DDoS on big mining pools: a quick way to 51%?

Slush's Pool, the second biggest mining pool around, is currently down, allegedly due to a DDoS attack:

News
16.04.2013
Pool is under DDoS attack. I'm working on recovering the service back to operation.

This means the entirety of its miners are currently offline, and this for sure lowers the difficulty of gaining 51% of the total network hashing power.

Now, I don't know anything about the hardware/software design of mining pools, how many servers do they employ to centrally manage all miners, how much bandwidth do they have, etc.; but I'm quite sure that nuking one of them would require a lot less computing power than actually obtaining more than 50% of the total Bitcoin network hashing power under its normal operation.

Thus, the question: aren't big mining pools a critical point of failure for the Bitcoin network? If a malicious attacker was to place several of them offline, all of their miners would be instantly disconnected, and then a not-even-so-big mining farm (or maybe a rival pool which engineered the attack in the first place...) could easily overcome the whole network.

How much likely is such a scenario?
How can it be avoided?
Should the Bitcoin community invest more into protecting pools, or, better, make a joint effort into moving from a "few big pools" model to a "many little pools" one, in order to be safer from similar attacks?

Massimo

Posted 2013-04-16T19:55:28.837

Reputation: 978

2Most mining clients will fall back on non-pooled mining if they can't contact any of their preferred pools. – Nick ODell – 2013-04-16T20:09:36.087

1But solo miners, however powerful, have very little chances of winning blocks against a big farm/pool. They don't cooperate and will on average all be trying the same hashes, while a farm/pool can distribute work and operate much more efficently. – Massimo – 2013-04-16T20:17:07.130

6There's no cooperation involved in mining, and they won't be trying the same hashes because (for example) they have different transaction pools and (possibly) different destination addresses. Mining pooling is just like non-pooled mining, except that the revenue is spread over time instead of getting blocks of 25BTC. – Tom van der Woerdt – 2013-04-16T20:22:20.807

When you can terminate some of the big pools, the difficulty will lower, making it even more easy to reach 51%. But still, gaining the 51% cannot be underestimated, even if big pools are temporarily down, you will need an enormously high budget to reach 51%. – Steven Roose – 2013-04-17T08:27:10.087

@StevenRoose difficulty is adjusted only once every two weeks, isn't it? – o0'. – 2013-04-17T09:12:54.353

@TomvanderWoerdt that could be an answer – o0'. – 2013-04-17T09:13:24.557

Answers

There's no cooperation involved in mining, and they won't be trying the same hashes because (for example) they have different transaction pools and (possibly) different destination addresses. Mining pooling is just like non-pooled mining, except that the revenue is spread over time instead of getting blocks of 25BTC.

Even when the pooled miners have a backup set that sends them to the largest pool (BTC Guild), that's acceptable for short periods of time. But miners are still people, and if something like that happens they'll quickly correct the issue.

Tom van der Woerdt

Posted 2013-04-16T19:55:28.837

Reputation: 2 397

So what you say is basically that taking out one or more big pool(s) would only at worse slow down the network, but won't help anyone in a 51% attack? – Massimo – 2014-06-15T17:17:15.347

-2

It is possible to take down the pools but even if you took down 30% of all the pools you would still have only dented the hashrate very slightly. On top of that the DDOS power needed would be EXTREAME and with that power you might as well just mine bitcoins with all of those computers participating in the attack. Plus people solo mine if they have HUGE computing centers, and you could not ddos solo miners without knowing their IP's and even if you did they would probably have ddos protection.

Rice Rocca

Posted 2013-04-16T19:55:28.837

Reputation: 1

"the DDOS power needed would be EXTREAME": This is not obviously so, please justify your statement. "and with that power you might as well just mine bitcoins": The resources required to DDOS a pool, network bandwidth, are not the same resources required to mine. You cannot use them interchangeably. "you could not ddos solo miners without knowing their IP's": Making good guesses for the IPs of solo miners is not difficult, e.g. see here: https://blockchain.info/pools

– Christopher Gurnee – 2015-06-10T12:33:32.883