Cyber Security
Cryptocurrencies: Tackling the double-spend or 51% attack
I By Annu Singh
magine if you could spend the same currency note in two different places. In traditional currency this is not possible due to several checks and balances by governance bodies, like banks and governments that prevent counterfeiting or such misuse of the note. How does this work in the world of bitcoin and other cryptocurrencies that are decentralized? Bitcoin is a digital currency created by Satoshi Nakamoto in 2008. Like all cryptocurrencies, bitcoin works on peer to peer networks that use blockchain distributed ledger technology, which form a chain of blocks to create permanent records of transactions in an encrypted, auditable and secure way. Once data is recorded in a block it becomes very difficult to change it. A bitcoin block has 3 main components of information recorded on it: 1. Data 2. Hash 3. Hash of the previous block. Data stored inside a block depends on the type of block chain. A bitcoin chain stores details of transactions like sender, receiver and the amount of bitcoin. Hash in the block are unique and can be compared to a fingerprint. Hash helps identify the block and all its content. Once a block is created its hash is then calculated. Any changes made in block, results in changes in the hash. Hash is therefore useful in detecting any tampering done to the block. Bitcoin use SHA256 cryptographic hash. The third element inside a block is the hash of previous block. This
38 | Australian Cyber Security Magazine
connects with the hash of current block to effectively create a chain of blocks. If there is any change in the previous block its hash changes and so does the linkage with the current block, leading to a cascading effect to the chain of blocks ahead in the block chain, turning them invalid. First block of the chain is known as Genesis block and does not have a linkage to any previous block. But using hash is no longer a guarantee against tampering. Computers these days are very fast in calculating hundreds and thousands of hashes per second. You can effectively tamper with a block and recalculate all the hashes in a block chain, to make the block chain valid again. This is called as ‘double spend’. So, to mitigate this blockchain you have the concept of “proof of work”. ‘Proof of work’ (PoW) is a mechanism that slows down the creation of a block. In bitcoin, this is called mining and involves members processing complex, resource-intensive equations to create strings of characters that other members use to verify the legitimacy of the transaction. Mining capability is measured in the number of attempts to find a block that a miner can perform. Each attempt consists of creating a unique block candidate and creating a digest of the block candidate by means of the SHA-256d. Hash power can go 1ph/s (peta hash per second) and above depending on the setup. It takes about 10 min to calculate the required proof of
