Sybil attack on peer-to-peer network – The European Journal of Media and Digital

The interest of peer-to-peer networks, the backbone of public blockchains, is to dispense with centralized authority to operate. So-called “Sybil” attacks consist of creating false identities to damage the network.

The specificity of peer-to-peer computer architecture is to exchange between several computers connected to the system without passing through a central server. All computers in a peer-to-peer network, called “nodes”, play both the role of client and server, that is, the role of sender and receiver. A widespread application in the field of peer-to-peer computer architectures is file sharing, a pet peeve of the cultural industries since the advent of the Internet and the launch in June 1999 of the first software used on a large scale. , Napster, then, in the summer of 2002, the BitTorrent data transfer protocol. In the field of wired or wireless networking, a network structure is called “mesh” when it consists of the connection of all nodes (also called “hosts”) in a peer-to-peer network with no central hierarchy. All hosts on the network are both clients and servers, which provides much better link resiliency in the event of a failure of one of the points. Today, peer-to-peer networks are also at the core of most public blockchains, such as Bitcoin, Ethereum, or Tezos.

All these applications, whose technical architecture is based on a peer-to-peer network, must deal in particular with the security threat inherent in this distributed topology, called the “Sybil attack”, during which a person creates multiple accounts or connects multiple nodes or computers in networks in an attempt to take control of it. The name of this type of computer attack is a reference to Flora Rheta Schreiber’s 1973 US-published biographical novel that tells the story of psychotherapy by Shirley Ardell Mason (1923–1998), also known by her pseudonym alias “Sybil Isabelle Dorsett”, an advertising artist with multiple personality disorder or dissociative personality disorder. Thus, a Sybil attack refers to the activity of rogue nodes in a peer-to-peer network that pretend to be separate and independent nodes, when in fact they are under the control of a single malicious entity, and whose purpose is to influence the decisions made in the network. network in order to “deanonymize” network users or even disrupt its operation, or even block the protocol.

In 2014, the Tor network, a global and decentralized computer network that allows its users to anonymize the source of their connection, was attacked by Sybil for several months. The goal of the attackers, who managed to take control of about half of the Tor relays with the help of malicious nodes, was to spy on data traffic and “deanonymize” a large number of users. According to Sombrekrist, author of, “hosting a large number of carrier-controlled nodes allows users to deanonymize with a Sybil class attack, which is possible if attackers control the first and last node on the network. anonymization chain. The first node in the Tor chain knows the IP address of the user, and the last one knows the IP address of the requested resource, which makes it possible to deanonymize the request by adding some hidden tag on the input node side for the packet headers. which remain unchanged throughout the anonymization chain, and then parse them on the side of the output node. These malicious nodes, once identified, were disconnected from the Tor network.

The risk of Sybil attacks exists for blockchain protocols, which are also based on a peer-to-peer architecture. How do blockchain nodes trust each other and accept new blocks of transactions transmitted over the network? How to detect potential malicious nodes that try to register fake transactions in their interests in the public ledger? To protect against this type of attack, public blockchains implement a consensus mechanism, specifically proof of work. The Proof-of-Work consensus mechanism requires each node participating in transaction verification to solve an energy-intensive cryptographic puzzle in order to participate in the mining process. Whoever solves this cryptographic puzzle verifies the block of transactions and is rewarded for this work. However, if the creation of multiple identities is always possible, it is now almost impossible for an attacker to provide enough computing power to insert fake transactions into the public blockchain without everyone knowing. Thus, the Proof-of-Work consensus mechanism implemented in the blockchain protocol makes it very effective to defend against Sybil attacks. As stated on, “This does not prevent an attacker from attempting these types of attacks, but aims to make them extremely difficult, if not impossible.” It is with the help of this ingenious tool that since 2009, the public Bitcoin blockchain successfully defends itself against Sibyl attacks and guarantees the integrity of transactions in its network.


  • Sibyl Attacks, Binance Academy,, 2018, updated 2021
  • “Sibyl Attacks and Defenses in the Internet of Things and Mobile Social Networking”, Ali Alharbi, Mohamed Zohdi, Debatosh Debnath, Richard Olavoyin, George Corser, International Journal of Computer Science., flight. 15 Issue 6,, November 30, 2018
  • “Sybil Attack – Free TON Vulnerable? ”, Vitaly Romanov,, March 21, 2021
  • “Tor 11.0.2 has been released and contains some fixes”, Sombrecrizt,, December 5, 2021

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker.