ArticlePDF Available

Anonymity and the Obfuscation Issues in the Cryptographic Currency: Bitcoin

Authors:

Abstract and Figures

Bitcoin is the cryptographic currency where all transactions are recorded in the blockchain-a public, global, and immutable ledger. Because transactions are public, Bitcoin and its users employ obfuscation to maintain a degree of financial privacy. Critically, and in contrast to typical uses of obfuscation, in Bitcoin obfuscation is not aimed against the system designer but is instead enabled by design. We map sixteen proposed privacy-preserving techniques for Bitcoin on an obfuscation-vs.-cryptography axis, and find that those that are used in practice tend toward obfuscation. We argue that this has led to a balance between privacy and regulatory acceptance.
Content may be subject to copyright.
www.ijecs.in
International Journal Of Engineering And Computer Science ISSN:2319-7242
Volume 6 Issue 7 July 2017, Page No. 22016-22019
Index Copernicus value (2015): 58.10 DOI: 10.18535/ijecs/v6i7.19
Rishav Chatterjee, IJECS Volume 6 Issue 7 July 2017 Page No. 22016-22019 Page 22016
Anonymity and the Obfuscation Issues in the Cryptographic Currency:
Bitcoin
Rishav Chatterjee
Under Graduate Student
School of Computer Science & Engineering
Kalinga Institute of Industrial Technology
Bhubaneswar, India
rishavpiku@gmail.com
Abstract. Bitcoin is the cryptographic currency where all transactions are recorded in the blockchain a public,
global, and immutable ledger. Because transactions are public, Bitcoin and its users employ obfuscation to maintain a
degree of financial privacy. Critically, and in contrast to typical uses of obfuscation, in Bitcoin obfuscation is not
aimed against the system designer but is instead enabled by design. We map sixteen proposed privacy-preserving
techniques for Bitcoin on an obfuscation-vs.-cryptography axis, and find that those that are used in practice tend
toward obfuscation. We argue that this has led to a balance between privacy and regulatory acceptance.
Keywords Obuscation, security, privacy, cryptography.
Introduction
Bitcoin’s design is centered around a widely
distributed, global database which stores all
transactions that have ever taken place in the system.
Thus, there is no avenue for redress if a user wishes to
retrospectively hide a transaction. Further, nothing in
the ledger is encrypted, and digital signatures are
mandatory, ensuring cryptographic attribution of
activities to users. On the other hand, account
identifiers in Bitcoin take the form of cryptographic
public keys, which are pseudonymous. Anyone can
use Bitcoin “wallet” software to trivially generate a
new public key and use it as a pseudonym to send or
receive payments without registering or providing
personal information. However, pseudonymity alone
provides little privacy, and there are many ways in
which identities could be linked to these pseudonyms
(Narayanan et al., 2016).
Obscurity Issues
To counter this, Bitcoin and its users employ a variety
of obfuscation techniques to increase their financial
privacy. We visualize a representative selection of
these techniques in Figure 1 based on their time of
invention/creation and our assessment of their
similarity to obfuscation vs cryptography. We make
several observations. First, techniques used in Bitcoin
predominantly fall into obfuscation, with stronger
techniques being used exclusively in alternative
cryptocurrencies (altcoins). Second, there is a trend
towards stronger techniques over time, perhaps due to
a growing interest in privacy and to the greater
difficulty of developing cryptographic techniques.
Third, obfuscation techniques proposed at later points
in time are seeing less adoption, arguably a result of
their increased complexity and need for coordination
among participants (Möser & Böhme 2017).
DOI: 10.18535/ijecs/v6i7.19
Rishav Chatterjee, IJECS Volume 6 Issue 7 July 2017 Page No. 22016-22019 Page 22017
Figure 1: Privacy-Enhancing Technologies for
Bitcoin. The X-axis is the date of invention and the
Y-axis is an informal measure that combines the
sophistication of the technique and the strength of
the privacy guarantee. See Appendix 1 for
references and dates.2
Among the techniques used in Bitcoin, the most
prevalent can be characterized as “ambiguating
obfuscation” (Brunton & Nissenbaum 2015):
effectively reducing the information an adversary is
able to extract from a particular transaction.
Examples include using a new pseudonym for every
new transaction and randomizing the structure of
transactions to make the spend to the “true” recipient
indistinguishable from “change” going back to the
sender.
A second type of obfuscation, namely “cooperative
obfuscation”, has risen in popularity over the last
years. For example, users can send their money to a
service that will “mix” their funds with those of other
users, thereby obfuscating the flow of payments (cf.
