public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
* [Bitcoin-development] Deanonymisation of clients in Bitcoin P2P network paper
@ 2014-11-26  7:47 Jean-Paul Kogelman
  2014-11-26 13:51 ` Jeff Garzik
  0 siblings, 1 reply; 18+ messages in thread
From: Jean-Paul Kogelman @ 2014-11-26  7:47 UTC (permalink / raw)
  To: Bitcoin Development

[-- Attachment #1: Type: text/plain, Size: 414 bytes --]

This paper was just posted on reddit that describes how an attacker can de-anonymize clients on the bitcoin network. It mentions that the core devs were contacted prior to publication. I was just wondering, how many of these issues have already been addressed?


Paper (University of Luxembourg):
http://orbilu.uni.lu/handle/10993/18679 <http://orbilu.uni.lu/handle/10993/18679>


Kind regards,

Jean-Paul

[-- Attachment #2: Type: text/html, Size: 895 bytes --]

^ permalink raw reply	[flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] Deanonymisation of clients in Bitcoin P2P network paper
@ 2014-11-27 17:44 Mistr Bigs
  2014-11-27 20:30 ` Gregory Maxwell
  0 siblings, 1 reply; 18+ messages in thread
From: Mistr Bigs @ 2014-11-27 17:44 UTC (permalink / raw)
  To: Bitcoin Development

[-- Attachment #1: Type: text/plain, Size: 1396 bytes --]

I might be mistaken, but it seems to me this paper discusses unintended
ways of obtaining the IP addresses of clients involved in transactions on
the core Bitcoin network.
Tor was mentioned only insofar as it might be one's first thought of how to
mitigate this risk, yet Bitcoin over Tor has its own problems that prevent
this from being effective.
But the primary "issues" mentioned in the paper are regarding a Bitcoin
node in default operation, no?

"In their new study, researchers at the Laboratory of Algorithmics,
Cryptology and Security of the University of Luxembourg have shown that
Bitcoin does not protect user's IP address and that it can be linked to the
user's transactions in real-time."

"The basic idea behind these findings is that Bitcoin entry nodes, to which
the user's computer connects in order to make a transaction, form a unique
identifier for the duration of user's session. This unique pattern can be
linked to a user's IP address. Moreover, transactions made during one
session, even those made via unrelated pseudonyms, can be linked together.
With this method, hackers can reveal up to 60 percent of the IP addresses
behind the transactions made over the Bitcoin network."

"'This Bitcoin network analysis combined with previous research on
transaction flows shows that the level of anonymity in the Bitcoin network
is quite low,' explains Dr. Alex Biryukov."

M

[-- Attachment #2: Type: text/html, Size: 1545 bytes --]

^ permalink raw reply	[flat|nested] 18+ messages in thread
* Re: [Bitcoin-development] Deanonymisation of clients in Bitcoin P2P network paper
@ 2014-11-28  0:45 Mistr Bigs
  2014-11-28  5:30 ` Gregory Maxwell
  2014-12-11 11:51 ` Isidor Zeuner
  0 siblings, 2 replies; 18+ messages in thread
From: Mistr Bigs @ 2014-11-28  0:45 UTC (permalink / raw)
  To: Bitcoin Development

[-- Attachment #1: Type: text/plain, Size: 832 bytes --]

That's what I was trying to say... The researchers are deanonymizing
transactions from non-Tor connected hosts. So why are we talking about Tor
limitations in response to this? Shouldn't we be discussing how to address
the issues in Bitcoin proper?

M

On 11/27/2014 9:30 PM, Gregory Maxwell wrote:

On Thu, Nov 27, 2014 at 5:44 PM, <misterbg6@gmail.com> wrote:

I might be mistaken, but it seems to me this paper discusses unintended ways
of obtaining the IP addresses of clients involved in transactions on the
core Bitcoin network.

You're mistaken. :)

If a node is used exclusively via tor it effectively doesn't have a IP address.

(short of bugs of a class that aren't discussed here)

The paper is about fingerprinting approaches that probabilistically
connect transactions to hosts that you can already identify their IPs.

[-- Attachment #2: Type: text/html, Size: 1216 bytes --]

^ permalink raw reply	[flat|nested] 18+ messages in thread

end of thread, other threads:[~2015-01-22 13:20 UTC | newest]

Thread overview: 18+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-11-26  7:47 [Bitcoin-development] Deanonymisation of clients in Bitcoin P2P network paper Jean-Paul Kogelman
2014-11-26 13:51 ` Jeff Garzik
2014-11-26 17:13   ` odinn
2014-11-27  2:09   ` Isidor Zeuner
2014-11-27  2:22     ` Gregory Maxwell
2014-11-27 11:06       ` Mike Hearn
2014-11-27 11:27       ` Wladimir
2014-12-08 16:15       ` Isidor Zeuner
2014-12-08 16:59         ` Mike Hearn
2015-01-22  0:44         ` Isidor Zeuner
2015-01-22 13:20           ` Mike Hearn
2014-12-15 13:25       ` Isidor Zeuner
2014-12-01 10:42     ` Isidor Zeuner
2014-11-27 17:44 Mistr Bigs
2014-11-27 20:30 ` Gregory Maxwell
2014-11-28  0:45 Mistr Bigs
2014-11-28  5:30 ` Gregory Maxwell
2014-12-11 11:51 ` Isidor Zeuner

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox