Data
Reader small image

You're reading from  Hands-On Cybersecurity with Blockchain.

Product typeBook
Published inJun 2018
Publisher
ISBN-139781788990189
Edition1st Edition
Tools
Hyperledger
Concepts
Blockchain
Right arrow
Author (1)
Rajneesh Gupta
Rajneesh Gupta
author image
Rajneesh Gupta

Rajneesh Gupta is a seasoned cybersecurity professional with over 11 years of industry experience. With a remarkable career focused on incident response, penetration testing, security compliance, and risk management, Rajneesh has established himself as a leading expert in the field. He is also an accomplished author, having penned the book "Hands-on with Blockchain and Cybersecurity." As a dedicated educator, Rajneesh has made a significant impact on the cybersecurity community by training over 60,000 students globally.
Read more about Rajneesh Gupta

Right arrow

Chapter 7. Two-Factor Authentication with Blockchain

Every organization has hundreds of applications and databases, and its employees access them every day using their credentials (that is, their username and password). An attacker with such valid credentials can bypass existing security solutions, as they look like a legitimate user. As per the Verizon Data Breach report in 2016, more than 63% of successful breaches involved compromised credentials. Two-factor authentication (2FA) provides an added layer to the existing credential-based system protection as a solution to this drastically growing problem.

In this chapter, we will cover the following topics:

  • What is 2FA?
  • Blockchain for 2FA
  • Lab

What is 2FA?

With several data breach incidents, we've witnessed a massive increase in the number of social and professional website accounts being hacked. Sometimes, even a simple human error can cause huge trouble globally. Sometimes, it's easy to predict the password of a user based on their daily activity, behavior, or even name. Users still tend to use plain text passwords to protect their account, and among the worst are password, 123456, and abcde.

2FA is an extra layer of security that's used to ensure that only the legitimate owner can access their account. In this method, the user will first enter a combination of a username and password, and, instead of directly getting into their account, the user will be required to provide other information. This other piece of information can come in one of the following forms:

  • Something that the user knows: This could be information such as a password, an answer to a secret question, or maybe a personal identification number (PIN).
  • Something...

Blockchain for 2FA

Blockchain is being hailed as one of the most revolutionary and disruptive technologies out there. Blockchain has been disrupting the cybersecurity solutions-based CIA security triad principle. 2FA has been critical in security measures for several years; however, attackers sometimes manage to compromise these systems. We will understand how blockchain can transform the 2FA system to achieve an improved security method.

How can blockchain transform 2FA?

By design, blockchain is a decentralized technology that allows transactions of any kind of value among multiple participants without the involvement of a third party. By leveraging blockchain, we can ensure that this sensitive information never remains on one database; instead, it can be within blockchain nodes that have immutability and can't be modified or deleted. The following diagram shows a blockchain-based 2FA.

In this system, user devices will be authenticated by a third-party 2FA provider through the blockchain network...

Lab

To turn up the entire project, we will have to deploy the sub-component of this project. The source has been taken from GitHub, which can be found at the following link: https://github.com/hoxxep/Ethereum-2FA.

This has the following files in it:

The files in the preceding screenshot are explained as follows:

  • contracts: This folder includes our smart contract, TwoFactorAuth.sol
  • migrations: This folder consists of migration files to deploy the contract to the blockchain
  • test: This folder consists of server.js, which is responsible for event authentication in our contract
  • node_modules: This folder includes all the libraries
  • truffle.js: This configuration file consists of a set of configurations to connect to the blockchain
  • package.json: This is where we specify a configuration of our project, such as name and scripts

Components

The following are the three core components of this project, shown in the following diagram:

  • A blockchain network (which we will develop with the Ganache CLI)
  • A smart contract...

Summary

In this chapter, you learned how 2FA is one of the most vital security measures. However, the central repository can be at risk of being compromised by sophisticated cyber attacks. We studied how blockchain helps decentralize the database between multiple nodes and reduces the risk of falling victim to a data breach. The Ethereum smart contract is a truly great component for accomplishing a 2FA system, which provides the flexibility to program the entire system.

