Eclipse Attacks on Bitcoin's Peer-to-Peer Network

We present eclipse attacks on bitcoin's peer-to-peer network. Our attack allows an adversary controlling a sufficient number of IP addresses to monopolize all connections to and from a victim bitcoin node. The attacker can then exploit the victim for attacks on bitcoin's mining and consensus system, including N-confirmation double spending, selfish mining, and adversarial forks in the blockchain. We take a detailed look at bitcoin's peer-to-peer network, and quantify the resources involved in our attack via probabilistic analysis, Monte Carlo simulations, measurements and experiments with live bitcoin nodes. Finally, we present countermeasures, inspired by botnet architectures, that are designed to raise the bar for eclipse attacks while preserving the openness and decentralization of bitcoin's current network architecture.

[1]  David Chaum,et al.  Blind Signature System , 1983, CRYPTO.

[2]  Stefan A. Brands,et al.  Untraceable Off-line Cash in Wallets with Observers (Extended Abstract) , 1993, CRYPTO.

[3]  정승원,et al.  Confirmation , 1979, Journal of General Internal Medicine.

[4]  Robert Tappan Morris,et al.  Security Considerations for Peer-to-Peer Distributed Hash Tables , 2002, IPTPS.

[5]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.

[6]  John Kubiatowicz,et al.  Asymptotically Efficient Approaches to Fault-Tolerance in Peer-to-Peer Networks , 2003, DISC.

[7]  David E. Culler,et al.  PlanetLab: an overlay testbed for broad-coverage services , 2003, CCRV.

[8]  Jan Camenisch,et al.  Compact E-Cash , 2005, EUROCRYPT.

[9]  Atul Singh,et al.  Eclipse Attacks on Overlay Networks: Threats and Defenses , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[10]  Christian Scheideler,et al.  Robust Random Number Generation for Peer-to-Peer Systems , 2006, OPODIS.

[11]  Idit Keidar,et al.  Brahms: byzantine resilient random membership sampling , 2008, PODC '08.

[12]  John McHugh,et al.  Sybil attacks as a mitigation strategy against the Storm botnet , 2008, 2008 3rd International Conference on Malicious and Unwanted Software (MALWARE).

[13]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .

[14]  M. van Steen,et al.  PuppetCast: A Secure Peer Sampling Protocol , 2008, 2008 European Conference on Computer Network Defense.

[15]  Lei Wu,et al.  A Systematic Study on Peer-to-Peer Botnets , 2009, 2009 Proceedings of 18th International Conference on Computer Communications and Networks.

[16]  Christian Scheideler,et al.  Robust random number generation for peer-to-peer systems , 2006, Theor. Comput. Sci..

[17]  Felix C. Freiling,et al.  Walowdac - Analysis of a Peer-to-Peer Botnet , 2009, 2009 European Conference on Computer Network Defense.

[18]  Gian Paolo Jesi,et al.  Secure peer sampling , 2010, Comput. Networks.

[19]  Guillaume Pierre,et al.  A survey of DHT security techniques , 2011, CSUR.

[20]  Ghassan O. Karame,et al.  Two Bitcoins at the Price of One? Double-Spending Attacks on Fast Payments in Bitcoin , 2012, IACR Cryptol. ePrint Arch..

[21]  Elmar Gerhards-Padilla,et al.  Case study of the Miner Botnet , 2012, 2012 4th International Conference on Cyber Conflict (CYCON 2012).

[22]  Emmanuelle Anceaume,et al.  On the Power of the Adversary to Solve the Node Sampling Problem , 2013, Trans. Large Scale Data Knowl. Centered Syst..

[23]  Dennis Andriesse,et al.  P 2 PWNED : Modeling and Evaluating the Resilience of Peer-to-Peer Botnets , 2013 .

[24]  Christian Decker,et al.  Information propagation in the Bitcoin network , 2013, IEEE P2P 2013 Proceedings.

[25]  Lear Bahack,et al.  Theoretical Bitcoin Attacks with less than Half of the Computational Power (draft) , 2013, IACR Cryptol. ePrint Arch..

[26]  Herbert Bos,et al.  SoK: P2PWNED - Modeling and Evaluating the Resilience of Peer-to-Peer Botnets , 2013, 2013 IEEE Symposium on Security and Privacy.

[27]  Eric Wustrow,et al.  ZMap: Fast Internet-wide Scanning and Its Security Applications , 2013, USENIX Security Symposium.

[28]  Joshua A. Kroll,et al.  The Economics of Bitcoin Mining, or Bitcoin in the Presence of Adversaries , 2013 .

[29]  Tyler Moore,et al.  Game-Theoretic Analysis of DDoS Attacks Against Bitcoin Mining Pools , 2014, Financial Cryptography Workshops.

[30]  Tyler Moore,et al.  Empirical Analysis of Denial-of-Service Attacks in the Bitcoin Ecosystem , 2014, Financial Cryptography Workshops.

[31]  Sebastian Feld,et al.  Analyzing the Deployment of Bitcoin's P2P Network under an AS-level Perspective , 2014, ANT/SEIT.

[32]  Nicolas Courtois,et al.  On Subversive Miner Strategies and Block Withholding Attack in Bitcoin Digital Currency , 2014, ArXiv.

[33]  Cristina Pérez-Solà,et al.  The Bitcoin P2P Network , 2014, Financial Cryptography Workshops.

[34]  Emin Gün Sirer,et al.  Majority Is Not Enough: Bitcoin Mining Is Vulnerable , 2013, Financial Cryptography.

[35]  Dennis Andriesse,et al.  An Analysis of the Zeus Peer-to-Peer Protocol , 2014 .

[36]  Patrick D. McDaniel,et al.  An Analysis of Anonymity in Bitcoin Using P2P Network Traffic , 2014, Financial Cryptography.

[37]  Assaf Shomer On the Phase Space of Block-Hiding Strategies in Bitcoin-like networks , 2014, IACR Cryptol. ePrint Arch..

[38]  R. Dingledine,et al.  One Fast Guard for Life ( or 9 months ) , 2014 .

[39]  Meni Rosenfeld,et al.  Analysis of Hashrate-Based Double Spending , 2014, ArXiv.

[40]  Alex Biryukov,et al.  Deanonymisation of Clients in Bitcoin P2P Network , 2014, CCS.

[41]  Aron Laszka,et al.  When Bitcoin Mining Pools Run Dry - A Game-Theoretic Analysis of the Long-Term Impact of Attacks Between Mining Pools , 2015, Financial Cryptography Workshops.

[42]  Ittay Eyal,et al.  The Miner's Dilemma , 2014, 2015 IEEE Symposium on Security and Privacy.

[43]  Alex Biryukov,et al.  Bitcoin over Tor isn't a Good Idea , 2014, 2015 IEEE Symposium on Security and Privacy.

[44]  TwistedPair : Towards Practical Anonymity in the Bitcoin P 2 P Network , 2017 .