References of "Tikhomirov, Sergei 50023104"
     in
Bookmark and Share    
Full Text
See detailSecurity and Privacy of Blockchain Protocols and Applications
Tikhomirov, Sergei UL

Doctoral thesis (2020)

Bitcoin is the first digital currency without a trusted third party. This revolutionary protocol allows mutually distrusting participants to agree on a single common history of transactions. Bitcoin nodes ... [more ▼]

Bitcoin is the first digital currency without a trusted third party. This revolutionary protocol allows mutually distrusting participants to agree on a single common history of transactions. Bitcoin nodes pack transactions into blocks and link those in a chain (the blockchain). Hash-based proof-of-work ensures that the blockchain is computationally infeasible to modify. Bitcoin has spawned a new area of research at the intersection of computer science and economics. Multiple alternative cryptocurrencies and blockchain projects aim to address Bitcoin's limitations. This thesis explores the security and privacy of blockchain systems. In Part I, we study the privacy of Bitcoin and the major privacy-focused cryptocurrencies. In Chapter 2, we explore the peer-to-peer (P2P) protocols underpinning cryptocurrencies. In Chapter 3, we show how a network adversary can link transactions issued by the same node. We test the efficiency of this novel attack in real networks, successfully linking our own transactions. Chapter 4 studies the privacy characteristics of mobile cryptocurrency wallets. We discover that most wallets do not follow the best practices aimed at protecting users' privacy. Part II is dedicated to the Lightning Network (LN). Bitcoin's architecture emphasizes security but severely limits transaction throughput. The LN is a prominent Bitcoin-based protocol that aims to alleviate this issue. It performs low-latency transactions off-chain but leverages Bitcoin's security guarantees for dispute resolution. We introduce the LN and outline the history of off-chain protocols in Chapter 5. Then, in Chapter 6, we introduce a probing attack that allows an adversary to discover user balances in the LN. Chapter 7 estimates the likelihood of various privacy attacks on the LN. In Chapter 8, we describe a limitation on the number of concurrent LN payments and quantify its effects on transaction throughput. Part III explores the security and privacy of Ethereum smart contracts. Bitcoin's language for defining spending conditions is intentionally restricted. Ethereum is a blockchain network allowing for more programmability. Ethereum users can write programs in a Turing-complete high-level language called Solidity. These programs, called smart contracts, are stored on-chain along with their state. Chapter 9 outlines the history of blockchain-based programming. Chapter 10 describes Findel — a Solidity-based declarative domain-specific language for financial contracts. In Chapter 11, we classify the vulnerabilities in real-world Ethereum contracts. We then present SmartCheck — a static analysis tool for bug detection in Solidity programs. Finally, Chapter 12 introduces an Ethereum-based cryptographic protocol for privacy-preserving regulation compliance. [less ▲]

Detailed reference viewed: 209 (14 UL)
Full Text
Peer Reviewed
See detailA Quantitative Analysis of Security, Anonymity and Scalability for the Lightning Network
Tikhomirov, Sergei UL; Moreno-Sanchez, Pedro; Maffei, Matteo

in Proceedings of 2020 IEEE European Symposium on Security and Privacy (EuroS&P) (2020, September)

Payment channel networks have been introduced to mitigate the scalability issues inherent to permissionless decentralized cryptocurrencies such as Bitcoin. Launched in 2018, the Lightning Network (LN) has ... [more ▼]

Payment channel networks have been introduced to mitigate the scalability issues inherent to permissionless decentralized cryptocurrencies such as Bitcoin. Launched in 2018, the Lightning Network (LN) has been gaining popularity and consists today of more than 5000 nodes and 30000 payment channels that jointly hold 895 bitcoins (7.6M USD as of February 2020). This adoption has motivated research from both academia and industry. Payment channels suffer from security vulnerabilities, such as the wormhole attack, anonymity issues, and scalability limitations related to the upper bound on the number of concurrent payments per channel, which have been pointed out by the scientific community but never quantitatively analyzed. In this work, we first analyze the proneness of the LN to the wormhole attack and attacks against anonymity. We observe that an adversary needs to control only 2% of LN nodes to learn sensitive payment information (e.g., sender, receiver and payment amount) or to carry out the wormhole attack. Second, we study the management of concurrent payments in the LN and quantify its negative effect on scalability. We observe that for micropayments, the forwarding capability of up to 50% of channels is restricted to a value smaller than the overall channel capacity. This phenomenon not only hinders scalability but also opens the door for DoS attacks: We estimate that a network-wide DoS attack costs within 1.5M USD, while isolating the biggest community from the rest of the network costs only 225k USD. Our findings should prompt the LN community to consider the security, privacy and scalability issues of the network studied in this work when educating users about path selection algorithms, as well as to adopt multi-hop payment protocols that provide stronger security, privacy and scalability guarantees. [less ▲]

