Ivan Pustogarov, a PhD student at CryptoLUX ( https://www.cryptolux.org/index.php/Ivan_Pustogarov), presented research at the 36th IEEE Symposium on Security and Privacy in a talk he entitled, "Bitcoin Over Tor Isn't a Good Idea."
I assume he means that it is not *currently* a good idea. https://www.reddit.com/r/Bitcoin/comments/3kqcxq/ivan_pustogarov_bitcoin_over_tor_isnt_a_good_idea/ Reddit user /u/SwagPokerz commented with the following summary: - A Tor exit node will be banned by Bitcoin's automatic anti-DoS algorithms, which means regular users will find it difficult to access Bitcoin via Tor. - An attacker can exploit this fact by banning all good Tor exit nodes, and not banning all its own bad Tor exit nodes; thus, Bitcoin users who connect via Tor will almost always connect through an attacker's node. This allows an attacker to fake the state of the Bitcoin network, thereby allowing the attacker to perform all sorts of attacks, like delaying/dropping blocks and transacions, de-anonymization, finding the entry node, linking bitcoin addresses (all supposedly). - Bitcoin's ADDR/GETADDR protocol messages allow for fingerprinting users with a kind of cookie by sending users junk IP addresses and reading them back. Woops! This is backed by research on actual data; within 10 sessions, they were able to maintain 36% of a fingerprint, and thereby de-anonymize the user; a fingerprint survives restarts, lasts many hours (even more than a day). - An old attack is to fill up all the good nodes' connection slots, so that new nodes can connect only to an attacker's nodes. A novel attack is to broadcast the IP addresses of legiitimate Bitcoin nodes, but provide fake port numbers, so that any broadcast of those same IP addresses with the real port numbers is rejected because a Bitcoin client, stupidly, only considers the IP address, which it thinks it already knows. The point is that you can more easily force people to connect to attacker peers. - With hidden services, it's really easy to create a sybil attack. I am interested in thoughts from the list on this research. I suspect that resource exhaustion attacks directing users to malicious, Tor-connecting Bitcoin nodes are something that we can detect with simple monitoring tools. -Kristov -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
