Author

Topic: Litecoin Attack and Defense (Read 4848 times)

full member
Activity: 221
Merit: 100
May 22, 2014, 11:09:08 AM
#4
New Litecoin Pool at CryptoCulture.Net Mining Pools  

No Mining Fees!
We support all major mining algorithms
VarDiff to fine tune difficulty and mining performance for your individual miners.
SSL Protection
Customer support ticketing system
Single Sign-on System …. Create account and add workers only one time and use for all of our pools.
Dedicated Hardware
Servers with 24/7 support 99.9% up time SLA for mining services
Pool operators are experienced miners

Navigate to http://ltc.cryptoculture.net to set up account
Stratum settings are    stratum+tcp//stratum.cryptoculture.net:3384
hero member
Activity: 686
Merit: 500
Wat
July 29, 2012, 04:36:54 AM
#3
In the non-living physical world, when too much pressure or force is placed on an object, it breaks from the whole. It does not grow a new leg while the other leg faces blood loss and hibernates.
In the living physical world, you get a fever (which can kill you), a scar develops, platelets heal the wound. Getting shot in the arm does not create a new arm.

Cryptocoins naturally have a mix of both worlds. They are mechanically generated to serve purposes of networks of living people.

First, we should look at 51% as the natural result of a pure contest based model. Whoever is fastest wins.
Second, the threat 51% poses is not due to lack of tyrant nodes. It is due to failing to simply jettison the threat.
Third, it could be more than 51% if we had a design where characteristics worked for certain uses but not others.
Fourth and final, we could actually use 51% as a gentler way to start a new chain.

A few friends are working on this. We'll probably use litecoin than bitcoin as a base because the halving points allow more development between them, and technological jumps are less severe than in bitcoin.



If you can come up with a solution it would be better than bitcoin Smiley
full member
Activity: 182
Merit: 100
July 28, 2012, 12:43:02 PM
#2
In the non-living physical world, when too much pressure or force is placed on an object, it breaks from the whole. It does not grow a new leg while the other leg faces blood loss and hibernates.
In the living physical world, you get a fever (which can kill you), a scar develops, platelets heal the wound. Getting shot in the arm does not create a new arm.

Cryptocoins naturally have a mix of both worlds. They are mechanically generated to serve purposes of networks of living people.

First, we should look at 51% as the natural result of a pure contest based model. Whoever is fastest wins.
Second, the threat 51% poses is not due to lack of tyrant nodes. It is due to failing to simply jettison the threat.
Third, it could be more than 51% if we had a design where characteristics worked for certain uses but not others.
Fourth and final, we could actually use 51% as a gentler way to start a new chain.

A few friends are working on this. We'll probably use litecoin than bitcoin as a base because the halving points allow more development between them, and technological jumps are less severe than in bitcoin.

member
Activity: 98
Merit: 10
July 28, 2012, 10:40:18 AM
#1
Although an attacker can get advantage by knowing this data, I believe this data should be public so everyone know and can react now.

Let's say, someone want to launch 51% attack on Litecoin network.
He can do this by DDoS-ing all mining pool at once, while mining in secret.
Once most big pools down and his chain reach 51% network speed, he'll release his chain and force the network to join his chain.

He'll rent botnet / Amazon EC2 server.

Capability of Amazon EC2 server :
1. CPU : 2 x Intel Xeon X5570, quad-core "Nehalem" architecture
2. 2 x NVIDIA Tesla "Fermi" M2050 GPUs

Speed :
CPU : 58 kH/s
GPU : 155 kH/s
Total : 213 kH/s
Cost : $2.1 / hour slepp said it's $3...  I don't really remember.

slepp already test this with cgminer, let's say the attacker has 700 instance of Amazon EC2.
Cost : $3 / hour * 700 = $2,100 / hour
Speed : 213 * 700 = 149,100 kH/s = 149 MH/s

Total Litecoin network = 240 MH/s taken from http://www.litecoinpool.org/pools




To 51% the network, the attacker will DDoS-ing 3 big pools simultaneously :
LiteCoinPool.org - 26.7%
LTCMine.ru - 20.2%
Coinotron - 18.9%
With 65.2% of network speed down, network hash rate will be 86,526 kH/s

Our botnet hash rate is 149 MH/s.
Total network now : 86 MH/s
Botnet % hash rate compared to the network : 149 / (149 + 86) = 63%

149 MH/s is enough to launch the 51% attack.

Point of the attack :

1. July - Late September is the baby period of Litecoin
network hash rate is still growing, anyone may attack and cripple it before it reach its max potential.
More GPU user will join in October more due to ASIC phase, which will make GPU mining unprofitable.
If you believe in Litecoin's future and you're a GPU user, please join in now to secure the network.

Litecoin Profitability :
https://github.com/litecoin-project/litecoin/wiki/Mining-hardware-comparison
http://www.litecoinpool.org/calc

2. Mining pools shouldn't have > 20% network hash rate
Because if your pool is down, network hash rate will really down a lot.
Miners should decentralize and join various mining pools : https://github.com/litecoin-project/litecoin/wiki/Comparison-of-mining-pools

Some miners should create their own private mining pool, go solo mining or join p2pool to prevent DDoS attack.
Solo Mining Tutorial on Windows : https://bitcointalksearch.org/topic/tutorial-solo-mining-litecoins-guide-windows-83371
P2Pool Pack : https://bitcointalksearch.org/topic/quick-pack-to-set-up-p2pool-for-ltc-on-windows-95061

3. Backup Pools
If you choose to join a mining pool, set up backup pools.
Cgminer has this feature, with multiple -o
cgminer -o http://pool1:port -u pool1username -p pool1password -o http://pool2:port -u pool2usernmae -p pool2password

4. Upgrade your server
Don't host Litecoin server on VPS / weak server, especially if you have > 15% network hash rate.
Prepare to get attacked and get downtime a lot if your server is not ready for the attack.
People that invest a lot in litecoin may rent a ddoser service and "test" if your server is "ddos-ready" for future DDoS attack.

5. Real attack is possible.
This is not a joke, the attack scenario is real.
Don't wait until it's too late, if you care about your investment, you should participate in securing the network by doing 1-4.
The real attacker won't provoke you and provide the timeline information
He'll probably launch it when most pool owners are asleep.

Feel free to correct me or add something here.

As comparison, here's bitcoin pool stats
Unknown get 29% network hash speed, which is nice because you can't DDoS private pool / solo miner.
Jump to: