Eclipsing Ethereum Peers with False Friends

Ethereum is a decentralized Blockchain system that supports the execution of Turing-complete smart contracts. Although the security of the Ethereum ecosystem has been studied in the past, the network layer has been mostly neglected. We show that Geth, the most widely used Ethereum implementation, is currently vulnerable to eclipse attacks, effectively circumventing recently introduced security enhancements. Our false friends attack exploits the Kademlia-inspired peer discovery logic used by Geth and enables a low-resource eclipsing of long-running, remote victim nodes. An adversary only needs two hosts in distinct /24 subnets to launch the eclipse, which can then be leveraged to filter the victim's view of the Blockchain. We discuss fundamental properties of Geth's node discovery logic that enable the false friends attack, and propose countermeasures.

[1]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[2]  Bruce Schneier,et al.  Cryptography Engineering - Design Principles and Practical Applications , 2010 .

[3]  Guido Bertoni,et al.  Keccak , 2013, EUROCRYPT.

[4]  Neeraj Suri,et al.  Mitigating Eclipse attacks in Peer-To-Peer networks , 2014, 2014 IEEE Conference on Communications and Network Security.

[5]  Robert Tappan Morris,et al.  Security Considerations for Peer-to-Peer Distributed Hash Tables , 2002, IPTPS.

[6]  Taoufik En-Najjary,et al.  Exploiting KAD: possible uses and misuses , 2007, CCRV.

[7]  Ethan Heilman,et al.  Low-Resource Eclipse Attacks on Ethereum's Peer-to-Peer Network , 2020, IACR Cryptol. ePrint Arch..

[8]  Andrew Miller,et al.  Measuring Ethereum Network Peers , 2018, Internet Measurement Conference.

[9]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[10]  Stefan Schmid,et al.  Poisoning the Kad Network , 2010, ICDCN.

[11]  Michael Kohnen,et al.  Conducting and Optimizing Eclipse Attacks in the Kad Peer-to-Peer Network , 2009, Networking.

[12]  Emin Gün Sirer,et al.  Decentralization in Bitcoin and Ethereum Networks , 2018, Financial Cryptography.

[13]  Björn Scheuermann,et al.  Bitcoin and Beyond: A Technical Survey on Decentralized Digital Currencies , 2016, IEEE Communications Surveys & Tutorials.

[14]  Atul Singh,et al.  Eclipse Attacks on Overlay Networks: Threats and Defenses , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[15]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[16]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.

[17]  Arthur Gervais,et al.  Ethereum Eclipse Attacks , 2016 .

[18]  Yongdae Kim,et al.  Attacking the kad network - real world evaluation and high fidelity simulation using DVN , 2013, Secur. Commun. Networks.

[19]  Kartik Nayak,et al.  Stubborn Mining: Generalizing Selfish Mining and Combining with an Eclipse Attack , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[20]  Laurent Vanbever,et al.  Hijacking Bitcoin: Routing Attacks on Cryptocurrencies , 2016, 2017 IEEE Symposium on Security and Privacy (SP).

[21]  Ethan Heilman,et al.  Eclipse Attacks on Bitcoin's Peer-to-Peer Network , 2015, USENIX Security Symposium.

[22]  David Mazières,et al.  Kademlia: A Peer-to-Peer Information System Based on the XOR Metric , 2002, IPTPS.