Deanonymizing Tor hidden service users through Bitcoin

TxProbe: Discovering Bitcoin's Network Topology Using Orphan Transactions

arXiv:1812.00942
Date: 2018-12-10
Author(s): Sergi Delgado-Segura, Surya Bakshi, Cristina Pérez-Solà, James Litton, Andrew Pachulski, Andrew Miller, Bobby Bhattacharjee

Link to Paper


Abstract
Bitcoin relies on a peer-to-peer overlay network to broadcast transactions and blocks. From the viewpoint of network measurement, we would like to observe this topology so we can characterize its performance, fairness and robustness. However, this is difficult because Bitcoin is deliberately designed to hide its topology from onlookers. Knowledge of the topology is not in itself a vulnerability, although it could conceivably help an attacker performing targeted eclipse attacks or to deanonymize transaction senders. In this paper we present TxProbe, a novel technique for reconstructing the Bitcoin network topology. TxProbe makes use of peculiarities in how Bitcoin processes out of order, or "orphaned" transactions. We conducted experiments on Bitcoin testnet that suggest our technique reconstructs topology with precision and recall surpassing 90%. We also used TxProbe to take a snapshot of the Bitcoin testnet in just a few hours. TxProbe may be useful for future measurement campaigns of Bitcoin or other cryptocurrency networks.

References
  1. Albert, R., Barabási, A.: Statistical mechanics of complex networks. CoRR condmat/0106096 (2001)
  2. Biryukov, A., Khovratovich, D., Pustogarov, I.: Deanonymisation of clients in bitcoin p2p network. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. pp. 15–29. CCS ’14, ACM, New York, NY, USA (2014)
  3. Biryukov, A., Pustogarov, I.: Bitcoin over tor isn’t a good idea. In: Proceedings of the 2015 IEEE Symposium on Security and Privacy. pp. 122–134. SP ’15, IEEE Computer Society, Washington, DC, USA (2015), https://doi.org/10.1109/SP.2015.15
  4. Erdös, P., Rényi, A.: On the evolution of random graphs. In: Math. Inst. Hungar. Acad. Sci. pp. 17–61 (1960)
  5. Gencer, A.E., Basu, S., Eyal, I., van Renesse, R., Sirer, E.G.: Decentralization in bitcoin and ethereum networks (2018)
  6. Grundmann, M., Neudecker, T., Hartenstein, H.: Exploiting transaction accumulation and double spends for topology inference in bitcoin. In: Financial Cryptography and Data Security. Springer International Publishing (2018)
  7. Harding, D.A., Todd, P.: Opt-in Full Replace-by-Fee Signaling. https://github.com/bitcoin/bips/blob/mastebip-0125.mediawiki (2015)
  8. Heilman, E., Kendler, A., Zohar, A., Goldberg, S.: Eclipse attacks on bitcoin’s peer-to-peer network. In: 24th USENIX Security Symposium (USENIX Security 15). pp. 129–144. USENIX Association, Washington, D.C. (2015)
  9. Jansen, R., Johnson, A.: Safely measuring tor. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. pp. 1553–1567. ACM (2016)
  10. Koshy, P., Koshy, D., McDaniel, P.: An analysis of anonymity in bitcoin using p2p network traffic. In: Christin, N., Safavi-Naini, R. (eds.) Financial Cryptography and Data Security. pp. 469–485. Springer Berlin Heidelberg, Berlin, Heidelberg (2014)
  11. Miller, A., Litton, J., Pachulski, A., Gupta, N., Levin, D., Spring, N., Bhattacharjee, B.: Discovering bitcoin’s public topology and influential nodes (2015)
  12. Nayak, K., Kumar, S., Miller, A., Shi, E.: Stubborn mining: Generalizing selfish mining and combining with an eclipse attack. In: 2016 IEEE European Symposium on Security and Privacy (EuroS P). pp. 305–320 (March 2016)
  13. Neudecker, T., Andelfinger, P., Hartenstein, H.: Timing analysis for inferring the topology of the bitcoin peer-to-peer network. In: 2016 Intl IEEE Conferences on Ubiquitous Intelligence Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People, and Smart World Congress (UIC/ATC/ScalCom/CBDCom/IoP/SmartWorld). pp. 358–367 (July 2016)
  14. Neudecker, T., Hartenstein, H.: Could network information facilitate address clustering in bitcoin? In: Brenner, M., Rohloff, K., Bonneau, J., Miller, A., Ryan, P.Y., Teague, V., Bracciali, A., Sala, M., Pintore, F., Jakobsson, M. (eds.) Financial Cryptography and Data Security. pp. 155–169. Springer International Publishing, Cham (2017)
  15. Newman, M.E.: The structure and function of complex networks. SIAM review 45(2), 167–256 (2003)
  16. Nick, J.: Guessing bitcoin’s p2p connections. https://jonasnick.github.io/blog/2015/03/06/guessing-bitcoins-p2p-connections/ (2015)
  17. The Bitcoin Core developers: Bitcoin core 0.10.1 release notes. https://github.com/bitcoin/bitcoin/blob/v0.10.1/doc/release-notes.md (april 2015)
submitted by dj-gutz to myrXiv [link] [comments]

