Bitcoin Security Architecture: A Brief Overview
Bitcoin is an emerging technical and economic phenomenon, based upon a self-published paper by Satoshi Nakamoto. Many sites have taken notice of Bitcoin and have published some very thoughtful “what is Bitcoin,” “How-to get started” documentation. But the resources available to address Bitcoin are few, and primarily oriented toward enthusiasts, casual hobbyists, or those interested in making and securing a profit off of Bitcoin generation (“mining”). In this post, we make an effort to extend the Bitcoin security body of knowledge, but from an organizational perspective: what are the risks associated with adopting Bitcoin, intentionally or unintentionally.
Bitcoin’s success is dependent at least upon its ability to securely fulfill its two primary goals: money generation and transaction validation. In addition to these two goals, the currency must face traditional economic challenges such as market confidence, which are somewhat outside the scope of our expertise, and traditional information assurance challenges, which are not.
Money generation in Bitcoin is a function of block validation. The first transaction of the block is a payment to whoever solves the block’s hash via proof-of-work (50 new Bitcoins, or BTC, at the moment; or block processing fees once all of the available Bitcoins have been generated). Locks are defined by any transactions collected since the last block was received for the longest known chain of blocks until the next proof-of-work is generated. The proof-of-work, hashed against the transactions being validated, serves as a distributed, trusted timestamp of sorts.
Each proof-of-work, which is incredibly computationally expensive, constitutes a primary function of the Bitcoin P2P network. For the foreseeable future, the collective processing power of the Bitcoin network will increase in proportion to the profitability of “mining” BTCs. As the number of BTCs in the economy approaches the maximum of 21 million, the number of coins created by the network will decrease. Over time, it is expected that transaction fees will increase to replace the incentive of mining with the incentive of transaction processing. Thus the processing power of the Bitcoin network will continue to pay off, representing our first set of threats.
- Trojan Horse BTC Generation:
If computers become infected with persistent malware, or if existing malware is updated to begin using the infected computer’s CPU or GPU to perform mining and block validation, then enterprise resources (computer performance, network performance, and most of all, electricity) will be co-opted for use by criminals to make real money. Early efforts have been spotted in the wild.
- Targeted Malware for Computer Gamers:
Because the GPUs used to play modern PC video games are quite well suited for performing the SHA256 hash operations vital to Bitcoin block validation, many intrepid “miners” are buying up the latest and greatest video cards for dedicated mining rigs. Malware packaged to target the gaming community could find a profitable foothold among enthusiasts who are not well-protected.
When BTCs are transacted, the coins themselves are assigned to the user’s public key and stored “in the network.” However, since they are signed with the public key, anyone with the private key may spend them. The wallet, then, is a data file that stores the private keys for a user’s accumulated BTC wealth. Users may have multiple wallets, and users who fear that their wallets have been read may transfer money to a new wallet (new set of private keys), but if the private keys are compromised there is no guarantee that a user will retain any or all of their BTCs.
For users and sites sending or receiving BTC transactions, wallet security will be crucial. In mid-June, when the exchange rate from USD to BTC was about 20:1, one Bitcoin user reported a loss of over 25,000 BTC from a poorly protected wallet, worth nearly $500,000 at the time. Organizations, and even individuals, would do well to understand the confidentiality requirements of the private keys stored in wallets. So long as users can keep track of their various wallets, there is no limitation on the number of wallets that a user could possess. Further, limiting exposure by restricting read access to the wallet (through encryption, air gap, or other means) at any time besides during a transaction will help to prevent theft of its private keys.
Various community-generated suggestions exist for wallet security practices, but users will likely struggle for some time to easily balance security with usability.
Attacks on the Bitcoin Protocol
The Bitcoin protocol is fairly complicated, and client software does quite a bit behind the scenes that many users may not be aware of. Miners usually know enough to notice when their accepted hash rate per hour or per day drops below what they would expect. But the decentralized nature of the protocol, and the power of controlling > 50% of block validation, means that even noticing a problem may not be enough to stop an all-out attack on the economy.
The authors and maintainers of Bitcoin are quite up-front about the danger of collusion or concentration of processing power. Citing the Gambler’s Ruin mathematical problem, the official paper notes that as an attacker with greater than 50% processing power remains in that position, it becomes increasingly less probable that the minority portion of the network can win the race to confirm a malicious block offered by the attacker. This could result in the attacker being able to reverse their own transactions (violating protection against double-spending), or prevent others’ transactions or block generations from validating. If the attacker can persist in their position of power, these malicious transactions may become permanent.
Yet less than a month ago, data suggested that the operator of the popular Deepbit Mining Pool was close to attaining 50% share of miners. That dominance has since changed, but again, on July 5, an outage at BTCWorld’s mining pool pushed Deepbit’s share of the global hashrate above 50%. This shows that outpacing the 50% mark is certainly possible by an individual, by the collusion of a few major pool operators, or even an attack directed against larger pools. Note that this would include unintentional collusion (such as a hypothetical malicious compromise of large mining pools).
Other low-level protocol concerns could also pose a threat from a sophisticated attacker. The Bitcoin wiki suggests other weaknesses, and further research or speculation has uncovered some subtle ones like, timing attacks. An attack against the Bitcoin source code could be devastating. If enough clients used compromised code, this could have the same “critical mass” effect as a mining pool compromise, outpacing the capability to reverse compromised block validations. Combined with the introduction of subtle, malicious features into the network, such an attack could overwhelm the purported resilience of Bitcoin’s “decentralization.” Overall, the technical foundation of this fledgling economy is creating an opportunity for not only compromise via traditional methods (such as fraud) but electronic methods as well.
Trust and the Bitcoin Economy
Economic concerns also factor into Bitcoin’s long-term success, as well. For the moment, with pure Bitcoin transactions still somewhat of a rarity, there is a great interest in having currency exchange. Those who mine Bitcoins want to turn them into dollars; those who have dollars want to turn them into Bitcoins, in order to purchase goods and services that are offered for sale in Bitcoins. Enter the concept of the Exchange. Websites have been established that serve a similar purpose as “Wall Street” for Bitcoins.
In one particular case, a site called Mt. Gox serves as quite a large player in the exchange of Bitcoins to and from US Dollars. Bitcoin users track the exchange rates and, for the most part, the Mt. Gox historical trading data shows the going rate, or value, of Bitcoins.
US Securities laws, and the regulatory oversight of the US Securities and Exchange Commission (SEC) have required that services such as Mt. Gox register and comply with SEC regulation if they allow trades over $1,000 per person per day. As a result, Mt. Gox has imposed a $1,000 limit in order to avoid the costly regulation associated with SEC rules.
Operating a service to exchange BTCs for currency could make sites such as Mt. Gox subject to various jurisdictional regulations, particularly those dealing with anti-money laundering (AML), as they could be classified as Money Service Businesses (MSB). In order to comply with the US regulations stemming from various legislations at the Federal and State levels, including the 1970 Bank Secrecy Act (BSA) and PATRIOT ACT, trades are limited to $1,000 per person, per day. This economic reality led to what many are calling a coordinated attack on the exchange rate for Bitcoins, in a bid to crash the market, acquire more Bitcoins, and then make a profit later after the BTC price recovered.
On June 20th, 2011, an attacker compromised an administrator account at Mt. Gox with access to a large Bitcoin balance in their wallet. The attacker was then able to use the large balance to deflate the exchange rate for BTC and retrieve 2,000 BTCs from the exchange, shortcutting the $1,000 per day rule imposed by the system by making the large number of coins (worth several dollars each, prior to the attack) worth so little that they could be transferred out. Now that the value of Bitcoins has rebounded, the resulting attack essentially compromised tens of thousands of dollars in value. The Mt. Gox staff has acknowledged that the controls put in place at the site did not scale quickly enough to keep up with the value of the transactions involved.
For many, the draw of Bitcoin is its decentralized nature, removing the economic trust that many had previously placed in their governments. In the aftermath of recent economic troubles around the globe, this promise of a currency-among-peers salves the wounds left by global economic crisis. But the attack on Mt. Gox shows that the currency is not above trusting third-parties, or even trusting economic stability of the system itself. Even users who never rely upon exchanges could find their Bitcoins devalued if a similar event would occur again. Despite all of the technological capabilities, cryptographic enhancements, and novel proof-of-work protections, Bitcoin will still be at the mercy of the popular perception of its value.
The Future of Virtual Currency
Whether or not Bitcoin succeeds in its goals in the long term, the protocol has crossed a threshold of popularity that will cement its place in the history of virtual currency. The contemporary social and political factors have created an environment that is well-served by a currency with Bitcoin’s aims, and this will likely continue to drive its adoption. However, the threats inherent to the system may represent risk significant enough to derail Bitcoin and deny it longevity. Whatever its future, Bitcoin’s success so far, and the technical methods used to bring it there, will either become its foundation for success or its contribution to the next iteration of virtual currency.