First reputation-based blockchain guarantees security against 51 percent attacks

March 21, 2019

Researchers at the University of Luxembourg are part of an international team that has proposed the first blockchain system to guarantee proper performance even when more than 51% of the system's computing power is controlled by an attacker.

The system, RepuCoin, introduces the concept of "reputation" to blockchain, effectively making it thousands of times more expensive to attack than Bitcoin. It was developed at the University's Interdisciplinary Centre for Security, Reliability and Trust, and has the potential to be applied in a number of global sectors including fintech, energy, food supply chains, health care and future 5G telecommunications networks.

One of the main advantages of blockchain-based systems, such as Bitcoin, is that the whole network sees and approves changes to data through democratic consensus. Users don't have to place their trust - and money - in the hands of a single central authority. However, to achieve this, existing systems equate a miner's computational power used for mining new blocks with their voting power, used to decide which blocks of transactions to commit to the ledger.

This gives rise to an inherent weakness: as soon as one miner controls over 50% of the system's computational power s/he also controls the voting power; the system effectively ceases to be decentralised. That miner could reject blocks proposed by competing miners, prevent selected transactions from being added to blocks and even replace blocks that were already on the ledger.

To solve this, RepuCoin calculates voting power according to a miner's "reputation". Unlike social reputation, this is a strictly mathematical quality which accumulates through consistent and honest mining over long periods, like charging a battery before it can be used. It makes RepuCoin the first such system to be resilient against miners holding 51% or more of the network's computing resources.

Lead researcher Dr. Jiangshan Yu - previously at the University's Interdisciplinary Centre for Security, Reliability and Trust and now a Lecturer at Monash University, Australia, says: "We have already seen mining pools such as Ghash.io surpass the 50% threshold on Bitcoin. Just as worryingly, it's now possible for hackers to rent this kind of computational power in a matter of seconds, allowing them to conduct flash attacks. RepuCoin is the only type of blockchain currently on the market that can withstand such attacks."

Attacking RepuCoin with 68% of the system's total mining power would take at least six months once the system has been running for a year, and would be at least 5760 times as expensive as conducting the same attack on Bitcoin. And because of the way reputation accumulates, the longer RepuCoin runs, the more resilient it is to attack. For example, when the system has been in secure operation for only three months, an attacker would need to harness 90% of the overall computing power for a further month to behave maliciously.

Co-author Prof. Paulo Esteves-Veríssimo, who leads SnT's work in critical and extreme security and dependability, says: "It's an elegant solution to a problem that many thought was insoluble. Existing systems always linked computational power to voting power. We separated them, and now someone could join RepuCoin with 99% of the total computing power and they still wouldn't be able to attack it."
-end-


University of Luxembourg

Related Bitcoin Articles from Brightsurf:

Bitcoin is COVID immune!
The SARS-CoV-1 coronavirus pandemic has left a significant footprint on the global economy.

Closing the market for fake documents on the open web
New cybersecurity research reveals the shocking number of vendors selling passports and identification documents online.

Who's Tweeting about scientific research? And why?
Although Twitter is best known for its role in political and cultural discourse, it has also become an increasingly vital tool for scientific communication.

All that glitters is not gold: Misuse of AI by big tech can harm developing countries
The debate on the risks and benefits of Artificial Intelligence (AI) is still ongoing, but one thing is certain: without appropriate regulatory measures, AI is potentially dangerous.

Foiling illicit cryptocurrency mining with artificial intelligence
Los Alamos National Laboratory computer scientists have developed a new artificial intelligence (AI) system that may be able to identify malicious codes that hijack supercomputers to mine for cryptocurrency such as Bitcoin and Monero.

Decrypting cryptocurrencies
Cryptocurrencies have been treated as a financial terra incognita -- they enjoyed growing interest but also raised concerns due to their virtuality.

Plugging into a 6G future with users at the center
For a communications revolution, 6G development needs more human-centric research.

Giving cryptocurrency users more bang for their buck
A new cryptocurrency-routing scheme co-invented by MIT researchers can boost the efficiency -- and, ultimately, profits -- of certain networks designed to speed up notoriously slow blockchain transactions.

All Bitcoin mining should be environmentally friendly
The energy used to mine for cryptocurrencies like Bitcoin is on par with the energy consumed by Ireland.

This 'fix' for economic theory changes everything from gambles to Ponzi schemes
Whether we decide to take out that insurance policy, buy Bitcoin, or switch jobs, many economic decisions boil down to a fundamental gamble about how to maximize our wealth over time.

Read More: Bitcoin News and Bitcoin Current Events
Brightsurf.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.