Hijacking Bitcoin: Routing Attacks on Cryptocurrencies

Authors: Maria Apostolaki, Aviv Zohar, and Laurent Vanbever

2017 IEEE Symposium on Security and Privacy (SP)

2018 IETF/IRTF Applied Networking Research Prize

Abstract

As the most successful cryptocurrency to date, Bitcoin constitutes a target of choice for attackers. While many attack vectors have already been uncovered, one important vector has been left out though: attacking the currency via the Internet routing infrastructure itself. Indeed, by manipulating routing advertisements (BGP hijacks) or by naturally intercepting traffic, Autonomous Systems (ASes) can intercept and manipulate a large fraction of Bitcoin traffic. This paper presents the first taxonomy of routing attacks and their impact on Bitcoin, considering both small-scale attacks, targeting individual nodes, and large-scale attacks, targeting the network as a whole. While challenging, we show that two key properties make routing attacks practical: (i) the efficiency of routing manipulation; and (ii) the significant centralization of Bitcoin in terms of mining and routing. Specifically, we find that any network attacker can hijack few (<;100) BGP prefixes to isolate ~50% of the mining power-even when considering that mining pools are heavily multi-homed. We also show that on-path network attackers can considerably slow down block propagation by interfering with few key Bitcoin messages. We demonstrate the feasibility of each attack against the deployed Bitcoin software. We also quantify their effectiveness on the current Bitcoin topology using data collected from a Bitcoin supernode combined with BGP routing data. The potential damage to Bitcoin is worrying. By isolating parts of the network or delaying block propagation, attackers can cause a significant amount of mining power to be wasted, leading to revenue losses and enabling a wide range of exploits such as double spending. To prevent such effects in practice, we provide both short and long-term countermeasures, some of which can be deployed immediately.

People

Dr. Maria Apostolaki

PhD student

2015—2021

Prof. Laurent Vanbever

Group Leader

BibTex

@INPROCEEDINGS{apostolaki2017hijacking,
	isbn = {978-1-5090-5533-3},
	doi = {10.1109/SP.2017.29},
	year = {2017-06-26},
	booktitle = {2017 IEEE Symposium on Security and Privacy (SP)},
	type = {Conference Paper},
	author = {Apostolaki, Maria and Zohar, Aviv and Vanbever, Laurent},
	abstract = {As the most successful cryptocurrency to date, Bitcoin constitutes a target of choice for attackers. While many attack vectors have already been uncovered, one important vector has been left out though: attacking the currency via the Internet routing infrastructure itself. Indeed, by manipulating routing advertisements (BGP hijacks) or by naturally intercepting traffic, Autonomous Systems (ASes) can intercept and manipulate a large fraction of Bitcoin traffic. This paper presents the first taxonomy of routing attacks and their impact on Bitcoin, considering both small-scale attacks, targeting individual nodes, and large-scale attacks, targeting the network as a whole. While challenging, we show that two key properties make routing attacks practical: (i) the efficiency of routing manipulation; and (ii) the significant centralization of Bitcoin in terms of mining and routing. Specifically, we find that any network attacker can hijack few (<;100) BGP prefixes to isolate ~50% of the mining power-even when considering that mining pools are heavily multi-homed. We also show that on-path network attackers can considerably slow down block propagation by interfering with few key Bitcoin messages. We demonstrate the feasibility of each attack against the deployed Bitcoin software. We also quantify their effectiveness on the current Bitcoin topology using data collected from a Bitcoin supernode combined with BGP routing data. The potential damage to Bitcoin is worrying. By isolating parts of the network or delaying block propagation, attackers can cause a significant amount of mining power to be wasted, leading to revenue losses and enabling a wide range of exploits such as double spending. To prevent such effects in practice, we provide both short and long-term countermeasures, some of which can be deployed immediately.},
	keywords = {bitcoin; cryptocurrency; BGP; routing; BGP hijack; P2P networks},
	language = {en},
	address = {Piscataway, NJ},
	publisher = {IEEE},
	title = {Hijacking Bitcoin: Routing Attacks on Cryptocurrencies},
	PAGES = {375 - 392},
	Note = {38th IEEE Symposium on Security and Privacy (SP 2017); Conference Location: San Jose, CA, USA; Conference Date: May 22-26, 2017}
}

Research Collection: 20.500.11850/192153