healthcare Interoperability Resources GPS Global Positioning System Hard fork A hard fork is a blockchain rule change such that the old rules of validation for the software will see the blocks produced according to the new rules as invalid. Hardware wallet A hardware wallet is a special type of wallet which stores the user's private keys in a secure hardware element. HIDS Host based Intrusion Detection System IDS Intrusion Detection System IoT Internet of Things KYC Know Your Customer refers to a set of business practices to verify the identity of its clients and assessing potential risks of illegal intentions. Lightning network The Lightning Network (also called state channel) is a "second layer" payment protocol that operates on top of a cryptocurrency. It enables off-chain fast transactions between participating nodes while preserving the underlying blockchain security model. State channel is a solution for blockchain scalability. LPN Learning Parity with Noise Copyright Cyber-Trust Consortium. All rights reserved. 3 D7.1 Distributed ledger state-of-the-art report LWE Learning with Errors MEC Mobile Edge Computing Merkle tree A hash tree or Merkle tree is a tree in which every leaf node is labelled with the hash of a data block and every non-leaf node is labelled with the cryptographic hash of the labels of its child nodes. Hash trees allow efficient and secure verification of the contents of large data structures. A Merkle tree is recursively defined as a binary tree of hash lists where the parent node is the hash of its children, and the leaf nodes are hashes of the original data blocks. MitM Man-in-the-Middle MQ Multivariate Quadratic polynomial NIDS Network based Intrusion Detection System NIST National Institute of Standards and Technology OSS Operational Support Systems OTS One Time Signature PKI Public Key Infrastructure PMUs Phasor Measurement Units PoW Proof-of-Work PPR Patient-Provider Relationship PPT Probabilistic Polynomial-Time Proof-of-Stake Proof of Stake (PoS) is a type of consensus algorithm by which a cryptocurrency blockchain network aims to achieve distributed consensus. In PoS-based cryptocurrencies, the creator of the next block is chosen via various combinations of random selection and wealth or age (i.e. the stake). Proof-of-Work Proof of Work (PoW) is a type of consensus algorithm by which a cryptocurrency blockchain network aims to achieve distributed consensus. In PoW-based cryptocurrencies, the creator of the next block is selected probabilistically according to some work (processing time) that it can furnish with respect to the total work furnished in the network. PoW is a protection mechanism against Denial Of Service attacks. RSA RSA (Rivest–Shamir–Adleman), from the name of the three inventors, is one of the first public-private key pair cryptographic systems. RSA Rivest-Shamir-Adleman (cryptographic algorithm) SP Service Provider SPoF Single Point of Failure Transaction A transaction is an operation that can be executed on a distributed ledger. This operation is either a “read” or “write” of the ledger. Transaction Processing a transaction means controlling the validity of the transaction and Processing reading or writing it to the distributed ledger. Turing completeness A Turing Complete system is a system that in principle could be used to solve any [2] computation problem. Non-Turing completeness blockchain such as Bitcoin lacks some computer instruction like looping instruction as opposed to the Ethereum blockchain. Wallet A wallet stores the private and the public keys. A private key can be used to sign a transaction, for instance, spend cryptocurrency. A public key can be used to receive cryptocurrency. XMSS extended Merkle signature scheme ZK Zero-Knowledge zk-SNARK Zero-Knowledge Succinct Non-Interactive Argument of Knowledge Copyright Cyber-Trust Consortium. All rights reserved. 4 D7.1 Distributed ledger state-of-the-art report Table of Contents Executive summary .............................................................................................................................. 15 1. Introduction ................................................................................................................................. 16 1.1 Purpose of the document ................................................................................................................ 16 1.2 Structure of the document .............................................................................................................. 16 2. Blockchain foundations ................................................................................................................. 17 2.1 History overview .............................................................................................................................. 17 2.1.1 Early proposals of electronic money ....................................................................................... 17 2.1.1.1 Money, from salt to bit protocols........................................................................................ 17 2.1.1.2 Commodity money to fiat currency..................................................................................... 17 2.1.1.3 Fiat currency to electronic money ....................................................................................... 18 2.1.1.4 E-gold ..................................................................................................................................
Load more

Recommended publications
  • Peer Co-Movement in Crypto Markets
    Peer Co-Movement in Crypto Markets G. Schwenkler and H. Zheng∗ February 4, 2021y Abstract We show that peer linkages induce significant price co-movement in crypto markets in excess of common risk factors and correlated demand shocks. When large abnormal return shocks hit one crypto, its peers experience unusually large abnormal returns of the opposite sign. These effects are primarily concentrated among smaller peers and revert after several weeks, resulting in predictable returns. We develop trading strategies that exploit this rever- sal, and show that they are profitable even after accounting for trading fees and frictions. We establish our results by identifying crypto peers through co-mentions in online news using novel natural language processing technologies. Keywords: Cryptocurrencies, peers, co-movement, competition, natural language pro- cessing. JEL codes: G12, G14, C82. ∗Schwenkler is at the Department of Finance, Santa Clara University Leavey School of Business. Zheng is at the Department of Finance, Boston University Questrom School of Business. Schwenkler is corresponding author. Email: [email protected], web: http://www.gustavo-schwenkler.com. yThis is a revision of a previous paper by the two authors called \Competition or Contagion: Evidence from Cryptocurrency Markets." We are grateful to Jawad Addoum (discussant), Daniele Bianchi (discussant), Will Cong, Tony Cookson, Sanjiv Das, Seoyoung Kim, Andreas Neuhierl, Farzad Saidi, and Antoinette Schoar, seminar participants at Boston University and the Society for Financial Econometrics, and the participants at the 2020 Finance in the Cloud III Virtual Conference, the 2020 MFA Annual Meeting, the 3rd UWA Blockchain, Cryptocurrency and FinTech Conference, and the 2020 INFORMS Annual Meeting for useful comments and suggestions.
    [Show full text]
  • Chia Proof of Space Construction
    Chia Proof of Space Construction Introduction In order to create a secure blockchain consensus algorithm using disk space, a Proof of Space is scheme is necessary. This document describes a practical contruction of Proofs of Space, based on Beyond Hellman’s Time- Memory Trade-Offs with Applications to Proofs of Space [1]. We use the techniques laid out in that paper, extend it from 2 to 7 tables, and tweak it to make it efficient and secure, for use in the Chia Blockchain. The document is divided into three main sections: What (mathematical definition of a proof of space), How (how to implement proof of space), and Why (motivation and explanation of the construction) sections. The Beyond Hellman paper can be read first for more mathematical background. Chia Proof of Space Construction Introduction What is Proof of Space? Definitions Proof format Proof Quality String Definition of parameters, and M, f, A, C functions: Parameters: f functions: Matching function M: A′ function: At function: Collation function C: How do we implement Proof of Space? Plotting Plotting Tables (Concepts) Tables Table Positions Compressing Entry Data Delta Format ANS Encoding of Delta Formatted Points Stub and Small Deltas Parks Checkpoint Tables Plotting Algorithm Final Disk Format Full algorithm Phase 1: Forward Propagation Phase 2: Backpropagation Phase 3: Compression Phase 4: Checkpoints Sort on Disk Plotting Performance Space Required Proving Proof ordering vs Plot ordering Proof Retrieval Quality String Retrieval Proving Performance Verification Construction
    [Show full text]
  • Characterizing Ethereum's Mining Power Decentralization at a Deeper
    Characterizing Ethereum’s Mining Power Decentralization at a Deeper Level Liyi Zeng∗§, Yang Chen†§, Shuo Chen†, Xian Zhang†, Zhongxin Guo†, Wei Xu∗, Thomas Moscibroda‡ ∗Institute for Interdisciplinary Information Sciences, Tsinghua University †Microsoft Research ‡Microsoft Azure §Contacts: [email protected], [email protected] Abstract—For proof-of-work blockchains such as Ethereum, than 50% of the total power has grown from several the mining power decentralization is an important discussion hundred to several thousand. Overall, the power is more point in the community. Previous studies mostly focus on the decentralized at the participant level than 4 years ago. aggregated power of the mining pools, neglecting the pool participants who are the source of the pools’ power. In this paper, However, we also find that this number varied signif- we present the first large-scale study of the pool participants icantly over time, which means it requires continuous in Ethereum’s mining pools. Pool participants are not directly tracking. Additionally, as our current data and method- observable because they communicate with their pools via private ology cannot de-anonymize the participants, it’s possible channels. However, they leave “footprints” on chain as they that some participants split themselves into many smaller use Ethereum accounts to anonymously receive rewards from mining pools. For this study, we combine several data sources ones for various reasons, which could make our estima- to identify 62,358,646 pool reward transactions sent by 47 tion inaccurate if not completely off the target. Further pools to their participants over Ethereum’s entire near 5-year study to improve the estimation accuracy is important.
    [Show full text]
  • Blockchain in an Internet-Of-Things Network Based on User Participation
    Blockchain in an Internet-of-Things Network Based on User Participation Robert Ljungblad Computer Science and Engineering, bachelor's level 2019 Luleå University of Technology Department of Computer Science, Electrical and Space Engineering ABSTRACT The internet-of-things is the relatively new and rapidly growing concept of connecting everyday devices to the internet. Every day more and more devices are added to the internet-of-things and it is not showing any signs of slowing down. In addition, advancements in new technologies such as blockchains, artificial intelligence, virtual reality and machine learning are made practically every day. However, there are still much to learn about these technologies. This thesis explores the possibilities of blockchain technology by applying it to an internet-of-things network based on user participation. More specifically, it is applied to a use case derived from Luleå Kommun’s wishes to easier keep track of how full the city’s trash cans are. The goal of the thesis is to learn more about how blockchains can help an internet-of-things network as well as what issues can arise. The method takes an exploratory approach to the problem by partaking in a workshop with Luleå Kommun and by performing a literature study. It also takes a qualitative approach by creating a proof-of-concept solution to experience the technology firsthand. The final proof-of-concept as well as issues that arose during the project are analysed with the help of information gathered and experience gained throughout the project. It is concluded that blockchain technology can help communication in an internet-of-things network based on user participation.
    [Show full text]
  • Crypto Research Report ‒ April 2019 Edition
    April 2019 Edition VI. “When the Tide Goes Out…” Investments: Gold and Bitcoin, Stronger Together Technical Analysis: Spring Awakening? Cryptocurrency Mining in Theory and Practice Demelza Kelso Hays Mark J. Valek We would like to express our profound gratitude to our premium partners for supporting the Crypto Research Report: www.cryptofunds.li Contents Editorial ............................................................................................................................................... 4 In Case You Were Sleeping: When the Tide Goes Out…............................................................... 5 Back to the Roots ............................................................................................................................................. 6 How Long Will This Bear Market Last .............................................................................................................. 7 A Tragic Story Traverses the World ................................................................................................................. 9 When the tide goes out… ............................................................................................................................... 10 A State Cryptocurrency? ................................................................................................................................ 12 Support is Increasing ..................................................................................................................................... 14
    [Show full text]
  • User Manual Ledger Nano S
    User Manual Ledger Nano S Version control 4 Check if device is genuine 6 Buy from an official Ledger reseller 6 Check the box contents 6 Check the Recovery sheet came blank 7 Check the device is not preconfigured 8 Check authenticity with Ledger applications 9 Summary 9 Learn more 9 Initialize your device 10 Before you start 10 Start initialization 10 Choose a PIN code 10 Save your recovery phrase 11 Next steps 11 Update the Ledger Nano S firmware 12 Before you start 12 Step by step instructions 12 Restore a configuration 18 Before you start 19 Start restoration 19 Choose a PIN code 19 Enter recovery phrase 20 If your recovery phrase is not valid 20 Next steps 21 Optimize your account security 21 Secure your PIN code 21 Secure your 24-word recovery phrase 21 Learn more 22 Discover our security layers 22 Send and receive crypto assets 24 List of supported applications 26 Applications on your Nano S 26 Ledger Applications on your computer 27 Third-Party applications on your computer 27 If a transaction has two outputs 29 Receive mining proceeds 29 Receiving a large amount of small transactions is troublesome 29 In case you received a large amount of small payments 30 Prevent problems by batching small transactions 30 Set up and use Electrum 30 Set up your device with EtherDelta 34 Connect with Radar Relay 36 Check the firmware version 37 A new Ledger Nano S 37 A Ledger Nano S in use 38 Update the firmware 38 Change the PIN code 39 Hide accounts with a passphrase 40 Advanced Passphrase options 42 How to best use the passphrase feature 43
    [Show full text]
  • IPFS and Friends: a Qualitative Comparison of Next Generation Peer-To-Peer Data Networks Erik Daniel and Florian Tschorsch
    1 IPFS and Friends: A Qualitative Comparison of Next Generation Peer-to-Peer Data Networks Erik Daniel and Florian Tschorsch Abstract—Decentralized, distributed storage offers a way to types of files [1]. Napster and Gnutella marked the beginning reduce the impact of data silos as often fostered by centralized and were followed by many other P2P networks focusing on cloud storage. While the intentions of this trend are not new, the specialized application areas or novel network structures. For topic gained traction due to technological advancements, most notably blockchain networks. As a consequence, we observe that example, Freenet [2] realizes anonymous storage and retrieval. a new generation of peer-to-peer data networks emerges. In this Chord [3], CAN [4], and Pastry [5] provide protocols to survey paper, we therefore provide a technical overview of the maintain a structured overlay network topology. In particular, next generation data networks. We use select data networks to BitTorrent [6] received a lot of attention from both users and introduce general concepts and to emphasize new developments. the research community. BitTorrent introduced an incentive Specifically, we provide a deeper outline of the Interplanetary File System and a general overview of Swarm, the Hypercore Pro- mechanism to achieve Pareto efficiency, trying to improve tocol, SAFE, Storj, and Arweave. We identify common building network utilization achieving a higher level of robustness. We blocks and provide a qualitative comparison. From the overview, consider networks such as Napster, Gnutella, Freenet, BitTor- we derive future challenges and research goals concerning data rent, and many more as first generation P2P data networks, networks.
