Security in a trustless and decentralized world – Chapter 3
This is the article no. 3 in the “crypto attacks” series. Please go through Chapter 1 for the preface.
-----------------------------------------------------------------------------------
Attack Vectors
There are various types of attacks which pose a threat to blockchain security. These can be categorized under the following five attack vectors:
PS: an attack vector is a pathway or method used by a hacker to illegally access a network or computer in an attempt to exploit system vulnerabilities.
Let’s continue discussing Blockchain network attacks and understand the types of attack which fall under this category. A blockchain network consists of nodes that create and execute transactions, and miners/validators that add approved transactions to blocks. The state of the network (its ledger) is shared with all the participant nodes. New and existing nodes participating in the network talk to multiple peers in order to get the latest state of the network. However since the network is designed to update asynchronously, it is possible for a few nodes to see a different network state than the majority others. Given this asynchronous design, cybercriminals can exploit this vulnerability in their favour. The types of attack which are discussed in this article exploit this vulnerability.
1.4 Timejacking
This is an attack which could happen with a proof-of-work blockchain such as Bitcoin. So far there is no reported incident of timejacking attack. In this the attacker dupes the victim into “double-spending” by manipulating the network time visible to the victim node.
In a blockchain ledger, individual block contains a list of transactions, hash of the preceding block, a timestamp representing the approximate time the block was created, and some additional information. The block timestamps allow the system to regulate the production of bitcoins by adjusting the difficulty level to maintain the block generation time of 10 minutes.
Each node internally maintains a counter that represents the network time, which is based on the median time of a node's peers. Network time can differ with the node’s system time by up to 70 minutes, else the network time reverts to system time. Also there is an acceptable time range criteria followed by every node to decide whether a block is valid and part of the main chain or should be discarded as obsolete. This possibility of different nodes viewing different network times and using different block acceptability criteria is the vulnerability which can be exploited by an attacker.
The attacker creates a so called “poisoned” block whose timestamp must fall into the time window of all network nodes, except the victim node. Only then the whole network will successfully accept it, and the victim, whose network time has been modified, will not. As a result, the victim is isolated from the main network and considers the main block chain, which is built by the remaining nodes from the “poisoned” block, incorrect. The other blocks generated by the attacker for an alternative chain will be confidently accepted by the victim node. The attacker adds a transaction that transfers tokens to the victim's wallet in the alternative chain. The victim believes that he has received the tokens and he sends the goods to the attacker, whereas the main network is sure that the tokens did not leave the attacker’s wallet. This incorrect rendering of services without receiving anything in consideration is known as double spending.
1.5 Routing attacks
An attacker can use routing attacks (on the internet network) to partition the network into two (or more) disjoint components. By preventing nodes within a component to communicate with nodes outside of it, the attacker forces the creation of parallel blockchains. After the attack stops, all blocks mined within the smaller component will be discarded together with all included transactions and the miners revenue.
An attacker can also use routing attacks to delay the delivery of a block to a victim node by 20 minutes while staying completely undetected. During this period the victim is unaware of the most recently mined block and the corresponding transactions. The impact of this attack varies depending on the victim. If the victim is a merchant, it is susceptible to double spend. If it is a miner, the attack wastes its computational power. Finally, if the victim is a regular node, it is unable to contribute to the network by propagating the last version of the blockchain.
领英推荐
1.6 Eclipse attacks
Blockchain network usually limits the number of outbound and inbound communication, which every node can maintain with peers, in order to reduce the computing and bandwidth requirement for running a node. The disadvantage however is that it is relatively easy to hijack these limited connections. For example, for Bitcoin the number of bi-directional communication allowed is 8.
In eclipse attack, the attacker attempts to redirect the target user’s inbound and outbound connections away from its legitimate neighboring nodes to attacker-controlled nodes, thereby sealing off the target in an environment that’s entirely separate from the actual network activity. In this manner attacker manages to eclipse the original ledger’s view and present his own manipulated ledger to the victim node.
The attacker generally has to carry out this task of isolating a node completely and it might take several attempts to do so. One of the doable ways is a phantom network created from host nodes to flood the target node with a ton of IP addresses, which the target may sync up with the next time it reconnects with the blockchain network. From this point, the attacker either waits for the target to connect to malicious nodes or commit a DDoS attack to force the target to restart and reconnect.
In this way the attacker misleads the mining nodes and is able to increase the relative hash rate within the network and bias the block mining race in his favour. With this he can benefit from double spending, in a similar fashion as discussed in the timejacking section above.
Operators can mitigate this risk by either blocking incoming connections or increasing the number of connections and do random node selection before connecting. Also, they should only make outbound connections to specific nodes that they trust, such as those on a whitelist by other peers in the network. By making it more expensive or difficult to create new nodes within a network, the blockchain architect can set a higher bar for malicious actors to flood the network with attacker-controlled nodes. However new nodes might not be able to join — making it an approach that cannot be done at scale.
1.7 Sybil attacks
While the Eclipse attack is about eclipsing a user’s view of the true ledger, the Sybil attack targets the whole network. In a Sybil attack, an attacker will flood the network with large number of nodes with pseudonymous identity and try to influence the network. These nodes, though appearing like unrelated individuals, are operated by a single operator at the back. In this case the objective is not to target one user, but a number of nodes or network as whole, and generate a fork in the ledger if possible, allowing the attacker to make double spending and other attacks.
?In 2014 the Tor network was the victim of such an attack for several months. Tor is an open network comprising of thousands of volunteer-run servers known as Tor relays which ensures privacy of data and communications on the web. With Tor browser users can defend themselves against tracking and surveillance. It is alleged that a large intelligence agency was able to pass several nodes in this P2P network as trustworthy and was able to monitor the network traffic of all those users who made communication via these compromised nodes.
In subsequent article of this series we will discuss the types of attack which fall under the category of User wallet attacks. Stay tuned!
-----------------------------------------------------------------------------------
References: