Spoof-of-Work - Evaluating Device Authorisation in Mobile Mining Processes

Dominik Ziegler, Bernd Prünster, Alexander Marsalek, Christian Kollmann

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review


Mobile mining of cryptocurrencies, without relying on CPU-heavy computations, is a novel attempt to foster adoption of a token. However, this approach leaves room for attacks. In this paper, we perform a thorough analysis of Electroneum, one of the first cryptocurrencies to introduce a mobile mining process. We show that mobile mining, without relying on a consensus algorithm (e.g. Proof-Of-Work), is not feasible on current generation Android smartphones. We further demonstrate that the security mechanisms employed by Electroneum can be circumvented and that mobile mining can be exploited successfully. Based on this analysis, we discuss several practical countermeasures, which can be applied on smartphones to enforce device authorisation and prevent abuse.
Original languageEnglish
Title of host publicationProceedings of the 15th International Joint Conference on e-Business and Telecommunications
Place of PublicationPortugal
PublisherSciTePress - Science and Technology Publications
Number of pages8
Volume1: SECRYPT
ISBN (Print)978-989-758-319-3
Publication statusPublished - 28 Jul 2018


  • Device Authorisation, Android, Cryptocurrency, Mining, REST, App Integrity, Smartphone, Electroneum, Remote Attestation, Key Attestation.
  • A-SIT - Secure Information Technology Center Austria

    Stranacher, K., Dominikus, S., Leitold, H., Marsalek, A., Teufl, P., Bauer, W., Aigner, M. J., Rössler, T., Neuherz, E., Dietrich, K., Zefferer, T., Mangard, S., Payer, U., Orthacker, C., Lipp, P., Reiter, A., Knall, T., Bratko, H., Bonato, M., Suzic, B., Zwattendorfer, B., Kreuzhuber, S., Oswald, M. E., Tauber, A., Posch, R., Bratko, D., Feichtner, J., Ivkovic, M., Reimair, F., Wolkerstorfer, J. & Scheibelhofer, K.


    Project: Research area

Cite this