Researchers at Cornell Tech and the Technion Israel Institute of Technology claim to have uncovered a fresh way to execute a denial-of-service attack (DoS) on a proof-of-work blockchain network.
The blockchain denial of service (BDoS) attack was described in a recent academic paper they presented this October at the 2020 ACM SIGSAC Conference on Computer and Communications Security. The researchers argue that a BDoS is the first type of incentive-based blockchain attack that “exploits the reward mechanism to discourage miner participation.”
During a standard denial of service (DoS) attacks, the culprit targets the victim’s web servers. The assailant barrages the servers with spam traffic, overloading it, thus rendering it unable to serve legitimate requests. These types of attacks are more challenging to launch against a decentralized network. According to the authors, a successful DoS attack has never been executed against a large blockchain network.
Before this new research, most thought that the attacker need at least 51% of the blockchain network’s mining capacity to successfully launch an attack. In a BDoS attack, the attacker aims to take down a proof-of-work digital currency. According to the researchers, the attack they’ve discovered could theoretically grind the BTC blockchain to a halt with as little as 21% of the network’s mining power.
To accomplish this feat, the attacker publishes a proof to the blockchain that signals to other block reward miners that the attacker holds a mining advantage. The attack aims to target the system’s reward system to discourage other miners’ participation. This ploy allows the attacker to manipulate the system to get more than their fair share of rewards.
The researchers observed that what they define as “rational” block reward miners will stop trying to discover blocks if they notice that they are at a disadvantage. “If the profitability decrease is significant enough so that all miners stop mining, the attacker can stop mining too,” the researchers write, “The blockchain thus grinds to a complete halt.”
“We find that Bitcoin‘s vulnerability to BDoS increases rapidly as the mining industry matures and profitability drops,” the authors add.
Ittay Eyal, a senior lecturer at Technion and co-author of the study, said the study’s findings relate specifically to BTC, but likely similar attacks against other digital currencies are possible. The researchers have gathered no concrete results on this yet.
“We still have many open questions,” stated Eyal. “What’s the minimum possible cost for an attack? What kind of mitigations are there?”
In conclusion, this study provides an interesting scenario of how the BTC network could be attacked. The researcher’s findings have not been corroborated by the BTC community-at-large. It remains to be seen if this scenario could play out as researchers have described, it certainly would not make financial or logical sense to do try this in real life.
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.