Impact of Man-In-The-Middle Attacks on Ethereum

Impact of Man-In-The-Middle Attacks on Ethereum

Abstract:: Recent theoretical attacks conjectured the vulnerabilities  of mainstream blockchains through simulations or assumption
violations. Unfortunately, previous results typically omit both the  nature of the network under which the blockchain code runs and whether
blockchains are private, consortium or public.

In this talk, we study the public Ethereum blockchain as well as a  consortium and private blockchains and quantify the feasibility of
man-in-the-middle and double spending attacks against them. To this end, we list important properties of the Ethereum public blockchain
topology, we deploy VMs with constrained CPU quantum to mimic the top-10 mining pools of Ethereum and we attack them, by first
partitioning the network through BGP hijacking or ARP spoofing before issuing a Balance Attack to steal coins. Our results demonstrate that
attacking Ethereum is remarkably devastating in a consortium or private context as the adversary can multiply her digital assets by
200,000 in 10 hours through BGP hijacking whereas it would be almost impossible in a public context.

Speaker: Dr. Guillaume Jourjon (Data61-SCIRO Australia)

Where: Room 26.00-105 LIP6.

When: 5th November, 10h30