Detailed reference viewed: 52 (3 UL)
Full Text
Peer Reviewed
See detailSecurity and Privacy of Mobile Wallet Users in Bitcoin, Dash, Monero, and Zcash
Biryukov, Alex UL; Tikhomirov, Sergei UL

in Pervasive and Mobile Computing (2019)

Mobile devices play an increasingly important role in the cryptocurrency ecosystem, yet their privacy guarantees remain unstudied. To verify transactions, they either trust a server or use simple payment ... [more ▼]

Mobile devices play an increasingly important role in the cryptocurrency ecosystem, yet their privacy guarantees remain unstudied. To verify transactions, they either trust a server or use simple payment verification. First, we review the security and privacy of popular Android wallets for Bitcoin and the three major privacy-focused cryptocurrencies (Dash, Monero, Zcash). Then, we investigate the network-level properties of cryptocurrencies and propose a method of transaction clustering based on timing analysis. We implement and test our method on selected wallets and show that a moderately resourceful attacker can correlate transactions issued from one device with relatively high accuracy. [less ▲]

Detailed reference viewed: 195 (10 UL)
Full Text
Peer Reviewed
See detailDeanonymization and linkability of cryptocurrency transactions based on network analysis
Biryukov, Alex UL; Tikhomirov, Sergei UL

in Proceedings of 2019 IEEE European Symposium on Security and Privacy (EuroS&P) (2019)

Bitcoin, introduced in 2008 and launched in 2009, is the first digital currency to solve the double spending problem without relying on a trusted third party. Bitcoin provides a way to transact without ... [more ▼]

Bitcoin, introduced in 2008 and launched in 2009, is the first digital currency to solve the double spending problem without relying on a trusted third party. Bitcoin provides a way to transact without any trusted intermediary, but its privacy guarantees are questionable. Despite the fact that Bitcoin addresses are not linked to any identity, multiple deanonymization attacks have been proposed. Alternative cryptocurrencies such as Dash, Monero, and Zcash aim to provide stronger privacy by using sophisticated cryptographic techniques to obfuscate transaction data. Previous work in cryptocurrency privacy mostly focused on applying data mining algorithms to the transaction graph extracted from the blockchain. We focus on a less well researched vector for privacy attacks: network analysis. We argue that timings of transaction messages leak information about their origin, which can be exploited by a well connected adversarial node. For the first time, network level attacks on Bitcoin and the three major privacy-focused cryptocurrencies have been examined. We describe the message propagation mechanics and privacy guarantees in Bitcoin, Dash, Monero, and Zcash. We propose a novel technique for linking transactions based on transaction propagation analysis. We also unpack address advertisement messages (ADDR), which under certain assumptions may help in linking transaction clusters to IP addresses of nodes. We implement and evaluate our method, deanonymizing our own transactions in Bitcoin and Zcash with a high level of accuracy. We also show that our technique is applicable to Dash and Monero. We estimate the cost of a full-scale attack on the Bitcoin mainnet at hundreds of US dollars, feasible even for a low budget adversary. [less ▲]

Detailed reference viewed: 780 (25 UL)
Full Text
Peer Reviewed
See detailTransaction Clustering Using Network Traffic Analysis for Bitcoin and Derived Blockchains
Biryukov, Alex UL; Tikhomirov, Sergei UL

in IEEE INFOCOM 2019 Workshop Proceedings (2019)

Bitcoin is a decentralized digital currency introduced in 2008 and launched in 2009. Bitcoin provides a way to transact without any trusted intermediary, but its privacy guarantees are questionable, and ... [more ▼]

Bitcoin is a decentralized digital currency introduced in 2008 and launched in 2009. Bitcoin provides a way to transact without any trusted intermediary, but its privacy guarantees are questionable, and multiple deanonymization attacks have been proposed. Cryptocurrency privacy research has been mostly focused on blockchain analysis, i.e., extracting information from the transaction graph. We focus on another vector for privacy attacks: network analysis. We describe the message propagation mechanics in Bitcoin and propose a novel technique for transaction clustering based on network traffic analysis. We show that timings of transaction messages leak information about their origin, which can be exploited by a well connected adversarial node. We implement and evaluate our method in the Bitcoin testnet with a high level of accuracy, deanonymizing our own transactions issued from a desktop wallet (Bitcoin Core) and from a mobile (Mycelium) wallet. Compared to existing approaches, we leverage the propagation information from multiple peers, which allows us to overcome an anti-deanonymization technique (“diffusion”) used in Bitcoin. [less ▲]

Detailed reference viewed: 201 (7 UL)
Full Text
Peer Reviewed
See detailSmartCheck: Static Analysis of Ethereum Smart Contracts
Tikhomirov, Sergei UL; Voskresenskaya, Ekaterina; Ivanitskiy, Ivan et al

