Zur Kurzanzeige

dc.contributor.author
Apostolaki, Maria
dc.contributor.author
Zohar, Aviv
dc.contributor.author
Vanbever, Laurent
dc.date.accessioned
2023-03-15T15:53:12Z
dc.date.available
2017-10-06T04:38:30Z
dc.date.available
2017-11-16T14:09:32Z
dc.date.available
2023-03-15T15:53:12Z
dc.date.issued
2017-06-26
dc.identifier.isbn
978-1-5090-5533-3
en_US
dc.identifier.isbn
978-1-5090-5534-0
en_US
dc.identifier.other
10.1109/SP.2017.29
en_US
dc.identifier.uri
http://hdl.handle.net/20.500.11850/192153
dc.description.abstract
As the most successful cryptocurrency to date, Bitcoin constitutes a target of choice for attackers. While many attack vectors have already been uncovered, one important vector has been left out though: attacking the currency via the Internet routing infrastructure itself. Indeed, by manipulating routing advertisements (BGP hijacks) or by naturally intercepting traffic, Autonomous Systems (ASes) can intercept and manipulate a large fraction of Bitcoin traffic. This paper presents the first taxonomy of routing attacks and their impact on Bitcoin, considering both small-scale attacks, targeting individual nodes, and large-scale attacks, targeting the network as a whole. While challenging, we show that two key properties make routing attacks practical: (i) the efficiency of routing manipulation; and (ii) the significant centralization of Bitcoin in terms of mining and routing. Specifically, we find that any network attacker can hijack few (<;100) BGP prefixes to isolate ~50% of the mining power-even when considering that mining pools are heavily multi-homed. We also show that on-path network attackers can considerably slow down block propagation by interfering with few key Bitcoin messages. We demonstrate the feasibility of each attack against the deployed Bitcoin software. We also quantify their effectiveness on the current Bitcoin topology using data collected from a Bitcoin supernode combined with BGP routing data. The potential damage to Bitcoin is worrying. By isolating parts of the network or delaying block propagation, attackers can cause a significant amount of mining power to be wasted, leading to revenue losses and enabling a wide range of exploits such as double spending. To prevent such effects in practice, we provide both short and long-term countermeasures, some of which can be deployed immediately.
en_US
dc.language.iso
en
en_US
dc.publisher
IEEE
en_US
dc.subject
bitcoin
en_US
dc.subject
cryptocurrency
en_US
dc.subject
BGP
en_US
dc.subject
routing
en_US
dc.subject
BGP hijack
en_US
dc.subject
P2P networks
en_US
dc.title
Hijacking Bitcoin: Routing Attacks on Cryptocurrencies
en_US
dc.type
Conference Paper
ethz.book.title
2017 IEEE Symposium on Security and Privacy (SP)
en_US
ethz.pages.start
375
en_US
ethz.pages.end
392
en_US
ethz.event
38th IEEE Symposium on Security and Privacy (SP 2017)
en_US
ethz.event.location
San Jose, CA, USA
en_US
ethz.event.date
May 22-26, 2017
en_US
ethz.identifier.wos
ethz.identifier.scopus
ethz.publication.place
Piscataway, NJ
en_US
ethz.publication.status
published
en_US
ethz.leitzahl
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02140 - Dep. Inf.technologie und Elektrotechnik / Dep. of Inform.Technol. Electrical Eng.::02640 - Inst. f. Technische Informatik und Komm. / Computer Eng. and Networks Lab.::09477 - Vanbever, Laurent / Vanbever, Laurent
en_US
ethz.leitzahl.certified
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02140 - Dep. Inf.technologie und Elektrotechnik / Dep. of Inform.Technol. Electrical Eng.::02640 - Inst. f. Technische Informatik und Komm. / Computer Eng. and Networks Lab.::09477 - Vanbever, Laurent / Vanbever, Laurent
ethz.date.deposited
2017-10-06T04:38:37Z
ethz.source
SCOPUS
ethz.eth
yes
en_US
ethz.availability
Metadata only
en_US
ethz.rosetta.installDate
2017-11-16T14:09:36Z
ethz.rosetta.lastUpdated
2024-02-02T21:01:44Z
ethz.rosetta.versionExported
true
ethz.COinS
ctx_ver=Z39.88-2004&amp;rft_val_fmt=info:ofi/fmt:kev:mtx:journal&amp;rft.atitle=Hijacking%20Bitcoin:%20Routing%20Attacks%20on%20Cryptocurrencies&amp;rft.date=2017-06-26&amp;rft.spage=375&amp;rft.epage=392&amp;rft.au=Apostolaki,%20Maria&amp;Zohar,%20Aviv&amp;Vanbever,%20Laurent&amp;rft.isbn=978-1-5090-5533-3&amp;978-1-5090-5534-0&amp;rft.genre=proceeding&amp;rft_id=info:doi/10.1109/SP.2017.29&amp;rft.btitle=2017%20IEEE%20Symposium%20on%20Security%20and%20Privacy%20(SP)
 Printexemplar via ETH-Bibliothek suchen

Dateien zu diesem Eintrag

DateienGrößeFormatIm Viewer öffnen

Zu diesem Eintrag gibt es keine Dateien.

Publikationstyp

Zur Kurzanzeige