Deanonymisation of Clients in Bitcoin P2P Network

Biryukov, Alex; Khovratovich, Dmitry; Pustogarov, Ivan

doi:10.1145/2660267.2660379

Cited by 413 publications

(334 citation statements)

References 8 publications

Supporting

Mentioning

332

Contrasting

Unclassified

Order By: Relevance

“…Tools such as BitCluster 15 , Chainalysis 16 and Elliptic 17 analyse the blockchain to group Bitcoin transactions together that are seemingly related and find the origins of payments. Biryukov, Khovratovich and Pustogarov (2014) have shown how to deanonymise a significant fraction of Bitcoin users and in this way linking user's pseudonyms to their IP addresses. Reid and Harrigan (2013) suggest that a user directory can be partly built by associating Bitcoin users and their public keys with offline information.…”

Section: Financial Services Bitcoin and Mixing Servicesmentioning

confidence: 99%

Deviating From the Cybercriminal Script: Exploring Tools of Anonymity (Mis)Used by Carders on Cryptomarkets

Hardeveld

Webber

O’Hara

2017

American Behavioral Scientist

View full text Add to dashboard Cite

This work presents an overview of some of the tools that cybercriminals employ in order to trade securely. It will look at the weaknesses of these tools and how the behaviour of cybercriminals will sometimes lead them to use tools in a non--optimal manner, creating opportunities for law enforcement to identify and apprehend them. The criminal domain this article focuses on is carding, the online trade in stolen payment card details and the consequent criminal misuse of such data. However, these findings could be applied more broadly, as many of the analysed tools are used across (cyber)criminal domains. This paper is a continuation of earlier work (van Hardeveld, Webber & O'Hara, 2016), in which a crime script analysis of 25 carding tutorials presented the tools that cybercriminals use to cash--out stolen payment card details while remaining anonymous. We use these tutorials and an analysis of the literature to identify how they can be used incorrectly and create a typology of potential behavioural and technological pitfalls in these tools. Finally, we conclude that finding pitfalls in the usage of tools by cybercriminals has the potential to increase the efficiency of disruption, interception and prevention approaches. However, in future work, interviews with law enforcement experts and convicted cybercriminals or still active users should be used to analyse the operational security of cybercriminals in more depth.

show abstract

Section: Financial Services Bitcoin and Mixing Servicesmentioning

confidence: 99%

Deviating From the Cybercriminal Script: Exploring Tools of Anonymity (Mis)Used by Carders on Cryptomarkets

Hardeveld

Webber

O’Hara

2017

American Behavioral Scientist

View full text Add to dashboard Cite

show abstract

“…Thus, recent works [63,75,77,81] have proposed simple heuristics to thwart anonymity in Bitcoin. In a somewhat different direction, other recent works [47,61] show the possibility of identifying ownership relationships between Bitcoin wallets and IP addresses. As Bitcoin heuristics do not fit transaction networks, our novel heuristics are focused and have special interest for transaction networks such as Ripple, including the integration of several available cryptocurrencies.…”

Section: Related Workmentioning

confidence: 99%

“…For example, in the case of the Bitcoin network, a series of works [47,58,61] sulting from these techniques since if a Bitcoin wallet is deanonymized, the complete cluster (including Ripple and other cryptocurrency wallets) is deanonymized. Ripple transactions are collected by Ripple validator servers.…”

Section: De-anonymization Using a Ripple Servermentioning

confidence: 99%

Listening to Whispers of Ripple: Linking Wallets and Deanonymizing Transactions in the Ripple Network

Moreno-Sanchez

Zafar

Kate

2016

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Abstract:The decentralized I owe you (IOU) transaction network Ripple is gaining prominence as a fast, lowcost and efficient method for performing same and crosscurrency payments. Ripple keeps track of IOU credit its users have granted to their business partners or friends, and settles transactions between two connected Ripple wallets by appropriately changing credit values on the connecting paths. Similar to cryptocurrencies such as Bitcoin, while the ownership of the wallets is implicitly pseudonymous in Ripple, IOU credit links and transaction flows between wallets are publicly available in an online ledger. In this paper, we present the first thorough study that analyzes this globally visible log and characterizes the privacy issues with the current Ripple network. In particular, we define two novel heuristics and perform heuristic clustering to group wallets based on observations on the Ripple network graph. We then propose reidentification mechanisms to deanonymize the operators of those clusters and show how to reconstruct the financial activities of deanonymized Ripple wallets. Our analysis motivates the need for better privacypreserving payment mechanisms for Ripple and characterizes the privacy challenges faced by the emerging credit networks.

show abstract

“…This allows to trace money flows and avoid doublespending; but on the downside if a pseudonym is ever deanonymized (e.g. [21]), all actions from the person would be revealed. A number of decentralized systems, ranging from mix-nets [36,45], to DC-nets [37], to Tor [57], provide some degree of anonymity.…”

Section: How Does Decentralization Support Privacy?mentioning

confidence: 99%

Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments

Troncoso

Isaakidis

Danezis

et al. 2017

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Decentralized systems are a subset of distributed systems where multiple authorities control different components and no authority is fully trusted by all. This implies that any component in a decentralized system is potentially adversarial. We revise fifteen years of research on decentralization and privacy, and provide an overview of key systems, as well as key insights for designers of future systems. We show that decentralized designs can enhance privacy, integrity, and availability but also require careful trade-offs in terms of system complexity, properties provided, and degree of decentralization. These trade-offs need to be understood and navigated by designers. We argue that a combination of insights from cryptography, distributed systems, and mechanism design, aligned with the development of adequate incentives, are necessary to build scalable and successful privacy-preserving decentralized systems.

show abstract

Deanonymisation of Clients in Bitcoin P2P Network

Cited by 413 publications

References 8 publications

Deviating From the Cybercriminal Script: Exploring Tools of Anonymity (Mis)Used by Carders on Cryptomarkets

Deviating From the Cybercriminal Script: Exploring Tools of Anonymity (Mis)Used by Carders on Cryptomarkets

Listening to Whispers of Ripple: Linking Wallets and Deanonymizing Transactions in the Ripple Network

Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments

Contact Info

Product

Resources

About