Bitcoin: More Covert than it Looks

A man wearing a suit and an "Anonymous" Guy-Fawkes mask, using an old-fashioned green-screen text computer.

Anonymity; and the Internet, CC BY NC SA by Sitan Eikeland on Flickr

There’s been a lot of discussion in the past few weeks about how anonymous Bitcoin actually is. If you’re new to Bitcoin, you can check my short introduction to the cryptocurrency over at Ars Technica.

Bitcoin is often incorrectly touted as a completely anonymous currency, which is not quite correct. Bitcoin uses a distributed transaction register, which is completely public. In fact, it depends on this open ledger to allow coins to be signed over from one owner to another. This sounds like it might completely defy any measure of anonymity. After all, if every coin can be tracked from transaction to transaction, it should be no trouble to keep tabs on the whole network. This is the point that a lot of insightful commentators have been making in the past weeks. Tim Lee‘s post over on Forbes distills this criticism concisely, and expresses the mechanism by which Bitcoin de-anonymization might happen. Tim’s article is well worth a read, but I think that he misses some of the ways that Bitcoin-users can — and do — remain effectively anonymous with the currency. In particular, I think that he misses just how much of an advantage it is that operations with Bitcoin can be automated, and abstracted away from the user.

If I have one Bitcoin account, and I use that for all incoming and outgoing payments, it’s very easy to keep track of my transactions. Anyone who has ever given me coins can now see exactly where I send how much money, forever. However, this is not the way that anyone really does or ever should use Bitcoin. It’s standard practice to use a new address for each incoming payment. This way, there’s no link between different inbound transactions. When making an outgoing payment, pick a selection of addresses whose balances add up to only slightly more than the sum you wish to pay. Pool those into a new address (with a little left-over in one of the original accounts), and send the whole payment from that new address. Over time, you accumulate little remainders, which can help fill in the gaps with other payments. This approach keeps transactions largely separate, and makes it very tough to associate more than a couple of transactions. With this approach, it’s mind-bogglingly tough to track a particular person, because there isn’t any particular identifier for “them”. They don’t make and receive payments from any distinct account or unique login: they just keep a wallet full of private keys that own some coins.

Right now, the Bitcoin client is fairly simple. It has all the low-level technical details set up, and it’s meant to be used by savvy users who understand the underlying technology, and know the implications of their behavior. Currently this sort of account-balancing is done manually, by users who know what they’re doing. However, it’s a very simple practice to automate, and we should expect future Bitcoin clients to implement this sort of obfuscations natively, without exposing the user to the technical details. The interface is for this can be simple, and uncluttered: a user just sees their balance, summing over all the addresses they own. Whenever you need to receive a payment, the program generates a new incoming address, and perhaps shows it as a QRcode; whenever you need to pay out, tell it the address and the amount and it’ll take care of the details. As long as the user’s connection to the Bitcoin network is relatively anonymous, minimal information is spilled. Even using heavy-duty anonymity software like Tor has minimal inconvenience because the Bitcoin network already has a fair bit of lag time before confirming transactions.

Tim also plays down the importance of money-laundering services, suggesting that they’re too much trouble for most users. Again: while current interfaces are simplistic, these sort of services can be highly automated, and present very simple interfaces for users. We could imagine a simple Bitcoin-laundering service as follows. Users (through a client) ask the laundry service for an address to pay into, and they specify an address to pay out to, as well as how quickly they want the payout. The service specifies an address and the users pays some money in. At a regular rate, perhaps every minute, or ten minutes depending on the number of users, the service makes a whole load of transactions, paying all the users who requested payouts at about that time. It randomly picks which addresses to make transactions from, so there’s no easy way to link an incoming payment with an outgoing payment. Because the outgoing transactions all happen at the same time, the laundry service acts like a medium-latency mix network, making it very difficult to use timing to associate a user’s inbound and outbound address. Of course, the laundry service takes a small cut from all these transactions. This sort of laundry doesn’t have to be interactive: in fact, it’s the sort of activity which would be well suited to occurring silently and slowly in the background of a Bitcoin client. Users pick certain parameters, like how fast they want all their coins to turn over, or how much to spend, and the client negotiates all the details with a selection of laundry services approved by the user. Other tweaks could include prioritizing certain transactions for laundry, or using a number of laundry services chained together to reduce the amount of information that any one of them has.

There may not be many dedicated laundry services right now, but if people start using Bitcoin for more personal activities, and big brother starts paying closer attention, demand for these sorts of services may well increase. Conveniently, users don’t have to place much trust in a laundry service. If I want to clean a large quantity of money, instead of depositing it all at once, I can deposit it one chunk at a time, and wait for the payback to be confirmed before putting in my next piece. Depending on the size and reputation of a service, it might use chunks ranging from pennies to a few dollars in size, and a user would be free to pay multiple chunks at once if they trust the service and require some speed. This sort of thing should be more and more expected if Bitcoin extends to wider use.

