P2p Network Attacks

February 9, 2018

Blockchains often use network consensus mechanisms which require peer-to-peer (p2p) communications protocols to achieve consensus. Due to the decentralized nature of these protocols, new attack vectors appear and require examination during development and implementation.

Sybil attack

A Sybil Attack occurs when a single entity controls multiple nodes within a p2p network and this fact is unknown to other participants. In some p2p networks, this allows an attacker to control consensus or other types of information within the network by falsifying data, which appears to come from independent sources.

Identity Attack

An Identity Attack is an attack which allows an adversary to identify nodes within a p2p network based on information passed across the network, network metadata, or some other form of surveillance. This information can then be used to attack the target digitally or kinetically.

Eclipse Attack

An Eclipse Attack is another attack where a malicious actor (or actors) attempt to control a portion of the network. Rather than attacking the network, in this case they attempt to attack a specific subset of the network to achieve their intention.

Denial of Service

A denial of service is a more general type of attack which could be achieved versus one of previous types of by entirely different methods. E.g. sending overly large amounts of specific types of network traffic.

51% attack

A 51% attack occurs when a single entity (or group) controls 51% or more of the network power. In this instance the entity can control the consensus and include whatever types of data they desire into the network. crytpo51.io has a cool list of the cost to conduct a 51% attack against different blockchain networks.

Routing attacks

Routing attacks occur when the normal network traffic between nodes is interrupted or redirected in a way which impacts the network. Historically, BGP attacks have been successful in interrupting normal blockchain operation.

Considerations

Blockchains may be susceptible to common network style attacks, and may also introduce new attack vectors.