Möser, Böhme & Breuker 2013). A similar technique
called CoinJoin works in a peer-to-peer fashion and
doesn’t require a trusted intermediary is CoinJoin.
Due to the need for these users to find and transact
with each other, markets for anonymity have arisen
that bring together providers and receivers of
anonymity (Möser & Böhme 2016).
Objectives and Ways for Obscuring Data
The ultimate objective behind obfuscating the data that
is being transfered is to minimize the risk of disclosure
resulting from providing access to the data.
Moreover, it also enhances the analytical usefulness of
the data.
There are several methods for obfuscation of data such
as Topcoding, Grouping, Adding or Multiplying noise
and Rank Swaping. A good amount of research needs
to be done in this domain.
The Case for Obfuscation
Critically, none of the techniques discussed provide
provable privacy guarantees through cryptography.
While these do exist and have been deployed (e.g.,
Zcash), they are far from being adopted by the
Bitcoin community, for both technical and political
reasons. On the technical side, Bitcoin’s
decentralization already incurs a severe performance
penalty compared to centralized payment systems
such as Paypal. Achieving cryptographic privacy
would further degrade performance. Obfuscation also
has a lighter impact on the
usefulness of the blockchain for non-currency
applications. The current design allows selectively
employing obfuscation, leaving room for other uses
that prioritize different goals, such as Colored Coins
(Rosenfeld 2012), a protocol for representing assets
on top of the Bitcoin blockchain.
On the political side, providing stronger privacy
through cryptography might make Bitcoin even more
attractive for activities such as money laundering,
ransomware, or terrorism financing, and thereby
DOI: 10.18535/ijecs/v6i7.19
Rishav Chatterjee, IJECS Volume 6 Issue 7 July 2017 Page No. 22016-22019 Page 22018
tempt a government crackdown. Much of the Bitcoin
community is invested in its mainstream adoption,
and therefore keen to avoid such an outcome. When
Bitcoin began to be noticed by the press, members of
the community went to work explaining it to policy
makers. They framed the technology as neutral and
unthreatening, and the Bitcoin ecosystem as subject
to existing regulations and amenable to new ones (cf.
Brito 2013, Brito & Castillo 2013, Lee 2013, Murck
2013, Hattem 2014).
The use of obfuscation in Bitcoin may have achieved
a balancing act between the financial privacy of its
users and the investigatory needs of law enforcement
and regulators. Law enforcement agencies have two
important advantages over everyday adversaries: the
budget for specialized Bitcoin tracking tools and
services (Cox 2017), and subpoena power. The latter
allows deanonymizing selected actors by obtaining
user records from exchanges and cross-referencing
them with the results of blockchain analysis
(Meiklejohn et al. 2013). Since only a few
governmental actors possess these powers, users still
enjoy a measure of financial privacy. Thus, the
imperfect privacy protection in Bitcoin may be one of
the keys to its success.
Conclusion
This paper shows us the anonymity of bitcoin. Bitcoin
transactions are nothing but electronic transactions
which can be done without blindly believing in a
central authority.
We could remove the problem of double spending
because of the peer-to-peer network
which has been used to eradicate this major issue.
Public history of the transactions are being kept as a
record and that is essentially known as Proof-of-work.
But it is computationally impossible. In this paper, we
conjecture that, as the number of users of obfuscation
grows, the visibility of the use of obfuscation
increases as well. It also reduces the quality of the
information that can be extracted from the system.
We argue that initially, the use of obfuscation is
mostly unnoticed as the user base and its impact is
small.
The success of obfuscation in Bitcoin motivates
studying the adoption of obfuscation in
sociotechnical systems more generally.
The first is to hide the use of obfuscation for as long
as possible through both social and technical means.
The second is to maximize the visibility of
obfuscation and campaign for its acceptance once it
can no longer remain unnoticed. This is why bitcoin
has been a thing which has been unnoticed, but is one
of the main research domains in the field of Computer
Science in modern days.
References
Bissias, G., Ozisik, A. P., Levine, B. N., & Liberatore, M.
(2014). Sybil-Resistant Mixing for Bitcoin. In Proceedings
of the 13th Workshop on Privacy in the Electronic Society
(pp. 149-158). ACM.
Bonneau, J., Narayanan, A., Miller, A., Clark, J., Kroll, J.
