One of the greatest concerns in the technological era in which we live is the malicious use of bots or artificial intelligences.
Consequently, contrary to what we would think, blockchain networks (secure environments) can also be affected either by Byzantine failures, DDoS attacks (denial of service attack), among others.
Today we will discuss one particular attack that can threaten the security of any system and is a constant concern in the crypto ecosystem.
As it could not be otherwise, let’s start by knowing what Sybil’s attacks (Sybil Attack) are.
What is a Sybil attack?
A Sybil attack is an attack that threatens the security of a system, since it is a malicious actor that attempts to completely control a network, using multiple fake identities, nodes or pcs.
This type of attack usually occurs in p2p (peer to peer) networks, that is, networks that work through a series of nodes or computers that work in the same way as each other.
One way in which I could exemplify these attacks is with presidential voting.
Example
Let’s imagine that we have two candidates and one of them is more popular and is expected to win.
However, several of the people who have access to the ballots, take the voters’ data, get rid of these votes and introduce new ballots with votes for the less popular candidate.
Thus, in this process, votes are being falsified and, therefore, the identities of voters in order to have a complete administration of the voting system.
In a common scenario, we could go so far as to identify people who monitor voting or who violated cyber rules.
However, in a decentralized universe where anonymity prevails, it is really difficult to conclude that identities come from a single person.
As a curious fact, the name “Sybil” comes from the 1973 book “Sybil” by journalist Flora Theta Schreiber.
This book studies the case of Shirley Ardell Manson, whose pseudonym is Sybil Dorsett, a woman diagnosed with dissociative identity disorder (DID), formerly called “multiple personality disorder.”
In 2002, Brian Zil, a Microsoft computer scientist, suggested the name for a paper by John R. Douceur, a researcher on the subject at Microsoft.
How does a Sybil attack work?
As mentioned before, a peer to peer network works by means of nodes. Each node has a function within the system.
A successful Sybil attack on a blockchain is one in which enough identities or nodes are created to influence others.
Even complete dominance can be obtained if the fake identities manage to outvote the honest nodes in the network, as in the example of the under-recognized presidential candidate.
Once you achieve system contamination by the large number of identities, you can:
-
- Alter routes.
- Modify stored content.
- Deny the creation of blocks, which prevents the recording and operation of transactions.
If it manages to reach a large scale where they can control most of the network, a 51% attack can occur. In it, the order of transactions can be changed, spending can be doubled or transactions can be reversed.
How can it be prevented?
There are five essential ways to reduce the risk of such attacks:
1. Grant different powers to different members
One solution may be reputation systems, in which there are different levels of power according to the trustworthiness of that person within the network.
2. Generate costs to create an identity
A sum of money may be requested so that each person can create an identity.
In this way, it will be more complicated for the attacker to cover the costs to execute his attack.
3. Limit the number of identities per node.
One effective way is to disallow multiple fake identities to operate at the same time from the same IP or device.
4. Validate identities before joining the network.
There are two ways to do this:
The direct one, in which an established entity is in charge of verifying the new member of the network.
On the other hand, the indirect one, which works as a trust system in which the established entity verifies some members.
Then, who can verify the new members who join after them and so on. This mode assumes that new users are honest.
5. Apply a set of rules for the generation of new blocks.
The consensus algorithms of different projects, such as Bitcoin, employ “rules” to circumvent these attacks.
One of them may be that each node has the computational power necessary to create a new block.
Therefore, it will be difficult to create several identities without them coming from the same PC, especially taking into account algorithms such as Proof of Work.
Likewise, through rewards they ensure that miners keep their mining honest.
In this blog we have also talked about Proof of Humanity, a novel solution endorsed by Vitalik Buterin to prevent Sybil attacks. POH creates the first decentralized registry of humans to address this issue.
Congratulations on making it all the way to the end!
If you want to know more about these topics you can click on the related articles below.
See you next time!