    [Show full text]
  • Asymmetric Proof-Of-Work Based on the Generalized Birthday Problem
    Equihash: Asymmetric Proof-of-Work Based on the Generalized Birthday Problem Alex Biryukov Dmitry Khovratovich University of Luxembourg University of Luxembourg [email protected] [email protected] Abstract—The proof-of-work is a central concept in modern Long before the rise of Bitcoin it was realized [20] that cryptocurrencies and denial-of-service protection tools, but the the dedicated hardware can produce a proof-of-work much requirement for fast verification so far made it an easy prey for faster and cheaper than a regular desktop or laptop. Thus the GPU-, ASIC-, and botnet-equipped users. The attempts to rely on users equipped with such hardware have an advantage over memory-intensive computations in order to remedy the disparity others, which eventually led the Bitcoin mining to concentrate between architectures have resulted in slow or broken schemes. in a few hardware farms of enormous size and high electricity In this paper we solve this open problem and show how to consumption. An advantage of the same order of magnitude construct an asymmetric proof-of-work (PoW) based on a compu- is given to “owners” of large botnets, which nowadays often tationally hard problem, which requires a lot of memory to gen- accommodate hundreds of thousands of machines. For prac- erate a proof (called ”memory-hardness” feature) but is instant tical DoS protection, this means that the early TLS puzzle to verify. Our primary proposal Equihash is a PoW based on the schemes [8], [17] are no longer effective against the most generalized birthday problem and enhanced Wagner’s algorithm powerful adversaries.
    [Show full text]
  • DNS Spoofing 2
    Professor Vahab COMP 424 13 November 2016 DNS Spoofing DNS spoofing, also known as DNS Cache Poisoning, is one of the most widely used man-in-the-middle attacks that capitalizes on vulnerabilities in the domain name system that returns a false IP address and routes the user to a malicious domain. Whenever a machine contacts a domain name such as www.bankofamerica.com, it must first contact its DNS server which responds with multiple IP addresses where your machine can reach the website. Your computer is then able to connect directly to one of the IP addresses and the DNS is able to convert the IP addresses into a human-readable domain name. If an attacker is able to gain control of a DNS server and change some of its properties such as routing Bank of America’s website to an attacker’s IP address. At that location, the attacker is then able to unsuspectingly steal the user’s credentials and account information. Attackers use spam and other forms of attack to deliver malware that changes DNS settings and installs a rogue Certificate Authority. The DNS changes point to the hacker's secret DNS name server so that when the users access the web they are directed to proxy servers instead of authorized sites. They can also start to blacklist domains and frustrate the user with their day to day activities. All blacklisted domains would have their traffic dropped instead of forwarded to their intended destination. Based on the rogue Certificate Authority the system has no sign that an attack is taking place or ever took place.
