Skip to content

User De anonymization

Jump to bottom
Peng edited this page May 6, 2017 · 1 revision

What do we mean by anonymity?

Literally: anonymous = without a name

Bitcoin addresses are public key hashes rather than real identities; computer scientists call this pseudonymity.

Anonymity = pseudonymity + unlinkability

Without such anonymity, the privacy is much worse than tradition bank.

unlinkability: different interactions of the same user with the system should not be linkable to each other. In other words, as a user interacts with the system repeatedly these different interactions should not be able to be tied to each other from the point of view of some adversary.

Why is unlinkability needed?

  1. Many bitcoin services require real identity
  2. Linked profiles can be deanonymized by a variety of side channels. Maybe somebody looks at a profile of your pseudonymous Bitcoin transactions and finds that you interact at certain times of the day. And they're able to correlate the times of day when you're active online with the times of day when your Twitter account is posting Tweets. And so they're able to find a connection between your Twitter identity and your transactions on Bitcoin. Similar attacks have been known to happen, so this is why this notion of this pseudonymous profile is considered quite fragile. And for real anonymity we want the stronger notion of unlinkability.

Define unlinkability in Bitcoin

  • Hard to link different addresses of the same user
  • Hard to link different transactions of the same user
  • Hard to link sender of a payment to its recipient

Quantifying anonymity

Complete unlinkability (among all address/transactions is hard)

To calculate anonymity set (to blend one action into):

  • define adversary model
  • reason carefully about: what the adversary knows, does not know and cannot know

What about money laundering

Bottleneck: moving large flows into and out of the Bitcoin.

Anonymity and decentralization: in conflict

  • Interactive protocols with bank are hard to decentralize
  • Decentralization often achieved via public traceability to enforce security

Best practice: trivial to create new address. e.g. wikileaks refreshes the public address for every donation.

Idea:

  • Shared spending is evidence of joint control: Two different address pay into the same address in a single transaction

Papers:

  • An analysis of anonymity in the Bitcoin system, F. Ried and M.Harrigan PASSAT 2011
  • A Fistful of Bitcoins: Characterizing Payments: Among Men with No Names, S. Meiklejohn et al. IMC 2013
Clone this wiki locally