DEGREE PROJECT IN COMPUTER SCIENCE AND ENGINEERING, SECOND CYCLE, 30 CREDITS STOCKHOLM, SWEDEN 2018 Secure Blockchain Network Communication using SCION ALEKSANDAR VORKAPIC KTH ROYAL INSTITUTE OF TECHNOLOGY SCHOOL OF ELECTRICAL ENGINEERING AND COMPUTER SCIENCE Secure Blockchain Network Communication using SCION ALEKSANDAR VORKAPIC´ Master in Computer Science Date: December 5, 2018 Supervisor: Panos Papadimitratos Examiner: Mads Dam Principal: Adrian Perrig, ETH Zürich Swedish title: Säker nätverkskommunikation för blockkedja med hjälp av SCION School of Electrical Engineering and Computer Science i Abstract The paper by Apostolaki, Zohar, and Vanbever [3] describes two rout- ing attacks on the Bitcoin network, partition attack and delay attack. By isolating parts of the network or delaying block propagation, a sig- nificant amount of mining power could be wasted, resulting in rev- enue loss and a wide range of exploits could be enabled, such as dou- ble spending. Hence, the Bitcoin’s solution to the double spending problem would be broken, making the technology unreliable and un- available. The Border Gateway Protocol (BGP) is the standardized routing protocol in the current Internet, without any security guarantees. Nu- merous security extensions have been proposed for BGP, but there is still no widely deployed solution. Therefore, some argue that instead of securing BGP, an entirely new inter-domain architecture should be developed. The thesis investigates the possible mitigation of routing attacks in the blockchain technology, by using the new inter-domain architec- ture called SCION. Two solutions are proposed utilizing SCION and IP, namely an application level solution and a SIG proxy solution. The solutions have been evaluated in terms of security, availability and efficiency, with the conclusion that routing attacks can be mitigated using SCION. Hence, providing incentive to the blockchain users to use SCION, in order to benefit from a secure and highly available blockchain network communication, with potential revenue increase. Furthermore, the thesis provides incentive for further development of the SCION architecture, as well as applying SCION to additional fields. ii Sammanfattning Forskningsarbetet av Apostolaki, Zohar och Vanbever [3] beskriver två routingattacker på Bitcoinnätverket, partitioneringsattack och fördröj- ningsattack. Genom att isolera delar av nätverket eller fördröja block- utbredningen, skulle signifikant mängd brytningskraft kunna slösas bort, vilket resulterar i omsättningsförlust och ett brett spektrum av utnyttjanden skulle kunna möjliggöras, som t.ex. dubbla utgifter. Som en följd, skulle Bitcoins lösning på problemet med dubbla utgifter sät- tas ur spel, vilket gör tekniken opålitlig och otillgänglig. Border Gateway-protokollet (BGP) är det standardiserade routing- protokollet i nuvarande Internet, utan några säkerhetsgarantier. Många säkerhetsutvidgningar för BGP har föreslagits, även om det fortfaran- de inte finns någon allmänt nyttjad lösning. Därför hävdar vissa att i stället för att säkra BGP, bör en helt ny interdomänarkitektur utveck- las. Detta examensarbete undersöker en eventuell lindring av routing- attacker i blockkedjetekniken, med hjälp av den nya interdomänar- kitekturen som heter SCION. Två lösningar som nyttjar SCION och IP föreslås, en applikationsnivålösning och en SIG-proxylösning. Lös- ningarna har utvärderats med avseende på säkerhet, tillgänglighet och effektivitet. Slutsatsen blev att routingattacker kan lindras med SCION, vilket motiverar blockkedjeanvändarna att använda SCION, för att dra nytta av en säker och högt tillgänglig blockkedjenätverkskommu- nikation, med möjlighet till ökad omsättning. Examensarbetet bidrar dessutom med motivering för vidareutveckling av SCION-arkitekturen, samt till att tillämpa SCION på ytterligare områden. iii Acknowledgements I would like to express my sincere gratitude to my supervisor Panos Papadimitratos for the support of my research and invitation to the CySeP 2018. His feedback and guidance helped me with the research, and the writing of the thesis. My sincere and very thorough thanks also go to Prof. Dr. Adrian Perrig at ETH Zürich, together with Christos Pappas and Taeho Lee, for giving me the chance to carry out the study. Without their exten- sive knowledge, advice and insights, this thesis would not have been finished. Lastly, I would like to thank Juan A. García-Pardo and Jonghoon Kwon at ETH Zürich for helping me with the SCIONLab, and willing to discuss SCION and blockchain related questions. Contents 1 Introduction 2 1.1 Research Question . .3 1.2 Objective . .3 1.3 Scope and limitations . .4 2 Background 6 2.1 The Border Gateway Protocol (BGP) . .6 2.1.1 BGP hijacking attack . .7 2.1.2 Defenses . .9 2.2 The SCION Architecture . 13 2.2.1 The SCION-IP Gateway (SIG) . 17 2.3 Blockchain . 19 2.4 Bitcoin . 24 2.5 Ethereum . 25 2.5.1 Node discovery protocol . 25 2.5.2 Establishing encrypted connection . 27 3 Related Work 29 4 Solution Design 34 4.1 Problem . 34 4.1.1 Assumptions and limitations . 35 4.2 Application level solution . 35 4.3 SIG proxy solution . 36 4.4 Security model . 38 5 Method 39 5.1 Literature research . 39 5.2 Application level solution . 39 5.3 SIG proxy solution . 40 iv CONTENTS 1 5.4 SIG discovery protocol . 41 5.5 Disruption Detection Tool (DDT) . 41 5.6 Evaluation . 42 5.6.1 Efficiency requirements . 43 6 Implementation 44 6.1 Hardware . 44 6.2 Software . 44 6.2.1 Ethereum network configuration . 46 6.3 Design . 47 7 Results 48 7.1 Security analysis . 49 7.1.1 Attack scenario . 49 7.2 Availability analysis . 52 7.3 Efficiency analysis . 53 7.3.1 IP and SCION comparison . 54 8 Discussion 58 8.1 Security analysis . 60 8.1.1 Disruption Detection Tool (DDT) . 61 8.1.2 SIG discovery protocol . 62 8.2 Blockchain protocols with encrypted communication . 62 8.3 Availability analysis . 64 8.4 Efficiency analysis . 65 8.5 SCION deployment . 68 8.6 Ethical aspects and sustainability . 69 9 Conclusion 71 10 Future Work 73 Bibliography 75 A Typical scenario 81 A.1 Application level solution . 81 A.2 SIG proxy solution . 84 Chapter 1 Introduction Blockchain technology can be traced back to 1991 when Haber and Stornetta [28] described the first work on a cryptographically secured chain of blocks. A year later, Bayer, Haber, and Stornetta [5] enabled several documents to be collected into a block. However, blockchain technology gained significance first in 2008, when Satoshi Nakamoto published the Bitcoin white paper [41]. The invention of the Bitcoin made it the first digital currency (cryptocurrency) to solve the double spending problem, spending the same asset twice, without the need of a trusted central authority. Furthermore, it has become inspiration for many additional cryptocurrencies and blockchain-based applications. At the time of writing the thesis, Bitcoin was the most successful cryptocurrency with more than 17 million bitcoins valued at approx- imately 115 billion USD [6]. Given the amount of money at stake, Bitcoin and other cryptocurrencies are obvious targets for attackers. However, attacking cryptocurrencies via the Internet infrastructure was not investigated until the paper by Apostolaki, Zohar, and Vanbever [3] was published. It was believed that blockchain technology is resilient against Bor- der Router Protocol (BGP) hijacking attacks, due to the decentralized Peer-to-Peer (P2P) network. However, the recent paper by Apostolaki, Zohar, and Vanbever [3] shows that, due to the insecure BGP routing protocol and quite centralized Bitcoin network, it is feasible to exe- cute routing attacks on Bitcoin. Few Autonomous Systems (ASes) host most of the nodes in the Bitcoin network, which could be due to the high amount of mining pools located in Iceland and China. In min- ing pools, multiple miners gather together in order to increase their 2 CHAPTER 1. INTRODUCTION 3 chances of finding new blocks and getting the reward. Furthermore, the paper describes two routing attacks, partition attack and delay at- tack. By isolating parts of the network or delaying block propagation, a significant amount of mining power could be wasted, resulting in revenue loss and a wide range of exploits could be enabled, such as double spending. Hence, the Bitcoin’s solution to the double spend- ing problem would be broken, making the technology unreliable and unavailable. Since routing attacks are feasible on any technology running on a centralized network in the current Internet, a routing protocol that guarantees secure and highly available network communication is vi- tal. Thus, it is of interest to investigate mitigation of routing attacks on blockchain technology using SCION [47], a new inter-domain archi- tecture being developed to solve all BGP vulnerabilities in an efficient way. 1.1 Research Question Is it feasible to deploy SCION along with a blockchain technology in order to mitigate routing attacks, and provide secure and highly avail- able blockchain network communication? Can the proposed solution decrease the amount of wasted computing power by routing attacks, and increase miners’ revenue by utilizing SCION? 1.2 Objective Mitigating BGP routing attacks targeting a blockchain technology is the main focus of the thesis. Routing attacks have been disrupting the Internet for decades, by enabling phishing, spamming and Distributed Denial-of-Service (DDoS) attacks. The BGP protocol is the standardized routing protocol in the cur- rent Internet, with no security guarantees [46]. Thus, it is feasible to execute routing attacks, also called BGP hijacking attacks. Any AS can inject forged information on how to reach one or more IP prefixes, re- sulting in ASes sending traffic to wrong destination [3][47]. 4 CHAPTER 1. INTRODUCTION In 2014, Dell SecureWorks published details of an attacker who re- peatedly performed BGP hijacking attacks on a large set of providers, such as Amazon, Digital Oceana and Alibaba. The goal was to inter- cept data between Bitcoin miners and Bitcoin mining pools, where the estimated worth of the theft was $83,000 [56]. A more recent BGP hi- jacking attack on Amazon DNS, resulted in theft of ether and ethereum- based tokens worth $152,000 [24].