SlideShare a Scribd company logo

Not So Anonymous - Deanonymization of Blockchain Users

Download as PPTX, PDF
J
Johannes Ahlmann

The document discusses the concept of deanonymization in blockchain, particularly focusing on Bitcoin and its pseudonymous nature, which allows for potential linking of users to their transactions. It explores methods of deanonymization such as transaction graph analysis and real-time network analysis, highlighting the limitations of Bitcoin's privacy. Additionally, it provides remediation strategies and alternatives like anonymous cryptocurrencies to enhance user privacy.

Technology
1 of 20
Downloaded 11 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Not so Anonymous - Deanonymization of Blockchain Users Johannes Ahlmann CorkSec Meetup 2019-03-12 https://www.dailydot.com/news/anonymous-opfullerton-kelly-thomas/
Agenda • Is Bitcoin anonymous? • What is Deanonymization? • Why should I care? • What can I do about it? • Where to get cryptos? • Alternatives
About Me • Johannes Ahlmann • sensatus.io • On-Prem AI Models • Gathering and Enriching Web Data • Sales & Client Intelligence • webdata.org • Share Libraries and Best Practices • Bring Data Scientists and SME Companies together • ForDevelopers • AwesomeAvailableDatasets • Contact: johannes@sensatus.io sensatus.io
Pseudonyms • 1F1tAaz5x1HUXrCNLbtMDqcw6o5GNn4xqX • secret@protonmail.com • @johannes_cork • reddit_user • slashdot_user • ahljoh • 083 1762676 • Dread Pirate Roberts
Anonymity & Privacy Anonymity "without a name" Noone knows who you are Privacy Noone knows what you purchased and for what amount https://d262ilb51hltx0.cloudfront.net/max/1610/1*d0KdwdeKDi5m8n-sZdr-_A.png
Anonymity 1/2 • Pseudonymity - People are aware of one or multiple pseudonyms of yours, but not your true identity • Anonymity = Pseudonymity + Unlinkability • Unlinkability • Different actions of the same user should not be linkable to each other • Linking of addresses to users • Linking of transactions to users • Linking of senders to recipients
Anonymity 2/2 • Privacy vs. Decentralization • Public Ledger is core component in consensus and sharing state of the world • Bitcoin is pseudonymous, not anonymous • public addresses = pseudonyms • much less privacy than cash • Many Bitcoins are acquired through Exchanges or Mining Pools • Relatively few merchants/ market participants to trade with (retroactive geolocation) • Deanonymizing TOR using Bitcoin ;) • Fungibility
What is Deanonymization • Linking you to your addresses • Linking you to your transactions • Tagging, clustering of totality of addresses, transactions • Approaches • Transaction Graph Analysis • Realtime Network Analysis of P2P network
Not So Anonymous - Deanonymization of Blockchain Users
Not So Anonymous - Deanonymization of Blockchain Users
source: https://www.technologyreview.com/s/608716/bitcoin-transactions-arent-as-anonymous-as-everyone-hoped/ • 130 major merchants accepting Bitcoin • 53/ 130 leak payment information with > 40 total parties • Known fiat amount, timestamp • Unique linkage possible for 60% of (these specific) cases
Transaction Graph Analysis 1/2 Change Address Combined Addresses
Transaction Graph Analysis 2/2 • Bitcoin transactions are public • Active collection • Mining pools • Online wallets • Exchanges • Merchants • Gambling • Tagging clusters • One tagged address in cluster tags all cluster • Bitcoin address should only be used once An Analysis of Anonymity in the Bitcoin System F. Reid and M. Harrigan, PASSAT 2011
Realtime Network Analysis • "Attack" on the P2P Network • Peers distinguished over set of its (8) entry nodes • Linking inputs • Tagging clusters
Learning Entry Nodes
Realtime Network Analysis • Linking of different transactions to same user • Each peer is trying to connect to 8 entry nodes • Network discovery • Servers • Receive incoming connections • Max. 117 incoming connections • Clients • 8 outgoing connections • Peers are distinguished over set of it’s entry nodes!
Remediation • Deterministic Address Pool Wallets • Random Address Pool Wallets • Tor • Mixers • Who can we trust? • Coinjoin • How to find Peers? • Anonymous cryptocurrencies
Anonymous Currencies Monero - Ring signatures Dash - Fork of bitcoin, coin-mixing service Zcash - zk-SNARK, zero knowledge proofs Verge - Tor and I2P network for privacy Komodo - Fork of Zcash, zk-SNARK Pivx - Fork of Dash, Zerocoin protocol (Legitimate goods vs. legitimate worries; how can this be used for good or bad?)
Thank You!
Resources • https://coincenter.org/entry/how-anonymous-is-bitcoin • https://bitcoinmagazine.com/articles/is-bitcoin-anonymous-a-complete-beginner-s-guide-1447875283/ • https://www.coursera.org/lecture/cryptocurrency/how-to-de-anonymize-bitcoin-qnS76 • https://www.slideshare.net/bhaslhofer/bitcoin-deanonymization-and-money-laundering-detection-strategies • https://pwlconf.org/2018/giulia-fanti/ • https://www.technologyreview.com/s/608716/bitcoin-transactions-arent-as-anonymous-as-everyone-hoped/ • https://decentralize.today/a-new-attack-vector-to-deanonymize-bitcoin-users-9c6dc433d4b6 • https://www.deepdotweb.com/2017/04/20/how-companies-are-deanonymizing-bitcoin/ • https://bitcoinsandblockchains.blogspot.com/2016/05/bitcoin-deanonymization.html • https://btcmanager.com/u-s-department-of-homeland-security-create-bitcoin-deanonymization-tool/ • https://www.deepdotweb.com/2018/01/02/using-bitcoin-transaction-analysis-deanonymizing-users-tor-hidden-services/ • https://www.researchgate.net/publication/305423583_Listening_to_Whispers_of_Ripple_Linking_Wallets_and_Deanony mizing_Transactions_in_the_Ripple_Network/download • https://www.youtube.com/embed/glyQy_e5LmM?

More Related Content

PPTX
Not So Anonymous - Deanonymization of Blockchain Users
Johannes Ahlmann
 
PDF
Understanding private blockchains
Coin Sciences Ltd
 
PDF
Information security in private blockchains
Coin Sciences Ltd
 
PPTX
Blockchains 101
Nikhil Krishna Nair
 
PDF
Blockchain technology
Aayt Bahaa
 
PPTX
Testing in the blockchain
Craig Risi
 
PPTX
Blockchain Technology
Rashi Singh
 
PPTX
Microservices architecture
Tomasz Tomczyk
 
Not So Anonymous - Deanonymization of Blockchain Users
Johannes Ahlmann
 
Understanding private blockchains
Coin Sciences Ltd
 
Information security in private blockchains
Coin Sciences Ltd
 
Blockchains 101
Nikhil Krishna Nair
 
Blockchain technology
Aayt Bahaa
 
Testing in the blockchain
Craig Risi
 
Blockchain Technology
Rashi Singh
 
Microservices architecture
Tomasz Tomczyk
 

What's hot (20)

PDF
How to develop Decentralized App (ĐApp) on Ethereum
DEV Cafe
 
PPTX
BLOCKCHAIN TECHNOLOGY
garishma bhatia
 
PDF
Metadata in the Blockchain: The OP_RETURN Explosion
Coin Sciences Ltd
 
PDF
Blockchain Technology
Giuseppe Andreetti
 
PDF
Vilnius blockchain club 20170413 consensus
Audrius Ramoska
 
PPTX
EUIPO DPM knowledge share: Blockchain and IP
Audrius Ramoska
 
PPTX
Altcoins
sameezahur
 
PPTX
Blockchain Technology
PalakGulati10
 
PDF
Доклад Владимира Бичева на третьем митапе сообщества блокчейн-разработчиков С...
Дмитрий Плахов
 
