IBM Publishes Patent for Resisting Replay Attacks in Permissioned Blockchains
IBM is adding to its arsenal of blockchain patents with an application for improving the security of permissioned blockchain networks.
Multinational computing giant IBM is adding to its arsenal of blockchain patents with an application for improving the security of permissioned blockchain networks. The patent, first filed in October 2016, was published by the United States Patent and Trademark Office on March 12.
The patent is entitled “Resisting replay attacks efficiently in a permissioned and privacy-preserving blockchain network,” and outlines security techniques for withstanding such attacks while maintaining valid user permissions and privacy.
In its most general sense, a replay attack is a valid data transmission that is maliciously or fraudulently repeated or delayed. IBM’s background for its patent explains this threat within the context of blockchains, outlining that:
“In a replay attack the attacker simply ‘replays’ a message that was ‘eavesdropped’ on from the network or that the attacker ‘saw’ on the Blockchain. Such a replay would cause the blockchain validators to include this new transaction in the Blockchain, and thus repeat the result of that transaction without the original creator of the transaction intending this.”
IBM’s invention for resisting this possibility within the context of a permissioned blockchain entails a method of communication and securing the validation of transactions within a network of computer systems:
“In a network of computer systems, a method of communication may comprise at a user computer system, generating a security value that is to be used only once, generating a message signed with a security certificate and including the security value, and transmitting the message over the network of computer systems.”
Various embodiments of IBM’s invention outline how validator permissions for each of the networked systems are to be secured. This involves generating a transaction that is “signed with a security certificate and includes a [unique] security value” (to be used only once), which indicates that a blockchain network of computer systems is eligible to execute a transaction, before it is transmitted onward.
As Cointelegraph has reported, a data survey of blockchain-related patents filed by August 2018 revealed that IBM was virtually neck-and-neck with China’s Alibaba in terms of the highest number of such patents filed by a global entity.
Just last week, the tech giant unveiled two new blockchain patent applications, one targeted at network security and the second focused on using blockchain to streamline database management systems.