One of the biggest qualms people have with using bitcoins, assuming they don’t believe it to be a Ponzi scheme or that it’s a scam of some sort, is that there is nobody guaranteeing their funds if the network is somehow successfully attacked. Some worry that bitcoin is insecure in some way, and that the flaw simply hasn’t been found yet, or potentially worse, hasn’t been exploited yet.

                This concern isn’t entirely unfounded – we don’t know what we don’t know, as the saying goes. It is possible that there is a flaw similar to the one found circa version .3.09 where one custom transaction would have credited an account with a massive amount of fake bitcoins.  Yet every day the value of a single bitcoin increases and there are no network-breaking errors increases the likelihood that the bitcoin protocol, at least, is secure.

                Recently, however, there have been other attacks on the bitcoin secondary networks – the sites and services that help make up the bitcoin economy and ecosystem. First, the largest USD/BTC exchange site, Mt. Gox, was attacked by a Russian DDOS, which crippled the exchange for almost two weeks. Weeks later, major pools suffered DDOS attacks as well, with BTCMine, Deepbit and slush’s pool all having difficulties keeping miners connected.

                These tertiary attacks show how weak the points of entry to the bitcoin network are, whether you are entering through Mt. Gox and simply buying coins, or trying to mine for your coins. What seems likely to arise from these attacks, should they continue, is for either:

1: The websites servicing bitcoin users such as Mt. Gox, Deepbit.net, and others will all move to secured hosting, that protects from DDOSing, as Mt. Gox did. Or;

2: Distributed forms of these services will arise, rendering DDOS attacks not only impractical, but ineffective.

                In either scenario, whether it is distributed services or simply that every major service requires a DDOS hardened host, the bitcoin supporting network grows stronger, which helps strengthen trust of the whole bitcoin economy. Yet the problem remains as to whether or not there is a way as of yet hidden way to break bitcoin’s software.

                Assuming that there are no critical bugs in the protocol as implemented, the only remaining attack vector on bitcoin would be to break the cryptography behind it. As explained in my first article for The Bitcoin Sun, From Alice to Bob, there are two technologies behind bitcoin – Elliptic Curve Digital Signature Algorithm (ECDSA) and SHA256. Both of these algorithms are as of yet unbroken, and a successful break of one would not necessarily be the end of bitcoin’s security.

                If SHA256 were to be completely broken, it would actually have a relatively small effect on the bitcoin network, assuming it wasn’t broken by someone specifically setting out to use that knowledge against bitcoin. The reason for this is that SHA256 is used as a proof of work – essentially, the only thing that can be done with this is to speed up hashing – making it more trivial for an attacker to acquire more than 50% of the total network hashing speed. Assuming it was broken and published in a research journal, the first miners to implement it would shoot the difficulty through the roof, and the rest would presumably follow, not dissimilar to the rise of GPU based hashing last year.

                A break of ECDSA would be more problematic, though is partially mitigated by the default behavior of the default bitcoin client. Breaking ECDSA would allow an attacker to potentially create keypairs extremely quickly, essentially a faster way to brute force search for a keypair that has money in the blockchain. Even worse, an attacker could create the private addresses from the public address that is known, and simply would have to search through the blockchain to find a juicy target (a bitcoin address with many bitcoins credited to it) and then find the private key to go with that address.

                So in effect, SHA256 breaking would simply mean that difficulty would skyrocket (again), which has been handled in stride by the network. The effects of ECDSA are potentially more disastrous, but if it becomes known that that algorithm has been broken, everyone will want to get rid of their bitcoins, and they will all be worthless. Because of that, there is no clear economic motive to try and destroy the bitcoin network in this way, but that is certainly not a deterrent in all cases.

                ECDSA and SHA256 are both very technically solid cryptographic functions, and it does not appear that either will be broken soon. There has been a successful timing attack on ECDSA, but it is not a general attack, and requires certain very specific circumstances, which don’t occur on the bitcoin network.  Essentially, to perform the demonstrated attack, access to the computer is required, so at that point it is trivial to simply copy the user’s wallet.dat and brute force it at leisure on an attackers servers. This of course will also all be moot when the vulnerability is patched in an upcoming version of OpenSSL.

                According to Diablo Miner developer Patrick McFarland, “ECDSA is NOT a conventional algorithm, by any means - it’s incredibly clever. If you can break ECDSA legitimately, then you might as well go build a ****ing TARDIS.”

                The bitcoin network has lived through some minor attacks so far and seems braced to weather more, and the cryptography behind it is watertight. Anyone attempting to break the network, for whatever reason, with whatever attack method, certainly has their work cut out for them.