PDF
Bitcoin and Ransomware Analysis
inder_barara
 
PPTX
Dublin Blockchain Group
AWH
 
PPTX
Blockchain 101
Oded Noam
 
PPTX
Blockchain 101
Paul O'Hagan
 
PDF
02 hello smart contracts
BastianBlankenburg
 
PPT
Blockchain technology | Bitcoins
Huzaifa Âl-Sikandar
 
PPTX
The Future of Blockchain
JakeSmothers
 
PDF
Build your first blockchain
Đoàn Thái Thiên Lộc
 
PDF
Architecture of the Hyperledger Blockchain Fabric - Christian Cachin - IBM Re...
Romeo Kienzler
 
PDF
Brief Introduction to Blockchain Security
Johnson, Chuan Zhang CISM CCSK OSCP
 
PPTX
Dash Crypto Currency Intro for Techies
Joseph Holbrook, Chief Learning Officer (CLO)
 
How to develop Decentralized App (ĐApp) on Ethereum
DEV Cafe
 
BLOCKCHAIN TECHNOLOGY
garishma bhatia
 
Metadata in the Blockchain: The OP_RETURN Explosion
Coin Sciences Ltd
 
Blockchain Technology
Giuseppe Andreetti
 
Vilnius blockchain club 20170413 consensus
Audrius Ramoska
 
EUIPO DPM knowledge share: Blockchain and IP
Audrius Ramoska
 
Altcoins
sameezahur
 
Blockchain Technology
PalakGulati10
 
Доклад Владимира Бичева на третьем митапе сообщества блокчейн-разработчиков С...
Дмитрий Плахов
 
Bitcoin and Ransomware Analysis
inder_barara
 
Dublin Blockchain Group
AWH
 
Blockchain 101
Oded Noam
 
Blockchain 101
Paul O'Hagan
 
02 hello smart contracts
BastianBlankenburg
 
Blockchain technology | Bitcoins
Huzaifa Âl-Sikandar
 
The Future of Blockchain
JakeSmothers
 
Build your first blockchain
Đoàn Thái Thiên Lộc
 
Architecture of the Hyperledger Blockchain Fabric - Christian Cachin - IBM Re...
Romeo Kienzler
 
Brief Introduction to Blockchain Security
Johnson, Chuan Zhang CISM CCSK OSCP
 
Dash Crypto Currency Intro for Techies
Joseph Holbrook, Chief Learning Officer (CLO)
 
Ad

Similar to Not So Anonymous - Deanonymization of Blockchain Users (20)

PDF
Bitcoin
mahdi ataeyan
 
PDF
Bitcoin and Blockchains
Sam Bowne
 
PPTX
Week 4 - DApps, Smart Contracts, and Decentralized Incentive Systems
Roger Royse
 
PPTX
Flaying the Blockchain Ledger for Fun, Profit, and Hip Hop
Andrew Morris
 
PPTX
A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
Beau Bullock
 
PDF
A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
Beau Bullock
 
PPTX
Introduction to Bitcoin and Crypto-currency
Justin Denton
 
PDF
Crypto for the Rest of Us
Pankaj Jain
 
PPTX
Bitcoin
SKMohamedKasim
 
PPTX
Cryptocurrency and Bitcoin
Utkarsh Singh
 
PPS
Michael bowen | High risk specialist |Card not present transaction expert
JayWigdore
 
PPTX
Blockchain and Cryptocurrencies
nimeshQ
 
PDF
Master of Sheets: A Tale of Compromised Cloud Documents
Jeremiah Onaolapo
 
PDF
Ashok misra presentation
MecklerMedia
 
PDF
Defcon 22-metacortex-grifter-darkside-of-the-internet
Priyanka Aash
 
PDF
Blockchain and Crypto 101 - October 2017
🔗Audrey Chaing
 
PDF
Blockchain tutorial for MBA
Blokcert
 
PPTX
Is Blockchain Right for You? The Million Dollar Question
Security Innovation
 
