Paper published in a journal (Scientific congresses, symposiums and conference proceedings)
A Quantitative Analysis of Security, Anonymity and Scalability for the Lightning Network
Tikhomirov, Sergei; Moreno-Sanchez, Pedro; Maffei, Matteo
2020In Proceedings of 2020 IEEE European Symposium on Security and Privacy (EuroS&P)
Peer reviewed
 

Files


Full Text
quantitative-analysis-lightning.pdf
Author postprint (552.55 kB)
Download
Annexes
lightning-quantitative-slides.pdf
(383.95 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Bitcoin; Lightning Network; privacy; security; anonymity; scalability
Abstract :
[en] Payment channel networks have been introduced to mitigate the scalability issues inherent to permissionless decentralized cryptocurrencies such as Bitcoin. Launched in 2018, the Lightning Network (LN) has been gaining popularity and consists today of more than 5000 nodes and 30000 payment channels that jointly hold 895 bitcoins (7.6M USD as of February 2020). This adoption has motivated research from both academia and industry. Payment channels suffer from security vulnerabilities, such as the wormhole attack, anonymity issues, and scalability limitations related to the upper bound on the number of concurrent payments per channel, which have been pointed out by the scientific community but never quantitatively analyzed. In this work, we first analyze the proneness of the LN to the wormhole attack and attacks against anonymity. We observe that an adversary needs to control only 2% of LN nodes to learn sensitive payment information (e.g., sender, receiver and payment amount) or to carry out the wormhole attack. Second, we study the management of concurrent payments in the LN and quantify its negative effect on scalability. We observe that for micropayments, the forwarding capability of up to 50% of channels is restricted to a value smaller than the overall channel capacity. This phenomenon not only hinders scalability but also opens the door for DoS attacks: We estimate that a network-wide DoS attack costs within 1.5M USD, while isolating the biggest community from the rest of the network costs only 225k USD. Our findings should prompt the LN community to consider the security, privacy and scalability issues of the network studied in this work when educating users about path selection algorithms, as well as to adopt multi-hop payment protocols that provide stronger security, privacy and scalability guarantees.
Disciplines :
Computer science
Author, co-author :
Tikhomirov, Sergei ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Computer Science and Communications Research Unit (CSC)
Moreno-Sanchez, Pedro;  TU Wien > Security and Privacy research unit
Maffei, Matteo
External co-authors :
yes
Language :
English
Title :
A Quantitative Analysis of Security, Anonymity and Scalability for the Lightning Network
Publication date :
September 2020
Event name :
IEEE Security & Privacy on the Blockchain (IEEE S&B 2020)
Event date :
07-09-2020
Audience :
International
Journal title :
Proceedings of 2020 IEEE European Symposium on Security and Privacy (EuroS&P)
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR11684537 - Security, Scalability, And Privacy In Blockchain Applications And Smart Contracts, 2017 (01/08/2018-31/07/2021) - Alex Biryukov
Available on ORBilu :
since 19 October 2020

Statistics


Number of views
98 (15 by Unilu)
Number of downloads
349 (4 by Unilu)

Scopus citations®
 
24
Scopus citations®
without self-citations
21
WoS citations
 
18

Bibliography


Similar publications



Contact ORBilu