Gervais, Arthur;
Capkun, Srdjan;
Karame, Ghassan O;
Gruber, Damian;
(2014)
On the privacy provisions of Bloom filters in lightweight bitcoin clients.
In:
Proceedings of the 30th Annual Computer Security Applications Conference.
(pp. pp. 326-335).
Association for Computing Machinery (ACM): New Orleans, LA, USA.
Preview |
Text
2014-763.pdf - Other Download (363kB) | Preview |
Abstract
Lightweight Bitcoin clients are gaining increasing adoption among Bitcoin users, owing to their reduced resource and bandwidth consumption. These clients support a simplified payment verification (SPV) mode as they are only required to download and verify a part of the block chain---thus supporting the usage of Bitcoin on constrained devices, such as smartphones. SPV clients rely on Bloom filters to receive transactions that are relevant to their local wallet. These filters embed all the Bitcoin addresses used by the SPV clients, and are outsourced to more powerful Bitcoin nodes which then only forward to those clients transactions relevant to their outsourced Bloom filters. In this paper, we explore the privacy of existing SPV clients. We show analytically and empirically that the reliance on Bloom filters within existing SPV clients leaks considerable information about the addresses of Bitcoin users. Our results show that an SPV client who uses a modest number of Bitcoin addresses (e.g., < 20) risks revealing almost all of his addresses. We also show that this information leakage is further exacerbated when users restart their SPV clients and/or when the adversary has access to more than one Bloom filter pertaining to the same SPV client. Motivated by these findings, we propose an efficient countermeasure to enhance the privacy of users which rely on SPV clients; our proposal can be directly integrated within existing SPV client implementations.
| Type: | Proceedings paper |
|---|---|
| Title: | On the privacy provisions of Bloom filters in lightweight bitcoin clients |
| Event: | ACSAC '14: Annual Computer Security Applications Conference |
| Open access status: | An open access version is available from UCL Discovery |
| DOI: | 10.1145/2664243.2664267 |
| Publisher version: | https://doi.org/10.1145/2664243.2664267 |
| Language: | English |
| Additional information: | This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions. |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science |
| URI: | https://discovery-pp.ucl.ac.uk/id/eprint/10182350 |
Archive Staff Only
 |
View Item |