Scientific Conference (2018, May 27)

Ethereum is a major blockchain-based platform for smart contracts – Turing complete programs that are executed in a decentralized network and usually manipulate digital units of value. Solidity is the ... [more ▼]

Ethereum is a major blockchain-based platform for smart contracts – Turing complete programs that are executed in a decentralized network and usually manipulate digital units of value. Solidity is the most mature high-level smart contract language. Ethereum is a hostile execution environment, where anonymous attackers exploit bugs for immediate financial gain. Developers have a very limited ability to patch deployed contracts. Hackers steal up to tens of millions of dollars from flawed contracts, a well-known example being “The DAO“, broken in June 2016. Advice on secure Ethereum programming practices is spread out across blogs, papers, and tutorials. Many sources are outdated due to a rapid pace of development in this field. Automated vulnerability detection tools, which help detect potentially problematic language constructs, are still underdeveloped in this area. We provide a comprehensive classification of code issues in Solidity and implement SmartCheck – an extensible static analysis tool that detects them. SmartCheck translates Solidity source code into an XML-based intermediate representation and checks it against XPath patterns. We evaluated our tool on a big dataset of real-world contracts and compared the results with manual audit on three contracts. Our tool reflects the current state of knowledge on Solidity vulnerabilities and shows significant improvements over alternatives. SmartCheck has its limitations, as detection of some bugs requires more sophisticated techniques such as taint analysis or even manual audit. We believe though that a static analyzer should be an essential part of contract developers’ toolbox, letting them fix simple bugs fast and allocate more effort to complex issues. [less ▲]

Detailed reference viewed: 1352 (32 UL)
Full Text
Peer Reviewed
See detailPrivacy-preserving KYC on Ethereum
Biryukov, Alex UL; Khovratovich, Dmitry; Tikhomirov, Sergei UL

Scientific Conference (2018, May 09)

Identity is a fundamental concept for the financial industry. In order to comply with regulation, financial institutions must verify the identity of their customers. Identities are currently handled in a ... [more ▼]

Identity is a fundamental concept for the financial industry. In order to comply with regulation, financial institutions must verify the identity of their customers. Identities are currently handled in a centralized way, which diminishes users' control over their personal information and threats their privacy. Blockchain systems, especially those with support for smart contracts (e.g.,~Ethereum), are expected to serve as a basis of more decentralized systems for digital identity management. We propose a design of a privacy-preserving KYC scheme on top of Ethereum. It would let providers of financial services leverage the potential of blockchain technology to increase efficiency of customer onboarding while complying with regulation and protecting users' privacy. [less ▲]

Detailed reference viewed: 513 (26 UL)
Full Text
Peer Reviewed
See detailEthereum: state of knowledge and research perspectives
Tikhomirov, Sergei UL

Scientific Conference (2017, October 24)

Ethereum is a decentralized application platform that allows users to write, deploy, and interact with smart contracts -- programs that encode financial agreements. A peer-to-peer network of mutually ... [more ▼]

Ethereum is a decentralized application platform that allows users to write, deploy, and interact with smart contracts -- programs that encode financial agreements. A peer-to-peer network of mutually distrusting nodes maintains a common view of the state of all accounts and executes smart contracts' code upon request. The global state is stored in a blockchain secured by a proof-of-work consensus mechanism similar to that in Bitcoin. The core value proposition of Ethereum is a Turing-complete programming language that enables implementing complex logic in smart contracts. Decentralized applications without a trusted third party are appealing in many areas, such as financial services, crowdfunding, and gambling. Smart contracts as a research topic contains many unsolved challenges and spans over areas ranging from cryptography, consensus algorithms, and programming languages to governance, ethical, and legal issues. This paper is the first to summarize the state of knowledge in this field. We provide a technical overview of Ethereum and outline open challenges along with proposed solutions. We also mention alternative blockchains with Turing complete programming capabilities. [less ▲]

Detailed reference viewed: 1179 (42 UL)
Full Text
Peer Reviewed
See detailFindel: Secure Derivative Contracts for Ethereum
Biryukov, Alex UL; Khovratovich, Dmitry UL; Tikhomirov, Sergei UL

Scientific Conference (2017, April 07)

Blockchain-based smart contracts are considered a promising technology for handling financial agreements securely. In order to realize this vision, we need a formal language to unambiguously describe ... [more ▼]

Blockchain-based smart contracts are considered a promising technology for handling financial agreements securely. In order to realize this vision, we need a formal language to unambiguously describe contract clauses. We introduce Findel -- a purely declarative financial domain-specific language (DSL) well suited for implementation in blockchain networks. We implement an Ethereum smart contract that acts as a marketplace for Findel contracts and measure the cost of its operation. We analyze challenges in modeling financial agreements in decentralized networks and outline directions for future work. [less ▲]

Detailed reference viewed: 1819 (88 UL)