Open access
Datum
2023Typ
- Conference Paper
ETH Bibliographie
yes
Altmetrics
Abstract
The Lightning Network (LN) is a widely-adopted off-chain protocol that not only addresses Bitcoin’s scaling problem but also enables anonymous payments. Prior attacks have shown that an adversary controlling several peers at the central position of the network (e.g., by hijacking payment routes) can deanonymize such payments. However, these attacks are highly observable or require many parties to collude.
This paper presents Revelio, a stealthier, passive network-level privacy attack against LN that exploits its joint centralization at the application and the network layers. Indeed, network-level adversaries can see most of the LN traffic (e.g., five autonomous systems can see up to 80 % of all observable communication channels) despite the encrypted communication between LN nodes and the widespread usage of Tor. This comprehensive view allows Revelio adversaries not only to estimate the payment amount but also to effectively reduce the anonymity size of its endpoints. We show that the Revelio attack is practical: it perfectly deanonymizes the senders or the receiver in almost one-third of tested payments in today’s LN and underlying network topologies. Mehr anzeigen
Persistenter Link
https://doi.org/10.3929/ethz-b-000611970Publikationsstatus
publishedExterne Links
Buchtitel
2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P)Seiten / Artikelnummer
Verlag
IEEEKonferenz
Organisationseinheit
09477 - Vanbever, Laurent / Vanbever, Laurent
Zugehörige Publikationen und Daten
Is supplemented by: https://doi.org/10.3929/ethz-b-000620361
ETH Bibliographie
yes
Altmetrics