Bitcoin Block Withholding Attack: Analysis and Mitigation

We address two problems: first, we study a variant of block withholding (BWH) attack in Bitcoins and second, we propose solutions to prevent all existing types of BWH attacks in Bitcoins. We analyze the strategies of a selfish Bitcoin miner who in connivance with one pool attacks another pool and receives reward from the former mining pool for attacking the latter. We name this attack as “sponsored block withholding attack.” We present detailed quantitative analysis of the monetary incentive that a selfish miner can earn by adopting this strategy under different scenarios. We prove that under certain conditions, the attacker can maximize her revenue by adopting some strategies and by utilizing her computing power wisely. We also show that an attacker may use this strategy for attacking both the pools for earning higher amount of incentives. More importantly, we present a strategy that can effectively counter block withholding attack in any mining pool. First, we propose a generic scheme that uses cryptographic commitment schemes to counter BWH attack. Then, we suggest an alternative implementation of the same scheme using hash function. Our scheme protects a pool from rogue miners as well as rogue pool administrators. The scheme and its variant defend against BWH attack by making it impossible for the miners to distinguish between a partial proof of work and a complete proof of work. The scheme is so designed that the administrator cannot cheat on the entire pool. The scheme can be implemented by making minor changes to existing Bitcoin protocol. We also analyze the security of the scheme.

[1]  Tim Roughgarden,et al.  Incentive Compatibility of Bitcoin Mining Pool Reward Functions , 2016, Financial Cryptography.

[2]  Aron Laszka,et al.  When Bitcoin Mining Pools Run Dry - A Game-Theoretic Analysis of the Long-Term Impact of Attacks Between Mining Pools , 2015, Financial Cryptography Workshops.

[3]  Elaine Shi,et al.  Permacoin: Repurposing Bitcoin Work for Data Preservation , 2014, 2014 IEEE Symposium on Security and Privacy.

[4]  Ivan Damgård,et al.  Commitment Schemes and Zero-Knowledge Protocols , 1998, Lectures on Data Security.

[5]  Sushmita Ruj,et al.  Retricoin: Bitcoin based on compact proofs of retrievability , 2016, ICDCN.

[6]  Meni Rosenfeld,et al.  Analysis of Bitcoin Pooled Mining Reward Systems , 2011, ArXiv.

[7]  Ittay Eyal,et al.  The Miner's Dilemma , 2014, 2015 IEEE Symposium on Security and Privacy.

[8]  Joshua A. Kroll,et al.  The Economics of Bitcoin Mining, or Bitcoin in the Presence of Adversaries , 2013 .

[9]  Kouichi Sakurai,et al.  Yet Another Note on Block Withholding Attack on Bitcoin Mining Pools , 2016, ISC.

[10]  Nicolas Christin,et al.  Financial cryptography and data security : FC 2015 international workshops, BITCOIN, WAHC and Wearable : San Juan, Puerto Rico, January 30, 2015 : revised selected papers , 2015 .

[11]  Ivan Damgård,et al.  Lectures on Data Security, Modern Cryptology in Theory and Practice, Summer School, Aarhus, Denmark, July 1998 , 1999 .

[12]  Nicolas Courtois,et al.  On Subversive Miner Strategies and Block Withholding Attack in Bitcoin Digital Currency , 2014, ArXiv.

[13]  Prateek Saxena,et al.  On Power Splitting Games in Distributed Computation: The Case of Bitcoin Pooled Mining , 2015, 2015 IEEE 28th Computer Security Foundations Symposium.