[en] Bitcoin is a digital currency which relies on a distributed set of miners to mint coins and on a peer-to-peer network to broadcast transactions. The identities of Bitcoin users are hidden behind pseudonyms (public keys) which are recommended to be changed frequently in order to increase transaction unlinkability.
We present an efficient method to deanonymize Bitcoin users, which allows to link user pseudonyms to the IP addresses where the transactions are generated. Our techniques work for the most common and the most challenging scenario when users are behind NATs or firewalls of their ISPs. They allow to link transactions of a user behind a NAT and to distinguish connections and transactions of different users behind the same NAT. We also show that a natural countermeasure of using Tor or other anonymity services can be cut-off by abusing anti-DoS countermeasures of the bitcoin network. Our attacks require only a few machines and have been experimentally verified. We propose several countermeasures to mitigate these new attacks.
Disciplines :
Sciences informatiques
Auteur, co-auteur :
BIRYUKOV, Alex ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
KHOVRATOVICH, Dmitry ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
PUSTOGAROV, Ivan ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Co-auteurs externes :
no
Langue du document :
Anglais
Titre :
Deanonymisation of clients in Bitcoin P2P network
Date de publication/diffusion :
novembre 2014
Nom de la manifestation :
ACM Conference on Computer and Communications Security
Organisateur de la manifestation :
Association for Computing Machinery (ACM)
Lieu de la manifestation :
Scottsdale, Arizona, Etats-Unis
Date de la manifestation :
3-11-2014
Manifestation à portée :
International
Titre de l'ouvrage principal :
ACM Conference on Computer and Communications Security (CCS)
D. Chaum, A. Fiat, and M. Naor. Untraceable electronic cash. In Proceedings on Advances in Cryptology (CRYPTO '88). Springer, 1988.
R. Dingledine, N. Mathewson, and P. F. Syverson. Tor: The second-generation onion router. In Usenix Security Symposium (USENIX '04), 2004.
C. M. Grinstead and J. L. Snell. Introduction to Probability. American Mathematical Society, 1997.
P. Koshy, D. Koshy, and P. McDaniel. An analysis of anonymity in bitcoin using P2P network traffic. In Proceedings of Financial Cryptography and Data Security (FC'14). Springer, 2014.
S. Lerner. New vulnerability: know your peer public addresses in 14 minutes. https://bitcointalk.org/?topic=135856, 2014.
S. Meiklejohn, M. Pomarole, G. Jordan, K. Levchenko, D. McCoy, G. M. Voelker, and S. Savage. A fistful of bitcoins: Characterizing payments among men with no names. In Proceedings of Conference on Internet Measurement Conference (IMC'13). ACM, 2013.
S. Nakamoto. Bitcoin: A peer-to-peer electronic cash system. 2009. http://www.bitcoin.org/bitcoin.pdf.
OnionCat An Anonymous VPN-Adapter. https://www.onioncat.org/about-onioncat/, 2014.
F. Reid and M. Harrigan. An analysis of anonymity in the bitcoin system. In Security and Privacy in Social Networks. Springer, 2013.
D. Ron and A. Shamir. Quantitative analysis of the full bitcoin transaction graph. In Financial Cryptography and Data Security (FC'13). Springer, 2013.
