[Bitcoin-development] Outbound connections rotation
ivan.pustogarov at uni.lu
Mon Aug 18 16:46:11 UTC 2014
I'd like to start a discussion on periodic rotation of outbound connections.
E.g. every 2-10 minutes an outbound connections is dropped and replaced
by a new one.
Each bitcoin non-UPnP client behind NAT has 8 outbound connections
which change only rarely (due to occasional remote side disconnections).
A subset of these 8 entry nodes uniquely identifies a user.
An attacker can listen for transactions in Bitcoin network and for each
transaction record the first 8 peers which forwarded the transaction.
If two distinct transactions (with unrelated bitcoin addresses)
come from the same set of 8 peers, the attacker can conclude that they
originated from the same user. This gives another method (in addition
to transaction graph analysis) for an attacker to link different BC
addresses of the same user.
Also note that by default bitcoin clients advertise their public IP
addresses. The attacker can link the advertised IP's to corresponding
8 entry nodes and use it to deanonymise Bitcoin clients.
If a bitcoin client periodically rotates his set of outbound
connections, his 8-peers fingerprint is blurred over time.
Corresponding pull request is #4723.
Some details are here: https://www.cryptolux.org/index.php/Bitcoin
More information about the bitcoin-dev