Could the BGP attack be used to split the Bitcoin network?

I just learnt about the BGP attack:

http://www.wired.com/2014/08/isp-bitcoin-theft/

http://www.secureworks.com/cyber-threat-intelligence/threats/bgp-hijacking-for-cryptocurrency-profit/

The attacker was able to redirect the miners to its own pool to effectively "steal" (defraud them of) their mining rewards.

I don't know enough about the Border Gateway Protocol, but I'm wondering if this sort of an attack could be used to split the Bitcoin network itself, essentially by hijacking the node discovery process. If an attacker could hold the split for a few hours (assuming enough hash power), it could successfully execute a double-spend on its target.

Does the client use any kind of authentication with its peers?

P.S. Of course, there would have to be enough economic or political motivation to carry out such an expensive attack (such as to bring down a popular exchange and create media panic).

peers

Manish

Posted 2014-08-08T01:19:00.910

Reputation: 1 972

I should clarify that my question is not about whether or not it is economically feasible to do this (that would be a separate question). My question is whether the peer discovery process is vulnerable to this sort of IP hijacking. To keep it simple, let's assume that the attacker has the equivalent of close to 100% of the network hash rate sitting in reserve and ready to deploy any moment. – Manish – 2014-08-08T02:40:52.213

Sidenote: I think what you are describing is a method for achieving variant of the Sybil attack: Also see bicoin.it: Sybil Attack, Can I trust the peers I am connected to?

– Murch – 2014-08-12T12:53:56.133

Answers

Having control over BGP and being able to split the Internet in two pieces can indeed be used to carry out an attack against some Bitcoin users. It might not even be that economically infeasible as you may think.

The adversary does not necessary need to have a control over a big portion of the Internet backbone infrastructure - he only needs to cut off a (small) region. This would effectively cause a split of the blockchain, without the victims noticing any problems with their connectivity to other peers as the communication is not signed (nor encrypted). In other words, if you can redirect the traffic going to a well-known Bitcoin node (by "stealing" his IP), you can easily replace him and act in his name.

Of course, that's not to say that this would go totally undetected by the public. People operating nodes in the cut off region would see a dramatic downfall in the Difficulty, and they could also see their inter-regional transactions not getting cleared and confirmed by their recipients. However, this kind of attack can still be efficient against a targeted victim, providing that it's performed carefully.

Jozef

Posted 2014-08-08T01:19:00.910

Reputation: 1 374

Some of BGP routers can be spoofed outside. You can split the BitCoin network in case gain access to one of the Internet Exchange Points. But some other BGP routers can be vulenrable for the BGP Leaks

user2328360

Posted 2014-08-08T01:19:00.910

Reputation: 101