    [Show full text]
  • UAS Integration in the NAS Project: Overview of Flight Test Series 6
    NASA/TM—2020—20205004052 UAS Integration in the NAS Project: Overview of Flight Test Series 6 Michael L. Marston Clancy JG Armstrong Flight Research Center, Edwards, California Alexander D. Flock Millennium Engineering Armstrong Flight Research Center, Edwards, California Victor M. Loera American Systems Corporation Armstrong Flight Research Center, Edwards, California Sam K. Kim Armstrong Flight Research Center, Edwards, California Michael J. Vincent Langley Research Center, Hampton, Virginia Minghong G. Wu and Conrad Rorie Ames Research Center, Moffett Field, California Wayne W. Bridges Flight Research Associates Ames Research Center, Moffett Field, California Wei-Ching Wang Universities Space Research Association Ames Research Center, Moffett Field, California July 2020 NASA STI Program ... in Profile Since its founding, NASA has been dedicated CONFERENCE PUBLICATION. to the advancement of aeronautics and space science. Collected papers from scientific and technical The NASA scientific and technical information (STI) conferences, symposia, seminars, or other program plays a key part in helping NASA maintain meetings sponsored or this important role. co-sponsored by NASA. The NASA STI program operates under the auspices SPECIAL PUBLICATION. Scientific, of the Agency Chief Information Officer. It collects, technical, or historical information from NASA organizes, provides for archiving, and disseminates programs, projects, and missions, often NASA’s STI. The NASA STI program provides access concerned with subjects having substantial to the NTRS Registered and its public interface, the public interest. NASA Technical Reports Server, thus providing one of the largest collections of aeronautical and space TECHNICAL TRANSLATION. science STI in the world. Results are published in both English-language translations of foreign non-NASA channels and by NASA in the NASA STI scientific and technical material pertinent to Report Series, which includes the following report NASA’s mission.
    [Show full text]
  • Smart Contracts: Building Blocks for Digital Markets
    1/25/2018 Nick Szabo -- Smart Contracts: Building Blocks for Digital Markets Smart Contracts: Building Blocks for Digital Markets Copyright (c) 1996 by Nick Szabo permission to redistribute without alteration hereby granted Glossary (This is a partial rewrite of the article which appeared in Extropy #16) Introduction The contract, a set of promises agreed to in a "meeting of the minds", is the traditional way to formalize a relationship. While contracts are primarily used in business relationships (the focus of this article), they can also involve personal relationships such as marraiges. Contracts are also important in politics, not only because of "social contract" theories but also because contract enforcement has traditionally been considered a basic function of capitalist governments. Whether enforced by a government, or otherwise, the contract is the basic building block of a free market economy. Over many centuries of cultural evolution has emerged both the concept of contract and principles related to it, encoded into common law. Algorithmic information theory suggests that such evolved structures are often prohibitively costly to recompute. If we started from scratch, using reason and experience, it could take many centuries to redevelop sophisticated ideas like property rights that make the modern free market work [Hayek]. The success of the common law of contracts, combined with the high cost of replacing it, makes it worthwhile to both preserve and to make use of these principles where appropriate. Yet, the digital revolution is radically changing the kinds of relationships we can have. What parts of our hard-won legal tradition will still be valuable in the cyberspace era? What is the best way to apply these common law principles to the design of our on-line relationships? Computers make possible the running of algorithms heretofore prohibitively costly, and networks the quicker transmission of larger and more sophsiticated messages.
    [Show full text]
  • Secure Shell- Its Significance in Networking (Ssh)
    International Journal of Application or Innovation in Engineering & Management (IJAIEM) Web Site: www.ijaiem.org Email: [email protected] Volume 4, Issue 3, March 2015 ISSN 2319 - 4847 SECURE SHELL- ITS SIGNIFICANCE IN NETWORKING (SSH) ANOOSHA GARIMELLA , D.RAKESH KUMAR 1. B. TECH, COMPUTER SCIENCE AND ENGINEERING Student, 3rd year-2nd Semester GITAM UNIVERSITY Visakhapatnam, Andhra Pradesh India 2.Assistant Professor Computer Science and Engineering GITAM UNIVERSITY Visakhapatnam, Andhra Pradesh India ABSTRACT This paper is focused on the evolution of SSH, the need for SSH, working of SSH, its major components and features of SSH. As the number of users over the Internet is increasing, there is a greater threat of your data being vulnerable. Secure Shell (SSH) Protocol provides a secure method for remote login and other secure network services over an insecure network. The SSH protocol has been designed to support many features along with proper security. This architecture with the help of its inbuilt layers which are independent of each other provides user authentication, integrity, and confidentiality, connection- oriented end to end delivery, multiplexes encrypted tunnel into several logical channels, provides datagram delivery across multiple networks and may optionally provide compression. Here, we have also described in detail what every layer of the architecture does along with the connection establishment. Some of the threats which Ssh can encounter, applications, advantages and disadvantages have also been mentioned in this document. Keywords: SSH, Cryptography, Port Forwarding, Secure SSH Tunnel, Key Exchange, IP spoofing, Connection- Hijacking. 1. INTRODUCTION SSH Secure Shell was first created in 1995 by Tatu Ylonen with the release of version 1.0 of SSH Secure Shell and the Internet Draft “The SSH Secure Shell Remote Login Protocol”.
    [Show full text]