DOCSLIB.ORG

Securing National E-ID Infrastructures: Tor Networks As a Source of Threats

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Securing National E-ID Infrastructures: Tor Networks As a Source of Threats Securing national e-ID infrastructures: Tor networks as a source of threats Paolo Spagnoletti 1[0000-0003-1950-368X], Gianluigi Me 2[0000-0002-8805-2547], Federica Ceci 3[0000-0002-6998-8534] and Andrea Prencipe 4[0000-0002-5691-2290] 1 LUISS University, Rome, Italy 2 LUISS University, Rome, Italy 2 G. d’Annunzio University, Pescara, Italy 4 LUISS University, Rome, Italy Abstract. Securing national electronic identification (e-ID) systems requires an in depth understanding of the associated threats. The trade of identity related ar- tefacts in the darknet facilitates illegal activities such as identity theft in both physical and virtual worlds. This paper reports the findings of an exploratory analysis of identity trading in the darknet. We capture the key features of three major markets of fake IDs in Tor networks, and apply attack-defense trees to show how the security of an e-ID infrastructure is affected by this phenomenon. Keywords: Identity theft, Tor, attack tree, identity management, black market. 1 Introduction Electronic identification (e-ID) infrastructures are considered a key enabler for the development of e-services in both public and private sector. In the last decade, many European countries have started nation-wide initiatives to develop their own e-ID infrastructures [1]. Such infrastructures differ in terms of architectures, institutional actors involved, and on the range of services that can be accessed by citizens using digital identities. In some cases, e-ID can be seen as platforms enabling authenticated citizens to access online services provided both by public administrations and private companies. Such platforms are based on federated authentication and authorization architectures in which few certified companies act as Identity Providers (IdP) under the supervision of a governmental institution [2]. Identity Providers must guarantee the identification of citizens and securely manage their personal data while enabling access to Service Providers (SP) in the ecosystem, by the means of standardized pro- tocols. Alike e-payment systems, e-ID infrastructures can be considered as multi-sided platforms [3]. Depending on the policies defined by governmental sponsors, different strategies can be implemented at the level of provider, technology and users. For in- stance, in Italy a competitive strategy at the level of Identity Providers has been re- cently established by AGID, the Public Agency in charge of promoting digitalization. 2 At the moment, the governmental sponsors have accredited five Identity Providers and they are requested to manage citizens’ identities by opening the platform through APIs to any public and private e-service. Citizens can join the SPID (Digital Identity Public Service) at no charge and benefit of a Single-Sign-On service when accessing to e-services connected to the national e-ID infrastructure. The economic sustainabil- ity of the overall system relies on transaction fees payed by private companies to the Identity Provider that performs the authentication. Despite the huge market potential of e-ID platforms, which coincides with the whole state population, governments are struggling in developing e-ID infrastructures and attracting a critical mass of users and service providers [4]. Possible challenges in the development of such infrastructures are related to privacy concerns, lack of inter- governmental coordination, lack of private-public sector cooperation, and tensions such as the trade-off between usability and security. Among those issues, security plays a crucial role by enabling the development of trusted e-service ecosystems. Security is a multidimensional property of systems, data and information [5]. When referred to an IT infrastructure in a business context, information security is often intended as the organizational goal of mitigating operational risks by protecting in- formation from threats to confidentiality, integrity, availability and accountability [6]. However, today’s pervasiveness of digital technologies in both work practices and citizens’ private life, extends the scope of risk to safety and other human rights. Un- desired e-payment transactions, data breaches of healthcare and financial information, sabotage of critical infrastructures (e.g. transportation, electricity, oil and gas, etc.) and unauthorized access to e-voting systems are only few examples of serious viola- tions of rights such as ownership, privacy, safety and freedom [7]. Since e-ID infra- structures serve as a gateway to a vast array of services, their vulnerabilities can have a tremendous impact on organizations and society. In fact, systems integration and interoperability of services enable the propagation of security incidents well beyond the boundaries of a single service with potential effects on the performance of an entire ecosystem [8]. While previous studies have addressed the problem of e-ID security from a technical perspective, in this paper we focus on the risk that