Definition: What is a sybil attack?
A sybil attack is a type of attack vector on computer networks during which an attacker maliciously obtains a disproportionaly large influence on the network. In other words, it is an attack that breaks the rules of a network’s reputation system by creating a large number of fake identities.
A reputation system’s vulnerability to a Sybil attack depends on multiple factors that are listed below:
- The price of generating new identities, often expressed in resources and computer performance ;
- The degree of acceptance of inputs from entities that do not have a chain of trust with trusted entities ; and
- Whether the reputation system treats all entities identically, or not.
Explanation: How to protect against sybil attacks?
Two of the most prominent sybil attacks as of lately were performed in 2014 and from 2017 to 2021 against the Tor anonymity network. During the latest attack, the threat actor was reported to control over 900 malicious servers, primarily functioning as man in the middle, in an attempt to deanonymize To users.
Known approaches to prevention of Sybil attacks include: identity validation, social trust graphs, economic costs and application-specific protections.
Identity validation
A local entity may restrict or accept a remote identity based on a central authority (CA) which ensures a one-to-one correspondence between an identity and an entity and may even provide a reverse lookup.
Many methods of validation are used nowadays, it goes from telephone number verification to credit card verification, but there is also examples of networks that make use of public key cryptography in combination with IP addresses to validate the identity of users. In dHealth Network, for example, we used a combination of node public key, node stake and host to determine the allowance of a node to create a block.
Validation techniques that are based solely on identity generally provide accountability at the expense of anonymity, which can be an undesirable tradeoff.
Economic costs
In order to make sybil attacks more expensive, it is possible to impose an economic cost as an artificial barrier to entry. Bitcoin provides a first – distributed – way to do this with its proof-of-work algorithm where a user is required to prove that they spent a certain amount of computational effort to solve a mathematical puzzle.
Other blockchain networks may use different techniques that are often named after the actual barrier they impose on their block creation mechanisms. As for example, with proof-of-stake blockchain networks, it is common that an account must stake – or put aside – a given minimum amount of tokens, before they are permitted to participate and create blocks.
« Back to dictionary overview