136 research outputs found
Bitcoin over Tor isn't a good idea
Bitcoin is a decentralized P2P digital currency in which coins are generated
by a distributed set of miners and transaction are broadcasted via a
peer-to-peer network. While Bitcoin provides some level of anonymity (or rather
pseudonymity) by encouraging the users to have any number of random-looking
Bitcoin addresses, recent research shows that this level of anonymity is rather
low. This encourages users to connect to the Bitcoin network through
anonymizers like Tor and motivates development of default Tor functionality for
popular mobile SPV clients. In this paper we show that combining Tor and
Bitcoin creates an attack vector for the deterministic and stealthy
man-in-the-middle attacks. A low-resource attacker can gain full control of
information flows between all users who chose to use Bitcoin over Tor. In
particular the attacker can link together user's transactions regardless of
pseudonyms used, control which Bitcoin blocks and transactions are relayed to
the user and can \ delay or discard user's transactions and blocks. In
collusion with a powerful miner double-spending attacks become possible and a
totally virtual Bitcoin reality can be created for such set of users. Moreover,
we show how an attacker can fingerprint users and then recognize them and learn
their IP address when they decide to connect to the Bitcoin network directly.Comment: 11 pages, 4 figures, 4 table
Blockchain Inefficiency in the Bitcoin Peers Network
We investigate Bitcoin network monitoring the dynamics of blocks and
transactions. We unveil that 43\% of the transactions are still not included in
the Blockchain after 1h from the first time they were seen in the network and
20\% of the transactions are still not included in the Blockchain after 30
days, revealing therefore great inefficiency in the Bitcoin system. However, we
observe that most of these `forgotten' transactions have low values and in
terms of transferred value the system is less inefficient with 93\% of the
transactions value being included into the Blockchain within 3h. The fact that
a sizeable fraction of transactions is not processed timely casts serious
doubts on the usability of the Bitcoin Blockchain for reliable time-stamping
purposes and calls for a debate about the right systems of incentives which a
peer-to-peer unintermediated system should introduce to promote efficient
transaction recording.Comment: 15 pages, 8 figures, 3 table
Decentralization in Bitcoin and Ethereum Networks
Blockchain-based cryptocurrencies have demonstrated how to securely implement
traditionally centralized systems, such as currencies, in a decentralized
fashion. However, there have been few measurement studies on the level of
decentralization they achieve in practice. We present a measurement study on
various decentralization metrics of two of the leading cryptocurrencies with
the largest market capitalization and user base, Bitcoin and Ethereum. We
investigate the extent of decentralization by measuring the network resources
of nodes and the interconnection among them, the protocol requirements
affecting the operation of nodes, and the robustness of the two systems against
attacks. In particular, we adapted existing internet measurement techniques and
used the Falcon Relay Network as a novel measurement tool to obtain our data.
We discovered that neither Bitcoin nor Ethereum has strictly better properties
than the other. We also provide concrete suggestions for improving both
systems.Comment: Financial Cryptography and Data Security 201
Deanonymisation techniques for Tor and Bitcoin
This thesis is devoted to low-resource off-path deanonymisation techniques for two popular systems, Tor and Bitcoin. Tor is a software and an anonymity network which in order to confuse an observer encrypts and re-routes traffic over random pathways through several relays before it reaches the destination. Bitcoin is a distributed payment system in
which payers and payees can hide their identities behind pseudonyms (public keys) of their choice. The estimated number of daily Tor users is 2,000,000 which makes it arguable the most used anonymity network.
Bitcoin is the most popular cryptocurrency with market capitalization about 3.5 billion USD. In the first part of the thesis we study the Tor network. At the beginning we show how to remotely find out which Tor relays are connected. This effectively allows for an attacker to reduce Tor users' anonymity by ruling out impossible paths in the network. Later we analyze the security of Tor Hidden Services. We look at them from
different attack perspectives and provide a systematic picture of what information can be obtained with very inexpensive means. We expose flaws both in the design and implementation of Tor Hidden Services that allow an attacker to measure the popularity of arbitrary hidden services, efficiently collect hidden service descriptors (and thus get a global picture of all hidden services in Tor), take down hidden services and deanonymize hidden services. In the second part we study Bitcoin anonymity. We describe a generic method to deanonymize a significant fraction of Bitcoin users and correlate their pseudonyms with their public IP addresses. We discover that using Bitcoin through Tor not only provides limited level of anonymity but also exposes the user to man-in-the middle attacks in which an attacker controls which Bitcoin blocks and transactions the user is aware of. We show how to fingerprint Bitcoin users by setting an "address cookie" on their computers. This can be used to correlate the
same user across different sessions, even if he uses Tor, hidden-services or multiple proxies.
Finally, we describe a new anonymous decentralized micropayments scheme in which clients do not pay services with electronic cash directly but submit proof of work shares which the services can resubmit to a
crypto-currency mining pool. Services credit users with tickets that can later be used to purchases enhanced services
A Survey on Block Chain and Bitcoin – Challenges & Applications
Block chain is as of late presented and changing the advanced world conveying another point of view to security, flexibility and productivity of framework. While at first promoted by Bit Coin, Block chain is significantly more than an establishment for digital money. It offers a safe method to trade any sort of good administration or exchange. This paper exhibits an exhaustive review on Block chain Technology and Bit coin. Bitcoin has emerged as the most successful crypto currency since its appearance back in 2009. Besides its security robustness, two main properties have probably been its key to success: anonymity and decentralization. In this paper, we provide a comprehensive description on the details that make such crypto currency an interesting research topic in the privacy community. We perform an exhaustive review of the bitcoin anonymity research papers that have been published so far and we outline some research challenges on that topic
A Bayesian Approach to Identify Bitcoin Users
Bitcoin is a digital currency and electronic payment system operating over a
peer-to-peer network on the Internet. One of its most important properties is
the high level of anonymity it provides for its users. The users are identified
by their Bitcoin addresses, which are random strings in the public records of
transactions, the blockchain. When a user initiates a Bitcoin-transaction, his
Bitcoin client program relays messages to other clients through the Bitcoin
network. Monitoring the propagation of these messages and analyzing them
carefully reveal hidden relations. In this paper, we develop a mathematical
model using a probabilistic approach to link Bitcoin addresses and transactions
to the originator IP address. To utilize our model, we carried out experiments
by installing more than a hundred modified Bitcoin clients distributed in the
network to observe as many messages as possible. During a two month observation
period we were able to identify several thousand Bitcoin clients and bind their
transactions to geographical locations
A Flexible Network Approach to Privacy of Blockchain Transactions
For preserving privacy, blockchains can be equipped with dedicated mechanisms
to anonymize participants. However, these mechanism often take only the
abstraction layer of blockchains into account whereas observations of the
underlying network traffic can reveal the originator of a transaction request.
Previous solutions either provide topological privacy that can be broken by
attackers controlling a large number of nodes, or offer strong and
cryptographic privacy but are inefficient up to practical unusability. Further,
there is no flexible way to trade privacy against efficiency to adjust to
practical needs. We propose a novel approach that combines existing mechanisms
to have quantifiable and adjustable cryptographic privacy which is further
improved by augmented statistical measures that prevent frequent attacks with
lower resources. This approach achieves flexibility for privacy and efficency
requirements of different blockchain use cases.Comment: 6 pages, 2018 IEEE 38th International Conference on Distributed
Computing Systems (ICDCS
- …