BGP bitcoin blockchain poses a security threat?
In the segmentation of the attack, if the Internet service provider ( ISP ) is the only path to an important part of the bitcoin network, so “Black hole” ( Contact is broken The two sides will block (block) chain and the Internet routing infrastructure) with each other. The two sides also lost contact to handle transactions and mining bitcoin, when interference again The two sides connected to each other No. Other options can be discarded bitcoin mining, mining and trading income.
However, in some respects, delayed attack is considered to be the worst. Because unlike the segmentation attack that delay the attack is cannot be found. Delay the attack will create merchant double spending loophole; processing ability of miners precious to be wasted, the ordinary node block cannot be broadcast chain version.
Is a problem these kinds of attack bitcoin developers, because they can’t control the attack vector, The border gateway protocol definition path data packets through the internet.
BGP is famous for its simple product of the times, they were at the beginning of the establishment is to believe that the information received. The carrier or careless errors or malicious error will ISP network to the Internet routing information “poisoning” fundamentally, consume large amount of network communication.
These two types of attacks require internal personnel to complete, this usually occurs at the ISP level. Nevertheless, they are still considered to be a serious attack bitcoin network neglected and emphasize the vulnerability. Bitcoin node attempts to gather around a small part of the ISP. It is estimated that there are 13 ISPS master bitcoin 30% net network, the communication volume of the 60% by 3 ISPS control.
The researchers mentioned that before, BGP attack bitcoin node has reached 100 a month in November 2015 figures, the peak in the bitcoin network 8% (447 nodes) in the state of traffic hijacking. However, the report also provides some countermeasures, most countermeasures can be immediately deployed, such as increasing the diversity of the node links, consider the routing problem, encrypted bitcoin connection / the information identification code (MAC) to confirm the connection of each message has not been changed, which makes the delay attacks more difficult.