malicious users get unauthorized access to federated services by acting on behalf of another user. In order to access e- services, users are requested to demonstrate their identity in the enrolment phase and then to perform an authentication process every time they need to enter the system. The ways in which these activities are performed is defined by IdPs and SPs and regu- lated by contracts. Every time a successful authentication is performed, users can act by the means of a digital identity, a set of attributes that are exchanged with the SP. Therefore, authorization and authentication processes transfer the user agency to digi- tal identity (e.g. password, scanned documents, e-card, etc.) whose theft and illegal exchange threatens the accountability and hence the security of the overall system. The risks of identity theft are today amplified by the availability of online markets in the Deep Web that allow users to exchange goods anonymously. Within such mar- kets, digital identities can be exchanged like many other illegal goods thus potentially reaching every Internet user. The goal of this study is to explore the emerging risks of 3 identity theft in the cyberspace and to discuss implications on the design and govern- ance of e-ID infrastructures. Although some empirical studies have emphasized the business potential of the Deep Web as an intelligence tool [9], it is commonly accepted that the presence of a cyberinfrastructure ensuring anonymity generates new threats for both businesses and citizens. The rise of black markets in the darknet is in fact transforming the ways in which criminals interact in trading illegal products and services [10–12]. These mar- kets are also used to sell identity related goods either in the form of digital infor- mation or as physical artefacts such as for instance ID cards and driving licences. We argue that the trade of identity related artefacts in the darknet represents a new source of risk for trusted e-service environments. When federated e-ID infrastructures are in place, fake identities provide criminals with unprecedented capabilities of harvesting private data and acting on behalf of others. Our goal is to shed light on this phenome- non by showing how the illegal trade of identity related product and services on the darknet pave the way to new forms of attacks to e-ID infrastructures. In this paper, we address this issue by exploring the market of identity documents in the darknet and identifying attack scenarios emerging in the new cybercrime eco- system. We conduct a case study on the black market of Italian citizens’ identities in Tor networks and discuss the implications for the development of secure e-ID infra- structures. The paper is structured as follows. We first illustrate some key features of black markets in the dark net based on findings from previous studies. Then, we formulate our research question by focusing on the market of illegal identities in the darknet and on the potential risks for e-ID infrastructures. In the third section, we describe the research methodology and the data collection process. In the fourth section, the results of our empirical analysis are presented and the implications of emerging attack sce- narios on the development of e-ID infrastructures is discussed. 2 Related works 2.1 Black markets in the darknet A darknet is an overlay network that can only be accessed with specific software, configurations, or authorization, often using non-standard communications protocols and ports. Contents of the darknet are not indexed by common search engines such as Google. Black markets existing within the dark net present unique features that make them extremely interesting. For our purposes, we find three particularly interesting features: anonymity of users, anonymity of payments, and resilience. The first aspect relates to the choice of communities who use and manage black markets to keep their identities secret [13]. The main motivation for anonymity is the illegal nature of the activities carried out by vendors and buyers [14, 15]. However, in some cases, the use of anonymity is chosen to avoid stigma or limit liability, as in the case of purchasing of drugs or political manuals [16, 17]. The need for anonymity has important impact on the organizational choices of markets and communities that man- 4 age them: research has shown that criminals often design their organizations not to maximize efficiency but to be able to better hide their activities [18] and to limit the dissemination of potentially incriminating information [19]. From a technical view- point, the anonymity is guaranteed by protocols that establish end-to-end circuits in which data are tunnelled using public-key cryptography. In these networks, each node only knows its predecessor and successor. New generation anonymity systems, such as Onion Routing networks handle a variety of bidirectional TCP-based applications like web browsing, secure shell, and instant messages. The Tor package is a set of free software tools implementing the Onion Routing network design. Tor users can therefore browse the web, publish web sites and other services without revealing their identity and the location of the site.
