My Response to Ben Laurie's 'Last Word' on Bitcoin

Dandelion++: Lightweight Cryptocurrency Networking with Formal Anonymity Guarantees

arXiv:1805.11060
Date: 2018-05-28
Author(s): Giulia Fanti, Shaileshh Bojja Venkatakrishnan, Surya Bakshi, Bradley Denby, Shruti Bhargava, Andrew Miller, Pramod Viswanath

Link to Paper


Abstract
Recent work has demonstrated significant anonymity vulnerabilities in Bitcoin's networking stack. In particular, the current mechanism for broadcasting Bitcoin transactions allows third-party observers to link transactions to the IP addresses that originated them. This lays the groundwork for low-cost, large-scale deanonymization attacks. In this work, we present Dandelion++, a first-principles defense against large-scale deanonymization attacks with near-optimal information-theoretic guarantees. Dandelion++ builds upon a recent proposal called Dandelion that exhibited similar goals. However, in this paper, we highlight simplifying assumptions made in Dandelion, and show how they can lead to serious deanonymization attacks when violated. In contrast, Dandelion++ defends against stronger adversaries that are allowed to disobey protocol. Dandelion++ is lightweight, scalable, and completely interoperable with the existing Bitcoin network. We evaluate it through experiments on Bitcoin's mainnet (i.e., the live Bitcoin network) to demonstrate its interoperability and low broadcast latency overhead.

References
[1] [n. d.]. AWS Regions and Endpoints. ([n. d.]). http://docs.aws.amazon.com/general/latest/grande.html.
[2] [n. d.]. Bitcoin Core integration/staging tree. ([n. d.]). https://github.com/bitcoin/bitcoin.
[3] [n. d.]. Chainalysis. ([n. d.]). https://www.chainalysis.com/.
[4] [n. d.]. The Kovri I2P Router Project. ([n. d.]). https://github.com/monero-project/kovri.
[5] [n. d.]. Monero. ([n. d.]). https://getmonero.org/home.
[6] 2015. Bitcoin Core Commit 5400ef6. (2015). https://github.com/bitcoin/bitcoin/commit/5400ef6bcb9d243b2b21697775aa6491115420f3.
[7] 2016. reddit/monero. (2016). https://www.reddit.com/Monero/comments/4aki0k/what_is_the_status_of_monero_and_i2p/.
[8] Elli Androulaki, Ghassan O Karame, Marc Roeschlin, Tobias Scherer, and Srdjan Capkun. 2013. Evaluating user privacy in bitcoin. In International Conference on Financial Cryptography and Data Security. Springer, 34–51.
[9] Maria Apostolaki, Aviv Zohar, and Laurent Vanbever. 2016. Hijacking Bitcoin: Large-scale Network Attacks on Cryptocurrencies. arXiv preprint arXiv:1605.07524 (2016).
[10] Krishna B Athreya and Peter E Ney. 2004. Branching processes. Courier Corporation.
[11] Alex Biryukov, Dmitry Khovratovich, and Ivan Pustogarov. 2014. Deanonymisation of clients in Bitcoin P2P network. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, 15–29.
[12] Alex Biryukov and Ivan Pustogarov. 2015. Bitcoin over Tor isn’t a good idea. In Symposium on Security and Privacy. IEEE, 122–134.
[13] John Bohannon. 2016. Why criminals can’t hide behind Bitcoin. Science (2016).
[14] Shaileshh Bojja Venkatakrishnan, Giulia Fanti, and Pramod Viswanath. 2017. Dandelion: Redesigning the Bitcoin Network for Anonymity. POMACS 1, 1 (2017), 22.
[15] D. Chaum. 1988. The dining cryptographers problem: Unconditional sender and recipient untraceability. Journal of cryptology 1, 1 (1988).
[16] Ramnath K Chellappa and Raymond G Sin. 2005. Personalization versus privacy: An empirical examination of the online consumer’s dilemma. Information technology and management 6, 2 (2005), 181–202.
[17] H. Corrigan-Gibbs and B. Ford. 2010. Dissent: accountable anonymous group messaging. In CCS. ACM.
[18] George Danezis, Claudia Diaz, Emilia Käsper, and Carmela Troncoso. 2009. The wisdom of Crowds: attacks and optimal constructions. In European Symposium on Research in Computer Security. Springer, 406–423.
[19] George Danezis, Claudia Diaz, Carmela Troncoso, and Ben Laurie. 2010. Drac: An Architecture for Anonymous Low-Volume Communications.. In Privacy Enhancing Technologies, Vol. 6205. Springer, 202–219.
[20] R. Dingledine, N. Mathewson, and P. Syverson. 2004. Tor: The second-generation onion router. Technical Report. DTIC Document.
[21] G. Fanti, P. Kairouz, S. Oh, and P. Viswanath. 2015. Spy vs. Spy: Rumor Source Obfuscation. In SIGMETRICS Perform. Eval. Rev., Vol. 43. 271–284. Issue 1.
[22] Giulia Fanti and Pramod Viswanath. 2017. Anonymity Properties of the Bitcoin P2P Network. arXiv preprint arXiv:1703.08761 (2017).
[23] M.J. Freedman and R. Morris. 2002. Tarzan: A peer-to-peer anonymizing network layer. In Proc. CCS. ACM.
[24] Sam Frizell. 2015. Bitcoins Are Easier To Track Than You Think. Time (January 2015).
[25] Adam Efe Gencer and Emin Gün Sirer. 2017. State of the Bitcoin Network. Hacking Distributed, http://hackingdistributed.com/2017/02/15/state-of-the-bitcoin-network/. (February 2017).
[26] S. Goel, M. Robson, M. Polte, and E. Sirer. 2003. Herbivore: A scalable and efficient protocol for anonymous communication. Technical Report.
[27] P. Golle and A. Juels. 2004. Dining cryptographers revisited. In Advances in Cryptology-Eurocrypt 2004.
[28] Ethan Heilman, Leen Alshenibr, Foteini Baldimtsi, Alessandra Scafuro, and Sharon Goldberg. 2016. TumbleBit: An untrusted Bitcoin-compatible anonymous payment hub. Technical Report. Cryptology ePrint Archive, Report 2016/575.
[29] TE Jedusor. 2016. Mimblewimble. (2016).
[30] Philip Koshy. 2013. CoinSeer: A Telescope Into Bitcoin. Ph.D. Dissertation. The Pennsylvania State University.
[31] Philip Koshy, Diana Koshy, and Patrick McDaniel. 2014. An analysis of anonymity in bitcoin using p2p network traffic. In International Conference on Financial Cryptography and Data Security. Springer, 469–485.
[32] Greg Maxwell. 2013. CoinJoin: Bitcoin privacy for the real world. In Post on Bitcoin Forum.
[33] Dave McMillen. 2017. Mirai IoT Botnet: Mining for Bitcoins? SecurityIntelligence (April 2017).
[34] Sarah Meiklejohn, Marjori Pomarole, Grant Jordan, Kirill Levchenko, Damon McCoy, Geoffrey M Voelker, and Stefan Savage. 2013. A fistful of bitcoins: characterizing payments among men with no names. In Proceedings of the 2013 conference on Internet measurement conference. ACM, 127–140.
[35] Marc Mezard and Andrea Montanari. 2009. Information, physics, and computation. Oxford University Press.
[36] Andrew Miller, James Litton, Andrew Pachulski, Neal Gupta, Dave Levin, Neil Spring, and Bobby Bhattacharjee. 2015. Discovering Bitcoin’s public topology and influential nodes. (2015).
[37] Prateek Mittal, Matthew Wright, and Nikita Borisov. 2013. Pisces: Anonymous communication using social networks. In NDSS. ACM.
[38] Satoshi Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system. (2008).
[39] Micha Ober, Stefan Katzenbeisser, and Kay Hamacher. 2013. Structure and anonymity of the bitcoin transaction graph. Future internet 5, 2 (2013), 237–250.
[40] Larry L Peterson and Bruce S Davie. 2007. Computer networks: a systems approach. Elsevier.
[41] P. C. Pinto, P. Thiran, and M. Vetterli. 2012. Locating the source of diffusion in large-scale networks. Physical review letters 109, 6 (2012), 068702.
[42] Fergal Reid and Martin Harrigan. 2013. An analysis of anonymity in the bitcoin system. In Security and privacy in social networks. Springer, 197–223.
[43] Michael K Reiter and Aviel D Rubin. 1998. Crowds: Anonymity for web transactions. ACM Transactions on Information and System Security (TISSEC) 1, 1 (1998), 66–92.
[44] Dorit Ron and Adi Shamir. 2013. Quantitative analysis of the full bitcoin transaction graph. In International Conference on Financial Cryptography and Data Security. Springer, 6–24.
[45] Tim Ruffing, Pedro Moreno-Sanchez, and Aniket Kate. 2014. CoinShuffle: Practical decentralized coin mixing for Bitcoin. In European Symposium on Research in Computer Security. Springer, 345–364.
[46] Eli Ben Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza. 2014. Zerocash: Decentralized anonymous payments from bitcoin. In Symposium on Security and Privacy. IEEE, 459–474.
[47] Alexander Schrijver. 2002. Combinatorial optimization: polyhedra and efficiency. Vol. 24. Springer Science & Business Media.
[48] Rob Sherwood, Bobby Bhattacharjee, and Aravind Srinivasan. 2005. P5: A protocol for scalable anonymous communication. Journal of Computer Security 13, 6 (2005), 839–876.
[49] Jelle van den Hooff, David Lazar, Matei Zaharia, and Nickolai Zeldovich. [n. d.]. Scalable Private Messaging Resistant to Traffic Analysis. ([n. d.]).
[50] Zhaoxu Wang, Wenxiang Dong, Wenyi Zhang, and Chee Wei Tan. 2014. Rumor source detection with multiple observations: Fundamental limits and algorithms. In ACM SIGMETRICS Performance Evaluation Review, Vol. 42. ACM, 1–13.
[51] David Isaac Wolinsky, Henry Corrigan-Gibbs, Bryan Ford, and Aaron Johnson. 2012. Dissent in Numbers: Making Strong Anonymity Scale.. In OSDI. 179–182.
[52] M. Zamani, J. Saia, M. Movahedi, and J. Khoury. 2013. Towards provably-secure scalable anonymous broadcast. In USENIX FOCI.
[53] Bassam Zantout and Ramzi Haraty. 2011. I2P data communication system. In Proceedings of ICN. Citeseer, 401–409.
[54] Kai Zhu and Lei Ying. 2014. A robust information source estimator with sparse observations. Computational Social Networks 1, 1 (2014), 3.
submitted by dj-gutz to myrXiv [link] [comments]

Bobtail: A Proof-of-Work Target that Minimizes Blockchain Mining Variance

arXiv:1709.08750
Date: 2017-10-19
Author(s): George Bissias, Brian Neil Levine

Link to Paper


Abstract
Blockchain systems are designed to produce blocks at a constant average rate. The most popular systems currently employ a Proof of Work (PoW) algorithm as a means of creating these blocks. Bitcoin produces, on average, one block every 10 minutes. An unfortunate limitation of all deployed PoW blockchain systems is that the time between blocks has high variance. For example, 5% of the time, Bitcoin's inter-block time is at least 40 minutes. This variance impedes the consistent flow of validated transactions through the system. We propose an alternative process for PoW-based block discovery that results in an inter-block time with significantly lower variance. Our algorithm, called Bobtail, generalizes the current algorithm by comparing the mean of the k lowest order statistics to a target. We show that the variance of inter-block times decreases as k increases. If our approach were applied to Bitcoin, about 80% of blocks would be found within 7 to 12 minutes, and nearly every block would be found within 5 to 18 minutes; the average inter-block time would remain at 10 minutes. Further, we show that low-variance mining significantly thwarts doublespend and selfish mining attacks. For Bitcoin and Ethereum currently (k=1), an attacker with 40% of the mining power will succeed with 30% probability when the merchant sets up an embargo of 8 blocks; however, when k>=20, the probability of success falls to less than 1%. Similarly, for Bitcoin and Ethereum currently, a selfish miner with 40% of the mining power will claim about 66% of blocks; however, when k>=5, the same miner will find that selfish mining is less successful than honest mining. The cost of our approach is a larger block header.

References
[1] Bitcoin cash. https://www.bitcoincash.org/.
[2] Litecoin. https://litecoin.org/.
[3] Ethash. https://github.com/ethereum/wiki/wiki/Ethash, Aug 3 2017.
[4] Martin Abadi, Mike Burrows, Mark Manasse, and Ted Wobber. Moderately hard, memory-bound functions. ACM Trans. Internet Technol., 5(2):299–327, May 2005.
[5] Tuomas Aura, Pekka Nikander, and Jussipekka Leiwo. Dos-resistant authentication with client puzzles. In Revised Papers from the 8th International Workshop on Security Protocols, pages 170–177, 2001.
[6] Adam Back. Hashcash - Amortizable Publicly Auditable CostFunctions, 2002.
[7] Iddo Bentov, Ariel Gabizon, and Alex Mizrahi. Cryptocurrencies without proof of work. In International Conference on Financial Cryptography and Data Security, pages 142–157. Springer, 2016.
[8] Iddo Bentov, Charles Lee, Alex Mizrahi, and Meni Rosenfeld. Proof of Activity: Extending Bitcoin’s Proof of Work via Proof of Stake [Extended Abstract] y. ACM SIGMETRICS Performance Evaluation Review, 42(3):34–37, 2014.
[9] Bobtails. https://en.wikipedia.org/wiki/Natural_bobtail.
[10] Xavier Boyen, Christopher Carr, and Thomas Haines. BlockchainFree Cryptocurrencies: A Framework for Truly Decentralised Fast Transactions. Cryptology ePrint Archive, Report 2016/871, Sept 2016. http://eprint.iacr.org/2016/871.
[11] George Casella and Roger L. Berger. Statistical inference. Brooks Cole, Pacific Grove, CA, 2002.
[12] Liqun Chen and Wenbo Mao. An auditable metering scheme for web advertisement applications. Information Security, pages 475–485, 2001.
[13] F. Coelho. An (Almost) Constant-Effort Solution- Verification Proofof-Work Protocol Based on Merkle Trees. In Progress in Cryptology – AFRICACRYPT, pages 80–93, June 2008.
[14] Drew Dean and Adam Stubblefield. Using client puzzles to protect tls. In Proceedings of the 10th Conference on USENIX Security Symposium - Volume 10, SSYM’01, Berkeley, CA, USA, 2001. USENIX Association.
[15] J. Douceur. The Sybil Attack. In Proc. Intl Wkshp on Peer-to-Peer Systems (IPTPS), March 2002.
[16] Cynthia Dwork and Moni Naor. Pricing via processing or combatting junk mail. In In 12th Annual International Cryptology Conference, pages 139–147, 1992.
[17] Ethereum Homestead Documentation. http://ethdocs.org/en/latest/.
[18] Ittay Eyal, Adem Efe Gencer, Emin Gun Sirer, and Robbert Van Renesse. Bitcoin-ng: A scalable blockchain protocol. In 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI 16), pages 45–59, Santa Clara, CA, 2016. USENIX Association.
[19] Ittay Eyal and Emin Gün Sirer. Majority is not enough: Bitcoin mining is vulnerable. In International conference on financial cryptography and data security, pages 436–454. Springer, 2014.
[20] M. Franklin and D. Malkhi. Auditable metering with ligthweigth security. In Proc. Financial Cryptography, pages 151–160, 1997.
[21] Arthur Gervais, Ghassan O. Karame, Karl Wust, Vasileios Glykantzis, Hubert Ritzdorf, and Srdjan Capkun. On the Security and Performance of Proof of Work Blockchains. https://eprint.iacr.org/2016/555, 2016.
[22] Bogdan Groza and Bogdan Warinschi. Cryptographic puzzles and dos resilience, revisited. Des. Codes Cryptography, 73(1):177–207, October 2014.
[23] Markus Jakobsson and Ari Juels. Proofs of Work and Bread Pudding Protocols. In Proc. Conference on Secure Information Networks: Communications and Multimedia Security, pages 258–272, 1999.
[24] A. Juels and J. Brainard. Client puzzles: A cryptographic countermeasure against connection depletion attacks. In Proc. Networks and Distributed Security Systems, pages 151–165, 1999.
[25] Ben Laurie and Richard Clayton. “Proof-of-work" proves not to work; version 0.2. In Proc. Workshop on Economics and Information Security, 2004.
[26] Andrew Miller, Ari Juels, Elaine Shi, Bryan Parno, and Jonathan Katz. Permacoin: Repurposing bitcoin work for data preservation. In Proc. IEEE Security and Privacy, pages 475–490, 2014.
[27] Satoshi Nakamoto. Bitcoin: A Peer-to-Peer Electronic Cash System, May 2009.
[28] A. Pinar Ozisik and Brian Neil Levine. An Explanation of Nakamoto’s Analysis of Double-spend Attacks. Technical Report arXiv:1701.03977, University of Massachusetts, Amherst, MA, January 2017.
[29] Ayelet Sapirshtein, Yonatan Sompolinsky, and Aviv Zohar. Optimal Selfish Mining Strategies in Bitcoin. https://arxiv.org/pdf/1507.06183.pdf, July 2015.
[30] XiaoFeng Wang and Michael K. Reiter. Defending against denial-ofservice attacks with puzzle auctions. In Proceedings of the 2003 IEEE Symposium on Security and Privacy, SP ’03, pages 78–, Washington, DC, USA, 2003. IEEE Computer Society
submitted by dj-gutz to myrXiv [link] [comments]

