RAND Corporation Publishes Report on Virtual Currencies

The RAND Corporation a Global Think Tank that help shape U.S. Foreign policy and Military strategy has released a report on Virtual Currencies and their implications for U.S. National Security.

The report covers the history and current development of virtual currencies, and covers bitcoin in detail.  The report also goes into future developments including the likely hood of a virtual currency being issued by Non State Sponsors, such as ISIS.

Bitcoin Attack scenarios

Some of the most detailed analysis covers possible attack vectors against bitcoin including:

51% attack or Goldfinger Attack

In other words, a Goldfinger attack comprises a cartel formation, in which the cartel, through its dominant computational power, can change the market rules (to undermine faith in the currency), disallow certain users of the currency (to drive out a subset of users from the currency market), or strangle new currency supplies (to drive up prices).

Particularly for Bitcoin, there is another avenue to perform a Goldfinger attack, namely through corrupting the mining pools. Mining is typically performed by computational pools that work by aggregating the mining effort of individual miners. Some of these mining pools can approach the 51 percent threshold, including the notable case of GHash.io, which briefly exceeded the threshold and then promised not to do it again.58 The issue here is not that a mining pool might decide to crash Bitcoin; rather the issue is that an attacker could attempt to hack several mining pools that would then correspond to greater than 51 percent computational power. In such a manner, an attacker with relatively little initial resources could mount a 51 percent attack on Bitcoin. In practice, such an attack may require a high-tiered opponent. It should be noted that such an attack requires a capital investment outside of the Bitcoin market (for computers and electricity, for instance), so it can be difficult to calculate the return on investment for such an attack. Nevertheless, if the cost is within the bounds of cost that the opponent might otherwise spend on weaponry for a direct (kinetic) attack against the currency sponsors, a Goldfinger-type attack should be thought of as realistic.

DDOS Attacks

DDoS attacks and spear phishing to attack vulnerabilities in the networking and computational infrastructure may be effective in degrading a VC system, particularly at more centralized services such as online wallets or mining services. A set of related DDoS attacks exist that include transaction spamming and script attacks to waste computing power by creating transactions that need significant computation to verify.60 These are other ways an attacker can impose costs on the network, even if there is no central authority. Attacking exchanges or other more centralized cyber services may prove effective, even if a VC is decentralized. Rather low-tech methods may even be used to attack Bitcoin users using Tor.61 DDoS attacks can be used to degrade general network connectivity for local, everyday economic transactions so that VC transactions are too slow to be practical or convenient. Any attack that compromises systems that have access to the keys for user accounts, or that compromises the users systems,62 can be used to steal currency. It should be noted that the vast majority of existing literature dedicated to VC security seems to be relative to Tier I and II threats, which is understandable since such low-level threats are already rather effective. We will now consider more advanced threats.

More advanced Attackers could use more sophisticated techniques:

Attacks Used by Tier III and Tier IV Opponents Tier III and Tier IV opponents would employ more sophisticated attacks including discovery and exploitation of zero-day vulnerabilities or manipulating the underlying VC infrastructure. For instance, in Bitcoin, “How participants in the Bitcoin ecosystem achieve consensus about the default rules for Bitcoin transactions is under-analyzed.”63 Since the Bitcoin system requires user consensus on rules for currency generation and transaction state and its validation, it is susceptible to manipulation of those rules, or exploitation of gaps or flaws in the rule implementation. Indeed, high-tier opponents may look to attack the underlying rules of decentralized VCs to change them. Tier III and IV opponents also have the capability to discover and exploit zero-day attacks and may use them to great effect. In particular, they may use them to attack the mining pools, as discussed in the previous section above, in order to gain control of 51 percent of total computational power.

Attacking High Net worth Individuals in the Community or Zero day exploits, or attack the supply chain infrastructure, such as wallet services or mining hardware:

Even in the decentralized case, advanced opponents can successfully exploit specific targets with high probability and can publicly target high-net-worth individuals to reduce confidence in the currency (or can randomly target average citizens to sow distrust). Tier IV opponents would likely have the capability to construct and use zero-day exploits against critical VC services such as exchanges and wallets as well as cell-phone applications used to conduct everyday transactions. Indeed, they may look to use fake permissions and certificates to install applications that subvert (or spy on) user VC applications. They would then either disrupt those applications or publicize vulnerabilities to degrade confidence in a VC. Tier IV opponents might also attempt to degrade the ability of a VC system to construct reliable cryptographic protocols (such as key generation and storage as used by wallet applications) by subtly changing the software implementations of key cryptographic functionalities. They may attempt to change the actual code used by VC servers or users in order to degrade functionality or allow for an easier attack path to later simultaneously deny service to broad classes of servers and/or users

Attacks Used by Tier V and Tier VI Opponents Tier V and Tier VI actors could employ particularly damaging attacks through supply-chain attacks against the underlying infrastructure or through subverting the implementation of the software used by VC participants. These actors may infect broad classes of software and hardware. They might target cell phones or other hardware, including computers used as servers for critical VC services or special-purpose hardware used for mining, and corrupt them before delivery. They could leverage this access to enable them to conduct the operations listed in the above section on Tier III and IV actors with a higher probability of success. By infecting hardware and in particular the special purpose hardware that performs cryptographic tasks, Tier V and VI actors may also be able to break cryptographic standards that underlie the security assumptions of a VC, which could in turn completely break the security of a VC. If publicly revealed (or revealing the consequences of such a break without revealing the break itself), this strategy could result in a severe degradation of confidence in a VC. Tier V and VI actors could also employ HUMINT methods, namely by employing agents to assume the roles of key VC personnel,

You can download the full report here.