Академический Документы
Профессиональный Документы
Культура Документы
Matthew Zhu
Abstract. Various types of advantages can be taken in the Bitcoin system. Ad-
versaries may potentially partition or otherwise disrupt the network in order to
engender vulnerabilities in the blockchain. These vulnerabilities lead to double-
spending attacks or the waste of the computational resources of legitimate min-
ers. There are also security issues pertaining to the mining of Bitcoin. Mining
may be done using unauthorized resources and illegitimate techniques for min-
ing exist. Ultimately, countermeasures for these security issues often involve
tradeoffs between convenience and usability versus security.
1 Introduction
In order to fully appreciate the security concerns in Bitcoin, it is helpful and instruc-
tive to develop an understanding of the underlying technologies of Bitcoin and the
principles on which the Bitcoin system operates. One of the fundamental technologies
of Bitcoin is the blockchain, a public ledger of transactions. Bitcoin transactions are
verified by special network nodes called miners; miners accumulate transactions to be
verified collectively in a block. This block is mined once a miner uses a significant
amount of computing resources such as time and processing power to discover a
nonce, which when hashed as part of the block, yields a result below a predetermined
threshold. Once a block is mined, the miner broadcasts this block into the network so
that all the nodes can add it to their chain of blocks. Mining is incentivized by a re-
ward of a predetermined amount of Bitcoins per block mined as well as transaction
fees. In this manner, consensus in the network is established for which blocks are
legitimate based on the majority of the computing power. This concept of authorizing
network nodes to verify transactions based on physical computational power is known
as proof-of-work.
Users of Bitcoin have both a private key and a public key in the network. The pri-
vate key allows the owner to spend Bitcoin. The public key is hashed to allow the user
to have a certain degree of anonymity, and the hashed value is used as an identifier for
the destination of transactions.
Security issues in Bitcoin can be divided into categories such as network vulnera-
bilities, blockchain-based attacks, and attacks associated with Bitcoin mining. A tax-
onomy of the Bitcoin security issues is given in Fig. 1. Attacks on the blockchain
include exploits pertaining to the way that the blockchain is extended. Bitcoin mining
security issues include unauthorized access to computing resources and advantages
taken by adversaries in mining pools.
For Bitcoin, there is a specific network protocol in place by which nodes com-
municate. By using an INV, or inventory, message type a Bitcoin node can signal to
another node its knowledge of a transaction or a block that another node may be inter-
ested in. The other node typically responds to this message with a GETDATA message,
which is then replied to with a transaction TX message or a BLOCK message that
provides information pertaining to a new block. The Bitcoin network is considered to
be an overlay network, a network that is established over another network. Bitcoin
transmissions are communicated without encryption or integrity checks, allowing for
the possibility of external access and tampering without discretion.
When miners publish discovered blocks to the network, there is a probability that
either another miner has nearly simultaneously found a block or that there is delay in
network propagation, allowing time for other miners to also find a block. In either
case, a blockchain fork occurs and eventually either the longer branch or the branch
that reaches the majority of the network nodes first becomes the adopted branch and
the other branch is orphaned. This behavior is shown in Fig. 3, in which the bottom
branch is adopted. The development of a blockchain fork is also known as block rac-
ing.
Fig. 3. Consensus for Blockchain Forks
3 Methods
For each type of category of attack or vulnerability, the security issues are detailed.
Some of the discourse over security issues is accompanied by an overview of coun-
termeasures for the security issue.
In the Bitcoin network, there are routing attacks and Eclipse attacks. Routing attacks
allow an adversary to delay network transmissions or sever communication routes,
thereby creating the potential for forks of the Blockchain. If these forks are introduced
deliberately, an attacker can cause the computing resources of miners of an orphaned
blockchain branch to be wasted or introduce the potential for double spending.
Eclipse attacks aim to control the blockchain view of a particular node, opening up
the possibility for double-spending.
Routing between autonomous systems in the Internet is done by Border Gateway
Protcol (BGP). This functionality is referred to as inter-AS routing, and BGP is cate-
gorized as an exterior gateway protocol. Inter-AS routing attacks can be facilitated by
a technique known as BGP-hijacking, in which a particular autonomous system dis-
tributes false routing information to other parts of the network, thereby manipulating
network communication routes. Upon intercepting communications, an attacker can
then drop communications, thereby creating a partition in the network. The attacker
can also manipulate the communications, causing a delay in the transfer of infor-
mation.
In contrast to general routing attacks, the Eclipse attack is aimed at directly manip-
ulating the blockchain view of a target node by controlling all of the connections the
target has to the Bitcoin network. The attack involves causing a target node to restart,
after which the target node tries to reconnect to the network. At this time, the connec-
tions to and from the target node are controlled in the Eclipse attack.
Vulnerabilities in the blockchain arise partially because of the potential for the block-
chain to have forks due to network delay or due to simultaneous discovery of blocks.
These types of forks are naturally occurring, but forks can also be maliciously manu-
factured. Regardless of how the forks occur, they may potentially allow an adversary
to double-spend coins. An existing way of dealing with double-spending is to wait for
multiple block confirmations before considering a transaction as valid.
Bitcoins are susceptible to double spending with 0 or N-confirmations. For 0-
confirmation double spending, the merchant does not confirm the transaction in the
blockchain, and for N-confirmation double spending, the merchant confirms the
transaction with N additional blocks on the chain since the time of the transaction. If
there is ever a possibility for a fork of the blockchain with a length greater than the
number of confirmations, then double-spending may occur if the confirmation block-
chain is orphaned.
Certain attacks such as the brute force attack or selfish mining take advantage of
forks in the blockchain in order to put to waste the effort of honest miners or poten-
tially allow for the introduction of double spending. The brute force attack involves
deliberately mining on forks in order to make them longer.
Selfish mining is an attack in which a rogue miner does not immediately publish
discovered blocks, but rather secretly builds a relatively long blockchain in order to
publish it once a competing-length blockchain is propagated throughout the network.
The immediate benefit of this to the rogue miner is that other miners use their compu-
tational resources to mine orphaned blocks, thereby allowing the rogue miner to earn
Bitcoin beyond his or her fair share as determined by the proportion of computing
power in the network that he or she controls.
If the majority of the hashing power in the network belongs to mining nodes under
monopolized control, the blockchain is susceptible to what is called the 51% attack, or
the majority attack. In this attack, whoever controls the majority of the hashing power
is free to extend the blockchain with any block consisting of any transactions. A pro-
posal in [9] is made to divide all the miners into a predetermined number of groups
and to only authorize one of the groups to mine the next block. A group is selected to
mine each block based on a hash of the previous block hash and the hash of the wallet
address of a bitcoin miner.
One of the major security concerns pertaining to Bitcoin is the unauthorized mining of
it. Bitcoin can be mined using the resources of unsuspecting targets in a variety of
ways ranging from the deployment of malicious Javascript programs to seizing full
access to the computer of an oblivious victim. For this purpose, entire botnets can be
established on compromised computers; these botnets have been referred to as
Botcoins. Research has been done in the area of detecting Botcoins by analyzing the
memory usage of processes. In order to mine Bitcoin, hash computations must be
carried out using block header information that is too big to fit in computer registers.
As such, the mining of Bitcoin requires a pattern of accesses to lower level memory.
These memory accesses establish a pattern that has been shown to be detectable in the
case of simulated Botcoins.
Many of the attacks pertaining to Bitcoin mining revolve around wasting the min-
ing effort of legitimate miners, thereby discouraging them from mining and increasing
the share of Bitcoin earned by the rogue miner. The block withholding attack is an
example of such an attack. In the attack, a rogue miner enters a mining pool and only
submits partial proof-of-work to the pool and withholds the full proof-of-work associ-
ated with the discovery of a block.
4 Evaluation
Security issues in the Bitcoin system are evaluated based on the feasibility and impact
associated with them and countermeasures for security vulnerabilities are evaluated
based on effectiveness in preventing or addressing the security concerns.
4.1 Limitations
As time goes on, later Bitcoin versions may solve problems mentioned in many of the
references, potentially by adapting proposed countermeasures. However, as later
versions of Bitcoin become adopted, there is also the potential for more vulnerabilities
to be introduced that are not addressed by existing works.
Research in [5] is done pertaining to using BGP hijacks to partition networks or in-
troduce delays in communication between network nodes. However, this work is
limited in that it only addresses inter-AS routing attacks; it does not address whether
it is possible to perform routing attacks that are intra-AS by exploiting vulnerabilities
in OSPF or other protocols for routing within an autonomous system.
In [4], a host-based approach for detecting Botcoins is developed, but a possible
limitation is that evaluation is only done on simulated Botcoins. No comparison is
provided between the simulated Botcoins and actual Botcoins.
Random mining group selection is proposed in [9] to counter 51% attacks, also
known as majority attacks. The problem with the proposal of random mining group
selection is that although each node has reduced probability of finding the next block
in the chain based on the number of mining groups, the total share of the mining pow-
er of the attacker in the network remains the same. If the attacker controls the majori-
ty of the mining power, albeit in different mining groups, the attacker is still able to
exploit the system as well as he or she is able to without mining groups.
Many of the attacks allow for the potential of double-spending, which leads to a loss
of goods and services for merchants using the Bitcoin system. These double spending
attacks may occur when the receiver of the Bitcoin has either waited for no confirma-
tions or multiple confirmations. Oftentimes, if the receiver of Bitcoin waits for multi-
ple confirmations, a greater level of security is achieved. However, if this is always
required, the amount of time to successfully complete a transaction is very inconven-
ient to those involved.
Through many of the attacks, such as block withholding or the deliberate introduction
of blockchain forks, there is the possibility for an attacker to prevent legitimate min-
ers from earning Bitcoin through the discovery of blocks. This may discourage the
mining of Bitcoin and not only harms the miners whose computing resources are
wasted, but the confidence in the currency as a whole.
5 Conclusion
Bitcoin security has many facets; attackers can take advantages of the network such as
its centralized routing structure, the blockchain, and various aspects of mining. Many
of the issues can be dealt with by making compromises and tradeoffs between con-
venience and usability versus security.
References
[1] Ethan Heilman et al., “Eclipse attacks on Bitcoin's peer-to-peer network,” in Proc. 24th
USENIX Conference on Security Symposium, Washington, D.C., 2015, p.129-144.
[2] A. E. Yves-Christian et al., "Total Eclipse: How to Completely Isolate a Bitcoin Peer," in
3rd Int. Conf. Security of Smart Cities, Industrial Control System and Communications
(SSIC), Shanghai, China, 2018, pp. 1-7.
[3] M. Conti et al., "A Survey on Security and Privacy Issues of Bitcoin," in IEEE Communi-
cations Surveys & Tutorials, vol. 20, no. 4, pp. 3416-3452.
[4] A. Zareh and H. R. Shahriari, "BotcoinTrap: Detection of Bitcoin Miner Botnet Using
Host Based Approach," 15th International ISC (Iranian Society of Cryptology) Confer-
ence on Information Security and Cryptology (ISCISC), Tehran, 2018, pp. 1-6.
[5] M. Apostolaki et al. "Hijacking Bitcoin: Routing Attacks on Cryptocurrencies," in IEEE
Symposium on Security and Privacy (SP), San Jose, CA, 2017, pp. 375-392.
[6] D. Draghicescu et al., "Crypto-Mining Application Fingerprinting Method," in Int. Conf.
Communications (COMM), Bucharest, 2018, pp. 543-546.
[7] S. Bag et al., "Bitcoin Block Withholding Attack: Analysis and Mitigation," in IEEE
Transactions on Information Forensics and Security, vol. 12, no. 8, pp. 1967-1978, Aug.
2017.
[8] P. K. Kaushal et al., "Evolution of bitcoin and security risk in bitcoin wallets," in Int.
Conf. Computer, Communications and Electronics (Comptelix), Jaipur, 2017, pp. 172-177.
[9] J. Bae and H. Lim, "Random Mining Group Selection to Prevent 51% Attacks on Bitcoin,"
in 48th Annual IEEE/IFIP Int. Conf. on Dependable Systems and Networks Workshops
(DSN-W), Luxembourg City, 2018, pp. 81-82.
[10] A. Soni and S. Maheshwari, "A Survey of Attacks on the Bitcoin System," in IEEE Int.
Students' Conf. Electrical, Electronics and Computer Science (SCEECS), Bhopal, 2018,
pp. 1-5.