Studying Bitcoin Privacy Attacks and Their Impact on Bitcoin-Based Identity Methods

The Bitcoin blockchain was the first publicly verifiable, and distributed ledger, where it is possible for everyone to download and check the full history of all data records from the genesis block. These properties lead to the emergence of new types of applications and the redesign of traditional systems that no longer respond to current business needs (e.g., transparency, protection against censorship, decentralization). One particular application is the use of blockchain technology to enable decentralized and self-sovereign identities including new mechanisms for creating, resolving, and revoking them. The public availability of data records has, in turn, paved the way for new kinds of attacks that combine sophisticated heuristics with auxiliary information to compromise users’ privacy and deanonymize their identities. In this paper, we review and categorize Bitcoin privacy attacks, investigate their impact on one of the Bitcoin-based identity methods namely did:btcr, and analyze and discuss its privacy properties.

[1]  楊承侑 比特幣系統中 Simplified Payment Verification 方法之改進 , 2015 .

[2]  Arvind Narayanan,et al.  BlockSci: Design and applications of a blockchain analysis platform , 2017, USENIX Security Symposium.

[3]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .

[4]  Orlenys López-Pintado,et al.  Caterpillar: A business process execution engine on the Ethereum blockchain , 2018, Softw. Pract. Exp..

[5]  Amir Herzberg,et al.  Blockchain Access Privacy: Challenges and Directions , 2018, IEEE Security & Privacy.

[6]  Edgar R. Weippl,et al.  Unnecessary Input Heuristics and PayJoin Transactions , 2021, HCI.

[7]  Primal Wijesekera,et al.  Investigating MMM Ponzi Scheme on Bitcoin , 2020, AsiaCCS.

[8]  Alex Biryukov,et al.  Deanonymisation of Clients in Bitcoin P2P Network , 2014, CCS.

[9]  Malte Möser,et al.  An inquiry into money laundering tools in the Bitcoin ecosystem , 2013, 2013 APWG eCrime Researchers Summit.

[10]  Katharina Krombholz,et al.  User Mental Models of Cryptocurrency Systems - A Grounded Theory Approach , 2020, SOUPS @ USENIX Security Symposium.

[11]  Stefano Zanero,et al.  BitIodine: Extracting Intelligence from the Bitcoin Network , 2014, Financial Cryptography.

[12]  S A R A H M E I K L E J O H N,et al.  A Fistful of Bitcoins Characterizing Payments Among Men with No Names , 2013 .

[13]  Sarah Meiklejohn,et al.  Tracing Transactions Across Cryptocurrency Ledgers , 2018, USENIX Security Symposium.

[14]  Seungwon Shin,et al.  Cybercriminal Minds: An investigative study of cryptocurrency abuses in the Dark Web , 2019, NDSS.

[15]  Patrick D. McDaniel,et al.  An Analysis of Anonymity in Bitcoin Using P2P Network Traffic , 2014, Financial Cryptography.

[16]  Jin H. Im,et al.  Privacy , 2002, Encyclopedia of Information Systems.

[17]  Mathias Weske,et al.  External Data Monitoring Using Oracles in Blockchain-Based Process Execution , 2020, BPM.

[18]  Edgar Weippl,et al.  Bitcoin Privacy - A Survey on Mixing Techniques , 2021, IACR Cryptol. ePrint Arch..

[19]  Qutaibah M. Malluhi,et al.  Anonymity and Privacy in Bitcoin Escrow Trades , 2019, WPES@CCS.

[20]  Edgar R. Weippl,et al.  The Other Side of the Coin: User Experiences with Bitcoin Security and Privacy , 2016, Financial Cryptography.

[21]  Marit Hansen,et al.  Privacy Considerations for Internet Protocols , 2013, RFC.

[22]  Alex Biryukov,et al.  Deanonymization and Linkability of Cryptocurrency Transactions Based on Network Analysis , 2019, 2019 IEEE European Symposium on Security and Privacy (EuroS&P).

[23]  Fabien A. P. Petitcolas,et al.  A First Look at Identity Management Schemes on the Blockchain , 2018, IEEE Security & Privacy.

[24]  Jeremy Clark,et al.  Mixcoin: Anonymity for Bitcoin with Accountable Mixes , 2014, Financial Cryptography.

[25]  Hannes Hartenstein,et al.  Could Network Information Facilitate Address Clustering in Bitcoin? , 2017, Financial Cryptography Workshops.

[26]  Ingo Weber,et al.  Runtime Verification for Business Processes Utilizing the Bitcoin Blockchain , 2017, Future Gener. Comput. Syst..

[27]  Peter Mell,et al.  A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems , 2019, ArXiv.

[28]  S. Matthew English,et al.  Conditions of Full Disclosure: The Blockchain Remuneration Model , 2017, 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).

[29]  Mauro Conti,et al.  On the Economic Significance of Ransomware Campaigns: A Bitcoin Transactions Perspective , 2018, Comput. Secur..