1 / 109

#Hopperx1London

Learn how SABRE, an overlay network of special Bitcoin clients, can protect the Bitcoin network from dangerous and effective partition attacks that can lead to double-spending, revenue loss, and denial of service. This joint research by Maria Apostolaki and her team at ETH Zurich highlights the vulnerabilities of any blockchain system and presents a practical solution.

yfields
Download Presentation

#Hopperx1London

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. #Hopperx1London

  2. SABRE Protecting Bitcoin against Routing Attacks Maria Apostolaki ETH Zürich Joint work with Gian Marti, Jan Müller and Laurent Vanbever

  3. Partition Attack An adversary splits the Bitcoin network in two disjoint components #Hopperx1London

  4. Partition attack is general, dangerous, effective, practical #Hopperx1London

  5. Partition attack is general, dangerous, effective, practical Any Blockchain system is vulnerable #Hopperx1London

  6. Partition attack is general, dangerous, effective, practical Any Blockchain system is vulnerable Double-spending, Revenue Loss, DoS #Hopperx1London

  7. Partition attack is general, dangerous, effective, practical Any Blockchain system is vulnerable Double-spending, Revenue Loss, DoS 50-50 partition is feasible #Hopperx1London

  8. Partition attack is general, dangerous, effective, practical Any Blockchain system is vulnerable Double-spending, Revenue Loss, DoS 50-50 partition is feasible Any network in the world is a possible attacker #Hopperx1London

  9. In 2017 we uncovered the practicality and effectiveness of routing attacks in Bitcoin Any Blockchain system is vulnerable 50-50 partition is feasible • Double-spending, Revenue Loss, DoS Any network in the world is a possible attacker #Hopperx1London Type to enter a caption.

  10. Bitcoin is a distributed network of nodes (Bitcoin clients) j n o k p l m q #Hopperx1London

  11. Bitcoin clients establish random connections j n o k p l m q #Hopperx1London

  12. Bitcoin clients exchange Blocks block j n o k p l m q #Hopperx1London

  13. Blocks contain the latest transactions block block j n o block k p l m q #Hopperx1London

  14. Bitcoin clients exchange Blocks block block j n block o block k p l block m q #Hopperx1London

  15. Bitcoin clients exchange Blocks until all clients have the same view of the transactions block block j n block o block k p l block block m q block block #Hopperx1London until all clients have it

  16. What can go wrong? #Hopperx1London

  17. Bitcoin connections are routed over the Internet using BGP, the default Internet routing protocol j n Internet o k p l m q #Hopperx1London

  18. The Internet is composed of Autonomous Systems E j n B B H A A G C C o k D D I p F l m q #Hopperx1London

  19. Each Bitcoin client n has an IP 82.0.0.3 E j n B B H A A G C C o k D D I p F l m q #Hopperx1London

  20. AS H creates a BGP advertisement for n’s IP prefix 82.0.0.3 E j n 82.0.0.0/23 B B H Path: A A G C C o k D D I p F l m q #Hopperx1London

  21. BGP propagates advertisements in the Internet 82.0.0.0/23 82.0.0.3 Path: H E j n 82.0.0.0/2 B B H 82.0.0.0/23 Path: H A A G 82.0.0.0/23 C C Path: H o k D D I p F l m q #Hopperx1London

  22. BGP propagates advertisements in the Internet 82.0.0.0/23 82.0.0.3 Path: E H E j n 82.0.0.0/2 B B H 82.0.0.0/23 A A G Path: G H 82.0.0.0/23 C Path: B H C o k D D I p F l 82.0.0.0/23 m q Path: I H #Hopperx1London

  23. AS I can directly reach AS H 82.0.0.3 E j n 82.0.0.0/2 82.0.0.0/23 B B H Path: H A A G C 82.0.0.0/23 C Path: H o k D D I p F l 82.0.0.0/23 Path: I H m q #Hopperx1London

  24. BGP does not check the legitimacy of advertisements E j n 82.0.0.0/2 82.0.0.0/23 B B H Path: H A A G C 82.0.0.0/23 C Path: H o k D D I p F l 82.0.0.0/23 Path: I H m q #Hopperx1London

  25. Attacker creates a fake BGP advertisement E j n 82.0.0.0/2 82.0.0.0/23 B B H Path: H 82.0.0.0/24 A A G Path: H G C C o k D D I p F l m q #Hopperx1London

