What keeps Blockchain secure?

Traditional data security systems behave like a vault. To protect the data’s integrity- access is restricted and guarded. However, with the emergence of supercomputers breaching vault-like data storage is not inevitable and, once breached there are no efficient ways to recoup or weed out the unwanted modifications done.
Blockchain technology, through its architecture, doesn’t allow any unwanted change to stick, and through its internal functions, it can quickly recognize the impacted areas to restore them.

A lot of computer science goes into making Blockchain a secure system. In this article, I will tell you about the internal functions of Blockchain that helps to resist any forced change. This will set base knowledge for how cryptocurrency and NFT (non-fungible tokens) work?

At this point, if you are unfamiliar with the Blockchain architecture and its contribution on a macro or network level, I strongly recommend reading this article before you continue: Everything you need to know about Blockchain.

The article discusses the first line of security — the blockchain design and how it restricts invalid or unauthorized records to enter Blockchain.

The heart of Blockchain: Hash function

The Hash function is any mathematical function that can take input of any size and any data type and outputs a fixed-size alpha-numeric value called hashes. The size of the output depends on the hash function type.

The latest hash function family is SHA-3 ( Secure Hash Algorithm- 3). NIST (National Institute of Standards and Technology) created it in 2015. SHA-3 output is 32 digit or 32-bit size. It uses Keccak hash function.

Inside a Blockchain, at several points hash function is used :

  • To determine the data block’s address.
  • To represent loads of data in 32 or 64 bits.
  • To timestamp any change in the data block.

Hash is not encryption- one cannot decrypt GB size of data from a 32-bit key. It’s merely a representation. Any change in input to the hash function will result in a very different, difficult to predict hash output/ hashes. This property of hash makes Blockchain extremely sensitive about change and thus, secure.

If hackers hack into a data block and choose to modify any transaction record — the following events will stop them

1) They will have to predict and update the new signature for the changed transaction record for passing the public key validation.

2) Change in transaction data will change the hash address of the data block and the subsequent blocks.

3) They will have to recalculate a new valid hash address for the hacked data block and subsequent blocks in the chain. Blockchain algorithm takes ~10 minutes to update the hash address for one data block. The longer the chain difficult it will be to cover the change.

4) For the hacker’s modifications to data to stick permanently, they will have to get a majority consensus about keeping the change (at least 50% of the network peers should agree) else the changes will be reverted.

In public Blockchain, peers are decentralized and anonymous. It makes majority consensus even more difficult to get for a forced change stick.

Private Blockchain networks use a universal hashing scheme instead of a Hash function. It is a randomized algorithm that selects a hash function among a family of such functions. It makes the beginning of hacking into data blocks difficult.

What makes up a data block?

A data block contains six things in its block header:

  • Timestamp: Time and date of data block creation.
  • Version: No. of times a data block is updated.
  • Hash address of the previous data block: Data blocks resemble inverted linked-list. Each data block points former data block. To do so hash of the former data block is updated in the current data block’s block header.
  • Data: A single 32-bit hash called Merkle root represents the entire data in the data block. We will discuss Merkle root and tree later in this article.
  • Nonce: A whole number of any length. It is used as an adjustable input to calculate the hash address of the data block. Its importance is discussed later in this article.
  • Difficulty target: This is only present in data blocks of public Blockchain. Difficulty target is any rule to verify a valid hash address. Also described as a challenge decided by Blockchain application.

Example: Difficult target of a block is- hash address should always begin with 0000. Each data block has its difficulty target set by the Blockchain algorithm.

How is data stored in Blockchain?

A data block can store data of any size and digital form. Popularly known files stored on data block are — monetary transactions, legal agreements, and digital art.

Every transaction occurring on the data block has a hash code associated with it. Public Blockchain uses the Merkle tree algorithm to generate a single hash code to represent all transaction’s hash codes.

Merkle tree arranges all the transactions and respective hashes in serial order. It repeatedly uses a hash function on hash codes of adjacent transactions to return a single hash code. This process repeats till only one hash code is left. This last hash code left is called Merkle root.

Merkle tree example

Merkle root is stored in the data block and used for determining its hash address.

Merkle tree makes the identification of tampered transactions in a data block quicker and easier.

Importance of Nonce

In a Blockchain — data blocks are in two states: Valid or Invalid.

Any change in the data block changes its hash address. The ‘difficulty target’ decides the validity of the data block. If the new hash address does not comply with the rules set in the ‘difficulty target’ block becomes invalid.

Example: ‘Difficulty target’ for a block is that starting 4 bits of hash address should start from 0.

Invalid hash: 1111–2222–3333–4444–5555–6666–7777–8888
Valid hash: 0000–2222–3333–4444–5555–6666–7777–8888

Three inputs go in generating block’s hash address — Merkle root (impacted), Previous block hash ( no control), and Nonce (adjustable).

To make a data block valid again, all the peers try to compute the Nonce.

Diagram suggesting use of Nonce in validating data block

The Nonce is a whole number of any range. To generate a valid hash address, peers use a combination of all Nonce values with the other two fixed inputs.

The process of finding suitable Nonce requires high speed and computing power. In public Blockchain, all peers rush to calculate Nonce first to get rewarded. The reward generally is a cryptocurrency.

In a private Blockchain, only one peer tries to compute Nonce while others either follow or wait till 50% of them arrive on the same result.

The process of computing the Nonce is called Data mining, and peers doing it are called Miners.

Example of Blockchain’s security implementation

The following video demonstrates the above-discussed Blockchain components in action and how a Blockchain resist change?



Passionate, Comic writer, writing about writing ✍️, seldom making sense 😅

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Kratitva Agrawal

Passionate, Comic writer, writing about writing ✍️, seldom making sense 😅