Bitcoin recently introduced a new protocol for the encryption of peer-to-peer (P2P) communication. The protocol, known as V2 P2P transport, represents a big step towards securing the overlay network against various previously-known attack vectors. Based on an analysis of V2 P2P transport, this work examines the current viability of said attacks and concludes that while they are now remediated, alternative attacks and paths to similar objectives exist. The identified shortcomings are conceptual (and not implementation bugs) and even applicable to other P2P networks. We show how a network-level attacker can identify application messages using the length of TCP payloads, can eclipse a target node by taking advantage of how encrypted communication channels work and can downgrade all of a node's connections to the unencrypted protocol by using the mechanisms designed for compatibility. We validate our contributions using a combination of network measurements, emulations and simulations. Finally, we propose a series of short-term and long-term countermeasures towards securing Bitcoin's P2P network. To the best of our knowledge, we are the first to study Bitcoin's security under V2 P2P transport.

翻译：比特币近期引入了一种用于加密点对点（P2P）通信的新协议。该协议被称为V2 P2P传输，在保护覆盖网络免受多种已知攻击向量方面迈出了一大步。基于对V2 P2P传输的分析，本研究审视了所述攻击的当前可行性，并得出结论：尽管这些攻击现已得到修复，但仍存在替代性攻击及实现类似目标的途径。所发现的缺陷属于概念层面（而非实现漏洞），甚至适用于其他P2P网络。我们展示了网络级攻击者如何利用TCP有效载荷长度识别应用消息，如何借助加密通信信道的工作机制对目标节点实施日食攻击，以及如何利用为兼容性设计的机制将节点的所有连接降级至未加密协议。我们结合网络测量、仿真与模拟验证了研究贡献。最后，我们提出了一系列短期与长期对策，以加强比特币P2P网络的安全性。据我们所知，本研究是首次针对V2 P2P传输协议下比特币安全性的系统性分析。