One of Bitcoin’s first big selling points was that the virtual currency made it possible to transact online without revealing one’s real-world identity. For high-tech drug dealers, people looking to avoid strict capital controls in economically oppressive countries, and the chronically paranoid, this newfound ability was positively liberating.
Technically, Bitcoin is pseudonymous rather than anonymous. Every transaction on the currency’s network is linked to a giant public ledger containing a record of everything that’s happened to every Bitcoin wallet since the currency’s creation. Even so, linkages between those Bitcoin wallet addresses and someone’s offline identity isn’t required, and Bitcoin has flourished under that veil of secrecy.
However, a paper released earlier this month by a trio of researchers at the University of Luxembourg lays out an ingenious strategy, called an eavesdropping attack, that allows someone to link nearly two-thirds of users on the Bitcoin network to their specific IP addresses. In many cases, those IP addresses could easily be matched to up users’ real-world identities.
The study’s authors have also uncovered a loophole in the Bitcoin protocol’s method for preventing denial-of-service attacks that allows someone to not only prevent users from employing the anonymizing service Tor to keep their identities hidden but also single-handedly blocks all Tor use across the entire Bitcoin network.
The most troubling part is that, according to the study’s authors, this de-anonymization may already be happening.
Co-author Ivan Pustogarov told indispensable cryptocurrency news site CoinDesk that he was spurred to publish his paper online before it had undergone peer review because he had some limited evidence that this sort of attack was already underway.
“I’m running several Bitcoin servers and from time to time I get many connections from the same IP address,” Pustogarov said. ?I have suspicions that someone is trying to mount this kind of attack.”
To understand how this all works, it’s important to first visualize Bitcoin as a decentralized network of about 100,000 clients computers located across the globe and all running software that links them to each other. When someone conducts a transaction on the Bitcoin network, their data first enters the network through direct connections with a set of eight other computers. Those computers are the user’s entry nodes into the network. Those nodes are consistent as long as the Bitcoin client software remains running or the user’s computer is switched off.
The University of Luxembourg researchers discovered that if they were able to keep track of the entry points through which a given computer connected to the network, they’d be able discern that computer’s IP address.
The researchers tried out the attack over the Bitcoin test network, a separate network from the one over which the vast majority of transactions flow. Since the value of all the coins on the test network are negligible, it’s often used by developers working on new applications without fear that a malfunctioning program would do serious damage. To protect the privacy of Bitcoin users the world over, the study’s authors conducted their de-anonymization trials on the test network instead of on the full, widely used network.
The team was able to determine the IP address of 11 percent of the transactions going across the test network. If they employed a slight modification on this strategy that involved sending far more feelers out through the network, that number jumped to 60 percent; however, employing this modified method would make it far easier for others on the network to see what they were doing.
Scaling up the scheme to make it applicable to the full network wouldn’t be particularly difficult. The more computers someone has sniffing the network for users’ IP addresses, the more difficult it is for one of the parties being sniffed at to realize what’s going on.
Dmitry Khovratovich, one of the study’s authors, explained in an email to the Daily Dot that it would take an attacker using about 50 different IP address for their attack to be ?indistinguishable from ordinary users,” which he estimated would cost about €1,500 per month—just over $2,000 U.S.
?A more active adversary might conduct a cheaper attack, but it is more likely that he will be detected and banned,” Khovratovich added.
There are ways for even novice computer users to easily disguise their IP addresses through applications like virtual private networks (VPNs), Tor, or Network Address Translation (NAT) systems that allow multiple computers to connect to the Internet using a single, shared IP address. However, none of these methods will allow a Bitcoin user avoid detection through an eavesdropping attack.
The Bitcoin network doesn’t support VPN functionality and, unlike prior attempts to de-anonymize the Bitcoin network, this strategy isn’t phased by NATs.
When it comes to Tor, the researchers discovered a jaw-dropping method for preventing users from using the service to disguise their identities—tricking the entire Bitcoin network to automatically reject all traffic coming from Tor.
First developed by the U.S. Navy in the early 2000s, Tor works by randomly routing all traffic through a global network of computers. Tor makes it impossible to determine the origin of any individual piece of data that passes through it. Yet, because there are only just over 1,000 established exit nodes through which data can leave the Tor network, the researchers discovered that it’s possible to stop the Bitcoin network from accepting Tor traffic altogether.
Built into the Bitcoin protocol is a mechanism designed to guard the network against denial-of-service (DoS) attacks, where Bitcoin clients become so overloaded with phony requests for information they aren’t able to respond to legitimate ones. If a client on the Bitcoin network receives too many transaction requests that don’t appear legitimate, that client will automatically stop accepting requests from that IP address for a period of 24 hours.
The researchers realized that all they had to do was connect to Tor and start flooding the Bitcoin network with as many illegitimate requests as possible—a process that only required about a single gigabyte of data to be sent to Bitcoin through Tor. Once that happened, everyone connecting through Tor would effectively be banned because the Bitcoin network would identify all of the Tor exit nodes as being the source of a DoS attack.
With Tor removed as an option, the only way someone could connect to the Bitcoin network would be through a method vulnerable to an eavesdropping attack. Khovratovich noted that there’s no evidence anyone has ever successfully used this technique to block Tor users from using Bitcoin.
In a post on the influential BitcoinTalk forum, Bitcoin core developer Mike Hearn postulated, and then immediately dismissed, one possible way to plug the hole identified in the study:
“This could be solved by encrypting the entire P2P network (but then, it would be trivial for an adversary to connect to you and get the traffic unencrypted again), and by sending lots of cover traffic so it’s harder to tell when a tx is being relayed. But that’s very expensive, probably too expensive.”
?Privacy against privileged network observers is one thing. DoS is something else,” Hearn added. ?As far as I know, nobody has ever built a P2P network that is really DoS resistant. It’s not even clear it’s possible with current technology. This may make Bitcoin technically un-viable in the long run.
Even so, the realization that Bitcoin may not be as anonymous—or pseudonymous for that matter—as initially advertised likely isn’t a fatal blow to the growth of the virtual currency.
Bitcoin largely entered the mainstream consciousness through its association with shadowy online drug markets like the Silk Road, which valued the currency’s ability to allows its users to transact with each other without one party having to know anything about the other. But, over the past year or so, there’s been a growing appreciation for Bitcoin’s other attributes, primarily its almost nonexistent overhead costs for securely sending and receiving money online.
As upstart financial institutions increasingly work towards integrating Bitcoin into the global financial system, there’s been a move in the direction of requiring customers who patronize those institutions to use their real-world identities. Many Bitcoin wallet services, exchanges, and physical ATMs require real-name verification up front.
In an ecosystem where Bitcoin is seen as an alternative to Visa or Paypal rather than a digital suitcase full of unmarked, non-sequential hundred dollar bills, the realization that a dedicated hacker could discover a Bitcoin user’s IP address may not be the end of the world.
Photo by dry2/pixabay