Abstract
Cryptocurrencies are widely used today for anonymous transactions. Such currencies rely on a peer-to-peer network where users can broadcast transactions containing their pseudonyms and ask for approval. Previous research has shown that application-level eavesdroppers, meaning nodes connected to a large portion of the Bitcoin peer-to-peer network, are able to deanonymize multiple users by tracing back the source of transactions. Yet, such attacks are highly visible as the attacker needs to maintain thousands of outbound connections. Moreover, they can be mitigated by purely application-layer countermeasures.
This paper presents a stealthier and harder-to-mitigate attack exploiting the interactions between the networking and application layers. Particularly, the adversary combines her access over Internet infrastructure with application-layer information to deanonymize transactions. We show that this attack, namely Perimeter, is practical in today’s Internet, achieves high accuracy in Bitcoin, and generalizes to encrypted cryptocurrencies e.g., Ethereum.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Similar techniques could be applied to Ethereum.
- 2.
We mention the modifications that are relevant to our work.
- 3.
Such an attack is very harmful to the victim because an attacker can often link all other transactions the victim made to the deanonymized one [39].
- 4.
Finding the IP of a person is practical as it is revealed every time this person visits a website or an application e.g., skype call.
- 5.
Ethereum facilitates connecting to a client using its IP (i.e., discovery v4 UDP packet).
- 6.
We do not allow incoming connections to prevent attacks from light clients during the experiment.
References
About: What is RIPE Atlas? https://atlas.ripe.net/landing/about/
Announcing Daily RIPE Atlas data archives. https://labs.ripe.net/Members/petros_gigis/announcing-daily-ripe-atlas-data-archives
Bitcoin Core diffusion delay. https://github.com/bitcoin/bitcoin/blob/da4cbb7927497ca3261c1504c3b85dd3f5800673/src/net_processing.cpp#L3813
Fast Internet Bitcoin Relay Engine. https://www.falcon-net.org
FIBRE. https://bitcoinfibre.org/
Go Ethereum: Official Go implementation of the Ethereum protocol. https://github.com/ethereum/go-ethereum
GoPacket. https://github.com/google/gopacket
p2p: supplying and using asmap to improve IP bucketing in addrman. https://github.com/bitcoin/bitcoin/pull/16702
RFC 1267 - Border Gateway Protocol 3 (BGP-3). https://tools.ietf.org/html/rfc1267
RIPE RIS Raw Data. https://www.ripe.net/data-tools/stats/ris/ris-raw-data
The RLPx Transport Protocol. https://github.com/ethereum/devp2p/blob/master/rlpx.md
Ethereum Mainnet Statistics (2020). https://www.ethernodes.org
GLOBAL BITCOIN NODES DISTRIBUTION (2020). https://bitnodes.io/
Propagation of Transactions and Blocks (2020). https://dsn.tm.kit.edu/bitcoin/#propagation
Ager, B., Chatzis, N., Feldmann, A., Sarrar, N., Uhlig, S., Willinger, W.: Anatomy of a large european ixp. In: Proceedings of the ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, SIGCOMM 2012, pp. 163–174. ACM (2012). https://doi.org/10.1145/2342356.2342393. https://doi.org/10.1145/2342356.2342393
Androulaki, E., Karame, G.O., Roeschlin, M., Scherer, T., Capkun, S.: Evaluating user privacy in bitcoin. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 34–51. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39884-1_4
Apostolaki, M., Zohar, A., Vanbever, L.: Hijacking bitcoin: Routing attacks on cryptocurrencies. In: S&P ’17 (May). https://doi.org/10.1109/SP.2017.29
Apostolaki, M., Marti, G., Müller, J., Vanbever, L.: Sabre: protecting bitcoin against routing attacks. In: Proceedings of the 26th Annual Network and Distributed System Security Symposium, pp. 02A1. Internet Society (2019)
Birge-Lee, H., Sun, Y., Edmundson, A., Rexford, J., Mittal, P.: Bamboozling certificate authorities with \(\{\)BGP\(\}\). In: 27th USENIX Security Symposium (USENIX Security 18), pp. 833–849 (2018)
Biryukov, A., Khovratovich, D., Pustogarov, I.: Deanonymisation of clients in bitcoin p2p network. In: CCS 2014
Biryukov, A., Pustogarov, I.: Bitcoin over tor isn’t a good idea. In: 2015 IEEE Symposium on Security and Privacy, pp. 122–134. IEEE (2015)
Biryukov, A., Tikhomirov, S.: Deanonymization and linkability of cryptocurrency transactions based on network analysis. In: EuroS&P 2019 (2019)
Bojja Venkatakrishnan, S., Fanti, G., Viswanath, P.: Dandelion: Redesigning the bitcoin network for anonymity. POMACS (2017)
Bonneau, J., Narayanan, A., Miller, A., Clark, J., Kroll, J.A., Felten, E.W.: Mixcoin: anonymity for bitcoin with accountable mixes. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 486–504. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45472-5_31
