Research Summary: Studying Bitcoin privacy attacks and their Impact on Bitcoin-based Identity Methods
- Blockchain technology enables decentralized and self-sovereign identities including new mechanisms for creating, resolving, and revoking them.
- The public availability of data records has allowed attacks that combine sophisticated heuristics with auxiliary information to compromise users’ privacy and deanonymize their identities.
- We review and categorize Bitcoin privacy attacks, investigate their impact on one of the Bitcoin-based identity methods namely did:btcr, and analyze and discuss its privacy properties.
How can we categorize Bitcoin privacy attacks, and investigate privacy issues in did:btcr?
Ghesmati, S., Fdhila, W., & Weippl, E. (2021, September). Studying Bitcoin privacy attacks and their Impact on Bitcoin-based Identity Methods. In International Conference on Business Process Management (pp. 85-101). Springer, Cham. Studying Bitcoin Privacy Attacks and Their Impact on Bitcoin-Based Identity Methods | SpringerLink
Entities (e.g., users and organizations), use global unique identifiers such as telephone numbers, ID, or URLs. However, these identifiers are often issued and managed by central authorities. Blockchain-based decentralized identifiers have been proposed to prove an identifier’s ownership without having to rely on a trusted entity.
- Decentralized identifier (DID): A string that includes three main parts: the scheme, the DID method, and the DID method identifier, which should be unique within the DID method.
- DID document: Contains information about the verification methods and the service endpoints required to interact with the DID subjects.
- DID subject: The entity that is identified by the DID, and can be a person, an object or an organization.
- DID method: Defines how DIDs are created, resolved, updated, and revoked.
- We review and categorize privacy attacks on the Bitcoin blockchain, which may reveal the links between addresses and real-world identities, and also correlate between different identities.
- We address Bitcoin privacy attacks’ impact on the DID method did:btcr.
- We adopted the privacy terminology from RFC 6973.
Four main steps for collecting and selecting relevant literature:
- research questions identification
- literature search
- literature selection
- data extraction
We categorized Bitcoin privacy attacks into four main categories (i) heuristics, (ii) side channel attacks, (iii) flow analysis, and (iv) auxiliary information.
We showed how data analysis of Bitcoin public records, in combination with auxiliary information can be exploited using sophisticated heuristics, to reveal or correlate transactions, identities, or addresses of users.
This study has demonstrated that although BTCR provides some advantages such as protection against censorship, integrity, access, and a degree of decentralization; it still lacks methods to deal with the privacy issues identified in this paper.
We investigate the privacy of the method did:btcr based on the criteria adopted from RFC 6973.
Surveillance: Any kind of observation and monitoring of the users, whether the users are aware of the surveillance or not, can influence a user’s the privacy.
- Auxiliary information is obtained through the interactions with services using DIDs.
- Blockchain is immutable, no way to delete the history.
Correlation: The combination of different information, which relates to one user.
- Using the same DID or DID document for interacting with different services helps to trace and correlate user activities.
- Using the same public keys in different DID documents can reveal the link between the corresponding DIDs.
- The IP address of an entity can compromise the relationship of common controls, linking between different DIDs.
- Timing analysis can correlate users’ activities using the same service endpoint in the DID documents.
Identification: Relating the information to a specific user.
- If the Bitcoin address associated to a DID is later spent, it can link the address used for DID to other addresses owned by the user.
- The visibility of the DID document can leak the metadata about the attributes and provide information about the service endpoints.
- If the DID document is stored in the third-party server, the latter may identify the real DID owner.
- If the DID document is stored on a user’s own server, it can correlate the user IP address with the DID document.
Secondary Use: Collecting the information about a user without their consent and using it for purposes other than that which the information was collected for.
- Read/resolve makes it possible to trace the DID use if it is accessed by third party services (e.g., universal DID resolver).
- The verifier can trace the transaction flow, check the history of the UTXOs!
- DID real identity can be compromised if used in services that require information about the users or their activities (e.g., social networks).
Disclosure: Exposure of information about a user which violates the confidentiality of the shared data.
- Privacy may be lost in the economic activities for the services authenticated by DIDs.
- BTCR updates reveal the public key of the previous DID or changing the access control.
Misattribution: Whenever a user’s data or communications are attributed to another, which can consequently affect the user’s reputation.
- Using indistinguishable mixing techniques can relate the users’ UTXOs to someone else.
Future research will consist of elaborating and developing new methods, or using existing privacy-enhancing techniques (e.g., mixing techniques, zero-knowledge proofs) to address the aforementioned privacy issues.
- This work can improve privacy countermeasures for DIDs BTCR.
- It can also provide comprehensive privacy attacks for privacy threat modeling.
- Our future work contains privacy threat modeling based on LINDDUN. The paper will appear on PTM Workshop under the name “User-Centric Public Blockchain Privacy Threats”.