These are just some examples of the techniques that can be used to retain privacy when using Bitcoin. Many of them are complex in structure, but can be automated and represented to even un-savvy users with a very simple interface. All of these strategies could probably be used with traditional currencies too, however it would actually require the user to manually perform all the steps involved. With Bitcoin — like web browsing, instant messaging, or any other complex and protocol-driven activity — users don’t have to understand every detail of the interactions to use the system effectively. The strength of Bitcoin isn’t that it’s anonymous per se — it isn’t — it’s that it makes automation easy and keeps transactions secure. The underlying protocol is already in place, now we can innovate on the techniques and processes that make it convenient and anonymous, or give the system any other properties which we can design for.

About these ads

About flamsmark

I do privacy at Mozilla. Years of security have left me incurably paranoid. Tech, policy, security, privacy, & anonymity are good. Open is better. GPG: 80AF07D3
This entry was posted in Essays, Features, Responses and tagged , , , , , , , . Bookmark the permalink.

13 Responses to Bitcoin: More Covert than it Looks

  1. Jeff says:

    I think you hit on a point that many fail to realize is one of Bitcoin’s greatest strengths: Programmatic Manipulation. Never has money been accessible to code in such a raw way. As a consequence Bitcoin is far more chameleon than its critics realize. Many problems are hardly problems at all. They just represent future optimizations that have yet to come.

  2. Joe Bloggs says:

    nice, I am off to go to make a laundry service, it will be online in 2 days.

  3. Jon Matonis says:

    Excellent post, Tom. These thoughts need much wider exposure within the community. Additionally, Tim’s piece misses on the essential “centralisation/public ledger” trade-off whereby we accept the public ledger of pseudonymous transaction footprints in exchange for valuable decentralisation features. One of the most overlooked decentralisation features is the ability to conduct large-scale, cross-border private value transfers outside the scope of the OECD/FATF/AML banking framework.

  4. Pingback: Bitcoin: More Covert Than It Looks « BitcoinTraining.com

  5. Pingback: Ways to Make Bitcoin More Private – Possibly Untraceable « BitcoinTraining.com

  6. Journalists like Tim Lee suffer from a few problems when they write about projects like Bitcoin. The first of these is that very few of them actually download the program and run it to get a feel of how it actually works. They have never spent or received a Bitcoin or a part of one. If they did that, they would understand it from the inside, and not just as an idea that they have tried to understand in the purely abstract.

    The second is that none of them have any first hand experience with encryption and cryptography. Crypto is nothing more than another abstract concept for them. The closest they have come to using cryptography is an SSL connection when they buy a book at Amazon.

    If Tim Lee had any experience or knowledge of cryptography, he would have used the term Traffic Analysis in his piece, which he talks around instead of referring to directly.

    Here is the Wikipedia entry, for those who have not heard of this term:

    Traffic analysis is the process of intercepting and examining messages in order to deduce information from patterns in communication. It can be performed even when the messages are encrypted and cannot be decrypted. In general, the greater the number of messages observed, or even intercepted and stored, the more can be inferred from the traffic. Traffic analysis can be performed in the context of military intelligence or counter-intelligence, and is a concern in computer security.

    Traffic analysis tasks may be supported by dedicated computer software programs, including commercially available programs such as those offered by i2, Visual Analytics, Memex, Orion Scientific, Pacific Northwest National Labs, Genesis EW’s GenCOM Suite and others. Advanced traffic analysis techniques may include various forms of social network analysis.

    [...]

    What I find most strange is how all of the mainstream writers are critical of Bitcoin on some level to a man. Some are more refined in their criticism, like Lee, and others are just stupid and sensational. Both have one thing in common; they are desperate to pour rain on the revolution. They want the evil status quo to persist, at any cost, and are eager to dissuade people from using this new tool. I have one question…

    Why?

    Why are all of these journalists so hostile to this new idea? Why are they doing everything they can to attack it? What they are doing is well beyond reasoned skepticism; they are posting illogical, ill-informed attacks, littered with ad hominem attacks, hearsay and fallacies.

    They all live in the age of the Internet, a tool which has changed everyone’s life for the better; why are they against Bitcoin, writing in the manner of a gaggle of simple minded luddites? I wonder if these are the same sort of people who railed against the printing press, the automobile, the advent of recorded music, television, the VCR or all the other things that have transformed our perception of the world and our interactions with each other in it.

    Happily, the flow of history is tilted against these luddites. The number of people reading their columns is small and the number of people who are paying attention to their advice not to try Bitcoin is vanishingly smaller. New Bitcoin exchanges are opening on a weekly basis; there are now two in China, one in Canada, another in Brazil, and you can bet your bottom Bitcoin that more will spring up in the coming weeks.

    Just as the luddites failed to stem the flow of progress, these Bitcoin naysayers and Police State fetishists are going to fail to stop this revolution from taking root and flourishing.

    As small as their readership is, it is important to put their inhuman and negative words into context and refute them; their words will last for years on the internet, and so will this comment and the other intelligent comments that set the record straight. When the history of this time is written, the commenters who were prescient in their ideas about Bitcoin will take their proper place.