The CAIDA AS relationship dataset - 20191001. http://data.caida.org/datasets/as-relationships/serial-1/
The caida ixps dataset - 201910. http://data.caida.org/datasets/ixps/ix-asns_201910.jsonl. Accessed 12 Mar 2020
Extance, A.: The future of cryptocurrencies: bitcoin and beyond. Nature News 526(7571), 21 (2015)
Fanti, G., Venkatakrishnan, S.B., Bakshi, S., Denby, B., Bhargava, S., Miller, A., Viswanath, P.: Dandelion++: lightweight cryptocurrency networking with formal anonymity guarantees. POMACS (2018)
Gencer, A.E., Basu, S., Eyal, I., van Renesse, R., Sirer, E.G.: Decentralization in bitcoin and ethereum networks. In: Meiklejohn, S., Sako, K. (eds.) FC 2018. LNCS, vol. 10957, pp. 439–457. Springer, Heidelberg (2018). https://doi.org/10.1007/978-3-662-58387-6_24
Goldberg, S., Schapira, M., Hummon, P., Rexford, J.: How secure are secure interdomain routing protocols. ACM SIGCOMM Comput. Commun. Rev. 40(4), 87–98 (2010)
Hearn, M., Corallo, M.: Connection bloom filtering. bitcoin improvement proposal 37 (2012)
Jepsen, T., Alvarez, D., Foster, N., Kim, C., Lee, J., Moshref, M., Soulé, R.: Fast string searching on pisa. In: Proceedings of the 2019 ACM Symposium on SDN Research, pp. 21–28 (2019)
Khalilov, M.C.K., Levi, A.: A survey on anonymity and privacy in bitcoin-like digital cash systems. IEEE Commun. Surv. Tutorials 20(3), 2543–2585 (2018)
Koshy, P., Koshy, D., McDaniel, P.: An analysis of anonymity in bitcoin using P2P network traffic. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 469–485. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45472-5_30
Liu, F.T., Ting, K.M., Zhou, Z.H.: Isolation forest. In: 2008 Eighth IEEE International Conference on Data Mining, pp. 413–422. IEEE (2008)
Liu, F.T., Ting, K.M., Zhou, Z.H.: Isolation-based anomaly detection. ACM Trans. Knowl. Discovery Data (TKDD) 6(1), 1–39 (2012)
Luckie, M., Huffaker, B., Dhamdhere, A., Giotsas, V., Claffy, K.: As relationships, customer cones, and validation. In: Proceedings of the 2013 Conference on Internet Measurement Conference, pp. 243–256 (2013)
Matetic, S., Wüst, K., Schneider, M., Kostiainen, K., Karame, G., Capkun, S.: BITE: Bitcoin lightweight client privacy using trusted execution
Meiklejohn, S., Pomarole, M., Jordan, G., Levchenko, K., McCoy, D., Voelker, G.M., Savage, S.: A fistful of bitcoins: characterizing payments among men with no names. In: Proceedings of the 2013 Conference on Internet Measurement Conference, pp. 127–140 (2013)
Neudecker, T., Hartenstein, H.: Could network information facilitate address clustering in bitcoin? In: Brenner, M., Rohloff, K., Bonneau, J., Miller, A., Ryan, P.Y.A., Teague, V., Bracciali, A., Sala, M., Pintore, F., Jakobsson, M. (eds.) FC 2017. LNCS, vol. 10323, pp. 155–169. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70278-0_9
Ober, M., Katzenbeisser, S., Hamacher, K.: Structure and anonymity of the bitcoin transaction graph. Future Internet 5(2), 237–250 (2013)
Reid, F., Harrigan, M.: An analysis of anonymity in the bitcoin system. In: Security and Privacy in Social Networks, pp. 197–223. Springer (2013)
Ron, D., Shamir, A.: Quantitative analysis of the full bitcoin transaction graph. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 6–24. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39884-1_2
Ruffing, T., Moreno-Sanchez, P., Kate, A.: Coinshuffle: practical decentralized coin mixing for bitcoin. In: European Symposium on Research in Computer Security, pp. 345–364. Springer (2014)
Saad, M., Cook, V., Nguyen, L., Thai, M.T., Mohaisen, A.: Partitioning attacks on bitcoin: Colliding space, time and logic. Technical report (2019)
Sun, Y., Apostolaki, M., Birge-Lee, H., Vanbever, L., Rexford, J., Chiang, M., Mittal, P.: Securing internet applications from routing attacks. arXiv preprint arXiv:2004.09063 (2020)
Sun, Y., Edmundson, A., Vanbever, L., Li, O., Rexford, J., Chiang, M., Mittal, P.: RAPTOR: routing attacks on privacy in tor. In: 24th USENIX Security Symposium (USENIX Security 2015), pp. 271–286 (2015)
Tran, M., Choi, I., Moon, G.J., Vu, A.V., Kang, M.S.: A stealthier partitioning attack against bitcoin peer-to-peer network. In: S&P 2020
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 International Financial Cryptography Association
About this paper
Cite this paper
Apostolaki, M., Maire, C., Vanbever, L. (2021). Perimeter: A Network-Layer Attack on the Anonymity of Cryptocurrencies. In: Borisov, N., Diaz, C. (eds) Financial Cryptography and Data Security. FC 2021. Lecture Notes in Computer Science(), vol 12674. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-64322-8_7
Download citation
DOI: https://doi.org/10.1007/978-3-662-64322-8_7
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-64321-1
Online ISBN: 978-3-662-64322-8
eBook Packages: Computer ScienceComputer Science (R0)