Bitcoin Forum
March 29, 2024, 04:53:08 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: 2013-11-05 BBC.co.uk: Bitcoin at risk of network attack, say researchers  (Read 1463 times)
P_Shep (OP)
Legendary
*
Offline Offline

Activity: 1795
Merit: 1198


This is not OK.


View Profile
November 05, 2013, 02:07:42 PM
 #1

Huh

http://www.bbc.co.uk/news/technology-24818975
1711687988
Hero Member
*
Offline Offline

Posts: 1711687988

View Profile Personal Message (Offline)

Ignore
1711687988
Reply with quote  #2

1711687988
Report to moderator
1711687988
Hero Member
*
Offline Offline

Posts: 1711687988

View Profile Personal Message (Offline)

Ignore
1711687988
Reply with quote  #2

1711687988
Report to moderator
You get merit points when someone likes your post enough to give you some. And for every 2 merit points you receive, you can send 1 merit point to someone else!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711687988
Hero Member
*
Offline Offline

Posts: 1711687988

View Profile Personal Message (Offline)

Ignore
1711687988
Reply with quote  #2

1711687988
Report to moderator
1711687988
Hero Member
*
Offline Offline

Posts: 1711687988

View Profile Personal Message (Offline)

Ignore
1711687988
Reply with quote  #2

1711687988
Report to moderator
1711687988
Hero Member
*
Offline Offline

Posts: 1711687988

View Profile Personal Message (Offline)

Ignore
1711687988
Reply with quote  #2

1711687988
Report to moderator
Izerian
Member
**
Offline Offline

Activity: 86
Merit: 10


View Profile
November 05, 2013, 02:27:39 PM
 #2


Not sure about the attack, doesn't make sense to me how it would work... If you didn't report blocks found then no one else would acknowledge your "find"? Basically, they would be fake?

Can someone clarify this?
P_Shep (OP)
Legendary
*
Offline Offline

Activity: 1795
Merit: 1198


This is not OK.


View Profile
November 05, 2013, 02:29:23 PM
 #3

Just found they're discussing it here:
https://bitcointalk.org/index.php?topic=324413.0
Arvicco
Hero Member
*****
Offline Offline

Activity: 574
Merit: 501


Please bear with me


View Profile WWW
November 05, 2013, 04:18:00 PM
 #4

I think this IS a 51% attack in disguise, and the scenario it describes is based on a faulty assumption.

Not only does this attack require at least 25% of the network to even start it, the attackers need to somehow coopt or trick additional 26% of miners to join them in the attack. It is all based on the assumption that the miners are "selfish" to the point of happily joining the attack for a minuscule short term benefit regardless of any long-term consequences. Such as potential destruction of the very network they are deriving their income from.

So, in reality this should play out like this. One of the major pools (such as BTCGuild or Eligius) suddenly starts acting weird, announces an intention to screw everyone and take over the network. Not only that, they invite everyone else to join their Evil Empire asap. "Selfish miners", out of their natural greed and malice, abandon the "honest" network and join up in droves until the "evil network" reaches 51%, overpowers honest miners and starts wrecking chaos...

How realistic is this scenario? Would not it be more realistic for the miners to move from the "rogue" pool instead, depriving it of any hashpower it previously held?

Why is anyone even discussing it seriously as something "novel" is beyond me...

Shermo
Sr. Member
****
Offline Offline

Activity: 272
Merit: 250



View Profile
November 05, 2013, 06:38:54 PM
 #5

I think what they are implying is that a big pool could try and solve a second block without telling anyone that they already solved a block, but that is basically a big gamble that they can solve a second block before someone else solves the first block and announces, which is not likely unless they have 51%?

It's basically a gamble, and it would be obvious if a pool started regularly submitting two blocks close to each other.
IYFTech
Hero Member
*****
Offline Offline

Activity: 686
Merit: 500


WANTED: Active dev to fix & re-write p2pool in C


View Profile
November 05, 2013, 07:05:07 PM
 #6

I think it's yet another typical Bankster Backed Corporation (BBC) bullshit slur story.

Ignore it.  Wink

-- Smiley  Thank you for smoking  Smiley --  If you paid VAT to dogie for items you should read this thread:  https://bitcointalk.org/index.php?topic=1018906.0
420
Hero Member
*****
Offline Offline

Activity: 756
Merit: 500



View Profile
November 05, 2013, 08:36:04 PM
 #7

let me summarize for anyone:

beginning of article: an attack on the network could happen from a vulnerability exploited by selfish large miners

end of article: the attack is very unlikely and almost improbable


Donations: 1JVhKjUKSjBd7fPXQJsBs5P3Yphk38AqPr - TIPS
the hacks, the hacks, secure your bits!
prophetx
Legendary
*
Offline Offline

Activity: 1666
Merit: 1010


he who has the gold makes the rules


View Profile WWW
November 05, 2013, 09:13:08 PM
 #8

paper is here

http://arxiv.org/pdf/1311.0243v2.pdf

the only issue is that they assume that selfish miners do not care about what selfish mining would do to the value of bitcoin... sign...
420
Hero Member
*****
Offline Offline

