下载  >  区块链  >  比特币  > An Analysis of Anonymity in the Bitcoin System.pdf

An Analysis of Anonymity in the Bitcoin System.pdf 评分

Anonymity in Bitcoin, a peer-to-peer electronic currency system, is a com- plicated issue. Within the system, users are identified by public-keys only. An attacker wishing to de-anonymize its users will attempt to construct the one- to-many mapping between users and public-keys and associate informa
Chapter 1 An analysis of anonymity in the Bitcoin System Fergal Reid and martin Harrigan abstract Anonymity in Bitcoin, a peer-to-peer electronic currency system, is a. com plicated issue. Within the system, users are identified by public-keys only An attacker wishing to de-anonymize its users will attempt to construct the one- to-many mapping between users and public-keys and associate information external to the system with the users. Bitcoin tries to prevent this attack by storing the mapping of a user to his or her public-keys on that user's node onlly anld by allowing each user to generate as Imany public-keys as required In this chapter we consider the topologica. l structure of two networks derived from Bitcoin's public transaction history. Wc show that the two nctworks have a non-trivial topological structure. provide complementary views of the Bitcoin system and have implications for anonymity. We combine these struc- tures with external information and techniques such as context discovery and How analysis to investigate an alleged theft of Bitcoins, which, at the time of the theft, had a market value of approximately half a million U.s. dollars Kcy words: Nctwork Analysis, Anonymity, Bitcoin 1.1 Introduction Bitcoin is a peer-to-peer electronic currency system first described in a paper y Satoshi Nakamoto (a pseudonym) in 2008 20. It relics on digital sig- matures to prove ownership inld a public history of transactions to prevent Clique Research Cluster Complex Adaptive Systems Laboratory, University College Dublin, Ireland c-mail: fergal. reidCgmail. com, martin. harriganQucdie Reid and harrigan double-spending The history of transactions is shared using a peer-to-peer network and is agreed upon using a proof-of-work system 135 The first Bitcoins were transacted in January 2009 and by June 2011 there were 6.5 million Bitcoins in circulation among an estimated 10,000 users 28 In rccent months, the currency has sccn rapid growth in both media atten tion and Market price relative to existing currencies. At its peak, i single Bitcoin traded for more than US30 on popular Bitcoin exchanges. At the same time, U.S. Senators and lobby groups in Germany, such as Der Bun- desverband Digitale Wirtschaft(BVWD)or the Federal Association of Digital Economy, have raised concerns regarding the untraceability of Bitcoins and their potential to harm society through tax evasion, money laundering and illegal transactions. The implications of the decentralized nature of Bitcoin or authorities ability to regulate and Imonitor the flow of currency is as yet unclear Many uscrs adopt Bitcoin for political and philosophical rcasons, as much as pragmatic ones. There is an understanding amongst Bitcoins more tech nica.I users that, anonymity is not a promenient design goa l of the system however, opinions vary widely as to how anonymous the system is, in prac tice. Jeff Garzik, a member of Bitcoin's development team, is quoted as saying it would be unwise "to attempt major illicit transactions with Bitcoin, given existing statistical analysis techniques deployed in the field by law enforce mcnt'D howcvcr, prior to this work, no analysis of anonymity in Bitcoin was publicly available to substantiate or refute these claims. Furthermore, many other users of the system do not share this belief. For example, WikiLeaks an international organization for anonymous whistleblowers, recently advised its Twitter followers that it now accepts anonymous donations via Bitcoin (see Fig. 1. 1b and states that2 a sccurc and anonymous ital currency. Bitcoins cannot be casily tracked back to you, and are a [sic] safer and faster alternative to other donation methods.” They proceed to describe a. more secure met hod of donat ing Bit coins that involves the generation of a one-time public-key but the implications for those who donate using the tweeted public-key are unclear. Is it possible to associate a donation with other Bitcoin transactions performed by the same user or perhaps identify them using external information? The extent to which this anonymity holds in the face of determined analysis remains to be tested This chapter is organized as follows. In Sect. 1.2 we consider sOllle ex isting work relating to electronic currencies and anonymity. The economic aspects of the system, interesting in their own right, are beyond the scope of this work. In Sect. 1.3 we present an overview of the Bitcoin system we focus on t hree features that are particularly relevant, to our analysis. In http://www.theatlantic.com/technology/archive/2011/06/libertarian-dream-a-site- where-you-buy-drugs-withl-digital-dollars/239776- Retrieved 2011-11-12 http://wikilea.ks.org/support.html-retrieved:2011-07-22 1.1 Introduction WikiLeaks WikiLeaks now accepts anonymous Bitcoin donations on 1HB5XMLmz FV]8ALjomfBsbifRoD4miY36V Fig. 1.1: Screen capture of a tweet from Wikileaks announcing their acceptance of"anony- mous bitcoin donations Sect. 1.4 we construct two network structures, the transaction network and the user network using the publicly available transaction history. We study the static and dynamic properties of these networks. In Sect. 1.5we consider the implications of these network structures for anonymity. We also combine information external to the Bitcoin system with techniques such as flow and temporal analysis to illustrate how various types of information leakage can contribute to the de-anonymization of the system's users. Finally, we conclude in Sect.①.6 1.1.1 A Note Regarding Motivation and Disclosure Our motivation for this analysis is not to de-anonymize individual users of the Bitcoin system. Rather, it is to demonstrate, using a passive analysis of a publicly available dataset, the inherent limits of anonymity when using Bitcoin. This will ensure that users do not have expectations that are not being fulfilled by the system II security-related research, there is considerable tension over how best to disclose vulnerabilities 9. Many researchers favor full disclosure where all information regarding a vulnerability is promptly released. This enables informed users to promptly take defensive measures. Other researchers fa vor limited disclosure while this provides a tackers with a window in which to exploit uninformed users, a mitigation strateg y can be prepared and im plemented before public announcement, thus limiting damage, e.g. through a software update. Our analysis illustrates some potential risks and pitfalls with regard to anonymity in the Bitcoin system. However, there is no central au thority which can fundamentally change thc systcms behavior. Furthcrmorc it is not possible to mitigate analysis of the existing transaction history There are also two notewort hy features of the dataset when compared with say, contentious social network datasets. e. g. the Facebook profiles of Harvard University students 19. Firstly, the delineation between what is considered public and private is clear: the entire history of Bitcoin transactions is publicly available. Secondly, the Bitcoin system does not have a usage policy. After Reid and harrigan joining Bitcoin's peer-to-peer network, a client can freely request the entire history of Bitcoin transactions; there is no crawling or scraping required Thus, we believe the best strategy to minimise the threat to user anonymity is to be descriptive about the risks of the Bitcoin system. We do not identify individual uscrs- apart from thosc in the casc study- but wc note that it is not difficult for other groups to replicate our work. Indeed, given the pas sive nature of the analysis, other parties may already be conducting similar analyse 1.2 Related work The related work for this chapter can be categorized into two fields: electronic currcncics and anonymity. 1.2.1 Electronic Currencies Electronic currencies can be technically classified according to their mech anisms for establishing owncrship, protecting against doublc-spcnding, cn suring anonymity and/ or privacy, and generating and issuing new currency Bitcoin is particularly notewort hy for the last of these mechanisms. The proof-of work system [135 that establishes consensus regarding the hi tory of transactions also doubles as a minting mechanism. The scheme was first outlined in the B-Money Proposal 12. We briefly consider some alterna- tive mechanisms. Ripple 14 is an electronic currency where every user can issue currency. However, the currency is only accepted by peers who trust the issuer. Transactions between arbitrary pairs of users require chains of trusted intermediaries between the users. Saito 25 formalized and imple mented a similar system, i-WAT, in which thethe chain of intermediaries can be established without their immediate presence using digital signatures KARMA 29 is an electronic currency where the central authority is dis tributed over a set of users that are involved in all transactions. PPay 30 a micropayment scheme for peer-to-peer systems where the issuer of the cur rency is responsible for keeping track of it. However, both KARMA and PPay may incur a large overhead when the rate of transactions is high. Mondex s a smart-card electronic currency 27. It preserves a central bank,s role in the gelleration and issuance of electronic currency. Mondex was an electronic replacement for cash in the physica l world whereas Bitcoin is an electronic analog of cash in the online world he authors are not aware of any studies of the network structure of elec- tronic currencies. However, there are such studies of physical currencies. The community currency Tomamae-cho was introduced into the Hokkaido prefec 1.2 Related Work ture in Japan for a three-month period during 2004-05 in a bid to revitalize local economy. The Tomamae-cho system involved gift-certificates that were re-usable and legally redeemable into yen. There was an entry space on the reverse of each certificate for recipients to record transaction dates, their names and addresscs, and the purposes of usc, up to a maximum of fivc ro cipients. Kichiji and Nishibe 17 used the collected certificates to derive d net work structure that, represented the fow of currency during the period They showed that the cumulative degree distribution of the network obeyed a power-law distribution, the network had small-world properties( the aver- age clustering coefficient was high whereas the average path length was low) the directionality and the value of transactions were significant features, and the double-triangle system 23 was effective. There also exist studies of the physical Movenent of currency: ' Where's George?1 is a crowd-sourced method for tracking u.s. dollar bills where users record the serial numbers of bills in thcir possession, along with thcir current location. If a bill is rccordcd sufficiently often. its geographical movement can be tracked over time. Brock mann et al. 8 used this dataset, as a proxy for studying multi-scale human mobility and as a tool for computing geographic borders inherent to human mobility Grinberg 2 considers some of the legal issues that may be relevant to Bitcoin in the United States. For example, does Bitcoin violate the Stamp Payments Act of 1862? The currency can bc used as a token for a less sum than S1, intended to circulate as money or to be received or used in lieu of lawful money of the United States. However, the authors of the act, could not have conceived of digital currencies at the time of its writing and therefore Bitcoin may not fall under its scope. grinberg believes that Bitcoin is unlikely to be a security or more specifically an "investment contractand therefore es not fall under the s ties act of 1933. he also belie that th Secrecy Act of 1970 and the Money Laundering Control Act of 1986 pose the greatest risk for Bitcoin developers, exchanges, wallet providers, mining pool operators and businesses that accept Bitcoins. These acts require certain kinds of financial busi n if the located abroad. to a bureau of the United States Department of the Treasury known as the Financial Crimes Enforcement Network(or FinCeN). The legality of bitcoin is outside the scope of our work but is interesting nonetheless 1.2.2 Anonymity Previous work has shown the difficulty in maintaining a nonymity in the con text of networked data and online services which expose partial user informa- tion Narayanan and Shmatikov 22 and Backstrom et al. 6 consider privacy attacks which identify users using the structure of networks and show the dif- ficulty in guaranteeing anonymity in the presence of network data. Crandall Reid and harrigan et al. 11 infer social ties between users where none are explicitly stated by looking at patterns of co-incidences'or common off-network co-occurrences Gross and Acquisiti 15 discuss privacy of early users in the Facebook so- cial network, and how information from multiple sources could be combined to identify pseudonymous nctwork uscrs Narayanan and Shmatikov 2l dc anonymized the Netfix Prize dataset using information from IMDEB which had similar user content, showing that statist ical matching between different but related datasets can be used to attack anonymity. Puzis et al. 24 simu lated the monitoring of a communications network using strategically-located monitoring nodes and showed that, using real-world network topologies, a rel- atively small number of nodes can collaborate to pose a significant threat to anonymity. Korolova et al. 18 study strategies for efficiently compromising network nodes, to llaxiise link infornation observed. Altshuler et al. 3 dis cuss the increasing dangers of attacks targeting similar types of information and providc mcasurcs of the difficulty of such attacks. on particular nctworks All of this work points to the difficulty in maintaining anonymity where net work dat a on user behaviour is avai lable and illustrates how seemingly mino information leakages can be aggregated to pose significant risks. The security researcher Dan Kaminsky independently performed an investigation of some aspects of anonymity in the Bitcoin system, which he presented at a security conference 16 shortly after an initial draft of this work was made public. His work investigates the " linking problcm,we analyze in Scct. [ 1.4.2 In addition to the analysis we conducted, his work investigates the Bitcoin system from an angle we did not consider in our investigation-the TCP/IP operation of the underlying peer-to-peer network. Kaminsky's TCP/IP layer findings strengthen the core claims of this work that Bitcoin does not anonymise user activity. We provide a summary of his findings in Sect. 1.5.2 1. 3 The Bitcoin System The following is a simplified description of the Bitcoin system; see Nakamoto 20 for a more thorough treatment. Bitcoin is an electronic currency with no central authority or issuer. There is no central bank or fractional reserve system controlling the supply of Bitcoins. Instead, they are generated at a predictable rate such that the eventual total number will be 21 million. There is no requirement for a trusted third-party when making transactions. Sup- pose Alice wishes to'send?a number of Bitcoins to Bob. Alice uses a Bitcoin twork and slakes blic tral action or declaration stating that, one or more identities that she controls which can be verified using public-key cryptography ) and which previously had a number of Bitcoins assigned to them, wish to re-assign those Bitcoins http://www.imdb.com 1.3 The Bitcoin System to one or more other identities, at least one of which is controlled by bob. The participants of the peer-to-peer network form a collective consensus regard- ing the validity of this transaction by appending it to the public history of previously agreed-upon transactions(the block-chain). This process involves the repcatcd computation of a cryptographic hash function so that the digest of the transactiOn, along with other pending transactiOns, anld all arbitrary nonce, has a specific form. This process is designed to require considerable computational effort, from which the security of the Bitcoin mechanism is derived To encourage users to pay this computational cost, the process is incentivized using newly generated Bitcoins and or transaction fees, and so this whole process is known as mining In this chapter, there are three features of the Bitcoin system that are of particular interest. Firstly, the eltire history of Bitcoin transactions is publicly available. This is necessary in order to validate transactions and prcvent doublc-spending in the abscncc of a ccntral authority. Thc only way to confirm the absence of a previous transaction is to be aware of all previous transactions. The second feature of interest is that a transaction can have multiple inputs and multiple outputs. An input to a transaction is either the output of a previous transaction or a sum of newly generated Bitcoins and transaction fees. A transaction frequently has either a single input from a previous larger transaction or multiple inputs from previous smaller transac tions. Also, a transaction frequently has two outputs: onc sending paymcnt and one returning change. Thirdly, the payer and payee(s) of a transaction are identified through public-keys from public-priva te key-pairs. However, a user can have multiple public-keys. In fact, it is considered good practice for a payee to generate a new public-private key-pair for every transaction. fur thermore, a user can take the following steps to better protect their identity they can avoid revealing any identifying information in connection with their public-keys; they can repeatedly send varying fractions of their Bitcoins to themselves using multiple (newly generated) public-keys; and/ or they can use a trusted third-party mixer or laundry. However, these practices are not universally applied The three features above, namely the public availability of Bitcoin trans actions, the input-output relationship between transactions and the re-use and co-use of public-keys, provide a basis for two distinct network structures the transaction network and the user network The transaction network rep resents the flow of Bitcoins between transactions over time. Each vertex rep resents a transaction and each directed edge between a source and a target represents an output of the transaction corresponding to the source that is all input to the transactioN corresponding to the target. Each directed edge also includes a value in Bitcoins and a timestamp The user network repre- sents the fow of Bitcoins between users over time. Each vertex represents a user and each directed edge between a source and a target represents an input-output pair of a single transaction where the input's public-key belongs to the user corresponding to the source and the output's public-key belongs Reid and harrigan to the user corresponding to the target. Each directed edge also includes a value in Bitcoins and a timestamp We gathered the entire history of Bitcoin transactions from the first trans- action on the 3 a January 2009 up to and including the last transaction that occurred on the 12th July 2011. We gathered thc datasct using thc Bitcoin clien and a nodified version of Gavin AmdresenI's bitcointools project The dat aset comprises 1019 486 transactions bet ween 1253 054 unique public-keys. We describe the construction of the corresponding trans action and user networks and their analyses in the following sections. We will show that the two networks are complex, have a non-trivial topologi- cal structure, provide complementary views of the Bitcoin system and have implications for the anonymity of users 1.4 The Transaction and user Networks 1. 4. 1 The Tro anmsactaon The tra.nsaction network T represents the flow of bit coins between trans actions over time. Each vertex represents a transaction and each directed Ige between a source and a target represents an output of the transaction corresponding to the source that is an input to the transaction correspond- ing to the target. Each directed edge also includes a value in Bitcoins and a timestamp. It is a straight-forward task to construct T from our dataset …t4ha12otcr Fig. 1.2: An example sub-network from the transaction network. Each rectangular vertex represents a transaction and each directed edge represents a flow of Bitcoins from an output 4http://www.bitcoin.org ohttp://github.com/gavinandresen/bitcointools

...展开详情
所需积分/C币:5 上传时间:2019-10-09 资源大小:2.48MB
举报 举报 收藏 收藏
分享 分享
Hi3518_SDK中文资料

Hi3518 SDK 安装以及升级使用说明 第一章 Hi3518_SDK_Vx.x.x.x版本升级操作说明 如果您是首次安装本SDK,请直接参看第2章。 第二章 首次安装SDK 1、Hi3518 SDK包位置 在"Hi3518_V100R001SPC***/01.software/board"目录下,您可以看到一个 Hi3518_SDK_Vx.x.x.x.tgz 的文件,该文件就是Hi3518的软件开发包。 其中,Hi3518_V100R001SPC01xxx对应的是uclib版本,Hi3518_V100R001SPC02xxx对应的是glibc版本。 2、解压缩SDK包

立即下载
linux vsftpd搭建步骤 亲测可用

一 vsftpd搭建步骤 1、首先安装vsftpd,并设置开机启动 yum -y install vsftpd chkconfig vsftpd on 2、基于虚拟用户配置,(所谓虚拟用户就是没有使用真实的帐户,只是通过映射到真实帐户和设置权限的目的。虚拟用户不能登录CentOS系统)  2.1 配置参数 [root@ftp vuser_conf]# sed -n '/^[^#]/P' /etc/vsftpd/vsftpd.conf anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessag

立即下载
A Self-Stabilizing Algorithm for Maximal Matching in Anonymous Networks

We propose a self-stabilizing algorithm for computing a maximal matching in an anony- mous network. The complexity is O(n2) moves with high probability, under the ad- versarial distributed daemon. Among all adversarial distributed daemons and with the anonymous assumption, our algorithm provides the

立即下载
html+css+js制作的一个动态的新年贺卡

该代码是http://blog.csdn.net/qq_29656961/article/details/78155792博客里面的代码,代码里面有要用到的图片资源和音乐资源。

立即下载
Camtasia 9安装及破解方法绝对有效

附件中注册方法亲测有效,加以整理与大家共享。 由于附件大于60m传不上去,另附Camtasia 9百度云下载地址。免费自取 链接:http://pan.baidu.com/s/1kVABnhH 密码:xees

立即下载
电磁场与电磁波第四版谢处方 PDF

电磁场与电磁波第四版谢处方 (清晰版),做天线设计的可以作为参考。

立即下载
压缩包爆破解密工具(7z、rar、zip)

压缩包内包含三个工具,分别可以用来爆破解密7z压缩包、rar压缩包和zip压缩包。

立即下载
算法第四版 高清完整中文版PDF

《算法 第4版 》是Sedgewick之巨著 与高德纳TAOCP一脉相承 是算法领域经典的参考书 涵盖所有程序员必须掌握的50种算法 全面介绍了关于算法和数据结构的必备知识 并特别针对排序 搜索 图处理和字符串处理进行了论述 第4版具体给出了每位程序员应知应会的50个算法 提供了实际代码 而且这些Java代码实现采用了模块化的编程风格 读者可以方便地加以改造

立即下载
c语言课程设计 NBA球星管理系统

c语言课程设计代码实现,程序运行过程中采用链表对数据进行存储,实现了对链表的操作,程序运行结束用txt文件对信息进行存储,实现了数据的加密保存,采用系统函数及布局对界面进行美化,采用字符串对输入信息进行判断并保存,防止了错误的输入.并赋有实验报告

立即下载
rar.zip.7z密码破解

可以破解大部分压缩软件的密码。不用担心密码忘记。好用。

立即下载
《电路》邱关源-第五版.pdf

邱关源,出生于1923年(癸亥年),汉族,是西安交通大学教授,博士生导师,国内著名的电路理论专家,曾任国家教育部电工课程教学指导委员会委员。

立即下载
jdk1.8下载

jdk1.8下载

立即下载
DroidCamX 6.5 电脑端和手机端(2018年版本)

DroidCamX 6.5 适配安卓8.0和win10系统。让你的安卓手机变成摄像头。

立即下载
身份证号对应籍贯表大全(共6456条)

身份证号对应籍贯表大全(共6456条),可以很方便查出身份证对应的籍贯,方便工作、项目使用

立即下载
DirectX修复工具V3.7在线修复版

DirectX修复工具(DirectX Repair)是一款系统级工具软件,简便易用。本程序为绿色版,无需安装,可直接运行。 本程序的主要功能是检测当前系统的DirectX状态,如果发现异常则进行修复。程序主要针对0xc000007b问题设计,可以完美修复该问题。本程序中包含了最新版的DirectX redist(Jun2010),并且全部DX文件都有Microsoft的数字签名,安全放心。 本程序为了应对一般电脑用户的使用,采用了傻瓜式一键设计,只要点击主界面上的“检测并修复”按钮,程序就会自动完成校验、检测、下载、修复以及注册的全部功能,无需用户的介入,大大降低了使用难

立即下载
同济大学线代第六版PDF高清扫描版

同济大学的线代第六版PDF高清扫描版 要考数学3的同学可以下载看下 上传记录里面还有考数3的其他资源 有需要的可以自行下载

立即下载
高等数学第七版(同济大学)下册pdf

高等数学第七版(同济大学)下册教材pdf (PS:高等数学第七版上下册均有,因上传文件容量有限,因此分为两次上传,请有需要上册的朋友点开我的资源下载页进行下载)

立即下载
[官]系统集成项目管理工程师教程(第2版)高清带书签目录

[官]系统集成项目管理工程师教程(第2版)高清带书签目录

立即下载
中国大学MOOC课件爬取(含视频)

实现对中国大学MOOC上的视频、文档、附件进行爬取的Python源码,无GUI、未打包exe,支持多进程、断点续传、文件结构同网页中显示结构。PS:此处为1.5.6版本,欢迎大家加我交流或者提建议(可直接获取最新版本)

立即下载
《电路》邱关源-第五版-完整版.pdf

《电路(第5版)》是2006年05月高等教育出版社出版的图书,作者是邱关源。 本书为第5版,主要目标是适应电子与电气信息类专业人才培养方案和教学内容体系的改革以及高等教育迅速发展的形式。 全书共分18章: 电路模型和电路定律、电阻电路的等效变换、电阻电路的一般分析、电路定律、含有运放的电阻电路、储能元件、一阶电路和二阶电路的时域分析、相量法、正弦稳态电路的分析、含有耦合电感的电路、频率响应、三相电路、非正弦周期电流电路、线性动态电路的复频域分析、电路方程的矩阵形式、二端口网络、非线性电路、均匀传输线。 附录:磁路和铁心线圈、Pspice简介、MATLAB

立即下载

关注

公告