When the cookie meets the blockchain: Privacy risks of web payments via cryptocurrencies

Abstract We show how third-party web trackers can deanonymize users of cryptocurrencies. We present two distinct but complementary attacks. On most shopping websites, third party trackers receive information about user purchases for purposes of advertising and analytics. We show that, if the user pays using a cryptocurrency, trackers typically possess enough information about the purchase to uniquely identify the transaction on the blockchain, link it to the user’s cookie, and further to the user’s real identity. Our second attack shows that if the tracker is able to link two purchases of the same user to the blockchain in this manner, it can identify the user’s cluster of addresses and transactions on the blockchain, even if the user employs blockchain anonymity techniques such as CoinJoin. The attacks are passive and hence can be retroactively applied to past purchases. We discuss several mitigations, but none are perfect.

[1]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .

[2]  Balachander Krishnamurthy,et al.  On the leakage of personally identifiable information via online social networks , 2009, CCRV.

[3]  Peter Eckersley,et al.  How Unique Is Your Web Browser? , 2010, Privacy Enhancing Technologies.

[4]  Chris Jay Hoofnagle,et al.  Flash Cookies and Privacy , 2009, AAAI Spring Symposium: Intelligent Information Privacy Management.

[5]  Balachander Krishnamurthy,et al.  Privacy leakage vs . Protection measures : the growing disconnect , 2011 .

[6]  Richard J. Enbody,et al.  Malvertising – exploiting web advertising , 2011 .

[7]  Fergal Reid,et al.  An Analysis of Anonymity in the Bitcoin System , 2011, PASSAT 2011.

[8]  Wouter Joosen,et al.  You are what you include: large-scale evaluation of remote javascript inclusions , 2012, CCS.

[9]  John C. Mitchell,et al.  Third-Party Web Tracking: Policy and Technology , 2012, 2012 IEEE Symposium on Security and Privacy.

[10]  David Wetherall,et al.  Detecting and Defending Against Third-Party Tracking on the Web , 2012, NSDI.

[11]  Alexander Souza,et al.  Approximation Algorithms for Generalized and Variable-Sized Bin Covering , 2012, APPROX-RANDOM.

[12]  Ghassan O. Karame,et al.  Evaluating User Privacy in Bitcoin , 2013, Financial Cryptography.

[13]  Matthew Green,et al.  Zerocoin: Anonymous Distributed E-Cash from Bitcoin , 2013, 2013 IEEE Symposium on Security and Privacy.

[14]  Adi Shamir,et al.  Quantitative Analysis of the Full Bitcoin Transaction Graph , 2013, Financial Cryptography.

[15]  Stefan Savage,et al.  A fistful of bitcoins: characterizing payments among men with no names , 2013, Internet Measurement Conference.

[16]  Pedro Moreno-Sanchez,et al.  CoinShuffle: Practical Decentralized Coin Mixing for Bitcoin , 2014, ESORICS.

[17]  Jeremy Clark,et al.  Mixcoin: Anonymity for Bitcoin with Accountable Mixes , 2014, Financial Cryptography.

[18]  Arvind Narayanan,et al.  The Web Never Forgets: Persistent Tracking Mechanisms in the Wild , 2014, CCS.

[19]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[20]  Brian Neil Levine,et al.  Sybil-Resistant Mixing for Bitcoin , 2014, WPES.

[21]  Patrick D. McDaniel,et al.  An Analysis of Anonymity in Bitcoin Using P2P Network Traffic , 2014, Financial Cryptography.

[22]  Alex Biryukov,et al.  Deanonymisation of Clients in Bitcoin P2P Network , 2014, CCS.

[23]  CoinShuffle anonymity in the Block chain , 2015 .

[24]  Timothy Libert,et al.  Exposing the Hidden Web: An Analysis of Third-Party HTTP Requests on 1 Million Websites , 2015, ArXiv.

[25]  Sarah Meiklejohn,et al.  Privacy-Enhancing Overlays in Bitcoin , 2015, Financial Cryptography Workshops.

[26]  Jeremy Clark,et al.  SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies , 2015, 2015 IEEE Symposium on Security and Privacy.

[27]  Alex Biryukov,et al.  Bitcoin over Tor isn't a Good Idea , 2014, 2015 IEEE Symposium on Security and Privacy.

[28]  Edward W. Felten,et al.  Cookies That Give You Away: The Surveillance Implications of Web Tracking , 2015, WWW.

[29]  Malte Möser,et al.  Join Me on a Market for Anonymity , 2016 .

[30]  Cristina Pérez-Solà,et al.  Privacy in Bitcoin Transactions: New Challenges from Blockchain Scalability Solutions , 2016, MDAI.

[31]  Arvind Narayanan,et al.  Online Tracking: A 1-million-site Measurement and Analysis , 2016, CCS.

[32]  Georgios Zervas,et al.  Understanding Emerging Threats to Online Advertising , 2016, EC.

[33]  Ethan Heilman,et al.  Blindly Signed Contracts: Anonymous On-Blockchain and Off-Blockchain Bitcoin Transactions , 2016, Financial Cryptography Workshops.

[34]  Edgar R. Weippl,et al.  The Other Side of the Coin: User Experiences with Bitcoin Security and Privacy , 2016, Financial Cryptography.

[35]  Tadayoshi Kohno,et al.  Internet Jones and the Raiders of the Lost Trackers: An Archaeological Study of Web Tracking from 1996 to 2016 , 2016, USENIX Security Symposium.

[36]  Arthur Gervais,et al.  Quantifying Location Privacy Leakage from Transaction Prices , 2016, ESORICS.

[37]  Josep M. Pujol,et al.  Tracking the Trackers , 2016, WWW.

[38]  Walter Rudametkin,et al.  Beauty and the Beast: Diverting Modern Web Browsers to Build Unique Browser Fingerprints , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[39]  Prateek Saxena,et al.  A Traceability Analysis of Monero's Blockchain , 2017, ESORICS.

[40]  Edgar R. Weippl,et al.  Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools , 2017, 2017 IEEE European Symposium on Security and Privacy (EuroS&P).

[41]  Kevin Lee,et al.  An Empirical Analysis of Linkability in the Monero Blockchain , 2017, ArXiv.

[42]  Srdjan Capkun,et al.  Quantifying Web Adblocker Privacy , 2017, ESORICS.

[43]  Pramod Viswanath,et al.  Anonymity Properties of the Bitcoin P2P Network , 2017, ArXiv.

[44]  Pramod Viswanath,et al.  Dandelion: Redesigning the Bitcoin Network for Anonymity , 2017, Proc. ACM Meas. Anal. Comput. Syst..

[45]  Aaron Alva,et al.  Cross-Device Tracking: Measurement and Disclosures , 2017, Proc. Priv. Enhancing Technol..

[46]  Sadia Afroz,et al.  Backpage and Bitcoin: Uncovering Human Traffickers , 2017, KDD.

[47]  Giulio Malavolta,et al.  Concurrency and Privacy with Payment-Channel Networks , 2017, IACR Cryptol. ePrint Arch..

[48]  Rainer Böhme,et al.  Anonymous Alone? Measuring Bitcoin’s Second-Generation Anonymization Techniques , 2017, 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).

[49]  Hannes Hartenstein,et al.  Could Network Information Facilitate Address Clustering in Bitcoin? , 2017, Financial Cryptography Workshops.

[50]  Ethan Heilman,et al.  TumbleBit: An Untrusted Bitcoin-Compatible Anonymous Payment Hub , 2017, NDSS.

[51]  József Stéger,et al.  A Bayesian approach to identify Bitcoin users , 2016, PloS one.

[52]  Ethan Heilman,et al.  An Empirical Analysis of Traceability in the Monero Blockchain , 2017, Proc. Priv. Enhancing Technol..

[53]  Arvind Narayanan,et al.  BlockSci: Design and applications of a blockchain analysis platform , 2017, USENIX Security Symposium.