public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Isidor Zeuner <cryptocurrencies@quidecco.de>
To: odinn <odinn.cyberguerrilla@riseup.net>
Cc: Bitcoin Development <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Deanonymisation of clients in Bitcoin P2P network paper
Date: Thu, 27 Nov 2014 03:09:47 +0100 (CET)	[thread overview]
Message-ID: <20141127020947.A13D2E19A09@quidecco.de> (raw)
In-Reply-To: <54760A50.201@riseup.net>

Hello there,

quote:
> Please see also the following:
>
> https://cpunks.org//pipermail/cypherpunks/2014-November/005971.html
>

I agree about the severity of the Tor/Bitcoin issue, but I see no
point in bashing Bitcoin's financial privacy characteristics as
the linked pages seem to do.

Bitcoin can be useful as a part of a strategy to improve on privacy,
but it does not intend to be a run-and-forget solution for doing so.

A lot of issues found in this context can actually be traced back to
Tor's characteristics already known before. It's just that
Bitcoin makes Tor's deficiencies more measurable - before Bitcoin,
those interested in researching how Tor performs in an automated
context where a much smaller community. In the end, I guess both
projects can benefit from the research we can do now.

> Respect,
>
> - -Odinn
>
> Jeff Garzik:
> > I don't recall being contacted directly, but the attack has been
> > discussed.  It relies on a number of conditions.  For example, if
> > you are over Tor, they try to kick the machine off Tor, _assuming_
> > that it will fall back to non-Tor.  That's only true for dual stack
> > nodes, which are not really 100% anonymous anyway -- you're
> > operating from your public IP anyway.
> >

Generally, it cannot be said that the attack vector described here is
irrelevant for non-dual-stack nodes. An attacker might not be able to
collect IP addresses of Tor-only nodes, but he can try to kick the
users from all Tor exit nodes he does not control, and proceed with
other attacks when a large number of Tor-only users connect through
his Tor exit node(s).

Since this attack vector has been discussed, I started making some
measurements on how effective it is to connect to Bitcoin using Tor,
and I found that the number of connections dropping to near-zero is
a situation which occurs rather frequently, which suggests that there
is still room to improve on the DoS handling.

Best regards,

Isidor



  parent reply	other threads:[~2014-11-27  2:09 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-11-26  7:47 [Bitcoin-development] Deanonymisation of clients in Bitcoin P2P network paper Jean-Paul Kogelman
2014-11-26 13:51 ` Jeff Garzik
2014-11-26 17:13   ` odinn
2014-11-27  2:09   ` Isidor Zeuner [this message]
2014-11-27  2:22     ` Gregory Maxwell
2014-11-27 11:06       ` Mike Hearn
2014-11-27 11:27       ` Wladimir
2014-12-08 16:15       ` Isidor Zeuner
2014-12-08 16:59         ` Mike Hearn
2015-01-22  0:44         ` Isidor Zeuner
2015-01-22 13:20           ` Mike Hearn
2014-12-15 13:25       ` Isidor Zeuner
2014-12-01 10:42     ` Isidor Zeuner
2014-11-27 17:44 Mistr Bigs
2014-11-27 20:30 ` Gregory Maxwell
2014-11-28  0:45 Mistr Bigs
2014-11-28  5:30 ` Gregory Maxwell
2014-12-11 11:51 ` Isidor Zeuner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20141127020947.A13D2E19A09@quidecco.de \
    --to=cryptocurrencies@quidecco.de \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=odinn.cyberguerrilla@riseup.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox