Research Summary: Studying Bitcoin privacy attacks and their Impact on Bitcoin-based Identity Methods
TLDR
- Blockchain technology enables decentralized and self-sovereign identities including new mechanisms for creating, resolving, and revoking them.
- The public availability of data records has allowed attacks that combine sophisticated heuristics with auxiliary information to compromise users’ privacy and deanonymize their identities.
- We review and categorize Bitcoin privacy attacks, investigate their impact on one of the Bitcoin-based identity methods namely did:btcr, and analyze and discuss its privacy properties.
Core Research Question
How can we categorize Bitcoin privacy attacks, and investigate privacy issues in did:btcr?
Citation
Ghesmati, S., Fdhila, W., & Weippl, E. (2021, September). Studying Bitcoin privacy attacks and their Impact on Bitcoin-based Identity Methods. In International Conference on Business Process Management (pp. 85-101). Springer, Cham. Studying Bitcoin Privacy Attacks and Their Impact on Bitcoin-Based Identity Methods | SpringerLink
Background
Entities (e.g., users and organizations), use global unique identifiers such as telephone numbers, ID, or URLs. However, these identifiers are often issued and managed by central authorities. Blockchain-based decentralized identifiers have been proposed to prove an identifier’s ownership without having to rely on a trusted entity.
- Decentralized identifier (DID): A string that includes three main parts: the scheme, the DID method, and the DID method identifier, which should be unique within the DID method.
- DID document: Contains information about the verification methods and the service endpoints required to interact with the DID subjects.
- DID subject: The entity that is identified by the DID, and can be a person, an object or an organization.
- DID method: Defines how DIDs are created, resolved, updated, and revoked.
Summary
- We review and categorize privacy attacks on the Bitcoin blockchain, which may reveal the links between addresses and real-world identities, and also correlate between different identities.
- We address Bitcoin privacy attacks’ impact on the DID method did:btcr.
- We adopted the privacy terminology from RFC 6973.
Method
Four main steps for collecting and selecting relevant literature:
- research questions identification
- literature search
- literature selection
- data extraction
Results
-
We categorized Bitcoin privacy attacks into four main categories (i) heuristics, (ii) side channel attacks, (iii) flow analysis, and (iv) auxiliary information.
-
We showed how data analysis of Bitcoin public records, in combination with auxiliary information can be exploited using sophisticated heuristics, to reveal or correlate transactions, identities, or addresses of users.
-
This study has demonstrated that although BTCR provides some advantages such as protection against censorship, integrity, access, and a degree of decentralization; it still lacks methods to deal with the privacy issues identified in this paper.
Discussion and Key Takeaways
We investigate the privacy of the method did:btcr based on the criteria adopted from RFC 6973.
-
Surveillance: Any kind of observation and monitoring of the users, whether the users are aware of the surveillance or not, can influence a user’s the privacy.
- Auxiliary information is obtained through the interactions with services using DIDs.
- Blockchain is immutable, no way to delete the history.
-
Correlation: The combination of different information, which relates to one user.
- Using the same DID or DID document for interacting with different services helps to trace and correlate user activities.
- Using the same public keys in different DID documents can reveal the link between the corresponding DIDs.
- The IP address of an entity can compromise the relationship of common controls, linking between different DIDs.
- Timing analysis can correlate users’ activities using the same service endpoint in the DID documents.
-
Identification: Relating the information to a specific user.
- If the Bitcoin address associated to a DID is later spent, it can link the address used for DID to other addresses owned by the user.
- The visibility of the DID document can leak the metadata about the attributes and provide information about the service endpoints.
- If the DID document is stored in the third-party server, the latter may identify the real DID owner.
- If the DID document is stored on a user’s own server, it can correlate the user IP address with the DID document.
-
Secondary Use: Collecting the information about a user without their consent and using it for purposes other than that which the information was collected for.
- Read/resolve makes it possible to trace the DID use if it is accessed by third party services (e.g., universal DID resolver).
- The verifier can trace the transaction flow, check the history of the UTXOs!
- DID real identity can be compromised if used in services that require information about the users or their activities (e.g., social networks).
-
Disclosure: Exposure of information about a user which violates the confidentiality of the shared data.
- Privacy may be lost in the economic activities for the services authenticated by DIDs.
- BTCR updates reveal the public key of the previous DID or changing the access control.
-
Misattribution: Whenever a user’s data or communications are attributed to another, which can consequently affect the user’s reputation.
- Using indistinguishable mixing techniques can relate the users’ UTXOs to someone else.
Implications and Follow-Ups
Future research will consist of elaborating and developing new methods, or using existing privacy-enhancing techniques (e.g., mixing techniques, zero-knowledge proofs) to address the aforementioned privacy issues.
Applicability
- This work can improve privacy countermeasures for DIDs BTCR.
- It can also provide comprehensive privacy attacks for privacy threat modeling.
- Our future work contains privacy threat modeling based on LINDDUN. The paper will appear on PTM Workshop under the name “User-Centric Public Blockchain Privacy Threats”.