Questions

We have topics regarding 2FA, types, and methods to authenticate, and a lab to demonstrate how Ethereum can be used to create a 2FA infrastructure. There are some questions that are important to explore, such as these:

  1. Can we also achieve MFA with Ethereum, and if so, how?
  2. How can we integrate SMS-based 2FA with an Ethereum smart contract?

Further reading

To explore more about the NIST multi-factor authentication (MFA) guidelines, check out the following link: https://www.nist.gov/itl/tig/back-basics-multi-factor-authentication.

lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 11 of 17
Next Chapter
You have been reading a chapter from
Hands-On Cybersecurity with Blockchain.
Published in: Jun 2018Publisher: ISBN-13: 9781788990189
© 2018 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Author (1)

author image
Rajneesh Gupta

Rajneesh Gupta is a seasoned cybersecurity professional with over 11 years of industry experience. With a remarkable career focused on incident response, penetration testing, security compliance, and risk management, Rajneesh has established himself as a leading expert in the field. He is also an accomplished author, having penned the book "Hands-on with Blockchain and Cybersecurity." As a dedicated educator, Rajneesh has made a significant impact on the cybersecurity community by training over 60,000 students globally.
Read more about Rajneesh Gupta

Other recommended products

Related to this chapter

Learn Bitcoin and Blockchain

Learn Bitcoin and Blockchain

Blockchain and Bitcoin are currently the talk of the town. This book will start with an introduction to the fundamental concepts of Blockchain and it will take you through its various features and challenges. By the end of this book, you will learn to implement the Blockchain technology for securing your cryptocurrency.

BookAug 201894 pages
Preventing Digital Extortion

Preventing Digital Extortion

In today’s digital age, hacking into data, encrypting it, and making it inaccessible is becoming more and more commonplace. Irrespective of the scale of your business, such an attack can prove very costly. If you want to save yourself from such cyber extortion, it is important to gain insights into various attacks and their impact on your business. This book gives you a brief overview of the process and will also teach you to mitigate and eliminate such attacks.

BookMay 2017360 pages
Solidity Programming Essentials

Solidity Programming Essentials

Solidity is a new contract-oriented programming language popular for creating smart contracts and distributed applications. Writing smart contracts targeting Ethereum and other blockchain platforms is an emerging skill. This book will enable you to write robust, secure, object-oriented contracts that extend blockchain with business functionality.

BookApr 2018222 pages
Foundations of Blockchain

Foundations of Blockchain

Blockchain technology is a combination of three popular concepts: cryptography, peer-to-peer networking, and game theory. This book is for anyone who wants to dive into blockchain from first principles and learn how decentralized applications and cryptocurrencies really work. Learn blockchain from first concepts to algorithms explained in Python.

BookJan 2019372 pages
Managing Mission - Critical Domains and DNS

Managing Mission - Critical Domains and DNS

Managing your organization's naming architecture and mitigating risks within complex naming environments is very important. This book will start with the basic anatomies of domain name servers and the request mechanism of DNS servers. You will also cover different factors associated with DNS servers such as security, strategy, and DNS queries.

BookJun 2018368 pages
Hyperledger Cookbook

Hyperledger Cookbook

The book not only implements Hyperledger Fabric, but also shows you how to build and model a blockchain network with Composer. You will master several business blockchain technologies under the Hyperledger umbrella, including Sawtooth, Iroha, decentralized Identity Hyperledger Indy, and Ethereum smart contract machine Burrow etc.

BookApr 2019310 pages
Blockchain across Oracle

Blockchain across Oracle

Blockchain across Oracle is a professional orientation for Oracle developers to get up to speed with the details and implications of the Blockchain across Oracle. Learn everything from Blockchain concepts, through to working with Oracle Blockchain Cloud Service, expert guidance on the effects of the Blockchain on key markets, and the impact to Oracle customers.

