Bitcoin Forum
October 21, 2018, 04:54:04 AM *
News: Make sure you are not using versions of Bitcoin Core other than 0.17.0 [Torrent], 0.16.3, 0.15.2, or 0.14.3. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Fork After Withholding (FAW) Attack on Bitcoin  (Read 251 times)
yujin_k
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
September 01, 2017, 12:13:41 PM
 #1

The BWH attack is shown to have Miner’s dilemma by Eyal in 2015.
Selfish mining is shown to be impractical.
Fork After Withholding (FAW) attack, on the other hand, overcomes both problems.
In other words, in FAW attack, a larger pool can always beat smaller pool, when two pools attack each other.

For more details, please refer our paper accepted to ACM CCS 2017.
Camera-ready version: https://syssec.kaist.ac.kr/pub/2017/kwon_ccs_2017.pdf
Longer version at Arxiv: https://arxiv.org/abs/1708.09790

P.S. I sent an email to Bitcoin Core team 3 days ago, but I have not heard anything from them yet.
1540097644
Hero Member
*
Offline Offline

Posts: 1540097644

View Profile Personal Message (Offline)

Ignore
1540097644
Reply with quote  #2

1540097644
Report to moderator
1540097644
Hero Member
*
Offline Offline

Posts: 1540097644

View Profile Personal Message (Offline)

Ignore
1540097644
Reply with quote  #2

1540097644
Report to moderator
1540097644
Hero Member
*
Offline Offline

Posts: 1540097644

View Profile Personal Message (Offline)

Ignore
1540097644
Reply with quote  #2

1540097644
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1540097644
Hero Member
*
Offline Offline

Posts: 1540097644

View Profile Personal Message (Offline)

Ignore
1540097644
Reply with quote  #2

1540097644
Report to moderator
aleksej996
Sr. Member
****
Offline Offline

Activity: 420
Merit: 311


Do not trust the government


View Profile WWW
September 01, 2017, 12:28:24 PM
 #2

Well, thanks for the information about this new attack, if it turns out to be valid.
I would like to ask you to spare us the worrying and tell us if there is an economical incentive for large mining pools not to cooperate with the rest of the network in mining or something similar, since possible attack isn't always the profitable attack.

░░░░░░░▄▄▄▄▄▄
░░░░▄██████████▄
░░░██████████████
░░██████▐▌██████
█████░░░░░░░▀█████
██████▄▄░░▄▄░░██████
████████░░▀▀▄██████
████████░░▄▄▄░░█████
██████▀▀░░▀▀▀░░█████
█████░░░░░░░░█████
░░██████▐▌██████
░░░██████████████
░░░░▀██████████▀
░░░░░░░▀▀▀▀▀▀
░░░

                   BitCloak Bitcoin Mixer  
  BTC & BCH | API| MULTIADDRESS| PGP PROOF|  FAST MIX |  ESCROW|  MORE !

░░░░░░░▄▄▄▄▄▄
░░░░▄██████████▄
░░░██████████████
░░██████▐▌██████
█████░░░░░░░▀█████
██████▄▄░░▄▄░░██████
████████░░▀▀▄██████
████████░░▄▄▄░░█████
██████▀▀░░▀▀▀░░█████
█████░░░░░░░░█████
░░██████▐▌██████
░░░██████████████
░░░░▀██████████▀
░░░░░░░▀▀▀▀▀▀
░░░

yujin_k
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
September 01, 2017, 12:48:14 PM
 #3

Well, thanks for the information about this new attack, if it turns out to be valid.
I would like to ask you to spare us the worrying and tell us if there is an economical incentive for large mining pools not to cooperate with the rest of the network in mining or something similar, since possible attack isn't always the profitable attack.

We report to this forum, as there is no proper mechanism for vulnerability disclosure process in Bitcoin.
As long as I know, the attack has not been used in practice.
The attack is always profitable unlike selfish mining.
The attack is stealthy. The victim may notice that it is being attacked maybe due to higher fork rate, but it is hard to pinpoint the attacking pool or miner.
cr1776
Legendary
*
Offline Offline

Activity: 2030
Merit: 1009


View Profile
September 01, 2017, 01:13:45 PM
 #4

Well, thanks for the information about this new attack, if it turns out to be valid.
I would like to ask you to spare us the worrying and tell us if there is an economical incentive for large mining pools not to cooperate with the rest of the network in mining or something similar, since possible attack isn't always the profitable attack.

We report to this forum, as there is no proper mechanism for vulnerability disclosure process in Bitcoin.
As long as I know, the attack has not been used in practice.
The attack is always profitable unlike selfish mining.
The attack is stealthy. The victim may notice that it is being attacked maybe due to higher fork rate, but it is hard to pinpoint the attacking pool or miner.

See:
Step 1. https://bitcoin.org/en/bitcoin-core/contribute/issues#disclosure  which leads to:
Step 2. https://bitcoincore.org/en/contact/

which is what you may have done - but there is a proper mechanism for people who look at this later.
yujin_k
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
September 01, 2017, 01:16:07 PM
 #5

Well, thanks for the information about this new attack, if it turns out to be valid.
I would like to ask you to spare us the worrying and tell us if there is an economical incentive for large mining pools not to cooperate with the rest of the network in mining or something similar, since possible attack isn't always the profitable attack.

We report to this forum, as there is no proper mechanism for vulnerability disclosure process in Bitcoin.
As long as I know, the attack has not been used in practice.
The attack is always profitable unlike selfish mining.
The attack is stealthy. The victim may notice that it is being attacked maybe due to higher fork rate, but it is hard to pinpoint the attacking pool or miner.

See:
Step 1. https://bitcoin.org/en/bitcoin-core/contribute/issues#disclosure  which leads to:
Step 2. https://bitcoincore.org/en/contact/

which is what you may have done - but there is a proper mechanism for people who look at this later.


Yes, I sent email to security@bitcoincore.org.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!