University of Bern researchers say Ripple’s protocol “can seriously fail”

Researchers at the University of Bern have published a report that states that Ripple’s consensus protocol “does not guarantee security or vitality”.

In an article published yesterday by the Research group cryptology and data security from university, researcher Christian Cachin, Amores-Sesar, and Jovana Mićić published an analysis claiming the payment company’s consensus protocol could potentially allow users to “issue a token twice” and stop transaction processing.

The trio created examples of the Ripple protocol using different numbers and types of nodes to illustrate possible security and vitality violations (a term used for the network to continue processing transactions and progress). According to their models, the presence of faulty or malicious nodes could “have a devastating effect on the health of the network.”

University of Bern researchers say Ripple’s protocol “can seriously fail”
University of Bern researchers say Ripple’s protocol “can seriously fail”

“Our results show that the Ripple protocol relies heavily on synchronized clocks, on-time messaging, the existence of a healthy network, and an a priori agreement on shared trusted nodes with the network [Lista de nodos únicos] signed by Ripple “, according to the researchers.

“If one or more of these conditions are violated, especially if attackers are activated on the network, the system can fail seriously.”

David Schwartz, Ripple’s Chief Technology Officer, answered quickly to Cachin on Twitter to disprove the results. Ripple’s CTO dispute What such a situation was “impractical”, that every attacker would have to “Share the network” and control part of your list of unique nodes. or UNL to do what the researchers suggested.

“The general philosophy of UNL is that attackers have a chance to endanger life and then be out of UNL forever.” Schwartz said. Added:

“Security attacks also require significant control over how messages are passed on the network, which makes them impractical. Because of this, the total lack of tolerance for partitioning Bitcoin is not a practical issue. “

So far, none of the researchers has responded to the Ripple CTO’s criticism of their results. The group admitted in the original analysis that the attacks were “Purely theoretically and not demonstrated with an active network.”

Similar Posts