research-article

Counting Down Thunder: Timing Attacks on Privacy in Payment Channel Networks

Authors:
Elias Rohrer

Technical University of Berlinn, Berlin, Germany

Technical University of Berlinn, Berlin, Germany
View Profile

,
Florian Tschorsch

Technical University of Berlinn, Berlin, Germany

Technical University of Berlinn, Berlin, Germany
View Profile

AFT '20: Proceedings of the 2nd ACM Conference on Advances in Financial TechnologiesOctober 2020Pages 214–227https://doi.org/10.1145/3419614.3423262

Published:26 October 2020Publication History

AFT '20: Proceedings of the 2nd ACM Conference on Advances in Financial Technologies

Pages 214–227

ABSTRACT

The Lightning Network is a scaling solution for Bitcoin that promises to enable rapid and private payment processing. In Lightning, multi-hop payments are secured by utilizing Hashed Time-Locked Contracts (HTLCs) and encrypted on the network layer by an onion routing scheme to avoid information leakage to intermediate nodes. In this work, we however show that the privacy guarantees of the Lightning Network may be subverted by an on-path adversary conducting timing attacks on the HTLC state negotiation messages. To this end, we provide estimators that enable an adversary to reduce the anonymity set and infer the likeliest payment endpoints. We developed a proof-of-concept measurement node that shows the feasibility of attaining time differences and evaluate the adversarial success in model-based network simulations. We find that controlling a small number of malicious nodes is sufficient to observe a large share of all payments, emphasizing the relevance of the on-path adversary model. Moreover, we show that adversaries of different magnitudes could employ timing-based attacks to deanonymize payment endpoints with high precision and recall.

References

Satoshi Nakamoto. 2008. Bitcoin: a peer-to-peer electronic cash system. (2008).Google Scholar
Kyle Croman, Christian Decker, Ittay Eyal, Adem Efe Gencer, Ari Juels, Ahmed E. Kosba, Andrew Miller, Prateek Saxena, Elaine Shi, Emin Gün Sirer, Dawn Song, and Roger Wattenhofer. 2016. On scaling decentralized blockchains - aposition paper. In BITCOIN '16: Proceedings of the 3rd Workshop on Bitcoin Research. Christ Church, Barbados, (February 2016), 106--125.Google Scholar
Sarah Meiklejohn, Marjori Pomarole, Grant Jordan, Kirill Levchenko, Damon McCoy, Geoffrey M Voelker, and Stefan Savage. 2013. A fistful of bitcoins: characterizing payments among men with no names. In IMC '13: Proceedings of the 13th ACM SIGCOMM Conference on Internet Measurement. Barcelona, Spain, (October 2013), 127--140.Google ScholarDigital Library
Giulia C. Fanti and Pramod Viswanath. 2017. Deanonymization in the bitcoin P2P network. In NIPS '17: Proceedings of 30th Annual Conference on Neural Information Processing Systems. Long Beach, CA, USA, (December 2017).Google Scholar
Joseph Poon and Thaddeus Dryja. 2016. The bitcoin lightning network: scalable off-chain instant payments, (January 2016).Google Scholar
George Danezis and Ian Goldberg. 2009. Sphinx: A compact and provably secure mix format. In SP '09: Proceedings of the 30th IEEE Symposium on Security and Privacy. Oakland, CA, USA, 269--282.Google ScholarDigital Library
Saar Tochner, Stefan Schmid, and Aviv Zohar. 2019. Hijacking routes in payment channel networks: A predictability tradeoff. CoRR, abs/1909.06890. arXiv: 1909.06890.Google Scholar
Daniel R. L. Brown. 2010. Sec 2: recommended elliptic curve domain parameters. Certicom Research, (2010). http://www.secg.org/sec2-v2.pdf.Google Scholar
Trevor Perrin. 2018. The noise protocol framework. (2018). https://noiseprotocol.org/noise.pdf.Google Scholar
Lightning Network. 2020. BOLT in-progress specifications. (2020). https://github.com/lightningnetwork/lightning-rfc.Google Scholar
Edsger W. Dijkstra. 1959. A note on two problems in connexion with graphs. Numerische Mathematik, 1, 269--271.Google ScholarDigital Library
Giulio Malavolta, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei, and Srivatsan Ravi. 2017. Concurrency and privacy with payment-channel networks. In CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. Dallas, TX, USA, 455--471.Google ScholarDigital Library
Aaron Johnson, Chris Wacek, Rob Jansen, Micah Sherr, and Paul Syverson. 2013. Users get routed: traffic correlation on Tor by realistic adversaries. In CCS '13: Proceedings of the 20th ACM Conference on Computer and Communications Security. Berlin, Germany, (October 2013), 337--348.Google ScholarDigital Library
Christian Decker. 2020. Rendez-vous routing proposal. (2020). https://github.com/lightningnetwork/lightning-rfc/blob/rendez-vous/proposals/0001-rendez-vous.md.Google Scholar
Giulia C. Fanti, Shaileshh Bojja Venkatakrishnan, Surya Bakshi, Bradley Denby, Shruti Bhargava, Andrew Miller, and Pramod Viswanath. 2018. Dandelion++: lightweight cryptocurrency networking with formal anonymity guarantees. POMACS, 2, 2, 29:1--29:35.Google Scholar
Ayelet Mizrahi and Aviv Zohar. 2020. Congestion attacks in payment channel networks. CoRR, abs/2002.06564. arXiv:2002.06564.Google Scholar
Elisabetta Bergamini, Pierluigi Crescenzi, Gianlorenzo D'Angelo, Henning Meyerhenke, Lorenzo Severini, and Yllka Velaj. 2018. Improving the betweenness centrality of a node by adding links. ACM Journal of Experimental Algorithmics, 23.Google Scholar
Zeta Avarikioti, Lioba Heimbach, Yuyi Wang, and Roger Wattenhofer. 2020. Ride the lightning: the game theory of payment channels. In FC '20: Proceedings of the 24th International Conference on Financial Cryptography and Data Security. Kota Kinabalu, Malaysia, 264--283.Google ScholarCross Ref
Oguzhan Ersoy, Stefanie Roos, and Zekeriya Erkin. 2020. How to profit from payments channels. In FC '20: Proceedings of the 24th International Conference on Financial Cryptography and Data Security. Kota Kinabalu, Malaysia, 284--303.Google ScholarCross Ref
Michael Bailey, David Dittrich, Erin Kenneally, and Douglas Maughan. 2012. The menlo report. IEEE Secur. Priv., 10, 2, 71--75.Google ScholarDigital Library
c-lightning Project. 2020. Github. https://github.com/ElementsProject/lightning.Google Scholar
Lightning Network. 2020. BOLT #4: onion routing protocol. (2020). https://github.com/lightningnetwork/lightning-rfc/blob/master/04-onion-routing.md.Google Scholar
LND. 2020. Github: policy failure logic. https://github.com/lightningnetwork/lnd/blob/1354a461701b9396f0b4a35b01d308c5fcc0dbd2/routing/result_interpretation.go#L343.Google Scholar
LND. 2020. Github commit: move second chance logic. https://github.com/lightningnetwork/lnd/commit/dc13da5abbfa429273b516abd566f6c6fa5bb200.Google Scholar
Dogan Kesdogan, Jan Egner, and Roland Büschkes. 1998. Stop-and-go-mixes providing probabilistic anonymity in an open system. In IH '98: Proceedings of the Second International Workshop on Information Hiding. Portland, Oregon, USA, 83--98.Google ScholarCross Ref
Ania M. Piotrowska, Jamie Hayes, Tariq Elahi, Sebastian Meiser, and George Danezis. 2017. The loopix anonymity system. In USENIX Security '17: Proceedings of the 26th USENIX Security Symposium. Vancouver, BC, Canada, 1199--1216.Google Scholar
Vivek Kumar Bagaria, Joachim Neu, and David Tse. 2020. Boomerang: redundancy improves latency and throughput in payment-channel networks. In FC '20: Proceedings of the 24th International Conference on Financial Cryptography and Data Security. Kota Kinabalu, Malaysia, 304--324.Google ScholarCross Ref
Giulio Malavolta, Pedro Moreno-Sanchez, Clara Schneidewind, Aniket Kate, and Matteo Maffei. 2019. Anonymous multi-hop locks for blockchain scalability and interoperability. In NDSS '19: Prooceedings of the 26th Annual Network and Distributed System Security Symposium. San Diego, California, USA.Google ScholarCross Ref
Lightning Network. 2020. BOLT #7: P2P node and channel discovery. (2020). https://github.com/lightningnetwork/lightning-rfc/blob/master/07-routing-gossip.md.Google Scholar
Lightning Network Daemon LND. 2018. Shadow route github issue. (2018). https://github.com/lightningnetwork/lnd/issues/1222.Google Scholar
Till Neudecker, Philipp Andelfinger, and Hannes Hartenstein. 2016. Timing analysis for inferring the topology of the bitcoin peer-to-peer network. In UIC '16: Proceedings of the 2016 International Conference on Ubiquitous Intelligence & Computing. Toulouse, France, (July 2016).Google ScholarCross Ref
Erik Daniel, Elias Rohrer, and Florian Tschorsch. 2019. Map-z: exposing the zcash network in times of transition. In LCN '19: Proceedings of the 44th IEEE International Conference on Local Computer Networks. Osnabrück, Germany, (October 2019).Google ScholarCross Ref
George Kappos, Haaroon Yousaf, Ania Piotrowska, Sanket Kanjalkar, Sergi Delgado-Segura, Andrew Miller, and Sarah Meiklejohn. 2020. An empirical analysis of privacy in the lightning network. arXiv preprint arXiv:2003.12470.Google Scholar
Dorit Ron and Adi Shamir. 2013. Quantitative analysis of the full bitcoin transaction graph. In FC '13: Proceedings of the 17th International Conference on Financial Cryptography and Data Security. Okinawa, Japan, (April 2013), 6--24.Google ScholarCross Ref
Philip Koshy, Diana Koshy, and Patrick McDaniel. 2014. An analysis of anonymity in bitcoin using p2p network traffic. In FC '14: Proceedings of the 18th International Conference on Financial Cryptography and Data Security. Barbados, (March 2014), 469--485.Google ScholarCross Ref
Alex Biryukov, Dmitry Khovratovich, and Ivan Pustogarov. 2014. Deanonymisation of clients in bitcoin p2p network. In CCS '14: Proceedings of the 21st ACM Conference on Computer and Communications Security. Scottsdale, AZ, USA, (November 2014), 15--29.Google ScholarDigital Library
Shaileshh Bojja Venkatakrishnan, Giulia C. Fanti, and Pramod Viswanath. 2017. Dandelion: redesigning the bitcoin network for anonymity. Proceedings of the ACM on Measurement and Analysis of Computing Systems (POMACS).Google ScholarDigital Library
Florian Tramèr, Dan Boneh, and Kenneth G. Paterson. 2020. Remote side-channel attacks on anonymous transactions. IACR Cryptology ePrint Archive, 2020, 220.Google Scholar
Elias Rohrer, Julian Malliaris, and Florian Tschorsch. 2019. Discharged payment channels: quantifying the lightning network's resilience to topology-based attacks. In S&B '19: Proceedings of IEEE Security & Privacy on the Blockchain. (June 2019).Google Scholar
Jordi Herrera-Joancomartí, Guillermo Navarro-Arribas, Alejandro Ranchal Pedrosa, Cristina Pérez-Solà, and Joaquín García-Alfaro. 2019. On the difficulty of hiding the balance of lightning network channels. In AsiaCCS '19: Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security. Auckland, New Zealand, 602--612.Google ScholarDigital Library
Gijs van Dam, Rabiah Abdul Kadir, Puteri N. E. Nohuddin, and Halimah Badioze Zaman. 2019. Improvements of the balance discovery attack on lightning network payment channels. IACR Cryptology ePrint Archive, 2019, 1385.Google Scholar
Weizhao Tang, Weina Wang, Giulia C. Fanti, and Sewoong Oh. 2020. Privacy-utility tradeoffs in routing cryptocurrency over payment channel networks. Proc. ACM Meas. Anal. Comput. Syst., 4, 2, 29:1--29:39.Google Scholar
István András Seres, László Gulyás, Dániel A. Nagy, and Péter Burcsi. 2019. Topological analysis of bitcoin's lightning network. CoRR, abs/1901.04972. arXiv: 1901.04972.Google Scholar
Jian-Hong Lin, Kevin Primicerio, Tiziano Squartini, Christian Decker, and Claudio J. Tessone. 2020. Lightning network: a second path towards centralisation of the bitcoin economy. CoRR, abs/2002.02819. arXiv: 2002.02819.Google Scholar
Stefano Martinazzi and Andrea Flori. 2020. The evolving topology of the lightning network: centralization, efficiency, robustness, synchronization, and anonymity. PloS one, 15, 1, e0225966.Google ScholarCross Ref
Ferenc Béres, István András Seres, and András A. Benczúr. 2019. A cryptoeconomic traffic analysis of bitcoins lightning network. CoRR, abs/1911.09432. arXiv: 1911.09432.Google Scholar
Sergei Tikhomirov, Pedro Moreno-Sanchez, and Matteo Maffei. 2020. A quantitative analysis of security, anonymity and scalability for the lightning network. IACR Cryptol. ePrint Arch., 2020, 303.Google Scholar
Utz Nisslmueller, Klaus-Tycho Foerster, Stefan Schmid, and Christian Decker. 2020. Toward active and passive confidentiality attacks on cryptocurrency off-chain networks. In ICISSP '20: Proceedings of the 6th International Conference on Information Systems Security and Privacy. Valetta, Malta.Google ScholarCross Ref
Ethan Heilman, Leen Alshenibr, Foteini Baldimtsi, Alessandra Scafuro, and Sharon Goldberg. 2017. Tumblebit: an untrusted bitcoin-compatible anonymous payment hub. In NDSS '17: Proceedings of the 24th Annual Network and Distributed System Security Symposium. San Diego, California, USA.Google ScholarCross Ref
Matthew Green and Ian Miers. 2017. Bolt: anonymous payment channels for decentralized currencies. In CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. Dallas, TX, USA, 473--489.Google ScholarDigital Library
Stefanie Roos, Pedro Moreno-Sanchez, Aniket Kate, and Ian Goldberg. 2018. Settling payments fast and private: efficient decentralized routing for path-based transactions. In NDSS '18: Proceedings of the 25th Symposium on Network and Distributed System Security. San Diego, CA, USA, (February 2018).Google ScholarCross Ref
Subhra Mazumdar, Sushmita Ruj, Ram Govind Singh, and Arindam Pal. 2020. Hushrelay: A privacy-preserving, efficient, and scalable routing algorithm for off-chain payments. CoRR, abs/2002.05071. arXiv: 2002.05071.Google Scholar
Inc. MaxMind. 2020. Geoip geolite2 database. https://dev.maxmind.com/geoip/geoip2/geolite2/.Google Scholar
Bitnodes. 2020. Homepage. https://bitnodes.io.Google Scholar
Dallas, TX, USA, (October 2017).Google Scholar
Kota Kinabalu, Malaysia, (February 2020).Google Scholar

