File Download

There are no files associated with this item.

  Links for fulltext
     (May Require Subscription)
Supplementary

Conference Paper: New Empirical Traceability Analysis of CryptoNote-Style Blockchains

TitleNew Empirical Traceability Analysis of CryptoNote-Style Blockchains
Authors
Issue Date2019
Citation
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2019, v. 11598 LNCS, p. 133-149 How to Cite?
Abstract© 2019, International Financial Cryptography Association. The cascade effect attacks (PETS’ 18) on the untraceability of Monero are circumvented by two approaches. The first one is to increase the minimum ring size of each input, from 3 (version 0.9.0) to 7 in the latest update (version 0.12.0). The second approach is introducing the ring confidential transactions with enhanced privacy guarantee. However, so far, no formal analysis has been conducted on the level of anonymity provided by the new countermeasures in Monero. In addition, since Monero is only an example of leading CryptoNote-style blockchains, the actual privacy guarantee provided by other similar blockchains in the wild remains unknown. In this paper, we propose a more sophisticated statistical analysis on CryptoNote-style cryptocurrencies. In particular, we introduce a new attack on the transaction untraceability called closed set attack. We prove that our attack is optimal assuming that no additional information is given. In other words, in terms of the result, attack is equivalent to brute-force attack, which exhausts all possible input choices and removes those that are impossible given the constraints imposed by the mixins of each transaction. To verify the impact of our attack in reality, we conduct experiments on the top 3 CryptoNote-style cryptocurrencies, namely, Monero, Bytecoin and DigitalNote, according to their market capitalization. Since the computational cost of performing attack is prohibitively expensive, we propose an efficient algorithm, called clustering algorithm, to (approximately) implement our attack. By combining our clustering method with the cascade attack, we are able to identify the real coin being spent in Monero inputs, Bytecoin inputs, and in DigitalNote inputs. In addition, we provide a theoretical analysis on the identified attack, i.e., if every input in a CryptoNote-style blockchain has 3 mixins, and all mixins are sampled uniformly from all existing coins, the success rate of this attack is very small (about). Given that attack is equivalent to the best possible statistical attack, our findings provide two key insights. First, the current system configuration of Monero is secure against statistical attacks, as the minimum number of mixin is 6. Second, we identify a new factor in improving anonymity, that is, the number of unspent keys. Our analysis indicates that the number of mixins in an input does not need to be very large, if the percentage of unspent keys is high.
Persistent Identifierhttp://hdl.handle.net/10722/280721
ISSN
2023 SCImago Journal Rankings: 0.606
ISI Accession Number ID

 

DC FieldValueLanguage
dc.contributor.authorYu, Zuoxia-
dc.contributor.authorAu, Man Ho-
dc.contributor.authorYu, Jiangshan-
dc.contributor.authorYang, Rupeng-
dc.contributor.authorXu, Qiuliang-
dc.contributor.authorLau, Wang Fat-
dc.date.accessioned2020-02-17T14:34:46Z-
dc.date.available2020-02-17T14:34:46Z-
dc.date.issued2019-
dc.identifier.citationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2019, v. 11598 LNCS, p. 133-149-
dc.identifier.issn0302-9743-
dc.identifier.urihttp://hdl.handle.net/10722/280721-
dc.description.abstract© 2019, International Financial Cryptography Association. The cascade effect attacks (PETS’ 18) on the untraceability of Monero are circumvented by two approaches. The first one is to increase the minimum ring size of each input, from 3 (version 0.9.0) to 7 in the latest update (version 0.12.0). The second approach is introducing the ring confidential transactions with enhanced privacy guarantee. However, so far, no formal analysis has been conducted on the level of anonymity provided by the new countermeasures in Monero. In addition, since Monero is only an example of leading CryptoNote-style blockchains, the actual privacy guarantee provided by other similar blockchains in the wild remains unknown. In this paper, we propose a more sophisticated statistical analysis on CryptoNote-style cryptocurrencies. In particular, we introduce a new attack on the transaction untraceability called closed set attack. We prove that our attack is optimal assuming that no additional information is given. In other words, in terms of the result, attack is equivalent to brute-force attack, which exhausts all possible input choices and removes those that are impossible given the constraints imposed by the mixins of each transaction. To verify the impact of our attack in reality, we conduct experiments on the top 3 CryptoNote-style cryptocurrencies, namely, Monero, Bytecoin and DigitalNote, according to their market capitalization. Since the computational cost of performing attack is prohibitively expensive, we propose an efficient algorithm, called clustering algorithm, to (approximately) implement our attack. By combining our clustering method with the cascade attack, we are able to identify the real coin being spent in Monero inputs, Bytecoin inputs, and in DigitalNote inputs. In addition, we provide a theoretical analysis on the identified attack, i.e., if every input in a CryptoNote-style blockchain has 3 mixins, and all mixins are sampled uniformly from all existing coins, the success rate of this attack is very small (about). Given that attack is equivalent to the best possible statistical attack, our findings provide two key insights. First, the current system configuration of Monero is secure against statistical attacks, as the minimum number of mixin is 6. Second, we identify a new factor in improving anonymity, that is, the number of unspent keys. Our analysis indicates that the number of mixins in an input does not need to be very large, if the percentage of unspent keys is high.-
dc.languageeng-
dc.relation.ispartofLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)-
dc.titleNew Empirical Traceability Analysis of CryptoNote-Style Blockchains-
dc.typeConference_Paper-
dc.description.naturelink_to_subscribed_fulltext-
dc.identifier.doi10.1007/978-3-030-32101-7_9-
dc.identifier.scopuseid_2-s2.0-85075562054-
dc.identifier.volume11598 LNCS-
dc.identifier.spage133-
dc.identifier.epage149-
dc.identifier.eissn1611-3349-
dc.identifier.isiWOS:000540724500009-
dc.identifier.issnl0302-9743-

Export via OAI-PMH Interface in XML Formats


OR


Export to Other Non-XML Formats