Bitcoin transaction de-anonymization: ip-address calculation

Russian encryption specialists working at the University of Luxembourg, A. Biryukov, D. Hovratovich and I. Pustogarov ( CryptoLux group) published their work on the Bitcoin network operation and the anonymity of transactions in it. From their work, it follows that it is possible to bind Bitcoin addresses to the ip-addresses of users, even if they are behind a NAT or firewall or use the Tor network. For binding, you need only a couple of ordinary computers and a budget of $ 2000.

The effectiveness of de-anonymization according to the researchers is up to 60%. In addition, this method allows you to "glue" the transaction, when several operations with different addresses, but done on the same computer, will be linked together. In work, in particular, it is noted that the success of the attack lies in the range from 11% to 60% of the disclosed ip-addresses. The final figure depends only on how far the attacker wants to be hidden.

Previously, network studies have already been conducted in order to correlate different transactions and link them to one user (albeit without disclosing the ip-address) by analyzing the block chain. The approach of this paper is based on the analysis of network traffic in real time. When you intend to make a transaction online, your client connects to a set of eight servers. These are input nodes, their set is unique for each user. When making a transaction through your wallet, input nodes send transaction information to the Bitcoin network. The essence of the method is to identify the set of input nodes, through them the wallet, and through it the user. In this case, the ip-address of the client can be associated with its transactions. Even if several users are behind NAT and simultaneously work with the network, each of them will have his own set of eight nodes that will distinguish him from the rest. In addition, a few simple technical steps will allow you to prevent Tor output nodes from conducting transactions.
')
Naturally, web-wallet users will not be identified in this way, all transactions will be tied to the address of the web server where the wallet is located. But web wallet users have already entrusted their data to a third party and, in a sense, have already been disclosed. In addition, the attack does not disclose the ip-address of the recipients of funds.

Recently, the anonymity of network users is increasingly being questioned. Recently, it was noted that the SharedCoin service from the Blockchain service does not properly hide user transactions. The authors of the article offer several measures for modifying the work of the network and customers, which, in their opinion, will contribute to increasing anonymity. Among the measures are the introduction of delays in making transactions at random time intervals and reducing the number of servers with which you need to establish a connection. The use of VPN services also seems logical.

In his post on the well-known BitcoinTalk resource, Mike Hearn, a member of the core Bitcoin development team, praised the work of the researchers. However, he noted that the team already knows about this kind of attacks. Unfortunately, the Bitcoin development team is not in a position to implement all possible ideas, as they are experiencing a critical lack of funding .