Paper 2020/220

Remote Side-Channel Attacks on Anonymous Transactions

Florian Tramèr, Dan Boneh, and Kenneth G. Paterson

Abstract

Privacy-focused crypto-currencies, such as Zcash or Monero, aim to provide strong cryptographic guarantees for transaction confidentiality and unlinkability. In this paper, we describe side-channel attacks that let remote adversaries bypass these protections. We present a general class of timing side-channel and traffic-analysis attacks on receiver privacy. These attacks enable an active remote adversary to identify the (secret) payee of any transaction in Zcash or Monero. The attacks violate the privacy goals of these crypto- currencies by exploiting side-channel information leaked by the implementation of different system components. Specifically, we show that a remote party can link all transactions that send funds to a user, by measuring the response time of that user’s P2P node to certain requests. The timing differences are large enough that the attacks can be mounted remotely over a WAN. We responsibly disclosed the issues to the affected projects, and they have patched the vulnerabilities. We further study the impact of timing side-channels on the zero-knowledge proof systems used in these crypto-currencies. We observe that in Zcash’s implementation, the time to generate a zero-knowledge proof depends on secret transaction data, and in particular on the amount of transacted funds. Hence, an adversary capable of measuring proof generation time could break transaction confidentiality, despite the proof system’s zero-knowledge property. Our attacks highlight the dangers of side-channel leakage in anonymous crypto-currencies, and the need to systematically protect them against such attacks.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
Side-channelsAnonymous TransactionsTiming
Contact author(s)
tramer @ cs stanford edu
History
2020-02-21: received
Short URL
https://ia.cr/2020/220
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/220,
      author = {Florian Tramèr and Dan Boneh and Kenneth G.  Paterson},
      title = {Remote Side-Channel Attacks on Anonymous Transactions},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/220},
      year = {2020},
      url = {https://eprint.iacr.org/2020/220}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.