Paper 2015/578

Tampering with the Delivery of Blocks and Transactions in Bitcoin

Arthur Gervais, Hubert Ritzdorf, Ghassan O. Karame, and Srdjan Capkun

Abstract

Given the increasing adoption of Bitcoin, the number of transactions and the block sizes within the system are only expected to increase. To sustain its correct operation in spite of its ever-increasing use, Bitcoin implements a number of necessary optimizations and scalability measures. These measures limit the amount of information broadcast in the system to the minimum necessary. In this paper, we show that current scalability measures adopted by Bitcoin come at odds with the security of the system. More specifically, we show that an adversary can exploit these measures in order to effectively delay the propagation of transactions and blocks to specific nodes—without causing a network partitioning in the system. We show that this allows the adversary to easily mount Denial-of-Service attacks, considerably increase its mining advantage in the network, and double-spend transactions in spite of the current countermeasures adopted by Bitcoin. Based on our results, we propose a number of countermeasures in order to enhance the security of Bitcoin without deteriorating its scalability.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint. Minor revision.
Keywords
BitcoinScalabilityP2P networks
Contact author(s)
arthur gervais @ inf ethz ch
History
2015-06-17: received
Short URL
https://ia.cr/2015/578
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/578,
      author = {Arthur Gervais and Hubert Ritzdorf and Ghassan O.  Karame and Srdjan Capkun},
      title = {Tampering with the Delivery of Blocks and Transactions in Bitcoin},
      howpublished = {Cryptology ePrint Archive, Paper 2015/578},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/578}},
      url = {https://eprint.iacr.org/2015/578}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.