Paper 2022/477

Subverting Cryptographic Hardware used in Blockchain Consensus

Pratyush Ranjan Tiwari, Johns Hopkins University
Matthew Green, Johns Hopkins University
Abstract

In this work, we study and formalize security notions for algorithm substitution attacks (ASAs) on em cryptographic puzzles. Puzzles are difficult problems that require an investment of computation, memory, or some other related resource. They are heavily used as a building block for the consensus networks used by cryptocurrencies. These include primitives such as proof-of-work, proof-of-space, and verifiable delay functions (VDFs). Due to economies of scale, these networks increasingly rely on a small number of companies to construct opaque hardware or software (e.g., GPU or FPGA images): this dependency raises concerns about cryptographic subversion. Unlike the algorithms considered by previous ASAs, cryptographic puzzles do not rely on secret keys and thus enable a very different set of attacks. We first explore the threat model for these systems and then propose concrete attacks that (1) selectively reduce a victim's solving capability ( e.g., hashrate) and (2) exfiltrate puzzle solutions to an attacker. We then propose defenses, several of which can be applied to existing cryptocurrency hardware with minimal changes. We also find that mining devices for many major proof-of-work cryptocurrencies already demonstrate errors exactly how a potentially subverted device would. Given that these attacks are relevant to all proof of work cryptocurrencies that have a combined market capitalization of around a few hundred billion dollars (2022), we recommend that all vulnerable mining protocols consider making the suggested adaptations today.

Note: Updated publication information, title modification

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Major revision. Financial Cryptography and Data Security (FC) 2024
Keywords
algorithm-substitution attackproof of workverifiable delay functionproof of space
Contact author(s)
pratyush @ cs jhu edu
mgreen @ cs jhu edu
History
2023-11-28: last of 2 revisions
2022-04-23: received
See all versions
Short URL
https://ia.cr/2022/477
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/477,
      author = {Pratyush Ranjan Tiwari and Matthew Green},
      title = {Subverting Cryptographic Hardware used in Blockchain Consensus},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/477},
      year = {2022},
      url = {https://eprint.iacr.org/2022/477}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.