Which cryptocurrencies are vulnerable to Erebus attack? Serious attacker, such as nation-state adversaries, may find several weeks of attack time still negligible, considering the significant damage this attack can create. However, Erebus attack is nearly invisible. It requires a longer execution period than partitioning attacks with BGP hijacking (e.g., Apostolaki et al.). Isn't several weeks too long to execute an Erebus attack? A partitioned network enables several attacks against the consensus such as 51% attack, selfish mining, censoring transactions or even taking down the cryptocurrencies at a large scale. The consensus of cryptocurrencies can only work reliably with highly dependable underlying peer-to-peer networks. Why is partitioning bad for Bitcoin and in general, blockchain-based cryptocurrencies? Smarter eviction policy In talks with Bitcoin core teamĪn improved peer eviction policy that protects peers providing fresher block data will make censoring a specific block or transaction from the victim's view becomes less effective if there exists a legitimate incoming connection providing fresher blocks. Since Bitcoin v0.20.0, ASN-based grouping is included as a non-default setting. Incorporating AS topology in the peer selection can make attack becomes harder or impossible for the adversaries with IPs distributed in a large number of prefix groups but hosted in a few ASes only. Selecting peers with AS topology information Bitcoin v0.20.0 Pull request #16702 Since Bitcoin v0.19.0, there are 10 outgoing connections in total. Increasing the number of outgoing connections (e.g., from 8 to 16) also makes Erebus attack significantly harder to occupy all the outgoing connections. More outgoing connections Bitcoin v0.19.0 Pull request #15759 Reducing the size of the two tables storing peer IPs makes Erebus attack less effective because the adversary has much larger bandwidth capability and significantly more IP addresses than legitimate peers. We will update the following table whenever we have changes of status (e.g., solutions are accepted to a new version of the Bitcoin core). To check the evaluation of some of these solutions, please refer to our paper above. We have proposed several countermeasures and their quick summaries and current status are as follows. NEW: For practical countermeasures, please visit. but the topological advantages of adversary ISPs. Interestingly, the Erebus attack does not exploit any specific bugs (unlike the Eclipse attack by Heilman et al. We do not use routing manipulation (such as BGP hijacking) because such techniques leave undeniable evidence in the control plane of the Internet routing, making the attack obviously visible and revealing the attacker's identity to the public (see our paper for more detail). That said, all Tier-1 are shown to be able to choose any node from the 10K public Bitcoin nodes.Īlso, we show that large Tier-2 ASes can target most of the 10K public Bitcoin nodes. The adversary should be a large enough ISP (e.g., Top-100 ASes) so that she can choose her target Bitcoin nodes with fewer restrictions. The adversary ISP can launch the Erebus attack without controlling any botnet but only with a simple desktop PC that implements some simple rudimentary Bitcoin node operations. By partitioning some Bitcoin nodes, an adversary can launch many serious attacks, including double-spending attacks, 51% mining attacks. The Erebus attacker ISP's goal is to isolate one or more public Bitcoin nodes (currently around 10K active ones) from the rest of the network.
0 Comments
Leave a Reply. |