What is it about?
We have discovered vulnerabilities and developed proof of concept code that allow an attacker to 1) steal the computational resources and 2) violate the privacy of a Bitcoin generating user. These techniques are applicable to all other cryptocurrencies that use the Stratum protocol for pooled mining.
Featured Image
Why is it important?
The security of the P2P Bitcoin protocol has been extensively studied in the past. However, the security of the de facto mining protocol: Stratum has not received the same scrutiny. This paper attempts to solve this oversight and sheds light to two very important vulnerabilities previously undiscussed by the academic community.
Perspectives
This paper not only describes in the detail the vulnerabilities mentioned but it also suggests minimal changes to the Stratum protocol in order to solve them. Furthermore, the paper describes the construction of proof of concept code that handles previously unsolved problems for performing transparent TCP hijacking with active re-synchronization of TCP sequence numbers.
Ruben Recabarren
Florida International University
Read the Original
This page is a summary of: Hardening Stratum, the Bitcoin Pool Mining Protocol, Proceedings on Privacy Enhancing Technologies, January 2017, De Gruyter,
DOI: 10.1515/popets-2017-0028.
You can read the full text:
Contributors
The following have contributed to this page
