BGP hijacking on Bitcoin p2p network [combined summary]

Individual post summaries:

BGP hijacking on Bitcoin p2p network alicexbt 2022-07-05 20:30:24+00:00
BGP hijacking on Bitcoin p2p network Elias Rohrer 2022-06-10 06:44:05+00:00
BGP hijacking on Bitcoin p2p network alicexbt 2022-06-09 18:24:03+00:00

Click here to read the original discussion on the bitcoin-dev mailing list

Published on: 2022-07-05T20:30:24+00:00

Summary:

Alicexbt, a member of the Bitcoin Development mailing list, has raised concerns about BGP hijacking attacks on bitcoin nodes. This vulnerability was noted in a 2014 answer on Stack Exchange. To learn more about the topic, Alicexbt searched for research articles and found works by Maria Apostolaki et al., Muoi Tran et al., and related works. They also shared links to blog posts about the March 2022 Twitter prefix hijacking incident and the Tor network's vulnerability to BGP hijacking.After conducting further research, Alicexbt discovered that RPKI ROA and BGP prefix length could help prevent BGP hijacking attacks. In an effort to address these vulnerabilities, Alicexbt is working on a Chrome extension that connects to local bitcoin core and checks the IP address of all peers for prefix length and other attributes. The extension will highlight peers with different colors based on certain criteria.However, when running tests on the first 10 IP addresses returned in `getnodeaddresses` for Bitcoin Core, vulnerable results were obtained. In response to this, Elias recommended research articles by Maria Apostolaki et al., Muoi Tran et al., and related works that delve into routing attacks.Desiring to contribute to the community's understanding and defense against BGP hijacking attacks, Alicexbt expressed interest in writing a detailed blog post or research article on the subject. They are seeking technical feedback and links to past discussions with potential solutions.In addition to bitcoin nodes, other networks such as Twitter and the Tor network have also experienced BGP hijacking incidents. The Twitter prefix hijacking incident in March 2022 was detailed in blog posts by ISC Sans and MANRS. The vulnerability of the Tor network to BGP hijacking was discussed in an article by 'nusenu'.To mitigate these attacks, it is suggested that implementing RPKI ROA and considering BGP prefix length can be effective. However, further research and discussions are needed to fully address the vulnerabilities. Alicexbt's goal is to contribute to this effort by writing a comprehensive article or blog post in the near future.

Updated on: 2023-08-02T06:46:57.112983+00:00