Papers
Topics
Authors
Recent
Search
2000 character limit reached

Time-Restricted Double-Spending Attack on PoW-based Blockchains

Published 27 Feb 2024 in cs.CR | (2402.17223v1)

Abstract: Numerous blockchain applications are designed with tasks that naturally have finite durations, and hence, a double-spending attack (DSA) on such blockchain applications leans towards being conducted within a finite timeframe, specifically before the completion of their tasks. Furthermore, existing research suggests that practical attackers typically favor executing a DSA within a finite timeframe due to their limited computational resources. These observations serve as the impetus for this paper to investigate a time-restricted DSA (TR-DSA) model on Proof-of-Work based blockchains. In this TR-DSA model, an attacker only mines its branch within a finite timeframe, and the TR-DSA is considered unsuccessful if the attacker's branch fails to surpass the honest miners' branch when the honest miners' branch has grown by a specific number of blocks. First, we developed a general closed-form expression for the success probability of a TR-DSA. This developed probability not only can assist in evaluating the risk of a DSA on blockchain applications with timely tasks, but also can enable practical attackers with limited computational resources to assess the feasibility and expected reward of launching a TR-DSA. In addition, we provide rigorous proof that the success probability of a TR-DSA is no greater than that of a time-unrestricted DSA where the attacker indefinitely mines its branch. This result implies that blockchain applications with timely tasks are less vulnerable to DSAs than blockchain applications that provide attackers with an unlimited timeframe for their attacks. Furthermore, we show that the success probability of a TR-DSA is always smaller than one even though the attacker controls more than half of the hash rate in the network. This result alerts attackers that there is still a risk of failure in launching a TR-DSA even if they amass a majority of the hash rate in the network.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (48)
  1. S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” Decentralized Business Review, p. 21260, 2008.
  2. G. Wood et al., “Ethereum: A secure decentralised generalised transaction ledger,” Ethereum project yellow paper, vol. 151, no. 2014, pp. 1–32, 2014.
  3. D. Hopwood, S. Bowe, T. Hornby, and N. Wilcox, “Zcash protocol specification,” GitHub: San Francisco, CA, USA, p. 1, 2016.
  4. M. N. Kurt, Y. Yılmaz, and X. Wang, “Secure distributed dynamic state estimation in wide-area smart grids,” IEEE Trans. Inf. Forensics Security, vol. 15, pp. 800–815, 2020.
  5. Z. Yang, K. Yang, L. Lei, K. Zheng, and V. C. M. Leung, “Blockchain-based decentralized trust management in vehicular networks,” IEEE Internet Things J., vol. 6, no. 2, pp. 1495–1505, 2019.
  6. P. K. Sharma, S. Rathore, and J. H. Park, “DistArch-SCNet: Blockchain-Based distributed architecture with Li-Fi communication for a scalable smart city network,” IEEE Consumer Electron. Mag., vol. 7, no. 4, pp. 55–64, 2018.
  7. Y. Jiang and J. Zhang, “Distributed detection over blockchain-aided Internet of Things in the presence of attacks,” IEEE Trans. Inf. Forensics Security, vol. 18, pp. 3445–3460, 2023.
  8. Y. Li, W. Susilo, G. Yang, Y. Yu, D. Liu, X. Du, and M. Guizani, “A blockchain-based self-tallying voting protocol in decentralized IoT,” IEEE Trans. Dependable Secure Comput., vol. 19, no. 1, pp. 119–130, 2022.
  9. Z. Su, Y. Wang, Q. Xu, and N. Zhang, “LVBS: Lightweight vehic lightweight vehicular blockchain for secure data sharing in disaster rescueular blockchain for secure data sharing in disaster rescue,” IEEE Trans. Dependable Secure Comput., vol. 19, no. 1, pp. 19–32, 2022.