Load more

Recommended publications
  • Into the Reverie: Exploration of the Dream Market
    Into the Reverie: Exploration of the Dream Market Theo Carr1, Jun Zhuang2, Dwight Sablan3, Emma LaRue4, Yubao Wu5, Mohammad Al Hasan2, and George Mohler2 1Department of Mathematics, Northeastern University, Boston, MA 2Department of Computer & Information Science, Indiana University - Purdue University, Indianapolis, IN 3Department of Mathematics and Computer Science, University of Guam, Guam 4Department of Mathematics and Statistics, University of Arkansas at Little Rock, AK 5Department of Computer Science, Georgia State University, Atlanta, GA [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected] Abstract—Since the emergence of the Silk Road market in Onymous" in 2014, a worldwide action taken by law enforce- the early 2010s, dark web ‘cryptomarkets’ have proliferated and ment and judicial agencies aimed to put a kibosh on these offered people an online platform to buy and sell illicit drugs, illicit behaviors [5]. Law enforcement interventions such as relying on cryptocurrencies such as Bitcoin for anonymous trans- actions. However, recent studies have highlighted the potential for Onymous, along with exit scams and hacks, have successfully de-anonymization of bitcoin transactions, bringing into question shut down numerous cryptomarkets, including AlphaBay, Silk the level of anonymity afforded by cryptomarkets. We examine a Road, Dream, and more recently, Wall Street [6]. Despite these set of over 100,000 product reviews from several cryptomarkets interruptions, new markets have continued to proliferate. The collected in 2018 and 2019 and conduct a comprehensive analysis authors of [7] note that there appears to be a consistent daily of the markets, including an examination of the distribution of drug sales and revenue among vendors, and a comparison demand of about $500,000 for illicit products on the dark web, of incidences of opioid sales to overdose deaths in a US city.
    [Show full text]
  • A Broad Evaluation of the Tor English Content Ecosystem
    A Broad Evaluation of the Tor English Content Ecosystem Mahdieh Zabihimayvan Reza Sadeghi Department of Computer Science and Engineering Department of Computer Science and Engineering Kno.e.sis Research Center, Wright State University Kno.e.sis Research Center, Wright State University Dayton, OH, USA Dayton, OH, USA [email protected] [email protected] Derek Doran Mehdi Allahyari Department of Computer Science and Engineering Department of Computer Science Kno.e.sis Research Center, Wright State University Georgia Southern University Dayton, OH, USA Statesboro, GA, USA [email protected] [email protected] ABSTRACT It is an open question whether the fundamental and oen nec- Tor is among most well-known dark net in the world. It has noble essary protections that Tor provides its users is worth its cost: the uses, including as a platform for free speech and information dis- same features that protect the privacy of virtuous users also make semination under the guise of true anonymity, but may be culturally Tor an eective means to carry out illegal activities and to evade law beer known as a conduit for criminal activity and as a platform enforcement. Various positions on this question have been docu- to market illicit goods and data. Past studies on the content of mented [16, 22, 30], but empirical evidence is limited to studies that Tor support this notion, but were carried out by targeting popular have crawled, extracted, and analyzed specic subsets of Tor based domains likely to contain illicit content. A survey of past studies on the type of hosted information, such as drug tracking [12], may thus not yield a complete evaluation of the content and use of homemade explosives [20], terrorist activities [7], or forums [39].
    [Show full text]
  • NSIGHT SERIES May 2020 — Issue 5
    NSIGHT SERIES May 2020 — Issue 5 The Decline of the Dark Web How Mobile Solutions have Disrupted the Dark Web The dark web is in decline. Once the preferred means for anonymizing users’ online activity, the dark web has now been supplanted by encrypted mobile applications and alternate solutions. Similarly, aggressive law enforcement actions have shuttered many of the dark web’s largest forums, making it a much more fleeting and much less secure destination for criminal activity. As a result, the number of users accessing dark web sites has dropped. Instead, many users are connecting through the dark web via mobile applications on Android and iOS, rather than to the dark web via standard browsers, to obfuscate their internet traffic. Indeed, the number of users accessing the Tor network has increased, even as the number of users accessing hidden Dark web platforms such as The Onion Router (Tor), I2P, service sites—the “dark” part of the dark web—has dropped. Freenet, and Zeronet, attempt to anonymize users’ digital Moreover, encrypted applications like Telegram, Signal, fingerprint so that technical attributes like IP addresses are and Wickr.me have lowered the barrier to entry for secure not easily available to entities with intent to track users’ communication and illicit transactions. As a result, just like online activity. This emphasis on anonymity was designed to many other industries, the dark web has been disrupted keep the dark web free from oversight, free from censorship, by technological innovation and aggressive competition, and open to anyone in any location. The developers of Tor, triggering a gradual decline and turning the so-called the most popular dark web platform, promote it as a tool invisible internet even more opaque.
    [Show full text]
  • Complaint Apostolos Trovias, and Jury Demand
    Case 1:21-cv-05925 Document 1 Filed 07/09/21 Page 1 of 34 Richard R. Best Kristina Littman John O. Enright Victor Suthammanont Morgan B. Ward Doran Jon Daniels SECURITIES AND EXCHANGE COMMISSION New York Regional Office 200 Vesey Street, Suite 400 New York, New York 10281-1022 (212) 336-5674 (Suthammanont) Email: [email protected] UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF NEW YORK SECURITIES AND EXCHANGE COMMISSION, 21 Civ. ____ ( ) Plaintiff, ECF Case -- against -- COMPLAINT APOSTOLOS TROVIAS, AND JURY DEMAND Defendant. Plaintiff Securities and Exchange Commission (“Commission”), for its Complaint against Defendant Apostolos Trovias (“Trovias”) alleges as follows: SUMMARY OF THE ALLEGATIONS 1. From at least December 2016 through February 2021, Trovias—operating under the pseudonymous online avatar “TheBull”—engaged in a deceptive scheme to offer and sell what he called “insider trading tips” on Dark Web marketplaces to purchasers seeking an unfair advantage when trading securities in the public markets. 2. The Dark Web is a part of the internet that requires specialized software to access and is specifically designed to facilitate anonymity by obscuring users’ identities, including by Case 1:21-cv-05925 Document 1 Filed 07/09/21 Page 2 of 34 hiding users’ internet protocol addresses. The anonymity provided by the Dark Web allows users to sell and purchase illegal products and services, including illicit drugs, stolen identities, hacking services, and in this case, “insider trading tips.” 3. Trovias claimed that his tips consisted of order-book data from a securities trading firm—purportedly material, nonpublic information—that was provided to him by an employee of the trading firm.
    [Show full text]
  • Economics of Illicit Behaviors: Exchange in the Internet Wild West
    ECONOMICS OF ILLICIT BEHAVIORS: EXCHANGE IN THE INTERNET WILD WEST by Julia R. Norgaard A Dissertation Submitted to the Graduate Faculty of George Mason University in Partial Fulfillment of The Requirements for the Degree of Doctor of Philosophy Economics Committee: ___________________________________________ Director ___________________________________________ ___________________________________________ ___________________________________________ Department Chairperson ___________________________________________ Program Director ___________________________________________ Dean, College of Humanities and Social Sciences Date: _____________________________________ Spring Semester 2017 George Mason University Fairfax, VA Economics of Illicit Behaviors: Exchange in the Internet Wild West A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy at George Mason University By Julia R. Norgaard Master of Arts George Mason University, 2015 Bachelor of Arts University of San Diego, 2012 Director: Dr. Thomas Stratmann, Professor and Dissertation Chair Department of Economics Spring Semester 2017 George Mason University Fairfax, VA Copyright 2017 Julia R. Norgaard All Rights Reserved ii Dedication This is dedicated to my wonderful parents Clark and Jill, who introduced me to economics and taught me how to be a dedicated scholar and a good and faithful person. iii Acknowledgements Thank you to my family and friends who have supported me throughout my graduate journey. My boyfriend, Ennio, who gave
    [Show full text]