PDF
Bitcoin and Ransomware Analysis
Inderjeet Singh
 
PPTX
Idea To IPO Blockchain Slides
Roger Royse
 
Bitcoin
mahdi ataeyan
 
Bitcoin and Blockchains
Sam Bowne
 
Week 4 - DApps, Smart Contracts, and Decentralized Incentive Systems
Roger Royse
 
Flaying the Blockchain Ledger for Fun, Profit, and Hip Hop
Andrew Morris
 
A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
Beau Bullock
 
A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
Beau Bullock
 
Introduction to Bitcoin and Crypto-currency
Justin Denton
 
Crypto for the Rest of Us
Pankaj Jain
 
Bitcoin
SKMohamedKasim
 
Cryptocurrency and Bitcoin
Utkarsh Singh
 
Michael bowen | High risk specialist |Card not present transaction expert
JayWigdore
 
Blockchain and Cryptocurrencies
nimeshQ
 
Master of Sheets: A Tale of Compromised Cloud Documents
Jeremiah Onaolapo
 
Ashok misra presentation
MecklerMedia
 
Defcon 22-metacortex-grifter-darkside-of-the-internet
Priyanka Aash
 
Blockchain and Crypto 101 - October 2017
🔗Audrey Chaing
 
Blockchain tutorial for MBA
Blokcert
 
Is Blockchain Right for You? The Million Dollar Question
Security Innovation
 
Bitcoin and Ransomware Analysis
Inderjeet Singh
 
Idea To IPO Blockchain Slides
Roger Royse
 
Ad

Recently uploaded (20)

PDF
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
PDF
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
PDF
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
PDF
August Patch Tuesday
Ivanti
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PPTX
Chapter 5: Probability Theory and Statistics
RandyFin
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PDF
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
PDF
Getting Started with Data Integration: FME Form 101
Safe Software
 
PDF
Hybrid model detection and classification of lung cancer
IAESIJAI
 
PDF
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
DP Operators-handbook-extract for the Mautical Institute
LeonelMejiaLarios
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PPTX
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
PDF
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
August Patch Tuesday
Ivanti
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
Chapter 5: Probability Theory and Statistics
RandyFin
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
Getting Started with Data Integration: FME Form 101
Safe Software
 
Hybrid model detection and classification of lung cancer
IAESIJAI
 
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
DP Operators-handbook-extract for the Mautical Institute
LeonelMejiaLarios
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
Encapsulation theory and applications.pdf
gurumoop
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 

