Amazon Granted Patent for Proof-of-Work System to Fight DDoS Attacks

E-commerce giant Amazon has recently been granted a patent for a proof-of-work (PoW) system that could reportedly be used to mitigate distributed denial of service (DDoS) attacks computer networks are often targeted with.

The patent, first filed back in December of 2016, was granted by the U.S. Patent and Trademark Office (USPTO) this week, and essentially outlines how Merkle trees can be generated as a solution to proof-of-work challenges,  including preventing DDoS attacks.

The e-commerce giant’s proposal is to use Merkle trees to present a proof-of-work challenge to attackers, making it too expensive to use a series of machines to perform such an attack. Merkle trees essentially allow for the verification of data sent between computers.

Amazon also suggested the use of a proof-of-work (PoW) system, that would see machines create Merkle trees as the “work” involved. PoW is an algorithm used to protect networks, by asking participants to do “work that often involves computing power.

Amazon’s patent explains:

A proof-of-work system where a first party (e.g., a client computer system) may request access to a computing resource. A second party (e.g., a service provider) may determine a challenge that may be provided to the first party. A valid solution to the challenge may be generated and provided for the request to be fulfilled.

These challenges, Amazon notes, could include “a message and a seed, such that the seed may be used at least in part to cryptographically derive information that may be used to generate a solution to the challenge.” Adding to this, it suggests the creation of Merkle trees.

A similar system is used on the Bitcoin blockchain, with Merkle trees being used to ensure that blocks mined on the network aren’t falsified. On it, proof-of-work sees miners solve complex mathematical puzzles to secure the network, and sees them get rewarded in BTC for it.

Using a proof-of-work algorithm, the firm adds that preventing DDoS attacks could be accomplished. The patent reads:

Requiring a valid proof-of-work may mitigate a DOS [denial-of-service] or DDOS attack by causing the participants of the DOS or DDOS attack to generate a valid proof-of-work solution, which may require the use of computational resources on the attacking systems and dramatically reduce the rate at which entities participating in the attack may send requests.

This system would essentially make DDoS attacks economically unfeasible. Elsewhere in its patent, Amazon mentions other cryptocurrency-related terms like “public signing key” and “digital signature,” but doesn’t refer to blockchains or cryptocurrencies directly.

The move shows so far the e-commerce giant is more invested in blockchain technology than in cryptocurrencies per se. Although cryptocurrency users would like to see the company accept crypto payments, so far it hasn’t done so. A survey has earlier this year shown 13% of its customers would be interested in purchasing crypto from it.

Changpeng Zhao, the CEO of cryptocurrency exchange Binance, revealed he believes that Amazon will, “sooner or later,” have to issue its own currency. So far the company has only used blockchain technology, and has registered domains like, in a move believed to have been made to protect its brand.

Disgruntled Employee Arrested for Allegedly Stealing $700,000 from Altcoin Trading Platform

Police in Tokyo arrested two men for allegedly stealing 78 million yen in bitcoin from the altcoin trading platform CoinExchange, which shut down last year.

According to the Japan Times, the Metropolitan Police Department’s cybercrime unit arrested Yuto Onitsuka, 25, and Takuma Sasaki, 28, over computer fraud charges related to the theft. The two are suspected of stealing the BTC from CoinExchange at the end of October 2018, one year before the platform shut down.

As CryptoGlobe reported at the time, CoinExchange was trading an average of $700,000 a day across 500 trading pairs, many of which included little-known altcoins with rather low trading volumes. The platform’s management wrote:

Unfortunately it is no longer economically viable for us to continue offering market services. The costs of providing the required level of security and support now outweigh our earnings.

The Japan Times reports that Onitsuka was an employee at the Tokyo-based cryptocurrency exchange at the time, and had access to the company’s cryptocurrency wallets. Sources quoted him as saying he wanted to try and bankrupt CoinExchange as he wasn’t satisfied with the firm’s management at the time.

The report suggests Onitsuka knew Sasaki through an online bulletin board. The latter ended up getting the private keys to the cryptocurrency wallets through the disgruntled employee, and used them to move the BTC to other wallets controlled by the pair.

Some of the stolen crypto is believed to have been laundered as Sasaki’s bank account showed large sums of money. He reportedly withdrew 6 million yen, close to $55,000, which were used to travel.

Featured image via Pixabay.