If an attacker gets more than 50 % of mining power - page 3.

bcearl

full member

Activity: 168

Merit: 103

Quote from: em3rgentOrdr on July 01, 2011, 03:53:18 AM

One thing that hasn't been mentioned regarding "If an attacker gets more than 50 % of mining power", is that the attacker could double spend coins.

Quote from: Gabi on July 01, 2011, 03:38:58 AM

What if the attacker stay disconnected from the network, generate a longer blockchain (with higher difficulty and what else) and THEN join the network?

His blockchain would be the longer and would instantly replace our, right?

umm...Fact: blocks are generated at the same average rate of 1 block every 10 minutes regardless of difficulty. So it wouldn't be possible for a disconnected attacker network to generate a significantly longer blockchain.

Yeah, but you can't double spend easily with close to 50 %.

Gabi

legendary

Activity: 1148

Merit: 1008

If you want to walk on water, get out of the boat

Quote from: kerogre256 on July 01, 2011, 04:11:53 AM

How realistic(practical) this attack is ?

Very doable if you can afford to spend 10/15 millions of $

Any rich guy could happily do it without problems...

d.james

sr. member

Activity: 280

Merit: 250

Firstbits: 12pqwk

Quote from: kerogre256 on July 01, 2011, 04:11:53 AM

How realistic(practical) this attack is ?

Can be easily pulled off if AMD is in on the attack... for now.

kerogre256

full member

Activity: 161

Merit: 100

How realistic(practical) this attack is ?

em3rgentOrdr

sr. member

Activity: 434

Merit: 252

youtube.com/ericfontainejazz now accepts bitcoin

Quote from: Gabi on July 01, 2011, 03:56:21 AM

But the blockchain "lenght" is based both on number of blocks and difficulty

So if his chain is shorter but has a much higher difficulty?

Quote from: theymos on July 01, 2011, 04:04:34 AM

It's possible. ArtForz once wiped out all of testnet by mining some high-difficulty blocks.

Ahh, yes, I see what you are saying. But I guess if the attacker is using a higher difficulty, then he would need much much more than %50 of computing power since higher difficulties require significantly more hashing resources.

theymos

administrator

Activity: 5222

Merit: 13032

It's possible. ArtForz once wiped out all of testnet by mining some high-difficulty blocks.

Gabi

legendary

Activity: 1148

Merit: 1008

If you want to walk on water, get out of the boat

But the blockchain "lenght" is based both on number of blocks and difficulty

So if his chain is shorter but has a much higher difficulty?

em3rgentOrdr

sr. member

Activity: 434

Merit: 252

youtube.com/ericfontainejazz now accepts bitcoin

One thing that hasn't been mentioned regarding "If an attacker gets more than 50 % of mining power", is that the attacker could double spend coins.

Quote from: Gabi on July 01, 2011, 03:38:58 AM

What if the attacker stay disconnected from the network, generate a longer blockchain (with higher difficulty and what else) and THEN join the network?

His blockchain would be the longer and would instantly replace our, right?

umm...Fact: blocks are generated at the same average rate of 1 block every 10 minutes regardless of difficulty. So it wouldn't be possible for a disconnected attacker network to generate a significantly longer blockchain.

Gabi

legendary

Activity: 1148

Merit: 1008

If you want to walk on water, get out of the boat

What if the attacker stay disconnected from the network, generate a longer blockchain (with higher difficulty and what else) and THEN join the network?

His blockchain would be the longer and would instantly replace our, right?

bcearl

full member

Activity: 168

Merit: 103

Quote from: Maged on July 01, 2011, 03:14:01 AM

Quote from: bcearl on July 01, 2011, 02:56:29 AM

Now we see, that even if you invest tremendous costs in getting a huge majority of computing power, you can't do a lot of harm.

You are thinking so small...

An attacker with over 50% of the hashing power doesn't need to broadcast their blocks. They could very successfully eat a month's worth of transactions if they wanted to. Oh, and if any of those transactions used newly minted coins, they are now permanently reversed.

Yes, reversing is a possibility that I left out here. But you are right, I didn't think about that. If somebody would want to attack the network with a majority of computing power, he will just stay out of the net and generate blocks for a while, and could be showing up weeks later with a way longer block chain.

Maged

legendary

Activity: 1204

Merit: 1015

Quote from: bcearl on July 01, 2011, 02:56:29 AM

Now we see, that even if you invest tremendous costs in getting a huge majority of computing power, you can't do a lot of harm.

You are thinking so small...

An attacker with over 50% of the hashing power doesn't need to broadcast their blocks. They could very successfully eat a month's worth of transactions if they wanted to. Oh, and if any of those transactions used newly minted coins, they are now permanently reversed.

bcearl

full member

Activity: 168

Merit: 103

What does that actually mean? Here have been a lot myths around, so I made some calculations.

What are possible attacks? When an attacker has more than 50 % of ressources, he may generate the longest block chain ignoring the other miners.

What does that mean?

If a miner has 50 % of computing power, he could reject transactions in half of the blocks generated. That means that for every good block there is an evil block. Which means that you have to wait for one block that does not include the transaction before your transaction gets included (all numbers mean the average!).

50 percent: transaction wait time doubled

You can calculate the numbers with the following formula for x %: c(x) = log_x (0.5)

Results:
50 % attacker power: wait 1 extra block before you get your transaction included
60 % attacker power: wait 1.36 extra blocks before transaction included
70 %: wait 1.94 extra blocks
80 %: wait 3.11 extra blocks
90 %: wait 6.58 extra blocks

Now we see, that even if you invest tremendous costs in getting a huge majority of computing power, you can't do a lot of harm.

Topic: If an attacker gets more than 50 % of mining power - page 3. (Read 7029 times)