Ddoscoin Cryptocurrency with a Malicious Proof-Of-Work

DDoSCoin Cryptocurrency with a Malicious Proof-of-Work

Eric Wustrow Benjamin VanderSloot University of Colorado Boulder University of Michigan [email protected] [email protected] Cryptocurrencies

• Digital, decentralized cash • Public ledger of transactions • Mining rewards

Source: bitcoin.org

2 Proof-of-Work

Source: bitcoin.org

3 Alternate Proofs-of-Work

• Bitcoin • Litecoin • Peercoin • Permacoin • TorPath • Primecoin

• DDoSCoin

4 Proof-of-Stake

• Peercoin • Coin-days are proof • Rate-limiting prevents proof-of-work • Coins can only age 90 days

5 Proof-of-DDoS

Miner Target

ciphers = DHE client random = SHA256(prev block||merkle root||N) cipher = DHE server random = 0x... certificate chain DH Parameters signed(client random, server random, DH Parameters)

SHA256(DH Parameters || signature || N)

1 Block Validation Proves many connections to a target server, and leaves the blockchain in a good state

Miner Target

ciphers = DHE client random = SHA256(prev block||merkle root||N) cipher = DHE server random = 0x... certificate chain DH Parameters signed(client random, server random, DH Parameters)

SHA256(DH Parameters || signature || N)

1 Target Selection

• Any server? • Fixed set of servers?

Our Solution • Proof-of-Stake blocks • PAY_TO_DDOS transactions

8 Target Selection

…

MinerMiner victim.com New Proof-of-DDoS block Proof-of-Stake block Prev block hash: 2f7c63… Prev block hash: cc2b1a… Tx Merkle root: 9c8f15… … Tx Merkle root: 839f2c… Nonce: 63a108… Diff: + vicX.com Proof-of-DDoS: 8b2761… Transactions: Transactions: * -> Miner Bob -> Bob (coinstake) Alice -> Bob [DDoS vic2.com] -> Eve Dave -> [DDoS vic2.com] (PAY_TO_DDOS) {proof} (PAY_TO_DDOS) 9 Proof-of-DDoS Implementation

1 Normal Under DDoS

0.8

0.6 CDF 0.4

0.2

0 10 100 1000 10000 10 Time (ms) Defenses

• Version or cipher suite changes • Victims claiming own rewards • Stakeholding • Legal action

11 Discussion

• Malicious “useful” proof-of-work • Challenges regarding bandwidth availability • Ethereum smart contracts • Ethical Forks • Barriers to adoption

12 Ethics

• Did not attack real servers • Did not publish the full coin

13 Ethics

• Did not attack real servers • Did not publish the full coin • Full disclosure

14 DDoSCoin Cryptocurrency with a Malicious Proof-of-Work

Eric Wustrow Benjamin VanderSloot University of Colorado Boulder University of Michigan [email protected] [email protected] Target Difficulty

• Global difficulty parameter • Adjust the rate at which transactions are processed • Per-domain difficulty parameter • Allow all targets to be viable • Constant time intervals • Initial difficulty set by user