Vulnerabilities on Hyperledger Fabric

In this paper, we have precisely analysed Hyperledger Fabric and pointed out two security limitations with possible solutions. First, the identity of an endorser is known to all members within a channel, which opens a gateway for DoS attack on endorsers in order to either block transaction pertaining to a client, or to degrade network efficiency. Second, the technology is prone to wormhole attack i.e. within a channel, compromising a member leads to leakage of ledger information of all members, to everyone outside the channel. We have proposed a solution to remove the above mentioned weaknesses. We have proposed two different mechanisms to eliminate the first weakness. The first approach uses a random verifiable function to randomize endorsers, while the second approach uses pseudonyms to anonymize endorsers. To address the second weakness, we have anonymized sender and receiver identity inside a channel. We have used a group signature approach using bilinear pairing to hide the sender identity and a zero knowledge approach using bilinear pairing to anonymize the receiver. The approach is immune to a malleability attack. Proper security proofs have been provided for Signature Unforgeability and Unlinkability in Ciphertext (UN-C). We have provided experimental results to measure the impact of DoS attack on hyperledger network using Hyperledger Caliper. After applying DoS attack on two peers, the throughput is reduced from 125 tps to 100 tps at send rate 123 tps. The latency in increased from 1.396 s to 2.44 s at send rate 123 tps. (C) 2019 Elsevier B.V. All rights reserved.