Not So Anonymous - Deanonymization of Blockchain Users

  • 1. Not so Anonymous - Deanonymization of Blockchain Users Johannes Ahlmann CorkSec Meetup 2019-03-12 https://www.dailydot.com/news/anonymous-opfullerton-kelly-thomas/
  • 2. Agenda • Is Bitcoin anonymous? • What is Deanonymization? • Why should I care? • What can I do about it? • Where to get cryptos? • Alternatives
  • 3. About Me • Johannes Ahlmann • sensatus.io • On-Prem AI Models • Gathering and Enriching Web Data • Sales & Client Intelligence • webdata.org • Share Libraries and Best Practices • Bring Data Scientists and SME Companies together • ForDevelopers • AwesomeAvailableDatasets • Contact: johannes@sensatus.io sensatus.io
  • 4. Pseudonyms • 1F1tAaz5x1HUXrCNLbtMDqcw6o5GNn4xqX • secret@protonmail.com • @johannes_cork • reddit_user • slashdot_user • ahljoh • 083 1762676 • Dread Pirate Roberts
  • 5. Anonymity & Privacy Anonymity "without a name" Noone knows who you are Privacy Noone knows what you purchased and for what amount https://d262ilb51hltx0.cloudfront.net/max/1610/1*d0KdwdeKDi5m8n-sZdr-_A.png
  • 6. Anonymity 1/2 • Pseudonymity - People are aware of one or multiple pseudonyms of yours, but not your true identity • Anonymity = Pseudonymity + Unlinkability • Unlinkability • Different actions of the same user should not be linkable to each other • Linking of addresses to users • Linking of transactions to users • Linking of senders to recipients
  • 7. Anonymity 2/2 • Privacy vs. Decentralization • Public Ledger is core component in consensus and sharing state of the world • Bitcoin is pseudonymous, not anonymous • public addresses = pseudonyms • much less privacy than cash • Many Bitcoins are acquired through Exchanges or Mining Pools • Relatively few merchants/ market participants to trade with (retroactive geolocation) • Deanonymizing TOR using Bitcoin ;) • Fungibility
  • 8. What is Deanonymization • Linking you to your addresses • Linking you to your transactions • Tagging, clustering of totality of addresses, transactions • Approaches • Transaction Graph Analysis • Realtime Network Analysis of P2P network
  • 11. source: https://www.technologyreview.com/s/608716/bitcoin-transactions-arent-as-anonymous-as-everyone-hoped/ • 130 major merchants accepting Bitcoin • 53/ 130 leak payment information with > 40 total parties • Known fiat amount, timestamp • Unique linkage possible for 60% of (these specific) cases
  • 12. Transaction Graph Analysis 1/2 Change Address Combined Addresses
  • 13. Transaction Graph Analysis 2/2 • Bitcoin transactions are public • Active collection • Mining pools • Online wallets • Exchanges • Merchants • Gambling • Tagging clusters • One tagged address in cluster tags all cluster • Bitcoin address should only be used once An Analysis of Anonymity in the Bitcoin System F. Reid and M. Harrigan, PASSAT 2011
  • 14. Realtime Network Analysis • "Attack" on the P2P Network • Peers distinguished over set of its (8) entry nodes • Linking inputs • Tagging clusters
  • 16. Realtime Network Analysis • Linking of different transactions to same user • Each peer is trying to connect to 8 entry nodes • Network discovery • Servers • Receive incoming connections • Max. 117 incoming connections • Clients • 8 outgoing connections • Peers are distinguished over set of it’s entry nodes!
  • 17. Remediation • Deterministic Address Pool Wallets • Random Address Pool Wallets • Tor • Mixers • Who can we trust? • Coinjoin • How to find Peers? • Anonymous cryptocurrencies
  • 18. Anonymous Currencies Monero - Ring signatures Dash - Fork of bitcoin, coin-mixing service Zcash - zk-SNARK, zero knowledge proofs Verge - Tor and I2P network for privacy Komodo - Fork of Zcash, zk-SNARK Pivx - Fork of Dash, Zerocoin protocol (Legitimate goods vs. legitimate worries; how can this be used for good or bad?)
  • 20. Resources • https://coincenter.org/entry/how-anonymous-is-bitcoin • https://bitcoinmagazine.com/articles/is-bitcoin-anonymous-a-complete-beginner-s-guide-1447875283/ • https://www.coursera.org/lecture/cryptocurrency/how-to-de-anonymize-bitcoin-qnS76 • https://www.slideshare.net/bhaslhofer/bitcoin-deanonymization-and-money-laundering-detection-strategies • https://pwlconf.org/2018/giulia-fanti/ • https://www.technologyreview.com/s/608716/bitcoin-transactions-arent-as-anonymous-as-everyone-hoped/ • https://decentralize.today/a-new-attack-vector-to-deanonymize-bitcoin-users-9c6dc433d4b6 • https://www.deepdotweb.com/2017/04/20/how-companies-are-deanonymizing-bitcoin/ • https://bitcoinsandblockchains.blogspot.com/2016/05/bitcoin-deanonymization.html • https://btcmanager.com/u-s-department-of-homeland-security-create-bitcoin-deanonymization-tool/ • https://www.deepdotweb.com/2018/01/02/using-bitcoin-transaction-analysis-deanonymizing-users-tor-hidden-services/ • https://www.researchgate.net/publication/305423583_Listening_to_Whispers_of_Ripple_Linking_Wallets_and_Deanony mizing_Transactions_in_the_Ripple_Network/download • https://www.youtube.com/embed/glyQy_e5LmM?