Tuesday, May 9, 2017

Another Class of Blockchain Vulnerabilities

For at least three years I've been pointing out a fundamental problem with blockchain systems, and indeed peer-to-peer (P2P) systems in general, which is that maintaining their decentralized nature in the face of economies of scale (network effects, Metcalfe's Law, ...) is pretty close to impossible. I wrote a detailed analysis of this issue in Economies of Scale in Peer-to-Peer Networks. Centralized P2P systems, in which a significant minority (or in the case of Bitcoin an actual majority) can act in coordination perhaps because they are conspiring together, are vulnerable to many attacks. This was a theme of our SOSP "Best Paper" winner in 2003.

Now, Catalin Cimpanu at Bleeping Computer reports on research showing yet another way in which P2P networks can become vulnerable through centralization driven by economies of scale. Below the fold, some details.

Cimpanu writes:
the Bitcoin network, despite counting thousands of nodes, is largely hosted on a small number of ISPs (networks, Autonomous Systems — AS). For example, 13 ISPs host 30% of the entire Bitcoin network, while 39 ISPs host 50% of the whole Bitcoin mining power.

Furthermore, most of the traffic exchanged between Bitcoin nodes passes through a small number of ISPs. In exact numbers, just three ISPs handle 60% of all Bitcoin traffic, right now.
and this fact is being exploited via BGP hijacks:
Based on statistical data, researchers say they’ve found that around 100 Bitcoin nodes are the victims of BGP hijacks each month, with the largest number of BGP hijacks happening in November 2015, when 8% of the entire Bitcoin nodes (447 at the time) were the victims of such incidents.
The research is described in Hijacking Bitcoin: Routing Attacks on Cryptocurrencies by Maria Apostolaki, Aviv Zohar and Laurent Vanbever, who write:
While challenging, we show that two key properties make routing attacks practical: (i) the efficiency of routing manipulation; and (ii) the significant centralization of Bitcoin in terms of mining and routing. Specifically, we find that any network attacker can hijack few (<100) BGP prefixes to isolate ∼50% of the mining power — even when considering that mining pools are heavily multi-homed.
They show two classes of routing-based attacks on the Bitcoin network are feasible:
First, we evaluate the ability of attackers to isolate a set of nodes from the Bitcoin network, effectively partitioning it. Second, we evaluate the impact of delaying block propagation by manipulating a small number of key Bitcoin messages.
BGP (Border Gateway Protocol) is a long-standing vulnerability of the Internet, so it is not surprising that it can and is affecting the Bitcoin network. The more interesting part of their research is that it illuminates second-order effects of economies of scale on P2P networks. Economies of scale drove Bitcoin mining from home computers into large data centers. Economies of scale drove these data centers to be located in a few areas with very cheap power and cooling. Thus these data centers naturally used the few ISPs that served these areas, leading to centralization at the network level, and thus to vulnerabilities caused by centralization at the network level.

No comments: