Welcome to the resource topic for 2022/477

Title:
Algorithm-Substitution Attacks on Cryptographic Puzzles

Authors: Pratyush Ranjan Tiwari, Matthew Green

In this work we study and formalize security notions for algorithm substitution attacks (ASAs) on cryptographic puzzles. Puzzles are difficult problems that require an investment of computation, memory or some other related resource. They are heavily used as a building block for the consensus networks used by cryptocurrencies, where they include primitives such as proof-of-work, proof-of-space, and verifiable delay functions (VDFs). Due to economies of scale, these networks increasingly rely on a small number of companies to construct opaque hardware or software (e.g., GPU or FPGA images): this dependency raises concerns about cryptographic subversion. Unlike the algorithms considered by previous ASAs, cryptographic puzzles do not rely on secret keys and thus enable a very different set of attacks. We first explore the threat model for these systems and then propose concrete attacks that (1) selectively reduce a victim’s solving capability (e.g., hashrate) and (2) exfiltrate puzzle solutions to an attacker. We then propose defenses, several of which can be applied to existing cryptocurrency hardware with minimal changes. Given that these attacks are relevant to all proof of work cryptocurrencies that have a combined market capitalization around a $1 trillion USD (March, 2022), we recommend that all vulnerable mining protocols consider making the suggested adaptations today.

ePrint: https://eprint.iacr.org/2022/477

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .