Utilizing Public Blockchains for the Sybil-Resistant Bootstrapping of Distributed Anonymity Services

Distributed anonymity services, such as onion routing networks or cryptocurrency tumblers, promise privacy protection without trusted third parties. While the security of these services is often well-researched, security implications of their required bootstrapping processes are usually neglected: Users either jointly conduct the anonymization themselves, or they need to rely on a set of non-colluding privacy peers. However, the typically small number of privacy peers enable single adversaries to mimic distributed services. We thus present AnonBoot, a Sybil-resistant medium to securely bootstrap distributed anonymity services via public blockchains. AnonBoot enforces that peers periodically create a small proof of work to refresh their eligibility for providing secure anonymity services. A pseudo-random, locally replicable bootstrapping process using on-chain entropy then prevents biasing the election of eligible peers. Our evaluation using Bitcoin as AnonBoot's underlying blockchain shows its feasibility to maintain a trustworthy repository of 1000 peers with only a small storage footprint while supporting arbitrarily large user bases on top of most blockchains.

[1]  Jeremy Clark,et al.  Mixcoin: Anonymity for Bitcoin with Accountable Mixes , 2014, Financial Cryptography.

[2]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[3]  Tyler Moore,et al.  There's No Free Lunch, Even Using Bitcoin: Tracking the Popularity and Profits of Virtual Currency Scams , 2015, Financial Cryptography.

[4]  Stefan Richter,et al.  NISAN: network information service for anonymization networks , 2009, CCS.

[5]  Fergal Reid,et al.  An Analysis of Anonymity in the Bitcoin System , 2011, PASSAT 2011.

[6]  Brian Neil Levine,et al.  A Survey of Solutions to the Sybil Attack , 2006 .

[7]  Klaus Wehrle,et al.  How to Securely Prune Bitcoin’s Blockchain , 2020, 2020 IFIP Networking Conference (Networking).

[8]  Stefan Lindskog,et al.  Spoiled Onions: Exposing Malicious Tor Exit Relays , 2014, Privacy Enhancing Technologies.

[9]  Siani Pearson,et al.  Sticky Policies: An Approach for Managing Privacy across Multiple Parties , 2011, Computer.

[10]  George Danezis,et al.  Mixminion: design of a type III anonymous remailer protocol , 2003, 2003 Symposium on Security and Privacy, 2003..

[11]  Sarah Meiklejohn,et al.  Möbius: Trustless Tumbling for Transaction Privacy , 2018, IACR Cryptol. ePrint Arch..

[12]  S A R A H M E I K L E J O H N,et al.  A Fistful of Bitcoins Characterizing Payments Among Men with No Names , 2013 .

[13]  Massimo Bartoletti,et al.  An Analysis of Bitcoin OP_RETURN Metadata , 2017, Financial Cryptography Workshops.

[14]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[15]  Björn Scheuermann,et al.  Bitcoin and Beyond: A Technical Survey on Decentralized Digital Currencies , 2016, IEEE Communications Surveys & Tutorials.

[16]  Pedro Moreno-Sanchez,et al.  CoinShuffle: Practical Decentralized Coin Mixing for Bitcoin , 2014, ESORICS.

[17]  Jeremy Clark,et al.  On Bitcoin as a public randomness source , 2015, IACR Cryptol. ePrint Arch..

[18]  Matthew Green,et al.  Bolt: Anonymous Payment Channels for Decentralized Currencies , 2017, CCS.

[19]  Stefan Katzenbeisser,et al.  Structure and Anonymity of the Bitcoin Transaction Graph , 2013, Future Internet.

[20]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[21]  Susan Landau,et al.  Making Sense from Snowden: What's Significant in the NSA Surveillance Revelations , 2013, IEEE Security & Privacy.

[22]  Prateek Mittal,et al.  ShadowWalker: peer-to-peer anonymous communication using redundant structured topologies , 2009, CCS.

[23]  Klaus Wehrle,et al.  CPPL: Compact Privacy Policy Language , 2016, WPES@CCS.

[24]  Angelos D. Keromytis,et al.  Detecting Traffic Snooping in Tor Using Decoys , 2011, RAID.

[25]  Klaus Wehrle,et al.  A Trust Point-based Security Architecture for Sensor Data in the Cloud , 2014, Trusted Cloud Computing.

[26]  Adrian Perrig,et al.  Bootstrapping privacy services in today's internet , 2019, CCRV.

[27]  Mariana Raykova,et al.  RapidChain: Scaling Blockchain via Full Sharding , 2018, CCS.

[28]  Klaus Wehrle,et al.  CoinParty: Secure Multi-Party Mixing of Bitcoins , 2015, CODASPY.

[29]  Gregor Schiele,et al.  Decentralized Bootstrapping in Pervasive Applications , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[30]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[31]  Alex Biryukov,et al.  Equihash: Asymmetric Proof-of-Work Based on the Generalized Birthday Problem , 2016, NDSS.

[32]  Giuseppe Ateniese,et al.  Redactable Blockchain – or – Rewriting History in Bitcoin and Friends , 2017, 2017 IEEE European Symposium on Security and Privacy (EuroS&P).

[33]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[34]  Klaus Wehrle,et al.  Secure and anonymous decentralized Bitcoin mixing , 2018, Future Gener. Comput. Syst..

[35]  Philipp Jovanovic,et al.  OmniLedger: A Secure, Scale-Out, Decentralized Ledger via Sharding , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[36]  Klaus Wehrle,et al.  A Quantitative Analysis of the Impact of Arbitrary Blockchain Content on Bitcoin , 2018, Financial Cryptography.

[37]  Prateek Saxena,et al.  A Secure Sharding Protocol For Open Blockchains , 2016, CCS.

[38]  John Tromp,et al.  Cuckoo Cycle: A Memory Bound Graph-Theoretic Proof-of-Work , 2015, Financial Cryptography Workshops.