Hi list, We're pleased to share our novel work on channel balance probing.
We account for the first time for parallel channels in the context of probing, measure the efficiency of a probing attack in a simulator, propose and evaluate various countermeasures, and discuss the trade-offs they introduce. For details, see the blog post: https://s-tikhomirov.github.io/lightning-probing/ and the paper: https://eprint.iacr.org/2021/384 Channel probing has been explored previously [1,2,3]. In its simplest form, probing works as follows. An attacker sends payments with random hashes (aka probes), which fail either due to insufficient balance, or to incorrect hash. The attacker then learns the target channel balance with arbitrary precision by doing binary search over possible balances. The LN allows a pair of nodes to share multiple (parallel) channels. The LN uses non-strict forwarding: the sequence of nodes is fixed by the sender, but routing nodes are free to use any of their channels to the next node. Non-strict forwarding hinders probing, as the attacker doesn't always know which channel the probes actually go through. In this paper, we precisely model parallel channels from the prober's point of view. In particular, we use a notion of a hop - a pair of nodes sharing one or multiple channels - and separate channel-level balance bounds from hop-level bounds. For example: if a probe passed through a target multi-channel hop, the attacker learns a new lower bound for the hop as a whole (i.e., _one_ of the channels can forward this amount, but it is unclear which one). In contrast, if a probe failed at a target hop, the attacker learns a new upper bound on _all_ channel balances in this hop (i.e., _none_ of the channels can forward this amount). Besides this core intuition, our model accounts for channel directions (whether forwarding is allowed). We discuss multiple countermeasures, such as deliberately failing payments, spoofing errors, and introducing delays. While our simulations demonstrate their effectiveness, we stress that such measures could harm user experience and be not economically sustainable. We use an information-theoretical uncertainty metric to measure the prober's effectiveness. We simulate network delays based on real-world measurements and prior work. We then track how quickly the attacker yields balance information depending on what countermeasures routing nodes apply. We hope that this work helps advance the discussion in the LN community about the optimal ways to address the trade-offs between privacy, security, and efficiency. Kind regards, Alex, Gleb, and Sergei [1] Herrera-Joancomartí et al. On the Difficulty of Hiding the Balance of Lightning Network Channels. https://eprint.iacr.org/2019/328 [2] Kappos et al. An Empirical Analysis of Privacy in the Lightning Network. https://arxiv.org/abs/2003.12470 [3] Tikhomirov et al. Probing Channel Balances in the Lightning Network. https://arxiv.org/abs/2004.00333
_______________________________________________ Lightning-dev mailing list Lightning-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev
