An evaluation of the security of the Bitcoin Peer-to- Peer Network

TL;DR

This paper analyzes the security of the Bitcoin P2P network, identifying vulnerabilities in message exchanges that could enable spoofing, DDoS attacks, and other threats, and evaluates potential mitigation strategies.

Contribution

It provides a detailed analysis of Bitcoin's network protocol vulnerabilities and proposes solutions like random nonces to enhance security.

Findings

Identified vulnerabilities in connection handshake and message exchanges.

Potential for spoofing and DDoS attacks on the Bitcoin network.

Proposed mitigation strategies including random nonces.

Abstract

Bitcoin is a decentralised digital currency that relies on cryptography rather than trusted third parties such as central banks for its security. Underpinning the operation of the currency is a peer-to-peer (P2P) network that facilitates the execution of transactions by end users, as well as the transaction confirmation process known as bitcoin mining. The security of this P2P network is vital for the currency to function and subversion of the underlying network can lead to attacks on bitcoin users including theft of bitcoins, manipulation of the mining process and denial of service (DoS). As part of this paper the network protocol and bitcoin core software are analysed, with three bitcoin message exchanges (the connection handshake, GETHEADERS/HEADERS and MEMPOOL/INV) found to be potentially vulnerable to spoofing and use in distributed denial of service (DDoS) attacks. Possible solutions to the identified weaknesses and vulnerabilities are evaluated, such as the introduction of random nonces into network messages exchanges.