  10. J. Weng, J. Weng, J. Zhang, M. Li, Y. Zhang, and W. Luo, “DeepChain: Auditable and privacy-preserving deep learning with blockchain-based incentive,” IEEE Trans. Dependable Secure Comput., vol. 18, no. 5, pp. 2438–2455, 2021.
  11. Z. Ouyang, J. Shao, and Y. Zeng, “Pow and pos and related applications,” in 2021 Int. Conf. Electron. Inf. Eng. Comput. Sci. (EIECS), 2021, pp. 59–62.
  12. Y. Kwon, H. Kim, J. Shin, and Y. Kim, “Bitcoin vs. bitcoin cash: Coexistence or downfall of bitcoin cash?” in 2019 IEEE Symp. Security Privacy (SP), 2019, pp. 935–951.
  13. J. Garay, A. Kiayias, and N. Leonardos, “The bitcoin backbone protocol: Analysis and applications,” in Annu. int. conf. theory appl. cryptograph. tech.   Springer, 2015, pp. 281–310.
  14. R. Pass, L. Seeman, and A. Shelat, “Analysis of the blockchain protocol in asynchronous networks,” in Annu. int. conf. theory appl. cryptograph. tech.   Springer, 2017, pp. 643–673.
  15. L. Kiffer, R. Rajaraman, and A. Shelat, “A better method to analyze blockchain consistency,” in Proc. ACM SIGSAC Conf. Comput. Commun. Secur., 2018, pp. 729–744.
  16. L. Ren, “Analysis of nakamoto consensus,” Cryptol. ePrint Archive, 2019.
  17. A. Dembo, S. Kannan, E. N. Tas, D. Tse, P. Viswanath, X. Wang, and O. Zeitouni, “Everything is a race and nakamoto always wins,” in Proc. ACM SIGSAC Conf. Comput. Commun. Secur., 2020, pp. 859–878.
  18. M. Rosenfeld, “Analysis of hashrate-based double spending,” arXiv preprint arXiv:1402.2009, 2014.
  19. S. Zhang and J.-H. Lee, “Double-spending with a sybil attack in the bitcoin decentralized network,” IEEE Trans. Industr. Inform., vol. 15, no. 10, pp. 5715–5722, 2019.
  20. C. Grunspan and R. Pérez-Marco, “Double spend races,” Int. J. Theor. Appl. Finance, vol. 21, no. 08, p. 1850053, 2018.
  21. A. P. Ozisik and B. N. Levine, “An explanation of nakamoto’s analysis of double-spend attacks,” arXiv preprint arXiv:1701.03977, 2017.
  22. I. Eyal and E. G. Sirer, “Majority is not enough: Bitcoin mining is vulnerable,” Commun. ACM, vol. 61, no. 7, pp. 95–102, 2018.
  23. Q. Bai, X. Zhou, X. Wang, Y. Xu, X. Wang, and Q. Kong, “A deep dive into blockchain selfish mining,” in ICC - IEEE Int. Conf. Commun. (ICC).   IEEE, 2019, pp. 1–6.
  24. H. Shi, S. Wang, Q. Hu, X. Cheng, J. Zhang, and J. Yu, “Fee-free pooled mining for countering pool-hopping attack in blockchain,” IEEE Trans. Dependable Secure Comput., vol. 18, no. 4, pp. 1580–1590, 2020.
  25. M. Apostolaki, A. Zohar, and L. Vanbever, “Hijacking bitcoin: Routing attacks on cryptocurrencies,” in 2017 IEEE Symp. Security Privacy (SP), 2017, pp. 375–392.
  26. E. Heilman, A. Kendler, A. Zohar, and S. Goldberg, “Eclipse attacks on bitcoin’s peer-to-peer network,” in USENIX Security Symp., 2015, pp. 129–144.
  27. A. E. Yves-Christian, B. Hammi, A. Serhrouchni, and H. Labiod, “Total eclipse: How to completely isolate a bitcoin peer,” in 3rd Int. Conf. Secur. Smart Cities, Ind. Control Syst. Commun. (SSIC).   IEEE, 2018, pp. 1–7.
  28. “Bitcoin gold suffers double spend attacks, $17.5 million lost,” URL: https://www.zdnet.com/article/bitcoin-gold-hit-with-double-spend-attacks-18-million-lost/.
  29. “Zencash statement on double spend attack,” URL: https://blog.horizen.io/zencash-statement-on-double-spend-attack/.
  30. “Ethereum classic attacker successfully double-spends $1.68m in second attack: Report,” URL: https://www.coindesk.com/markets/2020/08/07/ethereum-classic-attacker-successfully-double-spends-168m-in-second-attack-report/.
  31. “Verge of disaster: 200 days transactions wiped from blockchain,” URL: https://cointelegraph.com/news/verge-of-disaster-200-days-transactions-wiped-from-blockchain.
