Attack on the Bitcoin Network question

[8hours]

hi,

I have been reading these forums the last couple of weeks, its been extremely interesting to follow the Mining section.
Now I decided to participate actively in the discussions, so this is my first post. nice to be here

Could you please help me understanding how a possible 51% attack could work? Following scenario....

Someone controls enough hashing power 3 subsequent blocks with a realistic probability. This hashing power is distributed over the network, i.e. in different mining pools, such that it is not obvious that the block were generated under the control of the attacker.

the attacker adds a manipulated transaction to the block the he is working on, i.e. transferring 100 bitcoins from a random address to an address that he controls. he solves this block and submits it to the network. In the next 20 minutes he is able to solve another 2 blocks, building up on the first malicious block, but without further manipulations.

how will the network react to that? does every honest bitcoin node verify the transactions, and will thus reject the first malicious block? how long does this verification last at the current network size? will honest nodes also reject the subsequent blocks coming from the attacker? how does this relate to the principle that the longest chain "wins"?

thanks

[Portnoy]

I will leave it to others to explain how a 51% attack works.  

But something to consider...

To reliably overwhelm the network, you'd need computing power delivering about 100,000 gigahashes per second. Computers optimized for Bitcoin processing are currently available for about $1,000/gigahash, so sufficient computing power can be bought for $100 million. Electricity cost for the deed would be about $200,000/day.

And with more companies selling ASICS and more individuals buying them those figures, I suspect, will keep going up dramatically.

[legitnick]

Do not worry a 51% attack is unlikely, next to impossible.

[AceWallen]

Not gonna happen with BTC, watch for scamcoins though! 

[Foxpup]

the attacker adds a manipulated transaction to the block the he is working on, i.e. transferring 100 bitcoins from a random address to an address that he controls.

This is not possible. Nobody, under any circumstances, can transfer coins from an address if they don't own the private key. What an attacker can do, is mine a block containing a transaction sending coins from his own address to another one of his own addresses, but not release the block or the transaction right away, and continues mining a few blocks on top of it. He simultaneously sends a transaction to, say, purchase something, and after that transaction is confirmed, he releases the blocks he mined, rendering the "confirmed" transaction suddenly invalid, and he gets his goods for free. This is known as a double-spend attack. Normally waiting for transactions to be confirmed is sufficient to defend against double-spends, but a 51% attack means even confirmed transactions can no longer be trusted. That is what makes this attack so disruptive.

how will the network react to that?

An alert will almost certainly be issued, warning users not to trust even confirmed transactions until it is clear the attack is over.

does every honest bitcoin node verify the transactions, and will thus reject the first malicious block?

Only invalid blocks will be rejected. Blocks mined as part of a 51% attack are perfectly valid, and do not contain invalid transactions. There is no way to determine whether a given block was mined as part of a 51% or not (though the attack can be detected in other ways, for example, honest miners will find their blocks are constantly being orphaned).

how does this relate to the principle that the longest chain "wins"?

In order to pull off this attack, the attacker needs to ensure that only his blocks are accepted, and nobody else's. To do this, the attacker's chain must be longer than that of the honest miners. The only way to guarantee this is to have more hashing power than everybody else (51%), thereby allowing the attacker to mine more blocks and produce the longest chain.