Malicious ISP Can Intercept Bitcoin Traffic: Study
Researchers highlight that Bitcoin hosting centralization makes it vulnerable to routing attacks.
Researchers have found that the extreme efficiency of Internet routing attacks and the centralization of the Bitcoin network in few networks worldwide could make it susceptible to routing attacks.
Their submission is based on two identified characteristics that may make it relatively easy for a malicious Internet Service provider ISP to intercept a lot of Bitcoin traffic.
Routing attacks on Bitcoin
To start with, most Bitcoin nodes are hosted in few ISPs - 13 ISPs (0.026 percent of all ISPs) host 30 percent of the entire Bitcoin network. Secondly, most of the traffic exchanged between Bitcoin nodes traverse few ISPs and three ISPs can see 60 percent of all Bitcoin traffic.
Bitcoin constitutes a target of choice for attackers already but while many attack vectors have already been uncovered. Maria Apostolaki and Laurent Vanbever of ETH Zürich and Aviv Zohar of Hebrew University find that one important vector has been left out: attacking the currency via the Internet routing infrastructure itself.
The researchers note in their report:
“As Bitcoin connections are routed over the Internet - in clear text and without integrity checks - any third-party on the forwarding path can eavesdrop, drop, modify, inject,
or delay Bitcoin messages such as blocks or transactions.”
They added that detecting such attackers is challenging because it requires inferring the exact forwarding paths taken by the Bitcoin traffic using measurements (e.g., traceroute) or routing data (BGP announcements), both of which can be forged.
What makes such attacks possible
The routing attacks against Bitcoin are made possible by two key characteristics of the Internet’s infrastructure: the efficiency of routing manipulation (BGP hijacks) and the centralization of Bitcoin from the routing perspective.
The attack happens by performing a partitioning attack which diverts relevant Bitcoin traffic using BGP hijacking. The BGP is the de-facto routing protocol that regulates how IP packets are forwarded on the Internet - for all the prefixes pertaining to the Bitcoin nodes to be isolated. As a result, the attacker receives all the traffic destined to these prefixes and splits them into two packet streams: relevant and irrelevant.
In the latter phase, the attacker cuts all vulnerable connections that cross the partition to create leakage points. These nodes are connected to the rest of the network via stealth connections.
Impact on the Bitcoin ecosystem
One of the reasons why routing attacks have been overlooked in Bitcoin is that they are often considered too challenging to be practical.
Even ignoring detectability, mitigating network attacks is hard as it is essentially a human-driven process consisting of filtering, routing around or disconnecting the attacker.