The developers of Ethereum, the world’s number 2 digital currency by market capitalization, have closed a serious security hole that allowed virtually anyone with an Internet connection to manipulate the access of individual users to the public access ledger.

The so-called eclipse attacks work by preventing a cryptocurrency user from connecting with honest peers. The comrades controlled by the attackers then feed the target with a manipulated version of the chain of blocks on which the entire monetary community relies to reconcile transactions and enforce contractual obligations. Eclipse attacks can be used to trick targets into paying for a good or service more than once and to opt for the computing power of the target to manipulate the algorithms that establish the user’s crucial consensus. Because Ethereum supports “smart contracts” that execute transactions automatically when certain conditions in the blockchain are present, Ethereum’s Ecléseres attacks can also be used to interfere with those self-enforcement agreements.

Like most cryptocurrencies, Ethereum uses a peer-to-peer mechanism that compiles the input of individual users into an authorized blockchain. In 2015 and again in 2016, different research teams devised eclipse attacks against Bitcoin that exploited the weaknesses of P2P. Both were relatively difficult to achieve. The 2015 attack required a botnet or a small ISP that controlled thousands of devices, while the attack of 2016 depended on the control of large numbers of Internet addresses through a technique known as border gateway protocol hijacking. The lawsuits made it likely that both attacks could only be carried out by sophisticated hackers and with sufficient resources.

Attention script kiddies

Many researchers believed that the resources needed for a successful eclipse attack against Ethereum would be considerably higher than Bitcoin attacks. After all, Ethereum’s P2P network includes a robust mechanism for cryptographic message authentication and, by default, peers establish 13 outbound connections, compared to eight for Bitcoin. Now, some of the same researchers who designed the Bitcoin attack 2015 are back to clear things up. In an article published on Thursday, they wrote:

We show that conventional wisdom is false. We present new eclipse attacks that show that, prior to the disclosure of this work in January 2018, Ethereum’s peer-to-peer network was significantly less secure than Bitcoin’s. Our eclipse attackers only need to control two machines, each with a single IP address. The attacks are out of route: the attacker controls the final hosts only and does not occupy a privileged position between the victim and the rest of the Ethereum network. Conversely, the best-known off-track eclipse attacks in Bitcoin require the attacker to control hundreds of host machines, each with a different IP address. For most Internet users, it is not trivial to get hundreds (or thousands) of IP addresses. This is the reason why the Bitcoin eclipse attacker was a complete botnet or an Internet service provider, while the Bitcoin eclipse attacker of the intended BGP [in the 2016 document] needed access to a centralized router in the Bitcoin eclipse. speaks BGP. On the contrary, our attacks can be executed by any child with a machine and a script.

Raising the bar

In January, the researchers reported their findings to the developers of Ethereum. They responded by making changes to geth, the most popular application that supports the Ethereum protocol. Ethereum users who trust geth must ensure they have installed version 1.8 or higher. The researchers did not attempt the same attacks against other Ethereum clients. In an email, Ethereum developer Felix Lange wrote:

“We have done everything possible to mitigate the attacks within the limits of the protocol.” The document refers to the “low resource” eclipse attacks, as far as we know, the level has risen high enough that the eclipse attacks do not are feasible without more substantial resources, with the patches that have been implemented in geth v1.8.0 “. Lange went on to say that he did not believe that another popular Ethereum application called Parity was vulnerable to the same attacks.

The document, titled Low-Eclipse Attacks on the Ethereum Equal-to-Equal Network, described two separate attacks. The simplest one was based on two IP addresses, which generate large amounts of cryptographic keys that the Ethereum protocol uses to designate point-to-point nodes. The attacker then expects a target to restart the computer, either over time, or after the hacker sends several malicious packets that cause a system crash. As the target rejoins the Ethereum network, the attacker uses the group of nodes to establish the incoming connections before the target can establish the ones that exit.

The second technique works by creating a large number of nodes controlled by an attacker and sending a special packet that effectively poisons the target database with the fraudulent nodes. When the target is rebooted, all the pairs to which it connects belong to the attacker. In both cases, once the target is isolated from legitimate nodes, the attacker can present a false version of the blockchain. Without partners that challenge that version, the objective will assume that the manipulated version is the official blockchain.

It’s about time

The researchers presented a third technique that makes eclipse attacks easier to carry out. In short, it works by adjusting the target’s computer clock 20 or more seconds before the other nodes in the Ethereum network. To avoid so-called repetition attacks (in which a hacker forwards an old authenticated message in an attempt to execute it more than once), the Ethereum protocol rejects messages that are more than 20 seconds old. By setting a target’s clock ahead, attackers can cause the target to lose contact with all legitimate users. Attackers use malicious nodes with the same clock time to connect to the target. Some of the same researchers behind the Ethereum eclipse technique described a variety of time attacks in a separate document published in 2015.
The developers of Ethereum put a countermeasure in place against the first attack that ensures that each node will always make outgoing connections with other peers. The solution for the second attack involved limiting the number of outgoing connections that an object can make to the same / 24 parts of the IP address to 10. The changes are designed to make it much more difficult to completely isolate a user from other users legitimateWhen even a single node presents users with a different version of the blockchain, they will be notified of an error that effectively defeats the attack.

The developers of Ethereum have not implemented a solution for the attack based on time. Since it usually requires an attacker to manipulate traffic over the target’s Internet connection or exploit non-Ethereum vulnerabilities in the target’s computer, it is likely to represent a lesser threat than the other two attacks.

Facebook Comments