  26. Attacker attracts traffic destined to AS H using BGP hijacking E j n 82.0.0.0/2 82.0.0.0/23 B B H Path: H 82.0.0.0/24 A A G Path: H G C C o k D D I p F l m q #Hopperx1London

  27. Attacker attracts connections with BGP hijacking E j n 82.0.0.0/2 B B H A A G C C o k D D I p F l m q #Hopperx1London

  28. Attacker drops connections crossing the partition E j n 82.0.0.0/2 B B H A A G C C o k D D I p F l m q #Hopperx1London

  29. A new block in the grey zone cannot be propagated further E j n block 82.0.0.0/2 B B H A A G C C o k D D I p F l m q #Hopperx1London

  30. SABRE: Additional channel that is engineered to allow clients to exchange blocks, even if the Bitcoin network is partitioned #Hopperx1London

  31. SABRE: Additional channel that is engineered to allow clients to exchange blocks, even if the Bitcoin network is partitioned … without the need to deploy secure routing protocols #Hopperx1London

  32. SABRE does not affect any of the regular Bitcoin clients E j n B B H A A G C C o k D D I p F l m q #Hopperx1London

  33. SABRE is an overlay network of special Bitcoin clients E j n B B H A A G C C o k D D I p F l m q #Hopperx1London

  34. SABRE nodes are connected to each other E j n B B H A A G C C o k D D I p F l m q #Hopperx1London

  35. Each Bitcoin client connects to at least one SABRE node E j n B B H A A G C C o k D D I p F l m q #Hopperx1London

  36. SABRE protects the Bitcoin network from partition attacks E j n B B H A A G C C o k D D I p F l m q #Hopperx1London

  37. Block is propagated via the SABRE network E j n block B B H A A G C C o k D D I p F l m q #Hopperx1London

  38. The attacker might try to fight back by attacking SABRE itself #Hopperx1London

  39. The attacker might try to fight back by attacking SABRE itself Attacker knows SABRE’s locations and code BGP hijacks against SABRE nodes malicious requests to take down SABRE nodes #Hopperx1London

  40. SABRE is an additional overlay network which allows communication, even if the Bitcoin network is partitioned #Hopperx1London

  41. SABRE is an additional overlay network which allows communication, even if the Bitcoin network is partitioned SABRE needs to… secure relay-to-relay connections #Hopperx1London

  42. SABRE is an additional overlay network which allows communication, even if the Bitcoin network is partitioned SABRE needs to… secure relay-to-relay connections remain reachable by Bitcoin clients #Hopperx1London

  43. SABRE is an additional overlay network which allows communication, even if the Bitcoin network is partitioned SABRE needs to… secure relay-to-relay connections remain reachable by Bitcoin clients relay blocks seamlessly #Hopperx1London

  44. SABRE is an additional overlay network which allows communication, even if the Bitcoin network is partitioned SABRE needs to… secure relay-to-relay connections • Network • Design remain reachable by Bitcoin clients relay blocks seamlessly #Hopperx1London

  45. SABRE is an additional overlay network which allows communication, even if the Bitcoin network is partitioned SABRE needs to… secure relay-to-relay connections • Network • Design remain reachable by Bitcoin clients • Node • Design relay blocks seamlessly #Hopperx1London

  46. SABRE Protecting Bitcoin against Routing Attacks SABRE location inherently safe locations SABRE design software/hardware Deployability deployment opportunities #Hopperx1London

  47. SABRE Protecting Bitcoin against Routing Attacks SABRE location inherently safe locations SABRE design software/hardware Deployability deployment opportunities #Hopperx1London

  48. SABRE is an additional overlay network which allows communication, even if the Bitcoin network is partitioned SABRE needs to… secure relay-to-relay connections remain reachable by Bitcoin clients • Node • Design relay blocks #Hopperx1London

  49. SABRE is an additional overlay network which allows communication, even if the Bitcoin network is partitioned SABRE needs to… secure relay-to-relay connections remain reachable by Bitcoin clients • Node • Design relay blocks #Hopperx1London

  50. SABRE selects nodes that satisfy three properties each node is hosted in /24 IP prefixes nodes are connected via financially & distance-wise optimal paths relay graph is k-connected #Hopperx1London

More Related