Delivery-Date: Thu, 23 Oct 2014 13:11:15 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 353AA1E0AA6;
	Thu, 23 Oct 2014 13:11:14 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 3B8DD31165;
	Thu, 23 Oct 2014 17:11:10 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 8229731148
 for <tor-talk@lists.torproject.org>; Thu, 23 Oct 2014 17:11:07 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id T6zRR1O-n7mD for <tor-talk@lists.torproject.org>;
 Thu, 23 Oct 2014 17:11:07 +0000 (UTC)
Received: from jessica.everdot.org (unknown [IPv6:2001:470:1f0b:1c12::1])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 550BF284AF
 for <tor-talk@lists.torproject.org>; Thu, 23 Oct 2014 17:11:07 +0000 (UTC)
Received: from mail.everdot.org (primail.everdot.org [IPv6:2001:470:dc2e:5::2])
 (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by jessica.everdot.org (Postfix) with ESMTPS id 21618FA0823
 for <tor-talk@lists.torproject.org>; Thu, 23 Oct 2014 19:11:02 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
 by mail.everdot.org (Postfix) with ESMTP id 17FB291233E1
 for <tor-talk@lists.torproject.org>; Thu, 23 Oct 2014 19:11:02 +0200 (CEST)
X-Virus-Scanned: amavisd-new at everdot.org
Received: from mail.everdot.org ([127.0.0.1])
 by localhost (everdot.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id BkckEYqugmWx for <tor-talk@lists.torproject.org>;
 Thu, 23 Oct 2014 19:10:55 +0200 (CEST)
Received: from meilong (unknown [IPv6:2001:470:dc2e:2:a15a:e15a:9482:642e])
 (using SSLv3 with cipher ECDHE-RSA-AES128-SHA (128/128 bits))
 (No client certificate requested)
 by mail.everdot.org (Postfix) with ESMTPSA id 642349122D88
 for <tor-talk@lists.torproject.org>; Thu, 23 Oct 2014 19:10:55 +0200 (CEST)
Date: Thu, 23 Oct 2014 19:10:48 +0200
From: =?ISO-8859-1?B?1nl2aW5k?= Saether <oyvinds@everdot.org>
To: tor-talk <tor-talk@lists.torproject.org>
Message-ID: <20141023191048.17a50660@meilong>
X-Mailer: Claws Mail 3.10.1 (GTK+ 2.24.24; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Subject: [tor-talk] =?utf-8?q?Bitcoin_over_Tor_isn=E2=80=99t_a_good_idea_?=
 =?utf-8?q?=28Alex_Biryukov_/_Ivan_Pustogarov__story=29?=
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============9216090445497254255=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

--===============9216090445497254255==
Content-Type: multipart/signed; micalg=pgp-sha1;
 boundary="Sig_/K1akgYv/2xpOcOFiSH44Yp_"; protocol="application/pgp-signature"

--Sig_/K1akgYv/2xpOcOFiSH44Yp_
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

http://arxiv.org/pdf/1410.6079v1.pdf

"Abstract
=E2=80=94Bitcoin is a decentralized P2P digital currency in which coins are
generated by a distributed set of miners and transaction are
broadcasted via a peer-to-peer network. While Bitcoin provides some
level of anonymity (or rather pseudonymity) by encouraging the users to
have any number of random-looking Bitcoin addresses, recent research
shows that this level of anonymity is rather low. This encourages users
to connect to the Bitcoin network through anonymizers like Tor and
motivates development of default Tor functionality for popular mobile
SPV clients. In this paper we show that combining Tor and Bitcoin
creates an attack vector for the deterministic and stealthy
man-in-the-middle attacks. A low-resource attacker can gain full
control of information flows between all users who chose to use Bitcoin
over Tor. In particular the attacker can link together user=E2=80=99s
transactions regardless of pseudonyms used, control which Bitcoin
blocks and transactions are relayed to the user and can delay or
discard user=E2=80=99s transactions and blocks. In collusion with a powerful
miner double-spending attacks become possible and a totally virtual
Bitcoin reality can be created for such set of users."

Interesting quote:

"Combining it with some peculiarities of how Tor handles data streams a
stealthy and low-resource attacker with just 1-3% of overall Tor Exit
bandwidth capacity and 1000-1500 cheap lightweight Bitcoin peers (for
example, a small Botnet) can force all Bitcoin Tor traffic to go either
through her Exit nodes or through her peers. This opens numerous attack
vectors."

a) Does this paper hold water? b) What is the price of 1-3% of all Tor
Exit capacity and "1000-1500 cheap lightweight" Bitcoin peers?

--Sig_/K1akgYv/2xpOcOFiSH44Yp_
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iEYEARECAAYFAlRJNp0ACgkQNBSJHnwv/KpbowCeItvkC74mZCx7Ul3WocCo1XK0
RpAAmwUL4RnTlUC24NdYb9xQks5+81Yw
=1/gd
-----END PGP SIGNATURE-----

--Sig_/K1akgYv/2xpOcOFiSH44Yp_--

--===============9216090445497254255==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============9216090445497254255==--

