Bitcoin Forum
November 10, 2024, 09:12:00 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Can you retort / refute this attack on BitCoin?  (Read 5525 times)
ripper234 (OP)
Legendary
*
Offline Offline

Activity: 1358
Merit: 1003


Ron Gross


View Profile WWW
March 28, 2011, 08:37:17 AM
 #1

http://www.quora.com/Can-you-refute-these-attacks-on-BitCoin

And while we're at it

http://www.quora.com/Are-there-economic-reasons-why-BitCoin-wont-work

Please do not pm me, use ron@bitcoin.org.il instead
Mastercoin Executive Director
Co-founder of the Israeli Bitcoin Association
jgarzik
Legendary
*
Offline Offline

Activity: 1596
Merit: 1100


View Profile
March 28, 2011, 08:48:55 AM
 #2


Shocking:  he discovered the "> 50% power" attack.


Jeff Garzik, Bloq CEO, former bitcoin core dev team; opinions are my own.
Visit bloq.com / metronome.io
Donations / tip jar: 1BrufViLKnSWtuWGkryPsKsxonV2NQ7Tcj
nster
Full Member
***
Offline Offline

Activity: 126
Merit: 100


View Profile
March 28, 2011, 09:23:16 AM
 #3

Yea... and he is proposing to execute it with 4000 CPU's. This is where I stopped reading.

I'm guessing this was at the beginning of Bitcoin...

but still 0.26 Thash isn't that much... Isn't that only 260 Gh/s? Say someone that has a little bit of tech and can find good value / Gh systems. Say about 1.75Mh/s/$ (or equivalent of buying a used 5970 and OCing it alot) BUT this includes system costs and wtv, it would take under 150000$ to take down a 5M$ economy. Now you are complaining I am using numbers that are unattainable by a normal user.

Let us factor in maximum costs.... 700$/6990 that does 700Mh/s (easily obtainable) lets be very generus with 200$ for the rest of a system... 900$/ 700 Mh/s  = 1.2857.... $/ Mh/s * 260 000 Mh/s = 334 000$ to kill bitcoins, a 5M$ economy

Not sure if I missed something, just trying to play the devils advocate Smiley maybe I missed a 0 but I doubt it and am too tired too care

167q1CHgVjzLCwQwQvJ3tRMUCrjfqvSznd Donations are welcome Smiley Please be kind if I helped
nster
Full Member
***
Offline Offline

Activity: 126
Merit: 100


View Profile
March 28, 2011, 09:34:54 AM
 #4

Assuming that 50% attacker is a new player and not a part of current bitcoin network he would need not 0.26 Thps, but more like 0.6 Thps i.e. more than 50% of combined bitcoin network and his hashing power. In other words, the attacker needs more Thps than all the honest nodes combined.

Commercially this kind of hashing power can be made available for 3-4 million USD annually.




A normal person could do that for 669 000 $ + electricity costs. I doubt it would take a year to kill bitcoins with this method. A smart person or a company with the right tech could probably do better

167q1CHgVjzLCwQwQvJ3tRMUCrjfqvSznd Donations are welcome Smiley Please be kind if I helped
Grinder
Legendary
*
Offline Offline

Activity: 1284
Merit: 1001


View Profile
March 28, 2011, 10:30:29 AM
 #5

An attacker would obviously use a botnet in an attack, not build a new system. If it uses the node's GPUs as well, one of the larger botnets could probably easily overtake the bitcoin network.
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 3920
Merit: 2349


Eadem mutata resurgo


View Profile
March 28, 2011, 11:54:15 AM
 #6

What is their motivation to spend such amounts on hardware again?

They take down bitcoin, then what? Put 4000 5970's up for sale on Ebay? Doesn't make any sense.

eMansipater
Sr. Member
****
Offline Offline

Activity: 294
Merit: 273



View Profile WWW
March 28, 2011, 11:59:01 AM
 #7

@Grinder one of the larger botnets is also probably worth 3-4 million just of itself, which means it's still not worth it.

I've written a whole reply, but I can't create an account on Quora without a Facebook or Twitter one--WTF?  Anyways, here it is:  feel free to post it up there yourself.  The attached rtf has all the formatting in it--I'm too lazy to redo it here.  And I also had to call it a .doc due to filetype restrictions.  You can rename it if you want but it should open up just fine as is.  Wow.  It is not my day--it won't take the upload.  Well, if you really want formatting I can email it to you--just pm me.  And apparently the upload directory is full or something?  Just letting you know if any mods are reading this.

---------------------------------------------
All of Sebastiano's proposed attacks listed under "1)" are a usage of just one technical angle, that of overpowering the network through greater CPU power.  He gets this idea from the paper describing bitcoin, which has been publicly available from the very beginning of the project. So why isn't anyone else worried about this "attack"?

It is because they understand what "security" is.  Security in the real world is not a perfect immunity to assault because no such thing exists.  What it is is the ability to make attacks so expensive that they are not worthwhile.  Cryptography, for example, works this way.  The type of security that guards your internet banking could be easily cracked by a dedicated multibillion dollar computing facility.  But being able to break into one banking session isn't worth several billion dollars.  So in practice, your internet banking is technically safe.

Why is bitcoin technically secure?  Because this "simple" idea of overpowering it through a greater amount of computing would be completely prohibitively expensive.  There is no feasible way to create an attack by this method that would return more money than it would cost.  It's understandable that Sebastiano fails to realise this, because he estimates that one node on the bitcoin network is equivalent to one cpu.  In actual fact, a single node can represent up to 160 Billion hash operations per second of computing power (a high end CPU can probably muster 8 million hash operations per second, or 1/20,000th of that), such as the combined mining operation at mining.bitcoin.cz does.  Put simply, Sebastiano's proposed 4000 CPU's wouldn't even be noticed on the network.  A more accurate estimate of the computing power required would be around 600-800 Billion hash operations per second, or approximately 100,000 high-end CPU's.  This is more power than the world's largest supercomputer could muster, though it's also true that particular hardware is not optimised for the performance of hashing.  Why does this make a difference?  Well, there are currently only 5.7 million bitcoins in circulation.  Trading at .80 USD per bitcoin, that's a 5 million dollar total for the entire bitcoin economy.  And that's also roughly how much you'd have to spend to command the required level of computing tower for Sebastiano's attacks.  This balance isn't a mistake--the bitcoin network is carefully designed so that an increase in the value of bitcoins will result in an increase in the amount of computing power.  It can scale however high the value of bitcoins go--which means that if bitcoins continue to grow in popularity and value even supercomputing operations won't be able to bring it down.  Going back to our original definitions, that means bitcoin is "very secure".

Sebastiano also fails to realise that such a large scale attempt to manipulate the network for any significant gain would be quite obvious.  It wouldn't slip by under the cover of darkness because the signature of an attempted double-spend at this magnitude is incredibly distinct.  The bitcoin community knows to watch for it, and has already planned several potential mitigation strategies, all of which scale.

Since it's clearly not profitable, there's really only one other reason to attack bitcoin:  vandalism.  If someone is willing to spend massive amounts of resources with no return on their investment, then yes someone can vandalise bitcoin.  It's like a really inviting empty wall on a back alley, except the only spray paint that'll stick costs millions of dollars.  This really isn't a surprise--with a multimillion dollar budget to burn almost any internet technology could have been crippled shortly after launch.  But this doesn't really have anything to do with bitcoin--it applies equally to the vast majority of internet technologies we know and love.  Someone with massive resources trying to destroy something for no gain often can.  It's a fact of life.

Regarding the other listed attacks I'll only address them briefly since the bitcoin forums continually examine all of these issues in great detail.

2) Legal -Everyone learning about bitcoin should repeat this to themselves five times:  "Bitcoin is just like cash.  Bitcoin is just like cash.  Bitcoin is just like cash.  Bitcoin is just like cash.  Bitcoin is just like cash."  Cash isn't always traceable.  Cash can be moved around secretly.  Cash is sometimes used by bad guys for bad stuff, like money laundering or tax evasion.  If people don't declare it, than they are breaking the law.  Of course, they still have to explain how that yacht showed up.  Just like cash.  Bitcoin doesn't change this.  But it certainly doesn't "make the core business of a national government near to impossible."  Just like cash doesn't.  See the pattern?  But the benefits of cash outweigh these issues.  It is not "reasonable to assume that BTC will represent a deadly threat for a national state".  That's just plain ridiculous.  At worst it's heck of a lot more like p2p filesharing, where certain vested interests will rail against it but by and large it will prove useful to enough people that it's not worth going after.  And then people will build lots of cool things on top of it, like Blizzard does with World of Warcraft updates.

3) Competition -I'm only going to say this briefly, but the fact is while bitcoin started with no intrinsic value, the computed blockchain now provides genuine intrinsic value.  Why is this?  Because the security provided by "being the longest blockchain" cost a lot of computing power to produce, so if you were building a bitcoin competitor you would have to do just as much computing to make your own network as secure.  Which would cost a lot of money, if you were trying to step in and compete at the same level, so there is indeed a first-mover advantage here.  It's like if dollar bills had a full dollar's worth of security that went into producing them instead of just a few cents.  True, it's worthless for most non-currency purposes, but if you were launching another currency you have to do all that yourself.  End result?  If there is a clear improvement made over bitcoin, the bitcoin network itself will just switch to that methodology instead of being outcompeted--because the security of the existing blockchain makes that a better value proposition than starting from scratch.

which brings us to 4) Community -Sebastiano has misunderstood something about bitcoin being "open source".  Yes, the client is open source and people could theoretically (at great expense and with very sneaky ways since everyone can see what they're doing) vandalise the main client.  But the client isn't bitcoin.  Like BitTorrent, it's the protocol that is at the core of the system, and that can't just be changed from one location.  The way bitcoin works, if you create a client that doesn't follow the protocol, it just doesn't work.  It ends up in its own little network with no one else, because everybody else is in the network that follows the protocol.  There are already multiple implementations of the client by different people (a Google engineer released his own recently, vetted by Google's legal arm), and even just because of the existing clients any changes would be incompatible with everyone else.  They really only come into effect if everyone using the network voluntarily switches to running what is, in effect, a new protocol.  So this "attack" basically comes down to "convince everyone using bitcoin to use something else."  Yes, technically that would work.  But it would be pretty tough to do, and it's kind of a degenerate "attack", don't you think?

Just my .02 BTC.

If you found my post helpful, feel free to send a small tip to 1QGukeKbBQbXHtV6LgkQa977LJ3YHXXW8B
Visit the BitCoin Q&A Site to ask questions or share knowledge.
0.009 BTC too confusing?  Use mBTC instead!  Details at www.em-bit.org or visit the project thread to help make Bitcoin prices more human-friendly.
Grinder
Legendary
*
Offline Offline

Activity: 1284
Merit: 1001


View Profile
March 28, 2011, 12:26:58 PM
 #8

@Grinder one of the larger botnets is also probably worth 3-4 million just of itself, which means it's still not worth it.
The only price I have seen is $36 000 for a 100 000 node botnet. If done carefully most of the owners wouldn't notice that the client is running, so it can still be sold or used for something else when your done.
eMansipater
Sr. Member
****
Offline Offline

Activity: 294
Merit: 273



View Profile WWW
March 28, 2011, 12:36:55 PM
 #9

If done carefully most of the owners wouldn't notice that the client is running, so it can still be sold or used for something else when your done.
This is the reason attacking bitcoin would harm your botnet--running a botnet's cpus or gpus at full throttle is a good way to lose them.

If you found my post helpful, feel free to send a small tip to 1QGukeKbBQbXHtV6LgkQa977LJ3YHXXW8B
Visit the BitCoin Q&A Site to ask questions or share knowledge.
0.009 BTC too confusing?  Use mBTC instead!  Details at www.em-bit.org or visit the project thread to help make Bitcoin prices more human-friendly.
Grinder
Legendary
*
Offline Offline

Activity: 1284
Merit: 1001


View Profile
March 28, 2011, 01:46:48 PM
 #10

This is the reason attacking bitcoin would harm your botnet--running a botnet's cpus or gpus at full throttle is a good way to lose them.
That's why it wouldn't run full throttle all the time. With enough nodes there's no need to.
Garrett Burgwardt
Sr. Member
****
Offline Offline

Activity: 406
Merit: 256


View Profile
March 28, 2011, 03:11:22 PM
 #11

Assuming you're not going to run cpu's at full tilt, and you're somehow distributing the correct miner for the cpu type, then you'd need a massive amount of CPUs to pull off a 50% attack, IE millions if not a billion or more, given that the average botnet cpu is probably old and already loaded down by other crap.
nster
Full Member
***
Offline Offline

Activity: 126
Merit: 100


View Profile
March 28, 2011, 08:22:58 PM
 #12

What is their motivation to spend such amounts on hardware again?

They take down bitcoin, then what? Put 4000 5970's up for sale on Ebay? Doesn't make any sense.

he can sell bitcoins while he does it you know xD Probably also ways to bet on bitcoins downfall. ie: you can buy options to buy, you could probably buy options to sell. but I'm sure there are many othervery profitable ways

and a normal person with a lot of money will not live in their mom's basement, they will have their 5 car garage and 2000 sq. ft basement

167q1CHgVjzLCwQwQvJ3tRMUCrjfqvSznd Donations are welcome Smiley Please be kind if I helped
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
March 28, 2011, 09:14:59 PM
 #13


Yes, I could refute his scenarios.  They are based upon assumptions he has made about how the protocol actually works, and in turn how a victim's client must work.  He doesn't take into account the possibility of 'watchdog' processes alerting vendors (or their clients) to suspicious activities on the network.  (which can exist, but as of yet do not)  All his attacks basicly combine the 50% attack with an assumption of victim ignorance, and some of them aren't remotely feasible even assuming that he could afford the 50% power from Amazon.  The 'slow motion' attack was downright laughable.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
nster
Full Member
***
Offline Offline

Activity: 126
Merit: 100


View Profile
March 28, 2011, 10:12:08 PM
 #14

There are 24.2 MILLION millionaires in the world, 41% of which live in the US, where the majority of the bitcoin economy is. This is without counting companies, the majority of which can easily afford this as well. Most of the millionaires in the world probably have some $$ sense and could potentially find a way to make money out of killing bitcoins.

Now if the US GOVERNMENT didn't like bitcoins, they could definitively afford <700 000 $ to kill bitcoin and solve their problem of "collecting taxes" or whatnot

167q1CHgVjzLCwQwQvJ3tRMUCrjfqvSznd Donations are welcome Smiley Please be kind if I helped
kiba
Legendary
*
Offline Offline

Activity: 980
Merit: 1020


View Profile
March 28, 2011, 10:53:57 PM
 #15

There are 24.2 MILLION millionaires in the world, 41% of which live in the US, where the majority of the bitcoin economy is. This is without counting companies, the majority of which can easily afford this as well. Most of the millionaires in the world probably have some $$ sense and could potentially find a way to make money out of killing bitcoins.

Now if the US GOVERNMENT didn't like bitcoins, they could definitively afford <700 000 $ to kill bitcoin and solve their problem of "collecting taxes" or whatnot

That's now. When the bitcoin economy become huge, it will become more difficult for millionaire or the US government to mount to an attack. Don't forget that the bitcoin network will probably have additional measure to deal with attacks.

seanl
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
May 23, 2011, 05:56:45 PM
 #16

Couldn't we use a "seed network" of known-good hosts to prevent this sort of attack entirely? In situations where there is some sort of conflict between chains, a majority of the seed nodes could override what the rest of the network is saying. Worst case, some transactions could end up being reversed - a good reason to put a cap on the value of a single transaction.

To avoid DDoS attacks on the seed nodes themselves, they could avoid being directly connected to the network, passively listening and sending their decisions through a broadcast channel such as USENET. It may be that there doesn't even need to be a network, just a group of people who decide by consensus which of a conflicting set of chains is correct, potentially being able to synthesize a new one to "reboot" the network if things get really bad.

I realize this returns us to the problem of trusted third parties, but since they can't impose any decision without its being accepted by enough Bitcoin users, it's not only far better than bank notes, it seems to be better than a "pure" p2p solution, which is potentially DoSable.

(BTW, I'm the Sean Lynch who posted this and this.)
wb3
Member
**
Offline Offline

Activity: 112
Merit: 11


^Check Out^ Isle 3


View Profile
May 23, 2011, 06:10:45 PM
 #17

eMansipater,

  We should probably go a little deeper into BTC for new people, other than tell them your #2 BTC is just like Cash, BTC is just like Cash, BTC is just like Cash, BTC is just like Cash, BTC is just like Cash.

Because once they have BTC, they find out, wait, BTC isn't just like Cash. Can't pay my rent with it, can pay the Power bill with it. And, it isn't as secretive as Cash. BTC records all transactions, Cash doesn't. My Wallet.Dat('s) has a history of my transactions, My IRL wallet, doesn't.


Net Worth = 0.10    Hah, "Net" worth Smiley
eMansipater
Sr. Member
****
Offline Offline

Activity: 294
Merit: 273



View Profile WWW
May 23, 2011, 07:12:01 PM
 #18

eMansipater,

  We should probably go a little deeper into BTC for new people, other than tell them your #2 BTC is just like Cash, BTC is just like Cash, BTC is just like Cash, BTC is just like Cash, BTC is just like Cash.

Because once they have BTC, they find out, wait, BTC isn't just like Cash. Can't pay my rent with it, can pay the Power bill with it. And, it isn't as secretive as Cash. BTC records all transactions, Cash doesn't. My Wallet.Dat('s) has a history of my transactions, My IRL wallet, doesn't.
The reason #2 is labelled "legal" is that the cash analogy is directed only at questions of legality and potential abuse, where it is very nearly perfect.  But the threads I am working on here are definitely intended to explain BitCoin in general much more effectively.  If you'd like to support the work, feel free to help out and/or tip the linked post--number of tips especially (more than than the value of them) lets me know people are taking these efforts seriously and consider them worthwhile; it also helps me to (mildly) justify the amount of time I take away from my business to work on this.

If you found my post helpful, feel free to send a small tip to 1QGukeKbBQbXHtV6LgkQa977LJ3YHXXW8B
Visit the BitCoin Q&A Site to ask questions or share knowledge.
0.009 BTC too confusing?  Use mBTC instead!  Details at www.em-bit.org or visit the project thread to help make Bitcoin prices more human-friendly.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!