What is Bitcoin Mining?  Bitcoin Mining Explained  How ... New Latest Bitcoin Mining Site  Earn Bitcoin Without ... Is Mining Bitcoin Still Profitable in 2020? - YouTube Earn $200 BTC  New Bitcoin Mining Site  Bitcoin ... How Much can you make mining bitcoins + Antminer R4 ...

Ben Laurie wrote a paper that he described on twitter as his ‘last word’ on bitcoin, which explains his view on why bitcoin is either not a decentralized system, or that if it is, how it could be a more efficient one. The paper is linked to in the blog post here: Decentralised Currencies Are Probably Impossible (But Let’s At Least Make Them Efficient). Laurie’s basic point is that ... DeepMind obtained the services of Ben Laurie, a noted cryptographer along with software engineers who have experience in cryptography and Blockchain. According to the Career Page of the company, the ground-breaking solutions will involve different technologies, static assessment, and other capabilities. The Blockchain will come in to guarantee transparency and security for the infrastructure ... The paper cites Ben Laurie's argument that “Bitcoin has not completely solved the distributed consensus problem as the mechanism for checkpointing is not distributed.” King notes that he attempted to design a distributed alternative, but ultimately concluded that a centralized solution was acceptable until a distributed solution became available. Released on November 1, 2017, v0.6.0 of the ... In terms of resources, that’s a big waste. Ben Laurie, the founder of Apache, once complained that bitcoin mining had consumed 5% of the electricity in UK. The quantum computer in the future is likely to surpass most current computers to carry out 51% hash attack. Therefore, in response to these shortcomings, some new blockchain games have emerged correspondingly. POS (Proof of Stak) POS is ... Ben Laurie blathering « Bitcoin 2. Decentralised Currencies Are Probably Impossible (But Let’s At Least Make Them Efficient) » Bitcoin is Slow Motion. OK, let’s approach this from another angle. The core problem Bitcoin tries to solve is how to get consensus in a continuously changing, free-for-all group. It “solves” this essentially insoluble problem by making everyone walk through ...

[index] [41362] [14692] [38622] [45557] [31297] [49508] [3914] [18744] [7150] [1895]

What is Bitcoin Mining? Bitcoin Mining Explained How ...

#Bitcoin_mining bitcoin mining, bitcoin ben, bitcoin news, bitcoin cash, bitcoin song, bitcoin and friends, bitcoin atm, bitcoin 2019, bitcoin price, bitcoin account, bitcoin app, bitcoin address ... BITCOIN BEN PATREON https://www.patreon.com/bitcoinben IVAN ON TECH ACADEMY https://academy.ivanontech.com/a/17936/9AamnQE6 https://veritashealthsolutions.co... Website link: 👇👇 https://bit.ly/2HGPVYI For Apps/Business/Promotions☆ ☆OR☆ WhatsApp:*****53 Hey Guys Shakeel Here , I Hope You Like My Video , if Y... #Bitcoin_mining bitcoin mining, bitcoin ben, bitcoin news, bitcoin cash, bitcoin song, bitcoin and friends, bitcoin atm, bitcoin 2019, bitcoin price, bitcoin account, bitcoin app, bitcoin address ... SUBSCRIBE FOR MORE HOW MUCH - http://shorturl.at/arBHL Antminer R4 - https://bitcoinmerch.com/products/buy-the-r4-silent-bitcoin-miner-for-home-use-bitmain 1...

#