    Mainstream media is dying. For whatever reason, they refuse to hire logical writers who understand what it is they are writing about, or if they do, will not allow them to publish the truth. No matter. We can do without them, their dull opinions, their ingrained negativity, ignorance and chicken little scriblings.

    If you liked this comment, tip me: 12jEN7d57UBgGYjpscb9pNpdgfPjNUBVAT

    • flamsmark says:

      I think you’re giving Tim a lot less credit than he deserves. He has certainly downloaded and used Bitcoin software, and read and understood the protocol. As a Computer Science PhD student in Ed Felten’s security group at Princeton University, his knowledge of crypto is more than sufficient to write about Bitcoin. If Tim avoids using terms of art in his writing, it’s to make it clearer and easier to understand.

      I think that your criticism of the motives of writers like Tim is rather sensationalist. If a small-government tech-savvy libertarian like Tim is criticizing Bitcoin, it’s because he genuinely sees weaknesses, not out of some luddite fetishizeation of pervasive police power.

      • I checked who Tim Lee was before I wrote that comment and saw that he had a PhD from Princeton. That made me scratch my head even more.

        I just read the article again. It still reads like a mild attack piece to me.

        He says, “the US government could easily require any business accepting Bitcoin payments (or converting Bitcoins to dollars) to collect identification information”. They could do that, and of course, anyone could simply refuse to comply, just as they do with a large number of bad US laws. Rather than say that there will be too many people to track in a Bitcoin world, he spreads the FUD about the omnipotent Feds who will be able to track you down, no matter what. He is putting this forward as a direct disincentive to using Bitcoin, in a subtle attempt to scare people off of it, to warn them off, to say that no matter what, the Feds will always have the upper hand, and that no matter what technology is invented or how good it is, the Federal Government can always outlaw it, put their ‘spy tech’ on it, and so… Checkmate.

        He fails to consider that there might not even be a Federal government if Bitcoin takes off, since all the money to finance them has been choked off. See this article:

        http://www.libertariannews.org/2011/06/29/man-from-the-future-shares-his-story/

        for a description of what that might look like.

        His other line about “can obtain roughly the same degree of financial privacy using dollars” leaves out the fact that dollars are worthless, fraudulent government fiat money. Dollars are not ‘just as good as Bitcoins’ they are much worse than dollars in several respects.

        Bitcoin’s privacy benefits are not ‘alleged’ they are quite real, within its limitations, just as all other technologies are limited. It also has many advantages over cash and the other popular online payment systems. The public block chain and the threat of potential future traffic analysis by the Feds is not a reason to put people off of Bitcoin, or to assert that ‘Dollars are just as good if you want privacy’ etc etc.

        Forbes has published a few anti-Bitcoin pieces now, and this one does nothing to change make me believe that the clear editorial bias is against Bitcoin. I apologise if my rant came off a little strong for your taste, but I am completely fed up with reading these FUD articles that are trying to dissuade people from using Bitcoin, and potentially investing in the new clients and services that could make it take off even faster than it is taking off now.

  7. beryl says:

    @James Westlock perhaps some of the mainstream media critics consider it their duty to draw attention to a potential financial hazard for the general public, the same way that they would report on lead in the drinking water.
    This article doesn’t seem negative to me at all : it’s saying that prospects for money-launderers to use BitCoins are better than one might think.
    What it doesn’t say is that each time one of these “user friendly” interfaces crops up, it introduces a new way for hackers to infiltrate the system and fleece the unwary.
    Leave the crypto-geek currency to the cryto-geeks, I say.

  8. John Q. Galt says:

    If a bitcoin is received by one address and then sent with another, different address, doesn’t this reveal that the latter is connected to the former? After all, not only are addresses logged but also bitcoins.

  9. John Q. Galt says:

    And why even bother with bitcoin laundering services? Why not just send bitcoins to a friend’s address?

  10. John Q. Galt says:

    Not like any body knows who they are….

  11. Resi Noth says:

    I think that it’s great that Bitcoin is getting so much attention. With the run-up in price and various other items of Bitcoin related drama, it is becoming a minor media darling. Good for the Bitcoin crew! They deserve some recognition for all the long hours in relative obscurity.

    But can we all remember for a minute that this is an experiment? That this is the first serious step on the way to a world where dependable digital cash exists? And that digital cash is a really important thing and will make the world a better place? (https://www.eff.org/deeplinks/2011/01/bitcoin-step-toward-censorship-resistant)
    Note: The EFF no longer accepts Bitcoin donations. While they philosophically support the work of the Bitcoin developers (and other digital cash developers) they decided to avoid the possible legal complications of an experimental currency.

    Bitcoin will evolve and may or may not fail. To own bitcoins is to be involved in this story, a good thing to remember. It is exciting to see this play out in the wide world with real unpredictable consequences. It seems likely that the digital cash story will go forward and Bitcoin is involved in that story for now.

    So we’ll see how it works out. And hats off to the Bitcoin development crew and good luck to them.
    Share this discussion

What're your thoughts?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s