Two Bitcoins at the Price of One? Double-Spending Attacks on Fast Payments in Bitcoin

Bitcoin is a decentralized payment system that is based on Proof-of-Work. Bitcoin is currently gaining popularity as a digital currency; several businesses are starting to accept Bitcoin transactions. An example case of the growing use of Bitcoin was recently reported in the media; here, Bitcoins were used as a form of fast payment in a local fast-food restaurant. In this paper, we analyze the security of using Bitcoin for fast payments, where the time between the exchange of currency and goods is short (i.e., in the order of few seconds). We focus on doublespending attacks on fast payments and demonstrate that these attacks can be mounted at low cost on currently deployed versions of Bitcoin. We further show that the measures recommended by Bitcoin developers for the use of Bitcoin in fast transactions are not always effective in resisting double-spending; we show that if those recommendations are integrated in future Bitcoin implementations, double-spending attacks on Bitcoin will still be possible. Finally, we leverage on our findings and propose a lightweight countermeasure that enables the detection of doublespending attacks in fast transactions.

[1]  Amos Fiat,et al.  Untraceable Electronic Cash , 1990, CRYPTO.

[2]  Stefan Brands,et al.  Electronic cash on the Internet , 1995, Proceedings of the Symposium on Network and Distributed System Security.

[3]  Philippe A. Janson,et al.  The State of the Art in Electronic Payment Systems , 1997, Computer.

[4]  Hugo Krawczyk Blinding of Credit Card Numbers in the SET Protocol , 1999, Financial Cryptography.

[5]  Hugo Krawczyk,et al.  Design, implementation, and deployment of the iKP secure electronic payment system , 2000, IEEE Journal on Selected Areas in Communications.

[6]  Hector Garcia-Molina,et al.  PPay: micropayments for peer-to-peer systems , 2003, CCS '03.

[7]  Ronald L. Rivest,et al.  Peppercoin Micropayments , 2004, Financial Cryptography.

[8]  Jan Camenisch,et al.  Compact E-Cash , 2005, EUROCRYPT.

[9]  Alptekin Küpçü,et al.  Making p2p accountable without losing privacy , 2007, WPES '07.

[10]  Angelos Stavrou,et al.  PAR: Payment for Anonymous Routing , 2008, Privacy Enhancing Technologies.

[11]  Issa Traoré,et al.  Double Spending Protection for E-Cash Based on Risk Management , 2010, ISC.

[12]  Moshe Babaioff,et al.  On Bitcoin and red balloons , 2011, SECO.

[13]  Matthew K. Elias Bitcoin: Tempering the Digital Ring of Gyges or Implausible Pecuniary Privacy , 2011 .

[14]  Fergal Reid,et al.  An Analysis of Anonymity in the Bitcoin System , 2011, PASSAT 2011.

[15]  Ghassan O. Karame,et al.  Pay as you browse: microcomputations as micropayments in web-based services , 2011, WWW.