Data Security and Privacy in Bitcoin System: A Survey

To date, bitcoin has been the most successful application of blockchain technology and has received considerable attention from both industry and academia. Bitcoin is an electronic payment system based on cryptography rather than on credit. Regardless of whether people are in the same city or country, bitcoin can be sent by any one person to any other person when they reach an agreement. The market value of bitcoin has been rising since its advent in 2009, and its current market value is US160 billion. Since its development, bitcoin itself has exposed many problems and is facing challenges from all the sectors of society; therefore, adversaries may use bitcoin’s weakness to make considerable profits. This survey presents an overview and detailed investigation of data security and privacy in bitcoin system. We examine the studies in the literature/Web in two categories: 1) analyses of the attacks to the privacy, availability, and consistency of bitcoin data and 2) summaries of the countermeasures for bitcoin data security. Based on the literature/Web, we list and describe the research methods and results for the two categories. We compare the performance of these methods and illustrate the relationship between the performance and the methods. Moreover, we present several important open research directions to identify the follow-up studies in this area.

[1]  Dhiren R. Patel,et al.  Blockchain exhumed , 2017, 2017 ISEA Asia Security and Privacy (ISEASP).

[2]  Elaine Shi,et al.  Step by Step Towards Creating a Safe Smart Contract: Lessons and Insights from a Cryptocurrency Lab , 2016, Financial Cryptography Workshops.

[3]  Atul Singh,et al.  Eclipse Attacks on Overlay Networks: Threats and Defenses , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[4]  Alex Biryukov,et al.  Bitcoin over Tor isn't a Good Idea , 2014, 2015 IEEE Symposium on Security and Privacy.

[5]  John V. Monaco Identifying Bitcoin users by transaction behavior , 2015, Defense + Security Symposium.

[6]  George Danezis,et al.  Centrally Banked Cryptocurrencies , 2015, NDSS.

[7]  Xiaojiang Du,et al.  Identifying the vulnerabilities of bitcoin anonymous mechanism based on address clustering , 2020, Science China Information Sciences.

[8]  Klaus Wehrle,et al.  CoinParty: Secure Multi-Party Mixing of Bitcoins , 2015, CODASPY.

[9]  Adi Shamir,et al.  Quantitative Analysis of the Full Bitcoin Transaction Graph , 2013, Financial Cryptography.

[10]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol with Chains of Variable Difficulty , 2017, CRYPTO.

[11]  Eli Ben-Sasson,et al.  SNARKs for C: Verifying Program Executions Succinctly and in Zero Knowledge , 2013, CRYPTO.

[12]  Matthew Green,et al.  Zerocoin: Anonymous Distributed E-Cash from Bitcoin , 2013, 2013 IEEE Symposium on Security and Privacy.

[13]  Nicolas Courtois,et al.  On Subversive Miner Strategies and Block Withholding Attack in Bitcoin Digital Currency , 2014, ArXiv.

[14]  Bryan Ford,et al.  Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing , 2016, USENIX Security Symposium.

[15]  Kelly E. Murray,et al.  Under the Hood , 1996, J. Object Oriented Program..

[16]  Jeremy Clark,et al.  SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies , 2015, 2015 IEEE Symposium on Security and Privacy.

[17]  Mauro Conti,et al.  A Survey on Security and Privacy Issues of Bitcoin , 2017, IEEE Communications Surveys & Tutorials.

[18]  Peng Jiang,et al.  A Survey on the Security of Blockchain Systems , 2017, Future Gener. Comput. Syst..

[19]  Issa Traoré,et al.  Double Spending Protection for E-Cash Based on Risk Management , 2010, ISC.

[20]  Aniket Kate,et al.  Liar, Liar, Coins on Fire!: Penalizing Equivocation By Loss of Bitcoins , 2015, CCS.

[21]  Jiankun Hu,et al.  Cloud-Based Approximate Constrained Shortest Distance Queries Over Encrypted Graphs With Privacy Protection , 2018, IEEE Transactions on Information Forensics and Security.

[22]  Philippe A. Janson,et al.  State of the art in electronic payment systems , 2000, Adv. Comput..

[23]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[24]  Kartik Nayak,et al.  Stubborn Mining: Generalizing Selfish Mining and Combining with an Eclipse Attack , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[25]  Elaine Shi,et al.  Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[26]  Prateek Saxena,et al.  Making Smart Contracts Smarter , 2016, IACR Cryptol. ePrint Arch..

[27]  S. Matthew Weinberg,et al.  On the Instability of Bitcoin Without the Block Reward , 2016, CCS.

[28]  Marc Pilkington,et al.  Blockchain Technology: Principles and Applications , 2015 .

[29]  Ghassan O. Karame,et al.  Evaluating User Privacy in Bitcoin , 2013, Financial Cryptography.

[30]  Yongdae Kim,et al.  Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin , 2017, CCS.

[31]  Tyler Moore,et al.  Empirical Analysis of Denial-of-Service Attacks in the Bitcoin Ecosystem , 2014, Financial Cryptography Workshops.

[32]  Ethan Heilman,et al.  Eclipse Attacks on Bitcoin's Peer-to-Peer Network , 2015, USENIX Security Symposium.

[33]  Massimo Bartoletti,et al.  A Survey of Attacks on Ethereum Smart Contracts (SoK) , 2017, POST.

[34]  Ghassan O. Karame,et al.  Double-spending fast payments in bitcoin , 2012, CCS.

[35]  Lear Bahack,et al.  Theoretical Bitcoin Attacks with less than Half of the Computational Power (draft) , 2013, IACR Cryptol. ePrint Arch..

[36]  Andreas M. Antonopoulos,et al.  Mastering Bitcoin: Unlocking Digital Crypto-Currencies , 2014 .

[37]  Brian Neil Levine,et al.  Sybil-Resistant Mixing for Bitcoin , 2014, WPES.

[38]  Chen Zhao Graph-based forensic investigation of Bitcoin transactions , 2014 .

[39]  Hubert Ritzdorf,et al.  On the Security and Performance of Proof of Work Blockchains , 2016, IACR Cryptol. ePrint Arch..

[40]  A new proof-of-work mechanism for bitcoin , 2016 .

[41]  Camilo Rocha,et al.  Double-spend Attack Models with Time Advantange for Bitcoin , 2016, CLEI Selected Papers.

[42]  Jason Teutsch,et al.  Demystifying Incentives in the Consensus Computer , 2015, CCS.

[43]  Jeremy Clark,et al.  Mixcoin: Anonymity for Bitcoin with Accountable Mixes , 2014, Financial Cryptography.

[44]  Liehuang Zhu,et al.  Classification of Encrypted Traffic With Second-Order Markov Chains and Application Attribute Bigrams , 2017, IEEE Transactions on Information Forensics and Security.

[45]  Pedro Moreno-Sanchez,et al.  CoinShuffle: Practical Decentralized Coin Mixing for Bitcoin , 2014, ESORICS.

[46]  David A. Thompson,et al.  STATE OF THE ART AND FUTURE TRENDS , 1981 .

[47]  Elaine Shi,et al.  Nonoutsourceable Scratch-Off Puzzles to Discourage Bitcoin Mining Coalitions , 2015, CCS.

[48]  Baoli Ma,et al.  Secure Phrase Search for Intelligent Processing of Encrypted Data in Cloud-Based IoT , 2018, IEEE Internet of Things Journal.

[49]  Jeremy Clark,et al.  Anonymity for Bitcoin with accountable mixes ( Full version ) , 2014 .

[50]  Chen Zhao,et al.  A Graph-Based Investigation of Bitcoin Transactions , 2015, IFIP Int. Conf. Digital Forensics.

[51]  Ittay Eyal,et al.  The Miner's Dilemma , 2014, 2015 IEEE Symposium on Security and Privacy.

[52]  Luke Valenta,et al.  Blindcoin: Blinded, Accountable Mixes for Bitcoin , 2015, Financial Cryptography Workshops.

[53]  Emin Gün Sirer,et al.  Majority Is Not Enough: Bitcoin Mining Is Vulnerable , 2013, Financial Cryptography.

[54]  Sushmita Ruj,et al.  Bitcoin Block Withholding Attack: Analysis and Mitigation , 2017, IEEE Transactions on Information Forensics and Security.

[55]  Adam Doupé,et al.  Behind closed doors: measurement and analysis of CryptoLocker ransoms in Bitcoin , 2016, 2016 APWG Symposium on Electronic Crime Research (eCrime).

[56]  Chen Xin,et al.  Zero-determinant strategy for the algorithm optimize of blockchain PoW consensus , 2017, 2017 36th Chinese Control Conference (CCC).

[57]  Christopher K. Frantz,et al.  From Institutions to Code: Towards Automated Generation of Smart Contracts , 2016, 2016 IEEE 1st International Workshops on Foundations and Applications of Self* Systems (FAS*W).

[58]  Alex Biryukov,et al.  Deanonymisation of Clients in Bitcoin P2P Network , 2014, CCS.

[59]  Feng Xiao,et al.  SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[60]  Mohsen Guizani,et al.  Privacy-Preserving Support Vector Machine Training Over Blockchain-Based Encrypted IoT Data in Smart Cities , 2019, IEEE Internet of Things Journal.

[61]  Koutarou Suzuki,et al.  Traceable Ring Signature , 2007, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[62]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[63]  Fergal Reid,et al.  An Analysis of Anonymity in the Bitcoin System , 2011, PASSAT 2011.

[64]  Giuseppe Ateniese,et al.  Proofs of Space: When Space Is of the Essence , 2014, SCN.

[65]  Fan Zhang,et al.  Town Crier: An Authenticated Data Feed for Smart Contracts , 2016, CCS.

[66]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[67]  Aviv Zohar,et al.  Optimal Selfish Mining Strategies in Bitcoin , 2015, Financial Cryptography.

[68]  Aggelos Kiayias,et al.  Ouroboros Genesis: Composable Proof-of-Stake Blockchains with Dynamic Availability , 2018, IACR Cryptol. ePrint Arch..

[69]  Patrick D. McDaniel,et al.  An Analysis of Anonymity in Bitcoin Using P2P Network Traffic , 2014, Financial Cryptography.

[70]  Bryan Ford,et al.  An offline foundation for online accountable pseudonyms , 2008, SocialNets '08.

[71]  Elaine Shi,et al.  The Ring of Gyges: Investigating the Future of Criminal Smart Contracts , 2016, CCS.

[72]  Aviv Zohar Bitcoin , 2015, Commun. ACM.

[73]  Meni Rosenfeld,et al.  Analysis of Bitcoin Pooled Mining Reward Systems , 2011, ArXiv.

[74]  R. Dingledine,et al.  One Fast Guard for Life ( or 9 months ) , 2014 .

[76]  Abhi Shelat,et al.  A Better Method to Analyze Blockchain Consistency , 2018, CCS.

[77]  Jianping Yu,et al.  A Blind-Mixing Scheme for Bitcoin based on an Elliptic Curve Cryptography Blind Digital Signature Algorithm , 2015, ArXiv.

[78]  S A R A H M E I K L E J O H N,et al.  A Fistful of Bitcoins Characterizing Payments Among Men with No Names , 2013 .

[79]  Xiaojiang Du,et al.  Privacy-Preserving Image Retrieval for Medical IoT Systems: A Blockchain-Based Approach , 2019, IEEE Network.

[80]  Philippe A. Janson,et al.  The State of the Art in Electronic Payment Systems , 1997, Computer.

[81]  Feng Gao,et al.  Scalable and Privacy-Preserving Data Sharing Based on Blockchain , 2018, Journal of Computer Science and Technology.

[82]  Sunny King,et al.  PPCoin: Peer-to-Peer Crypto-Currency with Proof-of-Stake , 2012 .

[83]  Aziz Mohaisen,et al.  Exploring the Attack Surface of Blockchain: A Systematic Overview , 2019, ArXiv.