Researchers reveal Bitcoin blockchain security flaw caused by excessive node concentration

At the 38th IEEE Security and Privacy Symposium, Aviv Zohar of the Hebrew University will present a report (download the full text of the Coin Library) that details how to attack the Bitcoin blockchain through the Internet's routing architecture. In the report, Zohar and his research partners Maria Apostolaki and Laurent Vanbever demonstrated two ways that the Border Gateway Protocol (BGP) can attack Bitcoin - partition attack attack and delayed attack attack.

In a partition attack scenario, if an Internet Service Provider (ISP) is the only path to a significant portion of the Bitcoin network, a black hole (network Trojan) could block both parties (blockchain and network routing) from communicating. While these two "islands" process transactions and mine Bitcoins on their own, once an intruder connects both parties again, there is no choice but to lose the mined Bitcoins, transactions, and mining revenue.

Researchers say that in some ways, delay attacks are considered the worst-case scenario because, unlike partition attacks, they are undetectable. Merchants can easily double-spend after being attacked; miners' transaction processing capacity will also be wasted, and ordinary nodes will not be able to propagate normally in the blockchain.

Such problems are daunting for bitcoin developers, who have no control over attack vectors or the BGP protocol that determines the path that packets take in the network.

BGP is a simplified product of this era, used to trust the information received. An intentional or unintentional error in a carrier or ISP network will have a negative impact on BGP routing information and endanger most network traffic.

Both types of attacks require an insider to provide ISP information in order to succeed. Despite this, they still have the potential to cause significant attacks on the Bitcoin network and can be easily overlooked. Bitcoin nodes tend to cluster in a small number of ISPs. It is estimated that 30% of the Bitcoin network exists in 13 hosts and 60% of Bitcoin traffic is visible in 3 ISPs.

The researchers mentioned that in November 2015 alone, BGP attacks affected hundreds of Bitcoin nodes, accounting for 8% of the total network nodes (447 nodes) at the time. However, the report also proposed some countermeasures, most of which can be deployed immediately, such as ensuring the diversity of node connections, considering routing conditions when selecting nodes, and "encrypting Bitcoin connections or using message authentication codes (MACs) to verify the authenticity of each message content, which makes delay attacks more difficult."

Michael Perklin, chief information security officer of cryptocurrency asset exchange Shapeshift, said that Bitcoin was designed to resist attacks, just like the Internet, whose reason for existence is to withstand nuclear attacks on cities; through the decentralization of nodes, unilateral failure is ensured to be non-existent. Perklin said that the Bitcoin blockchain record contains the details of each transaction. Therefore, once the blockchain and ISP attacks are blocked, two different records will be generated. The reversal of payments and the destruction of new coins will cause consensus failure, which will have a catastrophic impact on the economy.

Perklin concluded:

Fortunately, ISPs are aware of the importance of BGP in node connectivity and they regularly take steps to prevent related attacks. While such attacks are theoretically possible (like brute-forcing private keys), we can rest assured that they are difficult to carry out in practice because the attackers have to have privileged access to highly protected devices.

The details of the security issues mentioned in this report will be announced at the IEEE conference in May this year. The researchers said they will release code in GitHub to simulate the attack prototype.