Research & Development World

  • Home Page
  • Topics
    • Aerospace
    • Archeology
    • Automotive
    • Biotech
    • Chemistry
    • Environment
    • Energy
    • Life Science
    • Material Science
    • R&D Market Pulse
    • R&D Management
    • Physics
  • Technology
    • 3D Printing
    • A.I./Robotics
    • Battery Technology
    • Imaging
    • Nanotechnology
    • Semiconductors
  • Controlled Environments
    • Cleanrooms
    • Graphene
    • Lasers
    • Regulations/Standards
    • Sensors
  • Scientific Computing
    • Big Data
    • HPC/Supercomputing
    • Informatics
    • Security
    • Software
  • R&D 100 Awards
    • 2020 Winners
    • Winner Archive
    • R&D 100 Conference
  • Resources
    • Digital Issues
    • Podcasts
    • Subscribe
  • 2020 Funding Forecast
  • COVID-19

First Reputation-based Blockchain Guarantees Security Against 51 Percent Attacks

By University of Luxembourg | March 22, 2019

Researchers at the University of Luxembourg are part of an international team that has proposed the first blockchain system to guarantee proper performance even when more than 51 percent of the system's computing power is controlled by an attacker.

The system, RepuCoin, introduces the concept of "reputation" to blockchain, effectively making it thousands of times more expensive to attack than Bitcoin. It was developed at the University's Interdisciplinary Centre for Security, Reliability and Trust, and has the potential to be applied in a number of global sectors including fintech, energy, food supply chains, health care and future 5G telecommunications networks.

One of the main advantages of blockchain-based systems, such as Bitcoin, is that the whole network sees and approves changes to data through democratic consensus. Users don't have to place their trust—and money—in the hands of a single central authority. However, to achieve this, existing systems equate a miner's computational power used for mining new blocks with their voting power, used to decide which blocks of transactions to commit to the ledger.

This gives rise to an inherent weakness: as soon as one miner controls over 50 percent of the system's computational power s/he also controls the voting power; the system effectively ceases to be decentralised. That miner could reject blocks proposed by competing miners, prevent selected transactions from being added to blocks and even replace blocks that were already on the ledger.

To solve this, RepuCoin calculates voting power according to a miner's "reputation". Unlike social reputation, this is a strictly mathematical quality which accumulates through consistent and honest mining over long periods, like charging a battery before it can be used. It makes RepuCoin the first such system to be resilient against miners holding 51 percent or more of the network's computing resources.

Lead researcher Dr. Jiangshan Yu—previously at the University's Interdisciplinary Centre for Security, Reliability and Trust and now a Lecturer at Monash University, Australia, says: "We have already seen mining pools such as Ghash.io surpass the 50 percent threshold on Bitcoin. Just as worryingly, it's now possible for hackers to rent this kind of computational power in a matter of seconds, allowing them to conduct flash attacks. RepuCoin is the only type of blockchain currently on the market that can withstand such attacks."

Attacking RepuCoin with 68 percent of the system's total mining power would take at least six months once the system has been running for a year, and would be at least 5760 times as expensive as conducting the same attack on Bitcoin. And because of the way reputation accumulates, the longer RepuCoin runs, the more resilient it is to attack. For example, when the system has been in secure operation for only three months, an attacker would need to harness 90 percent of the overall computing power for a further month to behave maliciously.

Co-author Prof. Paulo Esteves-Veríssimo, who leads SnT's work in critical and extreme security and dependability, says: "It's an elegant solution to a problem that many thought was insoluble. Existing systems always linked computational power to voting power. We separated them, and now someone could join RepuCoin with 99 percent of the total computing power and they still wouldn't be able to attack it."

Related Articles Read More >

R&D 100 winner of the day: Reconnaissance of Influence Operations (RIO)
R&D 100 winner of the day: FOVEA (Forensic Video Exploitation and Analysis) Tool Suite
R&D winner of the day: LAVA: Large-Scale Vulnerability Addition
R&D 100 winner of day: Timely Randomization Applied to Commodity Executables at Runtime (TRACER)

Need R&D World news in a minute?

We Deliver!
R&D World Enewsletters get you caught up on all the mission critical news you need in research and development. Sign up today.
Enews Signup
Tweets by @RandDWorld

R&D World Digital Issues

February 2020 issue

Browse the most current issue of R&D World and back issues in an easy to use high quality format. Clip, share and download with the leading R& magazine today.

Research & Development World
  • Subscribe to R&D World Magazine
  • Enews Sign Up
  • Contact Us
  • Drug Discovery & Development
  • Pharmaceutical Processing
  • 2020 Global Funding Forecast

Copyright © 2021 WTWH Media LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media
Privacy Policy | Advertising | About Us

Search R&D World

  • Home Page
  • Topics
    • Aerospace
    • Archeology
    • Automotive
    • Biotech
    • Chemistry
    • Environment
    • Energy
    • Life Science
    • Material Science
    • R&D Market Pulse
    • R&D Management
    • Physics
  • Technology
    • 3D Printing
    • A.I./Robotics
    • Battery Technology
    • Imaging
    • Nanotechnology
    • Semiconductors
  • Controlled Environments
    • Cleanrooms
    • Graphene
    • Lasers
    • Regulations/Standards
    • Sensors
  • Scientific Computing
    • Big Data
    • HPC/Supercomputing
    • Informatics
    • Security
    • Software
  • R&D 100 Awards
    • 2020 Winners
    • Winner Archive
    • R&D 100 Conference
  • Resources
    • Digital Issues
    • Podcasts
    • Subscribe
  • 2020 Funding Forecast
  • COVID-19