1. Forum
  2. Fidonet
  3. ALT.COMP.OS.WINDOWS-10

  • Deanonymizing Pseudonymity

    From D@3:633/280.2 to All on Wed May 28 01:41:25 2025

    (quoting links recently posted in <news:20250527.095215.9aa06e66@yamn.paranoici.org>)

    (using Tor Browser 14.5.2)
    https://dl.acm.org/doi/10.1016/j.cose.2019.101684
    Deanonymizing Tor hidden service users through Bitcoin transactions analysis >Authors: Husam Al Jawaheri, Mashael Al Sabah, Yazan Boshmaf, Aiman Erbad Authors Info
    & Claims
    Volume 89, Issue C
    https://doi.org/10.1016/j.cose.2019.101684
    Published: 01 February 2020 Publication History
    ACM Digital Library
    Abstract
    With the rapid increase of threats on the Internet, people are continuously seeking
    privacy and anonymity. Services such as Bitcoin and Tor were introduced to provide
    anonymity for online transactions and Web browsing. Due to its pseudonymity model,
    Bitcoin lacks retroactive operational security, which means historical pieces of
    information could be used to identify a certain user. By exploiting publicly available
    information, we show how relying on Bitcoin for payments on Tor hidden services could
    lead to deanonymization of these services› users. Such linking is possible by finding
    at least one past transaction in the Blockchain that involves their publicly declared
    Bitcoin addresses.
    To demonstrate the consequences of this deanonymization approach, we carried out a
    real-world experiment simulating a passive, limited adversary. We crawled 1.5K hidden
    services and collected 88 unique and active Bitcoin addresses. We then crawled 5B
    tweets and 1M BitcoinTalk forum pages and collected 4.2K and 41K unique Bitcoin
    addresses, respectively. Each user address was associated with an online identity along
    with its public profile information. By analyzing the transactions in the Blockchain,
    we were able to link 125 unique users to 20 hidden services, including sensitive ones,
    such as The Pirate Bay and Silk Road. We also analyzed two case studies in detail to
    demonstrate the implications of the information leakage on users anonymity. In >particular, we confirm that Bitcoin addresses should be considered exploitable, as they
    can be used to deanonymize users retroactively. This is especially important for Tor
    hidden service users who actively seek and expect privacy and anonymity. >References
    ...
    [end quoted excerpt]

    (using Tor Browser 14.5.2)
    https://dl.acm.org/doi/abs/10.1145/3589335.3651487
    Deanonymizing Transactions Originating from Monero Tor Hidden Service Nodes >Authors: Ruisheng Shi, Yulian Ge, Lina Lan, Zhiyuan Peng, Shenwen Lin, Lin Li Authors
    Info & Claims
    WWW '24: Companion Proceedings of the ACM Web Conference 2024
    Pages 678 - 681
    https://doi.org/10.1145/3589335.3651487
    Published: 13 May 2024 Publication History
    Get Access
    WWW '24: Companion Proceedings of the ACM Web Conference 2024
    Deanonymizing Transactions Originating from Monero Tor Hidden Service Nodes >Pages 678 - 681
    ACM Digital Library
    Abstract
    Monero is a privacy-focused cryptocurrency that incorporates anonymity networks (such
    as Tor and I2P) and deploys the Dandelion++ protocol to prevent malicious attackers
    from linking transactions with their source IPs. However, this paper highlights a
    vulnerability in Monero's integration of the Tor network, which allows an attacker to
    successfully deanonymize transactions originating from Monero Tor hidden service nodes
    at the network-layer level.
    Our approach involves injecting malicious Monero Tor hidden service nodes into the
    Monero P2P network to correlate the onion addresses of incoming Monero Tor hidden
    service peers with their originating transactions. And by sending a signal watermark
    embedded with the onion address to the Tor circuit, we establish a correlation between
    the onion address and IP address of a Monero Tor hidden service node. Ultimately, we
    correlate transactions and IPs of Monero Tor hidden service nodes.
    Through experimentation on the Monero testnet, we provide empirical evidence of the
    effectiveness of our approach in successfully deanonymizing transactions originating
    from Monero Tor hidden service nodes.
    Supplemental Material
    MP4 File
    Supplemental video
    Download 7.23 MB
    https://dl.acm.org/doi/suppl/10.1145/3589335.3651487/suppl_file/shp4046.mp4
    References
    ...
    [end quoted excerpt]

    p.s. the best advice i've ever read about big money is to "avoid not evade"


    --- MBSE BBS v1.1.1 (Linux-x86_64)
    * Origin: dizum.com - The Internet Problem Provider (3:633/280.2@fidonet)