BookOct 2018530 pages
Oracle Blockchain Services Quick Start Guide

Oracle Blockchain Services Quick Start Guide

Blockchain empowers enterprises to scale out in a unique way, allowing them to build and manage blockchain business networks. This book offers an exploration of distributed ledger technology, blockchain, and Hyperledger fabric along with blockchain-as-a-service (BaaS).

BookSep 2019350 pages
Securing Blockchain Networks like Ethereum and Hyperledger Fabric

Securing Blockchain Networks like Ethereum and Hyperledger Fabric

The adoption of blockchain for the value chain, insurance, and healthcare domain is flourishing. However, one of the key challenges faced in blockchain development is securing them. The book will cover essential architectural considerations, system and network security, various operational configurations to Ethereum and Hyperledger fabric network.

BookApr 2020244 pages
Blockchain for Decision Makers

Blockchain for Decision Makers

This book will cover use-cases on how blockchain is currently being used in the industry - catering to key decision-makers within an organization. It also addresses the real problems and technical difficulties in implementing blockchain, and the various blockchain strategies being adopted by popular organizations all over the world.

BookSep 2019184 pages
Hands-On Bug Hunting for Penetration Testers

Hands-On Bug Hunting for Penetration Testers

Bug bounties have quickly become a critical part of the security economy. This book shows you how technical professionals with an interest in security can begin productively—and profitably—participating in bug bounty programs.

BookSep 2018250 pages
Practical Industrial Internet of Things Security

Practical Industrial Internet of Things Security

This book provides you with a comprehensive understanding of Industrial IoT security; and practical methodologies to implement safe, resilient cyber-physical systems. It will help you develop a strong foundation and deeper insights on the entire gamut of securing connected industries, from the edge to the cloud.

BookJul 2018324 pages

Personalised recommendations for you

Based on your interests and search pattern

Et al.

Et al.

Ever wonder why speech recognition systems don't understand the Scottish accent, or what would happen if an astronaut only ate mac 'n' cheese, or other spurious reflections you'd have at a bar? We did, then collated those deliberations into absurd research articles with fake figures and methodologies inspired by even more fictionally absurd studies.

BookAug 2023230 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages4
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages1
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Mastering Tableau 2023

Mastering Tableau 2023

This book is a comprehensive resource to mastering your Tableau skills and becoming a BI expert. As you progress, you will learn how to build advanced dashboards and improve your storytelling to derive key business insight, as well as make you well-versed with advanced functionalities of Tableau in the business intelligence domain.

BookAug 2023684 pages
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages5
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages2
Data Engineering with AWS

Data Engineering with AWS

Embark on a journey to master data engineering pipelines on AWS! Our book offers a hands-on experience of AWS services for ingesting, transforming, and consuming data. Whether you're an absolute beginner or someone with basic data engineering experience, this guide is an indispensable resource.

BookOct 2023636 pages5
Modern Data Architecture on AWS

Modern Data Architecture on AWS

Every organization wants an agile, performant, and cost-effective data platform that meets all their current and future business needs. Purpose-built AWS analytics services and their features play a big part in building such a modern data platform. This book brings to you all the design and architectural patterns that’ll help you achieve this goal.

BookAug 2023420 pages5
Practical Guide to Applied Conformal Prediction in Python

Practical Guide to Applied Conformal Prediction in Python

Discover the power of Conformal Prediction with the "Practical Guide to Applied Conformal Prediction in Python." Master the latest techniques to quantify uncertainty in machine learning and computer vision models, and seamlessly apply them to your industry applications.

BookDec 2023240 pages
TinyML Cookbook

TinyML Cookbook

With over 70 project-based recipes, the TinyML Cookbook is a practical guide that will help you to get the most out of your microcontrollers. It provides a comprehensive understanding of the theoretical foundations while giving you hands-on experience training ML models for deployment on Arduino Nano 33 BLE Sense, Raspberry Pi Pico, and SparkFun RedBoard Artemis Nano microcontrollers.

BookNov 2023664 pages