Delivery-Date: Sun, 13 Sep 2015 10:36:12 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 9A4411E068C;
	Sun, 13 Sep 2015 10:36:10 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 510F63728F;
	Sun, 13 Sep 2015 14:36:04 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 533853727E
 for <tor-talk@lists.torproject.org>; Sun, 13 Sep 2015 14:36:00 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 3j-5FKhFKbas for <tor-talk@lists.torproject.org>;
 Sun, 13 Sep 2015 14:36:00 +0000 (UTC)
Received: from mail-ob0-x22f.google.com (mail-ob0-x22f.google.com
 [IPv6:2607:f8b0:4003:c01::22f])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 2C4DD20EB3
 for <tor-talk@lists.torproject.org>; Sun, 13 Sep 2015 14:35:57 +0000 (UTC)
Received: by obbbh8 with SMTP id bh8so91776458obb.0
 for <tor-talk@lists.torproject.org>; Sun, 13 Sep 2015 07:35:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:date:message-id:subject:from:to:content-type;
 bh=/lVfuXqIhy79KwIJMaJUwwPwqo5/DKqIk8joUVGS1ng=;
 b=v7W4h64kvh1M/I2w0Pr6UnGGccHnGzHkF0h5Qo6du3fCzkFT09U4b6fP0bks4CZPx4
 ov47oswXNhxbwt1LTSoflo095W8AtMwMtk5Q7vaMTifdOGCxRq6uVOCpgvmNDf21oYTb
 XHKrjgdGiDng1UPAYhb7UBEyRYFA+cRM6WqsmXysQRos2iOFCA9V/bir59c79KsdhlWb
 uYPag7dV/oIxBpYwGquA3BsoCnehLQtYQQXQyWrQxa7O9sIz+CUgRhM2LxLzj96oO3X7
 6TXHyvWWxXCLn7iZgbagBYxz8OzsX3lV86gFi5/97L0FHp8mDKon6CTD32U/+ygr50FN
 R9PA==
MIME-Version: 1.0
X-Received: by 10.182.58.105 with SMTP id p9mr7058664obq.11.1442154954734;
 Sun, 13 Sep 2015 07:35:54 -0700 (PDT)
Received: by 10.202.18.142 with HTTP; Sun, 13 Sep 2015 07:35:54 -0700 (PDT)
Date: Sun, 13 Sep 2015 10:35:54 -0400
Message-ID: <CAGH37SKdRbCuMa_t4dgRF4sydLb0eMBo9T-hFwRZvw1XqAXLPQ@mail.gmail.com>
From: Kristov Atlas <kristovatlas.lists@gmail.com>
To: tor-talk@lists.torproject.org
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: [tor-talk] "Bitcoin Over Tor Isn't a Good Idea" by Ivan Pustogarov
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Ivan Pustogarov, a PhD student at CryptoLUX (
https://www.cryptolux.org/index.php/Ivan_Pustogarov), presented research at
the 36th IEEE Symposium on Security and Privacy in a talk he entitled,
"Bitcoin Over Tor Isn't a Good Idea."

I assume he means that it is not *currently* a good idea.

https://www.reddit.com/r/Bitcoin/comments/3kqcxq/ivan_pustogarov_bitcoin_over_tor_isnt_a_good_idea/

Reddit user /u/SwagPokerz commented with the following summary:


   -

   A Tor exit node will be banned by Bitcoin's automatic anti-DoS
   algorithms, which means regular users will find it difficult to access
   Bitcoin via Tor.
   -

   An attacker can exploit this fact by banning all good Tor exit nodes,
   and not banning all its own bad Tor exit nodes; thus, Bitcoin users who
   connect via Tor will almost always connect through an attacker's node. This
   allows an attacker to fake the state of the Bitcoin network, thereby
   allowing the attacker to perform all sorts of attacks, like
   delaying/dropping blocks and transacions, de-anonymization, finding the
   entry node, linking bitcoin addresses (all supposedly).
   -

   Bitcoin's ADDR/GETADDR protocol messages allow for fingerprinting users
   with a kind of cookie by sending users junk IP addresses and reading them
   back. Woops!

   This is backed by research on actual data; within 10 sessions, they were
   able to maintain 36% of a fingerprint, and thereby de-anonymize the user; a
   fingerprint survives restarts, lasts many hours (even more than a day).
   -

   An old attack is to fill up all the good nodes' connection slots, so
   that new nodes can connect only to an attacker's nodes. A novel attack is
   to broadcast the IP addresses of legiitimate Bitcoin nodes, but provide
   fake port numbers, so that any broadcast of those same IP addresses with
   the real port numbers is rejected because a Bitcoin client, stupidly, only
   considers the IP address, which it thinks it already knows.

   The point is that you can more easily force people to connect to
   attacker peers.
   -

   With hidden services, it's really easy to create a sybil attack.

I am interested in thoughts from the list on this research.

I suspect that resource exhaustion attacks directing users to malicious,
Tor-connecting Bitcoin nodes are something that we can detect with simple
monitoring tools.

-Kristov
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