A., & Felten, E. W. (2014). Mixcoin: Anonymity for
Bitcoin with Accountable Mixes. In International
Conference on Financial Cryptography and Data Security
(pp. 486-504). Springer Berlin Heidelberg.
Brito, J., & Castillo, A. (2013). Bitcoin: A Primer for
Policymakers. Mercatus Center at George Mason
University.
Brito, J. (2013). Beyond Silk Road: Potential Risks, Threats,
and Promises of Virtual Currencies.
Testimony to the Senate Committee on Homeland Security
and Governmental Affairs. Available
online at
https://www.mercatus.org/system/files/Brito_BeyondSilkRo
adBitcoin_testimony_111313.pdf
(retrieved on 2017-06-02).Brunton, F., & Nissenbaum, H.
(2015). Obfuscation: A User's Guide for Privacy and
Protest. MIT Press.
Cox, J. (2017). US Law Enforcement Have Spent
Hundreds of Thousands on Bitcoin Tracking Tools.
Motherboard. Available online at
https://motherboard.vice.com/en_us/article/us-law-
enforcement-have-spent-hundreds-of-thousands-on-
bitcoin-tracking-tools (retrieved on 2017-06-02).
Hattem, J. (2014). Bitcoin Gets a Lobbyist. The Hill.
Available online at
http://thehill.com/policy/technology/207085-bitcoin-
investors-register-lobbyist (retrieved on 2017-06-02).
DOI: 10.18535/ijecs/v6i7.19
Rishav Chatterjee, IJECS Volume 6 Issue 7 July 2017 Page No. 22016-22019 Page 22019
Hearn, M., & Corallo, M. (2012). BIP 37:
Connection Bloom Filtering. Available online at
https://github.com/bitcoin/bips/blob/master/bip-
0037.mediawiki (retrieved on 2017-06-02).
Hearn, M. (2013). Merge Avoidance. Available online at
https://medium.com/@octskyward/merge-avoidance-
7f95a386692f (retrieved on 2017-06-02).
Heilman, E., Baldimtsi, F., Alshenibr, L., Scafuro, A., &
Goldberg, S. (2017). TumbleBit: An Untrusted Tumbler for
Bitcoin-Compatible Anonymous Payments. In Network and
Distributed System Security Symposium (NDSS).
Lee, T. B. (2013). Here’s How Bitcoin Charmed
Washington. The Washington Post. Available online at
https://www.washingtonpost.com/news/the-
switch/wp/2013/11/21/heres-how-bitcoin-charmed-
washington (retrieved on 2017-06-02).
Maxwell, G. (2013a). CoinJoin: Bitcoin Privacy for the
Real World. Available online at
https://bitcointalk.org/index.php?topic=27
9249.0 (retrieved on 2017-06-02).
Maxwell, G. (2013b). CoinSwap: Transaction Graph
Disjoint Trustless Trading. Available online at
https://bitcointalk.org/index.php?topic=321228
(retrieved on 2017-06-02).
Maxwell, G. (2015). Confidential Transactions, the Initial
Investigation. Available online at
https://www.elementsproject.org/elements/confidential-
transactions/investigation.html (retrieved on 2017-06-02).
Meiklejohn, S., Pomarole, M., Jordan, G., Levchenko, K.,
McCoy, D., Voelker, G. M., & Savage, S. (2013). A Fistful
of Bitcoins: Characterizing Payments Among Men with No
Names. In Proceedings of the 2013 Conference on Internet
Measurement (pp. 127-140). ACM.
Miers, I., Garman, C., Green, M., & Rubin, A. D.
(2013). Zerocoin: Anonymous Distributed E-Cash from
Bitcoin. In 2013 IEEE Symposium on Security and
Privacy (S&P) (pp. 397-411). IEEE.
Möser, M., Böhme, R., & Breuker, D. (2013). An Inquiry
Into Money Laundering Tools in the Bitcoin Ecosystem.
In eCrime Researchers Summit, 2013 (pp. 1-14). IEEE.
Möser, M., & Böhme, R. (2016). Join Me on a Market for
Anonymity. In Workshop on the Economics of Information
Security (WEIS).
Möser, M., & Böhme, R. (2017). Anonymous Alone?
Measuring Bitcoin’s Second-Generation Anonymization
Techniques. In IEEE Security & Privacy on the Blockchain
(IEEE S&B). IEEE.
Murck, P. (2013). Testimony of Patrick Murck General
Counsel, the Bitcoin Foundation to the Senate Committee
on Homeland Security and Governmental Affairs “Beyond
Silk Road: Potential Risks,Threats, and Promises of Virtual
Currencies”. Available online at
https://www.hsgac.senate.gov/download/?id=4CD1FF12-
312D-429F-AA41-1D77034EC5A8 (retrieved on 2017-06-
02).
Narayanan, A., Bonneau, J., Felten, E., Miller, A., &
Goldfeder, S. (2016). Bitcoin and Cryptocurrency
Technologies: A Comprehensive Introduction. Princeton
University Press.
Rosenfeld, M. (2012). Overview of Colored Coins.
Available online at https://bitcoil.co.il/BitcoinX.pdf
(retrieved on 2017-06-02).
Ruffing, T., Moreno-Sanchez, P., & Kate, A. (2014).
CoinShuffle: Practical Decentralized Coin Mixing for
Bitcoin. In European Symposium on Research in Computer
Security (pp. 345-364). Springer International Publishing.
Sasson, E. B., Chiesa, A., Garman, C., Green, M., Miers,
I., Tromer, E., & Virza, M. (2014). Zerocash:
Decentralized anonymous payments from bitcoin. In 2014
IEEE Symposium on Security and Privacy (S&P) (pp. 459-
474). IEEE.
Todd, P. (2014). Stealth Addresses. Available online at
https://lists.linuxfoundation.org/pipermail/bitcoin-
dev/2014-January/004020.html (retrieved on 2017-06-02).
Van Saberhagen, N. (2012). CryptoNote v 1.0. Available
online athttps://cryptonote.org/whitepaper_v1.pdf (retrieved
on 2017-06-02).
... In a blockchain consortium, different organizations join forces to develop, manage, govern, and operate a shared blockchain information system (O'Leary, 2017). Such shared systems can be understood as a class of IOS, namely, systems facilitating electronic exchanges and interactions between two or more participating organizations (R. Chatterjee, 2017;Robey et al., 2008). Previous forms of IOS include systems for information integration, using, for example, EDI, or processual integration using, for example, collaborative planning, forecasting, and replenishment (CPFR) (e.g., Romero & Vernadat, 2016). ...
Article
Blockchain systems continue to attract significant interest from both practitioners and researchers. What is more, blockchain systems come in various types, such as cryptocurrencies or as inter-organizational systems in business networks. As an example of a cryptocurrency, Bitcoin, one of the most prominent blockchain systems to date and born at the time of a major financial crisis, spearheaded the promise of relying on code and computation instead of a central governing entity. Proponents would argue that Bitcoin stood the test of time, as Bitcoin continues to operate to date for over a decade. However, these proponents overlook the never-ending, heated debates “behind the scenes” caused by diverging goals of central actors, which led to numerous alternative systems (forks) of Bitcoin. To accommodate these actors’ interests in the pursuit of their common goal is a tightrope act, and this is where this dissertation commences: blockchain governance. Based on the empirical examples of various types and application domains of blockchain systems, it is the goal of this dissertation to 1) uncover governance patterns by showing, how blockchain systems are governed, 2) derive governance challenges faced or caused by blockchain systems, and, consequently, to 3) contribute to a better understanding to what blockchain governance is. This dissertation includes four parts, each of these covering different thematical areas: In the first part, this dissertation focuses on obtaining a better understanding of blockchain governance’s context of reference by studying blockchain systems from various application domains and system types, for example, led by inter-organizational networks, states, or an independent group of actors. The second part, then, focuses on a blockchain as an inter-organizational system called “cardossier”, a project I was involved in, and its governance as a frame of reference. Hereupon, for one, I report on learnings from my project involvement in the form of managerial guidelines, and, for two, I report on structural problems within cardossier, and problems caused by membership growth and how they can be resolved. The third part focuses on a wider study of blockchains as inter-organizational systems, where I summarize findings of an analysis of 19 blockchain consortia. The findings, for one, answer the question of why blockchain consortia adopt blockchain technology, and, for two, show internal and external challenges these systems faced to derive managerial recommendations. The fourth and last part studies blockchain governance’s evolution and contributes an analysis of blockchain’s governance features and its contrast to established modes of governance. These four parts, altogether, have scientific value as they increase our understanding on blockchain governance. Consequently, this dissertation contributes to the body of knowledge on modes of governance, distributed system governance, and blockchain governance in general. I do so, by grounding the concept of blockchain governance in empirical detail, showing how these systems are governed on various application domains and system types, and by studying empirical challenges faced or caused by these systems. This approach is relevant and necessary, as blockchain systems in general, but particularly outside of cryptocurrencies, mostly still are in pursuit of a sustainable blockchain governance. As blockchains can be expected to continue to mature, the upcoming years offer very fruitful ground for empirical research along the empirical insights and theoretical lines shown in this dissertation.
Article
Full-text available
Bitcoin is the world’s first completely decentralized digital currency. This paper will provide a short introduction to the Bitcoin network, including its properties, operations, and pseudonymous character. It will describe the benefits of allowing the Bitcoin network to develop and innovate, while highlighting issues of concern for consumers, policymakers, and regulators. It will describe the current regulatory landscape and explore other potential regulations that could be promulgated. The paper will conclude by providing policy recommendations that will assuage policymakers’ common concerns while allowing for innovation within the Bitcoin network.
Conference Paper
Full-text available
Bitcoin is a purely online virtual currency, unbacked by either physical commodities or sovereign obligation; instead, it relies on a combination of cryptographic protection and a peer-to-peer protocol for witnessing settlements. Consequently, Bitcoin has the unintuitive property that while the ownership of money is implicitly anonymous, its flow is globally visible. In this paper we explore this unique characteristic further, using heuristic clustering to group Bitcoin wallets based on evidence of shared authority, and then using re-identification attacks (i.e., empirical purchasing of goods and services) to classify the operators of those clusters. From this analysis, we characterize longitudinal changes in the Bitcoin market, the stresses these changes are placing on the system, and the challenges for those seeking to use Bitcoin for criminal or fraudulent purposes at scale.
Conference Paper
We propose Mixcoin, a protocol to facilitate anonymous payments in Bitcoin and similar cryptocurrencies. We build on the emergent phenomenon of currency mixes, adding an accountability mechanism to expose theft. We demonstrate that incentives of mixes and clients can be aligned to ensure that rational mixes will not steal. Our scheme is efficient and fully compatible with Bitcoin. Against a passive attacker, our scheme provides an anonymity set of all other users mixing coins contemporaneously. This is an interesting new property with no clear analog in better-studied communication mixes. Against active attackers our scheme offers similar anonymity to traditional communication mixes.
Conference Paper
We provide a first systematic account of opportunities and limitations of anti-money laundering (AML) in Bitcoin, a decentralized cryptographic currency proliferating on the Internet. Our starting point is the observation that Bitcoin attracts criminal activity as many say it is an anonymous transaction system. While this claim does not stand up to scrutiny, several services offering increased transaction anonymization have emerged in the Bitcoin ecosystem - such as Bitcoin Fog, BitLaundry, and the Send Shared functionality of Blockchain.info. Some of these services routinely handle the equivalent of 6-digit dollar amounts. In a series of experiments, we use reverse-engineering methods to understand the mode of operation and try to trace anonymized transactions back to our probe accounts. While Bitcoin Fog and Blockchain.info successfully anonymize our test transactions, we can link the input and output transactions of BitLaundry. Against the backdrop of these findings, it appears unlikely that a Know-Your-Customer principle can be enforced in the Bitcoin system. Hence, we sketch alternative AML strategies accounting for imperfect knowledge of true identities but exploiting public information in the transaction graph, and discuss the implications for Bitcoin as a decentralized currency.
Conference Paper
Bitcoin is the first e-cash system to see widespread adoption. While Bitcoin offers the potential for new types of financial interaction, it has significant limitations regarding privacy. Specifically, because the Bitcoin transaction log is completely public, users' privacy is protected only through the use of pseudonyms. In this paper we propose Zerocoin, a cryptographic extension to Bitcoin that augments the protocol to allow for fully anonymous currency transactions. Our system uses standard cryptographic assumptions and does not introduce new trusted parties or otherwise change the security model of Bitcoin. We detail Zerocoin's cryptographic construction, its integration into Bitcoin, and examine its performance both in terms of computation and impact on the Bitcoin protocol.
BIP 37: Connection Bloom Filtering
  • M Hearn
  • M Corallo
Hearn, M., & Corallo, M. (2012). BIP 37: Connection Bloom Filtering. Available online at https://github.com/bitcoin/bips/blob/master/bip-0037.mediawiki (retrieved on 2017-06-02).
Merge Avoidance Available online at https://medium.com/@octskyward/merge-avoidance7f95a386692f
  • M Hearn
Hearn, M. (2013). Merge Avoidance. Available online at https://medium.com/@octskyward/merge-avoidance7f95a386692f (retrieved on 2017-06-02).