:: Re: [unSYSTEM] Eavesdropping’ Atta…
Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Odinn Cyberguerrilla
Ημερομηνία:  
Προς: System undo crew
Αντικείμενο: Re: [unSYSTEM] Eavesdropping’ Attack Can Unmask Upto 60% of Bitcoin Clients - Dark Wallet too?
> http://www.coindesk.com/eavesdropping-attack-can-unmask-60-bitcoin-clients/
>
> Is this something DW can protect against?
> _______________________________________________
> unSYSTEM mailing list: http://unsystem.net
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem
>
> http://www.coindesk.com/eavesdropping-attack-can-unmask-60-bitcoin-clients/
>
> Is this something DW can protect against?
> _______________________________________________
> unSYSTEM mailing list: http://unsystem.net
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem
>


Technically, what the attack really will do is unmask certain IPs and
ISPs, bitcoin isn't anonymous, hence, darkwallet, bytecoin, zerocash, etc.
The question becomes is darkwallet and / or anyone using stealth a-la
http://sx.dyne.org/stealth.html identifiable (or at least is either their
client identifiable even if other information may not be) through said
attacks as described at:

http://arxiv.org/pdf/1405.7418v2.pdf

In this article, partially what is described is the following:

"the attack requires establishing 1008 connections and sending a few
MBytes in data. This can be repeated for all Bitcoin servers, thus
prohibit-
ing all Tor connections for 24 hours at the cost of a million
connections and less than 1 GByte of tra?c."

The reference to "servers" is presumably indicating servers which are
running Tor and through which something of the Bitcoin network is also
transiting through or about. It seems as though if someone wanted to they
could target personal computers or servers, although the likelihood of
finding much useful information is unlikely, unless someone already knows
something about who they are going after and is interested in additional,
related information. This was covered in a previous study, here:

http://fc14.ifca.ai/papers/fc14_submission_11.pdf
See originally posted content which appeared _before_ fincrypto14 at:
http://miki.it/pdf/thesis.pdf
and
http://www.dis.uniroma1.it/~baldoni/ssd2013/lezioneseminari_diluna.pdf
and
http://indigo.uic.edu/bitstream/handle/10027/10144/Spagnuolo_Michele.pdf?sequence=1

"The goal of the Clusterizer
is to ?nd groups of addresses that belong to
the same user. It incrementally reads the blockchain DB and
generates-updates clusters of addresses using two heuristics, detailed in
3.2. The first heuristic exploits transactions with multiple inputs, while
the second leverages the concept
of \change" in transactions"
(from the BitIodine paper)
And so on and so forth. Standard clustering and correlation methods infer
usernames associated with addresses. Etc.

I would suggest simply that Darkwallet development collaborate closely
with Tor developers and the Zerocash developers on this issue to find
logical solutions. It's an issue but it is not one that is
insurmountable. Technically it seems that what is key to the attack
referenced in the coindesk article is the following:

"Whenever a peer receives a malformed
message, it increases the penalty score of the IP address
from which the message came (if a client uses Tor, than the
message will obviously come from on of the Tor exit nodes).
When this score exceeds 100, the sender's IP is banned for 24
hours."

Knowing this and other things about the attack, solutions can be crafted
to make such attacks more difficult, not just adding "random delays after
transactions" as the paper's authors suggested, assuming DW collaboration
with Tor developers and perhaps use of zero knowledge proofs. See also
the following:

https://bitcointalk.org/index.php?topic=309073.msg7303979#msg7303979 (has
something about libsnark and zero knowledge proofs)

https://docs.google.com/file/d/0B7r4osQgWVqKTHdxTlowUVpsVmJRcjF3Y3dtcTVscFhEaW5F/view?sle=true
(TorPath to TorCoin)

https://github.com/bitcoin/bitcoin/issues/4079 (my open issue in bitcoin)