Milestone: The Bitcoin Network Reaches One Exahash

By Albert Szmigielski Sometime around January 24th 2016 the Bitcoin Network reached one Exahash per second for the first time ever. That is 1 quintillion, a 1 followed by 18 zeros or 1018 hashes per second. That is just an insane amount of computing power. Image: Bitcoin Network reaches ONE exahash. Image courtesy of blockchain.info Over the last two years the Bitcoin Network hashrate increased roughly 50-fold. Image: Bitcoin Hashrate over the past two years. Image courtesy of blockchain.info Why is this a big deal? Bitcoin currently has the most secure network in the world. To duplicate the network it would take a lot of resources. At a low price of $150 per Terahash, it would cost approximately $150 million

Read more

Ripple vs. Bitcoin (security and privacy)

by Albert Szmigielski Fairness Bitcoin’s public ledger, the blockchain, allows any entity to check the transactions in the system. Furthermore, as long as 66.7% of the miners are honest no entity can change the history of transactions. Both of those properties ensure fairness. However in light of recent research into attacks on the Bitcoin network, several double-spending attacks have been identified. Such attacks negate the fairness property. Ripple has not been studied as extensively as Bitcoin. Ripple relies on ledgers that can be inspected. However, Ripple’s validating nodes are currently run and therefore controlled by Ripple labs, it seems that there are not sufficient incentives to run a Ripple validating node. Double spending attacks have not been identified in Ripple

Read more

Secure storage of Bitcoin private keys

by Albert Szmigielski Bitcoins on the Bitcoin network are controlled by private keys. Only the entity in control of a given private key behind some bitcoins can sign the ownership of those bitcoins to another entity. That is why it is of utmost importance to store the private keys securely to avoid theft of them and as a result theft of the funds on the blockchain. Hardware wallets One way to store keys in a secure manner is by the use of dedicated hardware wallets. Such wallets offer good security against cyber-attacks as they are disconnected from the internet most (or all) of the time. The wallets are tamper resistant, and they do not rely on any third party to

Read more

Double-spending attack in BitcoinXT

by Albert Szmigielski BitcoinXT implements a double-spending countermeasure that forwards the first double-spend attempt to other nodes. In order to mount a double-spend attack we must make sure that the vendor does not learn about the double-spend transactions As with any other double-spend attack it starts with forming two transactions: TXV which is used to pay the vendor, and TXD which sends the same inputs to an address controlled by the attacker. The goal is to have TXD confirmed in the blockchain, while having TXV accepted by the vendor in exchange for goods/services. Assumptions and requirements: Able to connect directly to the vendor Able to send TXV to the vendor Able to send TXD to the Bitcoin Network Prevent the

Read more

Pros and Cons of countermeasures to the block and transaction delivery delays attack

by Albert Szmigielski Dynamic Timeouts Pros: Timeouts based on the object size allow individual nodes to dynamically calculate and set a timeout that is most appropriate for the node. This would acknowledge the fact that not all nodes on the network are equal, and that they do not have access to the same resources, be it computing power, memory, or bandwidth. The adversary has no information about the timeout set by the node, thereby making it more difficult to mount the attack. Cons: Requires modification to the protocol, which is not trivial on a system wide basis. Of course individual nodes could implement it partially if object size can be either discovered or calculated. The attacker could play around with

Read more

Bitcoin Security and Privacy

Bitcoin Security and Privacy By Albert Szmigielski Bitcoin is a decentralized currency and payment system. In order to be an effective and secure payment system it should satisfy several security requirements. The first of these requirements is fairness. On the surface Bitcoin meets the property as users can only sign for coins that they control. However, upon further examination of recent research we do see that several double-spend attacks have been performed that would negate the fairness property of Bitcoin. On the other hand Bitcoin does satisfy resistance to impersonation attacks very well. No one can obtain the private keys (assuming they are stored properly and securely) of another person in the system to sign their transactions. As a result

Read more