Low-Resource Eclipse Attacks on Ethereum's Peer-to-Peer Network

We present eclipse attacks on Ethereum nodes that exploit the peer-to-peer network used for neighbor discovery. Our attacks can be launched using only two hosts, each with a single IP address. Our eclipse attacker monopolizes all of the victim’s incoming and outgoing connections, thus isolating the victim from the rest of its peers in the network. The attacker can then filter the victim’s view of the blockchain, or co-opt the victim’s computing power as part of more sophisticated attacks. We argue that these eclipse-attack vulnerabilities result from Ethereum’s adoption of the Kademlia peer-to-peer protocol, and present countermeasures that both harden the network against eclipse attacks and cause it to behave differently from the traditional Kademlia protocol. Several of our countermeasures have been incorporated in the Ethereum geth 1.8 client released on February 14, 2018.

[1]  Robert Tappan Morris,et al.  Security Considerations for Peer-to-Peer Distributed Hash Tables , 2002, IPTPS.

[2]  David Mazières,et al.  Kademlia: A Peer-to-Peer Information System Based on the XOR Metric , 2002, IPTPS.

[3]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.

[4]  Atul Singh,et al.  Eclipse Attacks on Overlay Networks: Threats and Defenses , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[5]  Harald Niederreiter,et al.  Probability and computing: randomized algorithms and probabilistic analysis , 2006, Math. Comput..

[6]  Taoufik En-Najjary,et al.  Exploiting KAD: possible uses and misuses , 2007, CCRV.

[7]  Michael Kohnen,et al.  Conducting and Optimizing Eclipse Attacks in the Kad Peer-to-Peer Network , 2009, Networking.

[8]  Remco van Mook,et al.  Measures for Making DNS More Resilient against Forged Answers , 2009, RFC.

[9]  Guillaume Pierre,et al.  A survey of DHT security techniques , 2011, CSUR.

[10]  Fernando Gont,et al.  Recommendations for Transport-Protocol Port Randomization , 2011, RFC.

[11]  Aggelos Kiayias,et al.  Speed-Security Tradeoffs in Blockchain Protocols , 2015, IACR Cryptol. ePrint Arch..

[12]  Ethan Heilman,et al.  Eclipse Attacks on Bitcoin's Peer-to-Peer Network , 2015, USENIX Security Symposium.

[13]  Aviv Zohar,et al.  Secure High-Rate Transaction Processing in Bitcoin , 2015, Financial Cryptography.

[14]  Hubert Ritzdorf,et al.  Tampering with the Delivery of Blocks and Transactions in Bitcoin , 2015, IACR Cryptol. ePrint Arch..

[15]  Arthur Gervais,et al.  Ethereum Eclipse Attacks , 2016 .

[16]  Ingo Weber,et al.  New kids on the block: an analysis of modern blockchains , 2016, ArXiv.

[17]  Sharon Goldberg,et al.  Attacking the Network Time Protocol , 2016, NDSS.

[18]  Kartik Nayak,et al.  Stubborn Mining: Generalizing Selfish Mining and Combining with an Eclipse Attack , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[19]  Prateek Saxena,et al.  Making Smart Contracts Smarter , 2016, IACR Cryptol. ePrint Arch..

[20]  Hubert Ritzdorf,et al.  On the Security and Performance of Proof of Work Blockchains , 2016, IACR Cryptol. ePrint Arch..

[21]  Vincent Gramoli,et al.  The Balance Attack Against Proof-Of-Work Blockchains: The R3 Testbed as an Example , 2016, ArXiv.

[22]  Laurent Vanbever,et al.  Hijacking Bitcoin: Routing Attacks on Cryptocurrencies , 2016, 2017 IEEE Symposium on Security and Privacy (SP).

[23]  Sharon Goldberg,et al.  The Security of NTP's Datagram Protocol , 2017, Financial Cryptography.

[24]  O. Dunkelman On Trees, Chains and Fast Transactions in the Blockchain , 2017 .

[25]  Massimo Bartoletti,et al.  A Survey of Attacks on Ethereum Smart Contracts (SoK) , 2017, POST.