Perimeter: A network-layer attack on the anonymity of cryptocurrencies

Authors: Maria Apostolaki, Cedric Maire, and Laurent Vanbever
Financial Cryptography and Data Security. FC 2021
PDF

Abstract

Cryptocurrencies are widely used today for anonymous transactions. Such currencies rely on a peer-to-peer network where users can broadcast transactions containing their pseudonyms and ask for approval. Previous research has shown that application-level eavesdroppers, meaning nodes connected to a large portion of the Bitcoin peer-to-peer network, are able to deanonymize multiple users by tracing back the source of transactions. Yet, such attacks are highly visible as the attacker needs to maintain thousands of outbound connections. Moreover, they can be mitigated by purely application-layer countermeasures. This paper presents a stealthier and harder-to-mitigate attack exploiting the interactions between the networking and application layers. Particularly, the adversary combines her access over Internet infrastructure with application-layer information to deanonymize transactions. We show that this attack, namely PERIMETER, is practical in today’s Internet, achieves high accuracy in Bitcoin, and generalizes to encrypted cryptocurrencies e.g., Ethereum.

People

Dr. Maria Apostolaki
PhD student
2015—2021

BibTex

@INPROCEEDINGS{apostolaki2021perimeter,
	isbn = {978-3-662-64321-1},
	abbrev_source_title = {LNCS},
	doi = {10.1007/978-3-662-64322-8_7},
	year = {2021-10},
	booktitle = {Financial Cryptography and Data Security. FC 2021},
	volume = {12674},
	type = {Conference Paper},
	editor = {Borisov, Nikita and Diaz, Claudia},
	institution = {SNF},
	journal = {Lecture Notes in Computer Science},
	author = {Apostolaki, Maria and Maire, Cedric and Vanbever, Laurent},
	abstract = {Cryptocurrencies are widely used today for anonymous transactions. Such currencies rely on a peer-to-peer network where users can broadcast transactions containing their pseudonyms and ask for approval. Previous research has shown that application-level eavesdroppers, meaning nodes connected to a large portion of the Bitcoin peer-to-peer network, are able to deanonymize multiple users by tracing back the source of transactions. Yet, such attacks are highly visible as the attacker needs to maintain thousands of outbound connections. Moreover, they can be mitigated by purely application-layer countermeasures.This paper presents a stealthier and harder-to-mitigate attack exploiting the interactions between the networking and application layers. Particularly, the adversary combines her access over Internet infrastructure with application-layer information to deanonymize transactions. We show that this attack, namely PERIMETER, is practical in today’s Internet, achieves high accuracy in Bitcoin, and generalizes to encrypted cryptocurrencies e.g., Ethereum.},
	issn = {0302-9743},
	keywords = {Deanonymization; Bitcoin; Ethereum; Blockchain; BGP; Routing attack; Network-layer attack},
	language = {en},
	address = {Berlin},
	publisher = {Springer},
	title = {Perimeter: A network-layer attack on the anonymity of cryptocurrencies},
	PAGES = {147 - 166},
	Note = {25th International Conference on Financial Cryptography and Data Security (FC 2021); Conference Location: Online; Conference Date: March 1-5, 2021; Conference lecture held on March 1, 2021.}
}

Research Collection: 20.500.11850/498192