Paper 2013/868

Theoretical Bitcoin Attacks with less than Half of the Computational Power (draft)

Lear Bahack

Abstract

A widespread security claim of the Bitcoin system, presented in the original Bitcoin whitepaper, states that the security of the system is guaranteed as long as there is no attacker in possession of half or more of the total computational power used to maintain the system. This claim, however, is proved based on theoretically flawed assumptions. In the paper we analyze two kinds of attacks based on two theoretical flaws: the Block Discarding Attack and the Difficulty Raising Attack. We argue that the current theoretical limit of attacker's fraction of total computational power essential for the security of the system is in a sense not $\frac{1}{2}$ but a bit less than $\frac{1}{4}$, and outline proposals for protocol change that can raise this limit to be as close to $\frac{1}{2}$ as we want. The basic idea of the Block Discarding Attack has been noted as early as 2010, and lately was independently though-of and analyzed by both author of this paper and authors of a most recently pre-print published paper. We thus focus on the major differences of our analysis, and try to explain the unfortunate surprising coincidence. To the best of our knowledge, the second attack is presented here for the first time.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
Bitcoin
Contact author(s)
lear bahack @ gmail com
History
2013-12-29: received
Short URL
https://ia.cr/2013/868
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2013/868,
      author = {Lear Bahack},
      title = {Theoretical Bitcoin Attacks with less than Half of the Computational Power (draft)},
      howpublished = {Cryptology {ePrint} Archive, Paper 2013/868},
      year = {2013},
      url = {https://eprint.iacr.org/2013/868}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.