  32. E. Zaghloul, T. Li, M. W. Mutka, and J. Ren, “Bitcoin and blockchain: Security and privacy,” IEEE Internet Things J., vol. 7, no. 10, pp. 10 288–10 313, 2020.
  33. Y. Yang, Z. Guan, Z. Wan, J. Weng, H. H. Pang, and R. H. Deng, “Priscore: Blockchain-based self-tallying election system supporting score voting,” IEEE Trans. Inf. Forensics Security, vol. 16, pp. 4705–4720, 2021.
  34. F. Þ. Hjálmarsson, G. K. Hreiðarsson, M. Hamdaqa, and G. Hjálmtỳsson, “Blockchain-based e-voting system,” in 2018 IEEE 11th Int. Conf. Cloud Comput. (CLOUD), 2018, pp. 983–986.
  35. A. Lei, H. Cruickshank, Y. Cao, P. Asuquo, C. P. A. Ogah, and Z. Sun, “Blockchain-based dynamic key management for heterogeneous intelligent transportation systems,” IEEE Internet Things J., vol. 4, no. 6, pp. 1832–1843, 2017.
  36. X. Ling, J. Wang, T. Bouchoucha, B. C. Levy, and Z. Ding, “Blockchain radio access network (B-RAN): Towards decentralized secure radio access paradigm,” IEEE Access, vol. 7, pp. 9714–9723, 2019.
  37. L. Li, J. Liu, L. Cheng, S. Qiu, W. Wang, X. Zhang, and Z. Zhang, “Creditcoin: A privacy-preserving blockchain-based incentive announcement network for communications of smart vehicles,” IEEE Trans. Intell. Transp. Syst., vol. 19, no. 7, pp. 2204–2220, 2018.
  38. L. Zhou, L. Wang, Y. Sun, and P. Lv, “BeeKeeper: A blockchain-based IoT system with secure storage and homomorphic computation,” IEEE Access, vol. 6, pp. 43 472–43 488, 2018.
  39. Q. Yang and H. Wang, “Privacy-preserving transactive energy management for IoT-aided smart homes via blockchain,” IEEE Internet Things J., vol. 8, no. 14, pp. 11 463–11 475, 2021.
  40. S. Asefi, Y. Madhwal, Y. Yanovich, and E. Gryazina, “Application of blockchain for secure data transmission in distributed state estimation,” IEEE Trans. Control Netw. Syst., pp. 1–1, 2021.
  41. C. Grunspan and R. Pérez-Marco, “On profitability of nakamoto double spend,” Probab. Eng. Inf. Sci., vol. 36, no. 3, pp. 732–746, 2022.
  42. V. Hassija, V. Gupta, S. Garg, and V. Chamola, “Traffic jam probability estimation based on blockchain and deep neural networks,” IEEE Trans. Intell. Transp. Syst., vol. 22, no. 7, pp. 3919–3928, 2021.
  43. J. Zheng, H. Huang, Z. Zheng, and S. Guo, “Adaptive double-spending attacks on PoW-based blockchains,” IEEE Trans. Dependable Secure Comput., pp. 1–13, 2023.
  44. B. Biais, C. Bisiere, M. Bouvard, and C. Casamatta, “The blockchain folk theorem,” Rev. Financ. Stud., vol. 32, no. 5, pp. 1662–1715, 2019.
  45. N. Z. Aitzhan and D. Svetinovic, “Security and privacy in decentralized energy trading through multi-signatures, blockchain and anonymous messaging streams,” IEEE Trans. Dependable Secure Comput., vol. 15, no. 5, pp. 840–852, 2018.
  46. G. Tian, Y. Hu, J. Wei, Z. Liu, X. Huang, X. Chen, and W. Susilo, “Blockchain-based secure deduplication and shared auditing in decentralized storage,” IEEE Trans. Dependable Secure Comput., vol. 19, no. 6, pp. 3941–3954, 2022.
  47. M. Li, Y. Chen, L. Zhu, Z. Zhang, J. Ni, C. Lal, and M. Conti, “Astraea: Anonymous and secure auditing based on private smart contracts for donation systems,” IEEE Trans. Dependable Secure Comput., vol. 20, no. 4, pp. 3002–3018, 2023.
  48. J. Jang and H.-N. Lee, “Profitable double-spending attacks,” Appl. Sci., vol. 10, no. 23, p. 8477, 2020.
Citations (2)
View on Semantic Scholar

Summary

No one has generated a summary of this paper yet.

Sign Up to Summarize

Paper to Video (Beta)

No one has generated a video about this paper yet.

Sign Up to Generate All Videos Subscribe on YouTube

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Generate Now

Authors (2)

  1. Yiming Jiang 
  2. Jiangfan Zhang 

Collections

Sign up for free to add this paper to one or more collections.

Sign Up