undefined | Better HN

0 pointsweavejester13y ago0 comments

What does TICOM have to do with anything?

A 51% attack is a possibility, and might be currently possible with the largest botnets known to exist today, but it would be pushing it. In future it becomes even more difficult.

0 comments

2 comments · 1 top-level

betterunix13y ago· 1 in thread

That is exactly the sort of argument the Germans made: that Enigma had known cryptographic flaws, but that they did not think anyone would actually expend the effort needed to attack it. You are saying that Bitcoin has a known flaw, but that nobody is going to amass the computing power needed to exploit that flaw. That is a bad way to approach security.

It is not just about botnets (CPU "mining" is pretty slow); what do you think stops someone from spending their money on enough ASICs to pull off the attack? It is not all that expensive, maybe tens of millions of dollars in chips. Even if it were hundreds of millions of dollars, if Bitcoin were as threatening to the financial system as some people seem to think it is, that would not be a lot to spend on attacking it.

It is also important to recognize that the existence of an obvious polynomial time attack does not in any way rule out the existence of faster attacks, it only establishes an upper bound on the attack effort. The reason proofs of security in modern cryptography involve a reduction to an (assumed) infeasible problem is that it rules out all practical attacks (in fact, all theoretically feasible attacks).

weavejesterOP13y ago

It would be nice if there were a way of solving the double-spending problem that would make all attacks infeasible. But since there isn't, we need to make do with the options we have: to place trust in either a pre-chosen authority, or a defined majority we assume to be trustworthy.

Not all the tools we have for maintaining security are as good as public key encryption or symmetric encryption. In the world of bricks and mortar, $10 million buys you a lot of criminal clout. Is a safe deposit box safe against a determined attacker with that budget? Are all employees immune to million dollar bribes?

The law attempts to redress imbalances by making it difficult to get away with circumventing security to perpetrate financial crimes. The problem is not so much stealing from a bank, but getting away with it after the fact. The same problem applies to bitcoin if you want to execute a 51% attack; double-spending is financial fraud, after all.

Buying up $10 million worth of ASICs is relatively straightforward, but doing so in a way that can't be traced back to you is substantially more difficult. As well as the problem of trying to run that amount of hardware in secret, without a paper-trail, you'll also have problems in trying to convert any profits you make from the scheme back into fiat currency.

If one merely wanted to demonstrate the attack without profitting from it, then one could double-spend a small amount between accounts you own, in the same way that one could demonstrate an attack on a safe by buying one and then drilling into it. But that doesn't change the fact that there's a big difference between circumventing security, and illegally profitting from it without consequences.

j / k navigate · click thread line to collapse

0 comments

2 comments · 1 top-level

betterunix13y ago· 1 in thread

weavejesterOP13y ago

j / k navigate · click thread line to collapse