Top

Published in:

2018 | OriginalPaper | Chapter

A New Approach to Deanonymization of Unreachable Bitcoin Nodes

Authors : Indra Deep Mastan, Souradyuti Paul

Published in: Cryptology and Network Security

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Mounting deanonymization attacks on the unreachable Bitcoin nodes – these nodes do not accept incoming connections – residing behind the NAT is a challenging task. Such an attack was first given by Biryukov, Khovratovich and Pustogarov based on their observation that a node can be uniquely identified in a single session by their directly-connected neighbouring nodes (ACM CCS’15). However, the BKP15 attack is less effective across multiple sessions. To address this issue, Biryukov and Pustogarov later on devised a new strategy exploiting certain properties of address-cookies (IEEE S&P’15). Unfortunately, the BP15 attack is also rendered ineffective by the present modification to the Bitcoin client.

In this paper, we devise an efficient method to link the sessions of unreachable nodes, even if they connect to the Bitcoin network over the Tor. We achieve this using a new approach based on organizing the block-requests made by the nodes in a Bitcoin session graph. This attack also works against the modified Bitcoin client. We performed experiments on the Bitcoin main network, and were able to link consecutive sessions with a precision of 0.90 and a recall of 0.71. We also provide counter-measures to mitigate the attacks.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter A Paged Domain Name System for Query Privacy

next chapter Towards a Smart Contract-Based, Decentralized, Public-Key Infrastructure

Available only for authorised users

Tor is a circuit-based communication service which provides anonymity by relaying traffic through routers as proxies (see Sect. 2).

The modification that are done to provide inherent fingerprinting protection to Bitcoin network.

The best-height of a node is the height of the Blockchain of the node.

Node X advertises blocks and transactions to node Y using INV, where INV contains block header hashes (block-ids) or transaction-ids. Then Y requests specific transactions or blocks from X using GETDATA; such a communication is called pull-based communication.

Each block has a 80-byte block header, which contains important information such as the hash value of the previous block, the time of creation of the block, a nonce, number of transactions etc.

Base-32 encoding is done using 32-character: twenty-six letters A to Z and six digits 2 to 7.

Bitcoin’s application data folder: A set of data files containing the following information of the Bitcoin client: Private keys, Peer IP addresses, and various information related to the current Blockchain.

E is a bijection from \(\mathcal {A}.data\) to \(\mathcal {A}.SessionBid\). It shows that the sequence of block-ids requested in a session is unique, which we found to be true in our experiments (see Sect. 5).

A maximally connected component of a graph \(G=(V, E)\) is a subgraph \(C=(V', E')\) such that: C is connected, and, for all vertices \(u \in V\setminus V'\), there is no vertex \(v \in V'\) such that \((u, v) \in E\).

The Blocks-First Sync and Headers-First Sync methods are two ways to update the Blockchain as described in Sect. 2.

The public address can be either public IP address or the onion address.

In our experiments, we take the maximum number of repeated block-requests in the consecutive sessions to be the threshold th (see Appendix C for more details).

Bitcoin Wiki (2017). https://en.bitcoin.it/wiki/

Docker Project Code (2017). https://github.com/docker/docker

v0.13.2, Bitcoin Code Project (2017). https://github.com/bitcoin/bitcoin

Biryukov, A., Khovratovich, D., Pustogarov, I.: Deanonymisation of clients in Bitcoin P2P network. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM (2014)

Biryukov, A., Pustogarov, I.: Bitcoin over tor isn’t a good idea. In: 2015 IEEE Symposium on Security and Privacy, pp. 122–134. IEEE (2015)

Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. Technical report, DTIC Document (2004)

Koshy, P., Koshy, D., McDaniel, P.: An analysis of anonymity in bitcoin using P2P network traffic. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 469–485. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45472-5_30CrossRef

Meiklejohn, S., et al.: A fistful of Bitcoins: characterizing payments among men with no names. In: Proceedings of the 2013 Conference on Internet Measurement Conference, pp. 127–140. ACM (2013)

Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008)

10.

Reid, F., Harrigan, M.: An analysis of anonymity in the Bitcoin system. In: Altshuler, Y., Elovici, Y., Cremers, A., Aharony, N., Pentland, A. (eds.) Security and Privacy in Social Networks, pp. 197–223. Springer, New York (2013). https://doi.org/10.1007/978-1-4614-4139-7_10CrossRef

11.

Ron, D., Shamir, A.: Quantitative analysis of the full Bitcoin transaction graph. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 6–24. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39884-1_2CrossRef

Title: A New Approach to Deanonymization of Unreachable Bitcoin Nodes
Authors: Indra Deep Mastan
Souradyuti Paul
Publisher: Springer International Publishing
Book: Cryptology and Network Security
Print ISBN: 978-3-030-02640-0

Electronic ISBN: 978-3-030-02641-7

Copyright Year: 2018
DOI: https://doi.org/10.1007/978-3-030-02641-7_13

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner