Double-spending fast payments in Bitcoin

Ghassan O. Karame, Elli Androulaki, Srdjan Čapkun

    Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

    Abstract

    Bitcoin is a decentralized payment system that relies on Proof-of-Work (PoW) to verify payments. Nowadays, Bitcoin is increasingly used in a number of fast payment scenarios, where the time between the exchange of currency and goods is short (in the order of few seconds). While the Bitcoin payment verification scheme is designed to prevent double-spending, our results show that the system requires tens of minutes to verify a transaction and is therefore inappropriate for fast payments. An example of this use of Bitcoin was recently reported in the media: Bitcoins were used as a form of fast payment in a local fast-food restaurant. Until now, the security of fast Bitcoin payments has not been studied. In this paper, we analyze the security of using Bitcoin for fast payments. We show that, unless appropriate detection techniques are integrated in the current Bitcoin implementation, doublespending attacks on fast payments succeed with overwhelming probability and can be mounted at low cost. We further show that the measures recommended by Bitcoin developers for the use of Bitcoin in fast payments are not always effective in detecting doublespending; we show that if those recommendations are integrated in future Bitcoin implementations, double-spending attacks on Bitcoin will still be possible. Finally, we propose and implement a modification to the existing Bitcoin implementation that ensures the detection of double-spending attacks against fast payments.

    Original languageEnglish
    Title of host publicationCCS'12 - Proceedings of the 2012 ACM Conference on Computer and Communications Security
    Pages906-917
    Number of pages12
    DOIs
    Publication statusPublished - 2012
    Event2012 ACM Conference on Computer and Communications Security, CCS 2012 - Raleigh, NC, United States
    Duration: 16 Oct 201218 Oct 2012

    Other

    Other2012 ACM Conference on Computer and Communications Security, CCS 2012
    Country/TerritoryUnited States
    CityRaleigh, NC
    Period16/10/1218/10/12

    Keywords

    • Bitcoin
    • Countermeasures
    • Double-spending
    • Fast payments

    Fingerprint

    Dive into the research topics of 'Double-spending fast payments in Bitcoin'. Together they form a unique fingerprint.

    Cite this