Activity: 756
Merit: 500



View Profile
November 05, 2013, 09:19:07 PM
 #9

paper is here

http://arxiv.org/pdf/1311.0243v2.pdf

the only issue is that they assume that selfish miners do not care about what selfish mining would do to the value of bitcoin... sign...

this was addressed in satoshi's white paper

The incentive may help encourage nodes to stay honest. If a greedy attacker is able to assemble more CPU power than all the honest nodes, he would have to choose between using it to defraud people by stealing back his payments, or using it to generate new coins. He ought to find it more profitable to play by the rules, such rules that favour him with more new coins than everyone else combined, than to undermine the system and the validity of his own wealth.

http://libertyblitzkrieg.com/2013/10/31/five-years-ago-today-bitcoin-was-born-read-satoshis-original-white-paper/

Donations: 1JVhKjUKSjBd7fPXQJsBs5P3Yphk38AqPr - TIPS
the hacks, the hacks, secure your bits!
darkmule
Legendary
*
Offline Offline

Activity: 1176
Merit: 1005



View Profile
November 05, 2013, 09:21:42 PM
 #10

For this to be successful, wouldn't you need an extraordinary combination of short-sighted malice from the Bad Guys combined with utter obliviousness from everyone else not involved in the attack?
420
Hero Member
*****
Offline Offline

Activity: 756
Merit: 500



View Profile
November 05, 2013, 09:35:22 PM
 #11

For this to be successful, wouldn't you need an extraordinary combination of short-sighted malice from the Bad Guys combined with utter obliviousness from everyone else not involved in the attack?

right. you'd need a pool or else secretly have hundreds of millions of mining hardware.

and for u to keep hashing power you'd have to assume your users at the pool didn't find out what you were doing Tongue

Donations: 1JVhKjUKSjBd7fPXQJsBs5P3Yphk38AqPr - TIPS
the hacks, the hacks, secure your bits!
cloudswrest
Newbie
*
Offline Offline

Activity: 24
Merit: 0


View Profile
November 05, 2013, 09:38:01 PM
 #12

It's not a 51% attack, but you do need a sizable fraction of the hash rate in order to be successful.  According to the algorithm the longest block chain wins.  No need to publish it immediately.

1.    Find a successful hash but do not publish it.

2.    Start working on the next block.  While your pool is working on the next block, everybody else is still wasting time working on the previous block.

3.     Find the next hash and publish (or not and try for three ...).  Even if your second hash comes after someone else finds another hash to the previous block, your block chain is a block longer than theirs.  You win.  If you're ahead two blocks (which would not be rare if you have 25+% of the hash rate) then you have even more time to game the system.  

It's basically doubling down.  You won't win all the time, or perhaps not even most of the time, but  if you have 25%+ of the hash capacity you increase your odds greater than your share of the total hash capacity on average.
Carlton Banks
Legendary
*
Offline Offline

Activity: 3430
Merit: 3068



View Profile
November 05, 2013, 09:49:16 PM
Last edit: November 06, 2013, 12:11:29 AM by Carlton Banks
 #13

For this to be successful, wouldn't you need an extraordinary combination of short-sighted malice from the Bad Guys combined with utter obliviousness from everyone else not involved in the attack?

For it to be a consummate success, you need 51% of the network as well, not just 25+ or 33+.

The likelihood of solving 2 blocks consecutive blocks (and holding the first back from propagation while you're working on the next) is very low for someone with less than 50% of the network hashrate. Much less likely than some other miner solving the current block from underneath you, nullifying all the work you've done on your potential cheaters block (it will not be valid as the solution to the honest miners block). If the "selfish" miner tried this multiple times, hoping they might get a lucky streak, they'd be statistically bound to end up throwing away alot of good block solution rewards, all just for the sake of getting a better chance of solving consecutive blocks? The probability of creating a self replenishing chain of blocks becomes smaller with each new consecutive block, < 50% hashrate simply cannot be that lucky.

So if you're a miner with malign intent, I think there are more things to worry about if you end up running > 51% of the network. There are much more "profitable" things you can do, but again, it's self-defeating; you'd quickly become 100% of a network that no-one was using, and of a cryptocurrency with a substantially reduced exchange rate. 51% is only any good as a takedown, not as a profitable move. The idea that you'd use 51% for the Cornell attack is beside the point.

Tl;dr: Selfish to the point of stupidity, such that you gain nothing, isn't actually selfish at all. Cornell selfish miner attack can only be a failed attempt at selfishness. 51% makes it a success. Then that fails. Fail no matter what, basically.


Vires in numeris
kjlimo
Legendary
*
Offline Offline

Activity: 2086
Merit: 1031


View Profile WWW
November 05, 2013, 10:25:39 PM
 #14

Perhaps trying to hack pools and gain access to their miners and intercept communication with pooled hardware would be the easiest way to obtain 51% of the network.

This can be mitigated by many spread out pools with distributed hash power; however, I'm guessing again that this wouldn't be easy, but perhaps just as "easy" as any of these other impossible feats?

Coinbase for selling BTCs
Fold for spending BTCs
PM me with any questions on these sites/apps!  http://www.montybitcoin.com


or Vircurex for trading alt cryptocurrencies like DOGEs
CoinNinja for exploring the blockchain.
Carlton Banks
Legendary
*
Offline Offline

Activity: 3430
Merit: 3068



View Profile
November 05, 2013, 10:52:43 PM
 #15

It's not a 51% attack, but you do need a sizable fraction of the hash rate in order to be successful.

Define "success".

Sure, you can do the attack successfully, but with less than 51% hashrate, you'll burn more good block solutions than the number of successful attacks. Stupidest "attack" you can come up with, you end up attacking your own mining profits, just so you can "cheat" (and end up cheating yourself).

Vires in numeris
de3mka
Member
**
Offline Offline

Activity: 102
Merit: 13


How do I change an avatar?


View Profile
November 05, 2013, 11:10:47 PM
 #16

Found very good explanation of this. This is about the way of getting more miners to your "selfish" pool.

My ELI5 explanation that I posed to bitcoin-development might help people understand the attack:

Alice is a miner with some amount of hashing power. She has the ability to detect new blocks on the network extremely effectively because she has controls a lot of nodes with low-latency, high-bandwidth connections; in short she has unusually good knowledge of the state of the network. She is also very good at publishing her blocks and getting them to the majority of hashing power in very little time; she has unusually good connectivity to all miners. (again low-latency and high bandwidth)

She's so good at this that when she finds a new block, she keeps it a secret! She can get away with this because she knows that the moment any other miner, like Bob, finds a block, she can immediately broadcast it to the rest of the network before the other block propagates. Instead of building on Bob's blocks, almost everyone builds on Alice's block, having seen it first, depriving Bob of the revenue. Gradually Alice gets more and more miners because all the other pools don't pay out as much as Alice's pool does. This eventually leads to Alice having a majority of hashing power, or if not that due to social pressure, a majority of the mining revenue.

BTC: 16o89714EG9WGyi39NxifutFYk55QkxqQK
dave111223
Legendary
*
Offline Offline

Activity: 1190
Merit: 1001


View Profile WWW
November 05, 2013, 11:40:48 PM
 #17

It's not a 51% attack, but you do need a sizable fraction of the hash rate in order to be successful.  According to the algorithm the longest block chain wins.  No need to publish it immediately.

1.    Find a successful hash but do not publish it.

2.    Start working on the next block.  While your pool is working on the next block, everybody else is still wasting time working on the previous block.

3.     Find the next hash and publish (or not and try for three ...).  Even if your second hash comes after someone else finds another hash to the previous block, your block chain is a block longer than theirs.  You win.  If you're ahead two blocks (which would not be rare if you have 25+% of the hash rate) then you have even more time to game the system.  

It's basically doubling down.  You won't win all the time, or perhaps not even most of the time, but  if you have 25%+ of the hash capacity you increase your odds greater than your share of the total hash capacity on average.

So basically a big pool like BTCguild might be able to pull it for a few hours or so until everyone realized they were submitting multiple blocks together and moved to other pools?
Carlton Banks
Legendary
*
Offline Offline

Activity: 3430
Merit: 3068



View Profile
November 06, 2013, 12:02:33 AM
 #18

Found very good explanation of this. This is about the way of getting more miners to your "selfish" pool.

My ELI5 explanation that I posed to bitcoin-development might help people understand the attack:

Alice is a miner with some amount of hashing power. She has the ability to detect new blocks on the network extremely effectively because she has controls a lot of nodes with low-latency, high-bandwidth connections; in short she has unusually good knowledge of the state of the network. She is also very good at publishing her blocks and getting them to the majority of hashing power in very little time; she has unusually good connectivity to all miners. (again low-latency and high bandwidth)

She's so good at this that when she finds a new block, she keeps it a secret! She can get away with this because she knows that the moment any other miner, like Bob, finds a block, she can immediately broadcast it to the rest of the network before the other block propagates. Instead of building on Bob's blocks, almost everyone builds on Alice's block, having seen it first, depriving Bob of the revenue. Gradually Alice gets more and more miners because all the other pools don't pay out as much as Alice's pool does. This eventually leads to Alice having a majority of hashing power, or if not that due to social pressure, a majority of the mining revenue.

No, this is an incentive to get all pools to strategise their Bitcoin client connections amongst other clients that are the best connected, best located and have the lowest latency network hardware. An incentive that already exists. That all the pool operators are more than aware of. Just because someone can write "She has the ability to detect new blocks on the network extremely effectively because she has controls a lot of nodes with low-latency, high-bandwidth connections" in a sentence, it doesn't magically become possible to create it at will. Even if "Selfish" Miner does their absolute best to develop their LowLatencyDreamNettm, every other pool operator is working to do the same, within the same constraints.

Vires in numeris
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!