  • The Zeitgeist of Darknet OWASP Czech Chapter Meeting 14Th November 2018
    The Zeitgeist of Darknet OWASP Czech Chapter Meeting 14th November 2018 Ing. Martin Klubal Senior IT Security Specialist [email protected] Content ▪ Terminology ▪ Tor News in 2018 – Next Gen Onion Services – Tor Browser for Android ▪ Statistics ▪ Vulnerabilities ▪ Seizure & Conviction ▪ Popular Hidden Services ▪ DEMO: Tor Real Hacking 14th November 2018 The Zeitgeist of Darknet 2/26 Terminology ▪ Clearnet/Surface web – https://www.google.com/ – http://crdclub.su/ ▪ Darkweb (Darknet) – Hidden Wiki – Silk Road ▪ Deepweb – Invite Only Sites 14th November 2018 The Zeitgeist of Darknet 3/26 Next Gen Onion Services aka prop224 ▪ Better crypto ▪ Improved directory protocol ▪ Better onion address security against impersonation ▪ More extensible introduction/rendezvous protocol ▪ A cleaner and more modular codebase ▪ Onion v3 Addresses – 56 characters long vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion 14th November 2018 The Zeitgeist of Darknet 4/26 Tor Browser for Android ▪ Google Play (Alpha) https://play.google.com/store/apps/details?id=org.torproject.torbrowser_alpha ▪ Alternatives – Orfox (don‘t use anymore) – Onion Browser (iOS) 14th November 2018 The Zeitgeist of Darknet 5/25 Statistics ▪ Atlas – List of relays – https://atlas.torproject.org/ 14th November 2018 The Zeitgeist of Darknet 6/26 Statistics 14th November 2018 The Zeitgeist of Darknet 7/26 Statistics 14th November 2018 The Zeitgeist of Darknet 8/26 Statistics 14th November 2018 The Zeitgeist of Darknet 9/26 Statistics ▪ Top 10 countries by relay users in 2018
    [Show full text]
  • A Market in Dream: the Rapid Development of Anonymous Cybercrime
    Mobile Networks and Applications https://doi.org/10.1007/s11036-019-01440-2 A Market in Dream: the Rapid Development of Anonymous Cybercrime Gengqian Zhou1 · Jianwei Zhuge1 · Yunqian Fan2 · Kun Du1 · Shuqiang Lu1 © Springer Science+Business Media, LLC, part of Springer Nature 2020 Abstract In this paper we have conducted a comprehensive measurement and analysis on the Dream market, an anonymous online market that uses cryptocurrency as transaction currency. We first collect data between October 30th 2018 and March 1st 2019. Then we use decision tree-based approach to classify goods. Following we analyze the category of goods sold in the market, the shipping place of vendors. By analyzing more than 1,970,303 items, we find the goods sold in Dream Market are mainly drugs and digital goods. We estimate the total sales of all vendors, and find that an average monthly income is $14 million during the measurement period, which means that the market commission income is more than $560,000 per month. Based on these data, we use transaction cost theory to analyze the transaction attributes of illegal transactions, which shows that anonymous online market can reduce transaction cost of illegal transactions. We finally discuss the results analyzed and the intervention policy, as well as recent DDoS attacks and future trends of illegal transactions in anonymous online market. Keywords Anonymous online market · Illegal transactions · Cybercrime 1 Introduction on it allow buyers and vendors to hide their identity, making it difficult for law enforcement to tracking them. As a result, Anonymous network initially served as an approach for many prohibited goods such as drugs and privacy data, have browsing Internet anonymously, protecting user privacy.
