Projects per year
Supported by the current hype on Bitcoin, the number of available cryptocurrencies has steadily increased over the past years. Currently, relevant portals list more than 1.500 cryptocurrencies. Many of them slightly deviate from approved and tested technical concepts and realize security-related functionality in different ways. While the security of major cryptocurrencies has already been studied in more detail, security properties of less popular cryptocurrencies that deviate from approved technical concepts often remain unclear. This is a problem, as users run the risk of losing invested money in case the respective cryptocurrency is unable to provide sufficient security. In this paper, we underpin this statement by means of a detailed analysis of the cryptocurrency FirstCoin. We identify and discuss vulnerabilities of FirstCoin, which lead to a low network hash rate and allow for 51% attacks. We propose a double-spending attack that exploits these vulnerabilities and demonstrate the proposed attack's feasibility by running it in an isolated evaluation environment. This way, we show FirstCoin to be insecure and provide a real-world example that underpins the general problem of cryptocurrencies deviating from approved security concepts and relying on weak security designs.
|Title of host publication||ICT Systems Security and Privacy Protection|
|Editors||Lech Jan Janczewski, Miroslaw Kutylowski|
|Place of Publication||Cham|
|Publisher||Springer International Publishing AG|
|Number of pages||14|
|Publication status||Published - 2018|
33rd IFIP TC-11 SEC 2018 International Conference on Information Security and Privacy Protection - Poznań, Poland
Duration: 18 Sept 2018 → 20 Sept 2018
|Name||IFIP Advances in Information and Communication Technology|
33rd IFIP TC-11 SEC 2018 International Conference on Information Security and Privacy Protection
|Abbreviated title||IFIP SEC 2018|
|Period||18/09/18 → 20/09/18|
FingerprintDive into the research topics of 'A Security Analysis of FirstCoin'. Together they form a unique fingerprint.
- 1 Active
A-SIT - Secure Information Technology Center Austria
Stranacher, K., Dominikus, S., Leitold, H., Marsalek, A., Teufl, P., Bauer, W., Aigner, M. J., Rössler, T., Neuherz, E., Dietrich, K., Zefferer, T., Mangard, S., Payer, U., Orthacker, C., Lipp, P., Reiter, A., Knall, T., Bratko, H., Bonato, M., Suzic, B., Zwattendorfer, B., Kreuzhuber, S., Oswald, M. E., Tauber, A., Posch, R., Bratko, D., Feichtner, J., Ivkovic, M., Reimair, F., Wolkerstorfer, J. & Scheibelhofer, K.
21/05/99 → 6/08/20
Project: Research area