Basics of Cluster Analysis

Technology serves a purpose. The reasons someone craves privacy vary greatly. Some people believe that one should only be identified when and if they choose to be. Other people may not want somebody to know how much money they hold. Some may be hiding their funds from a corrupt third party. The appearance of cryptocurrencies enabled people to become part of the global economy and no border, bank or political power can deny them their right to save, send and receive money worldwide whenever they desire to. However, due to this situation, some concerned persons have found themselves at a disadvantage and deanonymization technologies have been starting intensively to progress.
In January 2018, the Bitfury Group introduced a system enabling the analysis of the Bitcoin blockchain, compilation of clusters of wallets owned by one user and comparison of them with public information in the Internet when available. Given the right circumstances, the last point can reveal not only the interconnection of certain wallets but also the ownership of a particular person. This technology minimizes a number of errors during data clusterization. Actually, it means if not particularly elimination of Bitcoin anonymity, then at least its considerable decrease.
Fortunately, there are some basic methods to increase privacy on the Bitcoin network available right now. One such a straightforward solution is using TOR or other methods to hide IP addresses. Another basic solution to increase privacy is creating a new wallet for each transaction. A slightly more advanced method to gain privacy is the use of mixers. Be careful when using classic mixers, as their addresses can be deanonymized by means of cluster analysis. To ensure your activity stays untraceable a great deal of work needs to be done. Nevertheless, Bitcoin users are able to enjoy a certain level of privacy, depending on how much of their identity they reveal, which of the anonymizing techniques they apply, how many, and how often. Jambler.io - Bitcoin's anonymity is our business
submitted by Jambler_io to u/Jambler_io [link] [comments]

Impact of Clustering on the Performance of Network De-anonymization Lecture 11: The Fight for Privacy: Anonymization Techniques, Protocols, and Altcoins Lecture 6 — Bitcoin and Anonymity How to de anonymize Bitcoin Sarah Jamie Lewis - OnionScan: Practical Deanonymization of Hidden Services [02 Feb 2017]

Let's in fact start from WikiLeaks again. I showed you a quote from them saying Bitcoin is a secure and anonymous digital currency, and this is actually the page that was taken from. This is their donations page, and here you'll see that in addition to this blurb about Bitcoin being secure and anonymous, they have a donation address over here. Recent research studies have proven that these techniques can deanonymize a considerable percentage of Tor users and hidden services. This was a brief overview of the techniques available currently for deanonymization of Tor users and hidden services. As you might have noticed, the weakest link along the chain of anonymity is the user. Services such as Bitcoin and Tor were introduced to provide anonymity for online transactions and Web browsing. Due to its pseudonymity model, Bitcoin lacks retroactive operational security, which means historical pieces of information could be used to identify a certain user. Second generation anonymization techniques, such as CoinJoin Attack reveals 81 percent of Tor users but admins call for calm Cisco Netflow a handy tool for cheapskate attackers By Darren Pauli 17 Nov 2014 at 08:29 anonymity when using Bitcoin. It further examines Bitcoin users’ awareness and concerns regarding the general risk of de-anonymizing the Blockchain in general and based on specific de-anonymization techniques. Finally, this study investigates Bitcoin users’ knowledge and adoption of various currently existing countermeasures.

[index] [17953] [16257] [16388] [12630] [13436] [22902] [19869] [547] [13946] [36303]

Impact of Clustering on the Performance of Network De-anonymization

Sixth lecture of the Bitcoin and cryptocurrency technologies online course. ... * Overview of Bitcoin deanonymization ... * Zerocoin and Zerocash * Tor and the Silk Road. License Creative Commons ... Some people desire privacy -- others don't. If you're in the former group, here are three ways you can mix various cryptocurrencies (with varying degrees of effort and cost) to keep your finances ... By Max Fang and Philip Hayes at the Cryptocurrency Decal Fall 2016. Tor de-anonymization techniques (SHA2017) - Duration: 1:01:07. SHA2017 2,172 views. 1:01:07. Sarah Roberts - Doing the Internet's Dirty Work: Commercial Content Moderators... How to de anonymize Bitcoin - Bitcoin and Cryptocurrency Technologies Part 6 - Bitcoin and Anonymity Is Bitcoin anonymous? What does that statement even mean—can we define it rigorously? We'll ...