    [Show full text]
  • 2000-Deep-Web-Dark-Web-Links-2016 On: March 26, 2016 In: Deep Web 5 Comments
    Tools4hackers -This You website may uses cookies stop to improve me, your experience. but you We'll assume can't you're ok stop with this, butus you all. can opt-out if you wish. Accept Read More 2000-deep-web-dark-web-links-2016 on: March 26, 2016 In: Deep web 5 Comments 2000 deep web links The Dark Web, Deepj Web or Darknet is a term that refers specifically to a collection of websites that are publicly visible, but hide the IP addresses of the servers that run them. Thus they can be visited by any web user, but it is very difficult to work out who is behind the sites. And you cannot find these sites using search engines. So that’s why we have made this awesome list of links! NEW LIST IS OUT CLICK HERE A warning before you go any further! Once you get into the Dark Web, you *will* be able to access those sites to which the tabloids refer. This means that you could be a click away from sites selling drugs and guns, and – frankly – even worse things. this article is intended as a guide to what is the Dark Web – not an endorsement or encouragement for you to start behaving in illegal or immoral behaviour. 1. Xillia (was legit back in the day on markets) http://cjgxp5lockl6aoyg.onion 2. http://cjgxp5lockl6aoyg.onion/worldwide-cardable-sites-by-alex 3. http://cjgxp5lockl6aoyg.onion/selling-paypal-accounts-with-balance-upto-5000dollars 4. http://cjgxp5lockl6aoyg.onion/cloned-credit-cards-free-shipping 5. 6. ——————————————————————————————- 7.
    [Show full text]
  • Internet-Facilitated Drugs Trade
    Internet-facilitated drugs trade An analysis of the size, scope and the role of the Netherlands Kristy Kruithof, Judith Aldridge, David Décary-Hétu, Megan Sim, Elma Dujso, Stijn Hoorens For more information on this publication, visit www.rand.org/t/RR1607 Published by the RAND Corporation, Santa Monica, Calif., and Cambridge, UK R® is a registered trademark. © 2016 WODC, Ministerie van Veiligheid en Justitie Cover image shared by Jo Naylor via Flickr; CC BY 2.0. RAND Europe is an independent, not-for-profit policy research organisation that aims to improve policy and decisionmaking in the public interest through research and analysis. RAND’s publications do not necessarily reflect the opinions of its research clients and sponsors. All rights reserved. No part of this book may be reproduced in any form by any electronic or mechanical means (including photocopying, recording, or information storage and retrieval) without permission in writing from the sponsor. Support RAND Make a tax-deductible charitable contribution at www.rand.org/giving/contribute www.rand.org www.rand.org/randeurope Preface The potential role of the Internet in facilitating drugs trade first gained mass attention with the rise and fall of Silk Road; the first major online market place for illegal goods on the dark web. After Silk Road was taken down by the FBI in October 2013, it was only a matter of weeks before copycats filled the void. Today, there are around 50 so-called cryptomarkets and vendor shops where vendors and buyers find each other anonymously to trade illegal drugs, new psychoactive substances, prescription drugs and other goods and services.
    [Show full text]
  • An Investigation on the Generative Mechanisms of Dark Net Markets Paolo Spagnoletti LUISS University
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by AIS Electronic Library (AISeL) Association for Information Systems AIS Electronic Library (AISeL) Pre-ICIS Workshop on Information Security and WISP 2018 Proceedings Privacy (SIGSEC) Winter 12-13-2018 An investigation on the generative mechanisms of Dark Net markets Paolo Spagnoletti LUISS University Federica Ceci G. d’Annunzio University Bendik Bygstad University of Oslo Follow this and additional works at: https://aisel.aisnet.org/wisp2018 Recommended Citation Spagnoletti, Paolo; Ceci, Federica; and Bygstad, Bendik, "An investigation on the generative mechanisms of Dark Net markets" (2018). WISP 2018 Proceedings. 20. https://aisel.aisnet.org/wisp2018/20 This material is brought to you by the Pre-ICIS Workshop on Information Security and Privacy (SIGSEC) at AIS Electronic Library (AISeL). It has been accepted for inclusion in WISP 2018 Proceedings by an authorized administrator of AIS Electronic Library (AISeL). For more information, please contact [email protected]. Spagnoletti et al. The generative mechanisms of dark net markets An investigation on the generative mechanisms of Dark Net markets Paolo Spagnoletti1 Department of Business and Management, LUISS University, Roma, Italy Federica Ceci Department of Economics and Management, G. d’Annunzio University, Pescara, Italy Bendik Bygstad Department of Informatics, University of Oslo, Oslo, Norway ABSTRACT In this paper we investigate the Dark Net which is the part of Internet accessible only via special browsers such as Tor. The Dark Net is the home of black-markets for illegal goods and services such as drugs, weapons and fake identities. In this study we investigate the Dark Net as a digital infrastructure over time to address the following research question: what are the forces underlying Dark Net markets? Our empirical approach is based on a set of techniques for accessing Dark Net marketplaces (DNM) and collecting various types of information on sites, transactions and users.
