Nav: Home

First reputation-based blockchain guarantees security against 51 percent attacks

March 21, 2019

Researchers at the University of Luxembourg are part of an international team that has proposed the first blockchain system to guarantee proper performance even when more than 51% of the system's computing power is controlled by an attacker.

The system, RepuCoin, introduces the concept of "reputation" to blockchain, effectively making it thousands of times more expensive to attack than Bitcoin. It was developed at the University's Interdisciplinary Centre for Security, Reliability and Trust, and has the potential to be applied in a number of global sectors including fintech, energy, food supply chains, health care and future 5G telecommunications networks.

One of the main advantages of blockchain-based systems, such as Bitcoin, is that the whole network sees and approves changes to data through democratic consensus. Users don't have to place their trust - and money - in the hands of a single central authority. However, to achieve this, existing systems equate a miner's computational power used for mining new blocks with their voting power, used to decide which blocks of transactions to commit to the ledger.

This gives rise to an inherent weakness: as soon as one miner controls over 50% of the system's computational power s/he also controls the voting power; the system effectively ceases to be decentralised. That miner could reject blocks proposed by competing miners, prevent selected transactions from being added to blocks and even replace blocks that were already on the ledger.

To solve this, RepuCoin calculates voting power according to a miner's "reputation". Unlike social reputation, this is a strictly mathematical quality which accumulates through consistent and honest mining over long periods, like charging a battery before it can be used. It makes RepuCoin the first such system to be resilient against miners holding 51% or more of the network's computing resources.

Lead researcher Dr. Jiangshan Yu - previously at the University's Interdisciplinary Centre for Security, Reliability and Trust and now a Lecturer at Monash University, Australia, says: "We have already seen mining pools such as Ghash.io surpass the 50% threshold on Bitcoin. Just as worryingly, it's now possible for hackers to rent this kind of computational power in a matter of seconds, allowing them to conduct flash attacks. RepuCoin is the only type of blockchain currently on the market that can withstand such attacks."

Attacking RepuCoin with 68% of the system's total mining power would take at least six months once the system has been running for a year, and would be at least 5760 times as expensive as conducting the same attack on Bitcoin. And because of the way reputation accumulates, the longer RepuCoin runs, the more resilient it is to attack. For example, when the system has been in secure operation for only three months, an attacker would need to harness 90% of the overall computing power for a further month to behave maliciously.

Co-author Prof. Paulo Esteves-Veríssimo, who leads SnT's work in critical and extreme security and dependability, says: "It's an elegant solution to a problem that many thought was insoluble. Existing systems always linked computational power to voting power. We separated them, and now someone could join RepuCoin with 99% of the total computing power and they still wouldn't be able to attack it."
-end-


University of Luxembourg

Related Bitcoin Articles:

System piggybacks on Bitcoin to prevent identity theft
At the IEEE Symposium on Security and Privacy this week, researchers from MIT's Computer Science and Artificial Intelligence Laboratory are presenting a new system that uses Bitcoin's security machinery to defend against online identity theft.
Bitcoin's popular design is being exploited for theft and fraud
The very design features that make Bitcoin technology appealing to its users are also weaknesses being exploited for the theft of the cryptocurrency -- new research reveals.
New system makes it harder to track Bitcoin transactions
Researchers have developed a Bitcoin-compatible system that could make it significantly more difficult for observers to identify or track the parties involved in any given Bitcoin transaction.
Towards equal access to digital coins
Scientists at the Interdisciplinary Centre for Security, Reliability and Trust of the University of Luxembourg have developed an important mathematical algorithm called 'Equihash,' Equihash is a core component for the new cryptocurrency Zcash, which offers more privacy and equality than the famous Bitcoin.
Extortion extinction
Ransomware -- what hackers use to encrypt your computer files and demand money in exchange for freeing those contents -- is an exploding global problem with few solutions, but a team of University of Florida researchers says it has developed a way to stop it dead in its tracks.
Real-time visualization tool reveals behavioral patterns in Bitcoin transactions
A novel visualization method for exploring dynamic patterns in real-time Bitcoin transactional data can zoom in on individual transactions in large blocks of data and also detect meaningful associations between large numbers of transactions and recurring patterns such as money laundering.
Doctors use Bitcoin tech to improve transparency in clinical trial research
Two clinicians have devised a new system to prevent clinical trial documents being secretly altered to make new medications look more effective than they are.
Breakthrough in cybersecurity is no phish story
Corporations, small businesses and public sector entities have tried unsuccessfully for years to educate consumers and employees on how to recognize phishing emails, those authentic-looking messages that encourage users to open a cloaked, though malicious, hyperlink or attachment that appears harmless.
Smartphone security: Why doodling trumps text passwords
Someday soon, you may be able to log into your smartphone with sweeping gestures or doodling, using one or more fingers.
Rutgers Bitcoin study reveals false beliefs on ease of use and privacy
People who have used Bitcoin, and those who don't have any experience with it, have something in common: Both groups share misconceptions about how the controversial digital currency actually works, a Rutgers study finds.

Related Bitcoin Reading:

Best Science Podcasts 2019

We have hand picked the best science podcasts for 2019. Sit back and enjoy new science podcasts updated daily from your favorite science news services and scientists.
Now Playing: TED Radio Hour

Climate Crisis
There's no greater threat to humanity than climate change. What can we do to stop the worst consequences? This hour, TED speakers explore how we can save our planet and whether we can do it in time. Guests include climate activist Greta Thunberg, chemical engineer Jennifer Wilcox, research scientist Sean Davis, food innovator Bruce Friedrich, and psychologist Per Espen Stoknes.
Now Playing: Science for the People

#527 Honey I CRISPR'd the Kids
This week we're coming to you from Awesome Con in Washington, D.C. There, host Bethany Brookshire led a panel of three amazing guests to talk about the promise and perils of CRISPR, and what happens now that CRISPR babies have (maybe?) been born. Featuring science writer Tina Saey, molecular biologist Anne Simon, and bioethicist Alan Regenberg. A Nobel Prize winner argues banning CRISPR babies won’t work Geneticists push for a 5-year global ban on gene-edited babies A CRISPR spin-off causes unintended typos in DNA News of the first gene-edited babies ignited a firestorm The researcher who created CRISPR twins defends...