Index Terms

Counting Down Thunder: Timing Attacks on Privacy in Payment Channel Networks
1. Networks
  1. Network properties
    1. Network privacy and anonymity
2. Security and privacy
  1. Systems security
    1. Distributed systems security

Recommendations

On the security of RFID anti-counting security protocol (ACSP)

Recently Qian et al. (2012) [26] have proposed a new attack for RFID systems, called counting attack, where the attacker just aims to estimate the number of tagged objects instead of steal the tags' private information. They have stated that most of ...
Read More
A new cell-counting-based attack against Tor

Various low-latency anonymous communication systems such as Tor and Anonymizer have been designed to provide anonymity service for users. In order to hide the communication of users, most of the anonymity systems pack the application data into equal-...
Read More
Wise counting: fast and efficient batch authentication for large-scale RFID systems
MobiHoc '14: Proceedings of the 15th ACM international symposium on Mobile ad hoc networking and computing

Radio Frequency Identification technology (RFID) is widely used in many applications, such as asset monitoring, e-passport and electronic payment, and is becoming one of the most effective solutions in cyber physical system. Since the identification ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in

AFT '20: Proceedings of the 2nd ACM Conference on Advances in Financial Technologies
October 2020
275 pages
ISBN:9781450381390
DOI:10.1145/3419614

Copyright © 2020 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 26 October 2020
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- research-article
- Research
- Refereed limited
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 11
  Total Citations
  View Citations
- 307
  Total Downloads
- Downloads (Last 12 months)66
- Downloads (Last 6 weeks)6
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Counting Down Thunder: Timing Attacks on Privacy in Payment Channel Networks

AFT '20: Proceedings of the 2nd ACM Conference on Advances in Financial Technologies

ABSTRACT

References

Cited By

Index Terms

Recommendations

On the security of RFID anti-counting security protocol (ACSP)

A new cell-counting-based attack against Tor

Wise counting: fast and efficient batch authentication for large-scale RFID systems

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

Counting Down Thunder: Timing Attacks on Privacy in Payment Channel Networks

AFT '20: Proceedings of the 2nd ACM Conference on Advances in Financial Technologies

ABSTRACT

References

Cited By

Index Terms

Recommendations

On the security of RFID anti-counting security protocol (ACSP)

A new cell-counting-based attack against Tor

Wise counting: fast and efficient batch authentication for large-scale RFID systems

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media