    [Show full text]
  • Arxiv:1805.03180V1 [Cs.CR] 8 May 2018
    An Empirical Analysis of Anonymity in Zcash George Kappos, Haaroon Yousaf, Mary Maller, and Sarah Meiklejohn University College London fgeorgios.kappos.16,h.yousaf,mary.maller.15,[email protected] Abstract dresses in Bitcoin does not provide any meaningful level Among the now numerous alternative cryptocurren- of anonymity. Beyond academic research, companies cies derived from Bitcoin, Zcash is often touted as the now provide analysis of the Bitcoin blockchain as a busi- one with the strongest anonymity guarantees, due to its ness [19]. This type of analysis was used in several ar- basis in well-regarded cryptographic research. In this rests associated with the takedown of Silk Road [20], and paper, we examine the extent to which anonymity is to identify the attempts of the WannaCry hackers to move achieved in the deployed version of Zcash. We investi- their ransom earnings from Bitcoin into Monero [17]. gate all facets of anonymity in Zcash’s transactions, rang- Perhaps in response to this growing awareness that ing from its transparent transactions to the interactions most cryptocurrencies do not have strong anonymity with and within its main privacy feature, a shielded pool guarantees, a number of alternative cryptocurrencies or that acts as the anonymity set for users wishing to spend other privacy-enhancing techniques have been deployed coins privately. We conclude that while it is possible to with the goal of improving on these guarantees. The use Zcash in a private way, it is also possible to shrink its most notable cryptocurrencies that fall into this former anonymity set considerably by developing simple heuris- category are Dash [2] (launched in January 2014), Mon- tics based on identifiable patterns of usage.
    [Show full text]
  • Characteristics of Bitcoin Transactions on Cryptomarkets
    Georgia State University ScholarWorks @ Georgia State University EBCS Proceedings Evidence-Based Cybersecurity Research Group 2019 Characteristics of Bitcoin Transactions on Cryptomarkets Xucan Chen Mohammad Al Hasan Paval Skums Xintao Wu Mohammad Javad Feizollahi See next page for additional authors Follow this and additional works at: https://scholarworks.gsu.edu/ebcs_proceedings Authors Xucan Chen, Mohammad Al Hasan, Paval Skums, Xintao Wu, Mohammad Javad Feizollahi, Marie Ouellet, Eric L. Sevigny, David Maimon, and Yubao Wu Characteristics of Bitcoin Transactions on Cryptomarkets Xucan Chen1;6, Mohammad Al Hasan2;6, Xintao Wu3;6, Pavel Skums1;6, Mohammad Javad Feizollahi4;6, Marie Ouellet5;6, Eric L. Sevigny5;6, David Maimon5;6, and Yubao Wu1;6 1 Department of Computer Science, Georgia State University, Atlanta, GA, USA 2 Department of Computer and Information Science, Indiana University - Purdue University Indianapolis, Indianapolis, IN, USA 3 Department of Computer Science and Computer Engineering, University of Arkansas, Fayetteville, AR, USA 4 Institute for Insight, Georgia State University, Atlanta, GA, USA 5 Department of Criminal Justice and Criminology, Georgia State University, Atlanta, GA, USA 6 email: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected] Abstract. Cryptomarkets (or darknet markets) are commercial hidden-service websites that operate on The Onion Router (Tor) anonymity network. Cryptomar- kets accept primarily bitcoin as payment since bitcoin is pseudonymous. Under- standing bitcoin transaction patterns in cryptomarkets is important for analyzing vulnerabilities of privacy protection models in cryptocurrecies. It is also impor- tant for law enforcement to track illicit online crime activities in cryptomarkets.
    [Show full text]