The Triad Of Security And TARUSH
If you are somehow related to the cybersecurity space, you must already know about the triad of security. Since it has a vital influence in the crypto sphere as well, it’s important to explore it in detail.
What is the CIA triad of security?
No, wait — I know where your mind is rushing. It has nothing to do with the Central Intelligence Agency. In fact, it is rather a framework for deriving policies in an organization or a network on the basis of these principles:
Confidentiality
Integrity
Availability
In order to avoid any confusion due to a mainstream concept about the CIA, it is also sometimes referred to as the AIC triad of security.
Basically, every crypto venture (willingly or unwillingly) runs on this triad due to the nature of the blockchain technology and the promises it offers to the customers. However, since TARUSH has made use of the MimbleWimble protocol, it implements the triad in quite a robust manner.
Confidentiality
It basically means that any classified or sensitive information is only available to the people who have a right to access it and at the same time, any unauthorized access is barred at any cost. If you look at it, confidentiality is basically the second name for privacy. Let’s see how well TARUSH has made use of it…
In order to guard user privacy, MimbleWimble gets rid of the following details before recording a transaction publicly:
Wallet addresses of both the parties (i.e. sender and receiver)
Value of the transaction
Intermediaries
There is a lot more to it. For instance, Bitcoin and most of the mainstream crypto tokens run on ‘gossip networks’. It implies that before recording any transaction on the ledger, it is broadcasted across the network. In some cases, this procedure may be exploited and the broadcast receivers might start recording transactions originating from a particular IP address. This could result in a major privacy issue!
In order to address the concern, particularly in the BTC network, a procedure called MimbleWimble was introduced. TARUSH also implements it and the aim is to hide or rather blur the IP address of the senders from broadcast recipients. MimbleWimble breaks down the process into two major steps:
Transaction details are sent (broadcasted) to just one node on the network, which then sends to another peer. This ‘hopping’ continues for a while until there are several individual peers in the chain. This is to ensure that the distance between last broadcast receiver and transaction originator is “significant”
The transaction is broadcasted to the entire network and a consensus is reached
Integrity
As the name suggests, it refers to maintaining the accuracy and consistency of data. In other words, users must be able to trust that the accessible data happens to be in its original and untampered form, whatsoever. Oftentimes, in traditional storage schemes, the data gets altered at the time of being stored, transferred or while receiving. However, the element of integrity in the CIA triad negates any such concept and demands that reasonable security measures must be implemented to prevent this from happening. Moreover, it also requires that the network or organization complying to the security protocols must implement the means to detect any data breach or tampering at its earliest.
This is yet another area where crypto beats its rivals by all means. Basically, MimbleWimble, like any other blockchain, makes use of a cryptographic hash to ensure that the data present on the network happens to be in its most authentic or rather ‘pure’ form. While most of the data structures run on encryption, TARUSH utilizes hashing and the primary difference between these two is that the later mentioned cannot be reversed to determine the relationship between different entities involved.
Let’s talk about hashing for a while to understand it in a better way.
Basically, it is a one-way cryptographic function that takes all of the data present on the blockchain and generates a unique string of text against it. Please note that whatever be the length of the data, the string length never changes, but it’s always unique.
For instance, the hash string for the data “Transaction amount: $2.0” will be totally different from the data “Transaction amount: $2.1”. In plain English, both of them are quite easy to identify. However, since the hash function produces a completely unique string, it is really difficult to identify the pattern for tracing back any data.
Just a while ago, I mentioned that this hash function works in a single direction and you must have understood it by now. It implies that a string can be generated for any amount of information, but you cannot take a hash string and decode the data for which it was generated and nor can anyone tamper with it. This is how TARUSH and all other blockchain-based ventures guarantee an unparalleled extent of data integrity.
Availability
Its importance is often overlooked in traditional data structures, but blockchain, particularly MimbleWimble, takes this aspect very critically. As the name suggests, it means that whenever an authorized person tries to access the data or query the ledger (in blockchain World), the request should be answered immediately and the information must be made available.
Currently, the mainstream crypto networks are experiencing severe congestion and as a result, they have slowed down in the majority of the aspects. However, the MW optimizes the length of the chain and keeps the block size incredibly smaller. As a result, the network is highly efficient and whenever a user tries to submit a transaction or query the ledger, the request is responded without any delay.
Moreover, in order to make the data available even in the case of a cybersecurity event (e.g. breach), blockchain stores copies in a diversified manner, across the network. Therefore, even if someone takes down 99 nodes in a network of 100 users, the one remaining node can still function at its best.