Mixing Services Add Complete (NSA-Proof) Anonymity To Bitcoin Transactions
Zerocoin, the work of a group of cryptographers at John Hopkins University who plan to present their system at next month’s IEEE Security and Privacy conference in San Francisco, offers an extension to Bitcoin that would make the task of identifying Bitcoin users or tracing their transactions nearly impossible. If adopted by enough of the Bitcoin network, Zerocoin’s inventors believe it could become a fundamental upgrade to Bitcoin’s code, integrating itself into the currency and solving what many see as serious privacy flaws in Bitcoin’s current implementation.
“A lot of people have tried to make systems of anonymous digital cash over the years, and they’ve failed. Bitcoin has almost made it, but it’s come just a little short,” says Matthew Green, the computer science professor who designed Zerocoin along with graduate students Ian Miers and Christina Garman. “How do we get it that last ten percent of the way? It’s taken us nearly two years to come up with the answer, and this is what we’ve got.”
To understand Zerocoin’s significance, consider Bitcoin’s strange properties as both one of the most private and most public payment systems ever invented; Bitcoin is private because it doesn’t need to be issued or stored by banks, and can be spent on the Internet with cash-like advantages, such as never requiring the user to reveal his or her name or register an account. But Bitcoin is also public, in that every transaction is documented by everyone who uses Bitcoin and can be traced to the user’s digital address, part of the function of the currency that prevents fraudulent transactions.
Plenty of Bitcoin users seem to believe that the currency offers enough privacy even for illegal activities. It’s accepted by drug sites like Silk Road, as well as criminal hackers and even some who claim to offer Bitcoin-based contract killings. But for a Bitcoin user to prevent transactions from being tied to his or her identity–particularly at the dicey moment when he or she turns Bitcoins back into dollars, yen or euros–requires extra steps such as sending Bitcoins through a “laundry” service that mixes their “dirty” Bitcoins with lots of other users’ coins and issues them random, “clean” ones. Using those laundry services, such as Bitlaundry, Bitmix or Bitcoinlaundry, means trusting the service to sufficiently randomize the coins they’re giving out, and not to track the coins or steal them.
Zerocoin is designed to offer the same privacy and untraceability properties as one of those laundry services, but without the need to trust any potentially shady entity; As with Bitcoin, the user would only have to trust the currency system itself.
The Johns Hopkins’ team’s system would work by allowing any Bitcoin user to convert a Bitcoin into an anonymous token–a Zerocoin. Zerocoins would theoretically mesh seamlessly with the Bitcoin network, could be traded and spent in the same way as Bitcoins, and could be redeemed for a Bitcoin at any time. But thanks to some mathematical tricks, a Zerocoin would be both unique–it couldn’t be forged or duplicated–and yet also be impossible for an observer to identify as the same Zerocoin between the moment it substituted for a Bitcoin and the moment it was traded back for one. (For the technical details of how that’s possible, see the Johns Hopkins team’s full paper here.)
Getting Bitcoin users to adopt Zerocoin may not be easy. To have its intended effects, nearly all Bitcoin users would have to add the Zerocoin code, which the Johns Hopkins researchers are releasing next month, to their Bitcoin client software. In the mean time, the system could be adopted incrementally, Green says. But until it’s integrated into the Bitcoin protocol, Zerocoin would require third-party services to act as issuers of its anonymizing tokens, introducing some of the same trust problems that currently exist with laundry services.
Zerocoin also takes about 50 times more computational power than Bitcoin, which could cause delays and glitches in the system. But on that front, Green argues that the code only needs to be honed by the Bitcoin community to increase its efficiency.
Green is realistic about the difficulty of getting users to trust a new, complex cryptographic system, but believes that adoption of Zerocoin is possible. “It will take time to convince people that these new techniques are safe,” he writes in his blog post. “We hope to be there when it happens.”
If Zerocoin is implemented, it could lead to questions about the ethical and societal implications of truly untraceable digital payments. Anarchists and libertarians have long dreamed of perfect payment privacy as a means to avoid taxes, thwart laws and even destroy the government. As I wrote in my book on the cypherpunks and WikiLeaks, This Machine Kills Secrets, the anonymous payment concepts created decades ago by inventor David Chaum led to proposals by “crypto-anarchists” such as Tim May and Jim Bell for systems that would untraceably buy and sell national security secrets or fund political assassinations.
Green says that creating the tools for crypto-anarchy isn’t his intention. He tells me that one of his graduate students, Ian Miers, even hesitated for a time to work on the Zerocoin research for fear of its political implications.
“Everyone’s going to look at this as trying to facilitate the trade of weapons or drugs,” he adds. “But privacy is important. And people have a right to it.”
Zerocoin' Add-on For Bitcoin Could Make It Truly Anonymous And Untraceable
As the cryptocurrency arms race escalates beyond identity verification at exchange endpoints, mixing services for bitcoin may emerge as the next frontier in the battle for financial privacy.
If bitcoin exchange regulation becomes so effective that exchange operators are required to link specific bitcoin addresses to individual customers, then users may have few remaining choices should they want to maintain transactional privacy. Call it the law of unintended consequences for overarching bitcoin exchange regulation.
Two facets of the growing political debate on anonymizing services are the traditional centralized bitcoin mixers and the newer decentralized bitcoin mixers that require a modification to the Bitcoin protocol.
With traditional bitcoin mixers, the process could become highly-charged politically and the regulatory status of mixing services called into question. Reliable legal jurisdictions for operating bitcoin mixing services would therefore gain prominence since it reasonably could be viewed as a protected free speech issue. Potentially, Iceland could serve as a bitcoin mixing haven.
The emergence of services that mingle bitcoin for the purpose of returning bitcoin not associated with the original input address has had a somewhat spotty history. Also called bitcoin laundries, these web-based services charge bitcoin holders a nominal fee to receive different bitcoins than the ones initially transferred. The sites never handle national currencies like the dollar or euro so technically they are not exchanges. Also, the administrator of the service has to be trusted to delete any archival logs and not to run off with the coins.
The largest such service operating today is the Blockchain.info mixing service which has a maximum transaction size of 250 bitcoins and a 0.5% transaction fee. Transaction logs are removed after eight hours and customers can use the taint analysis tool to verify that coins were properly mixed. Other services include BitLaundry and The Bitcoin Laundry operated by Mike Gogulski.
Advances on the decentralized mixer front were highlighted in Olivier Coutu’s largely theoretical presentation at the Bitcoin Conference in San Jose. Although it resolves the trusted intermediary vulnerability, the political debate with decentralized mixers revolves around convincing bitcoin core developers that it is essential functionality or creating a different bitcoin client altogether. Either development approach would subsequently require majority support from the bitcoin mining community.
Zerocoin from Johns Hopkins University is a method whereby the trusted intermediary for mixing can be eliminated. The software is already written and soon to be released as open source code. However, it requires modifications to the core Bitcoin protocol and adoption by the majority of bitcoin miners. With the current political climate tilting towards full disclosure for bitcoin transactions, at least at the exchange level, it is unlikely that Bitcoin core developers would elevate bitcoin privacy to an “all-hands-on-deck” emergency priority. Yes, open source projects are comprised of political animals as well.
According to Johns Hopkins University cryptography professor Matthew Green, Zerocoin researchers are examining voluntary compliance options that reduce but don’t eliminate your transaction privacy, such as accountability limits on dollar amounts of anonymous transactions. This type of alternate approach to Zerocoin adoption would be possible without support of the Bitcoin client software. However, not integrating Zerocoin into the Bitcoin protocol would require third-party services to act as issuers of its anonymizing tokens with trust problems similar to the centralized laundry services.
Also, in-person exchange LocalBitcoins.com could act as a pure person-to-person mixing service for bitcoin users that meet in designated places like cafés. Personal mixing has the additional benefit of introducing plausible deniability into the entire bitcoin ecosystem because the coins cease becoming provably yours at that point. After seeing the LocalBitcoins selling-for-cash section in the U.S., Carol Van Cleef, a partner in Patton Boggs’ banking practice and adviser on anti-money laundering policies, ominously warned, “You better get yourself registered, or you better get your name off the list real fast.”
Vitalik Buterin of Bitcoin Magazine argues that Bitcoin is not losing its soul through regulation and that the core principles of the bitcoin protocol, such as user-defined anonymity and user-defined transactional privacy, remain intact due to optional mixing services. This is a critical point because, when it comes to bitcoin oversight, regulators and law enforcement must comprehend that which can be constrained versus that which cannot be constrained.
Otherwise, legislators and government officials risk inadvertently steering Bitcoin advancements in the direction of even more liberating decentralized architectures. Remember, it was the forceful and horrific crackdown on casual file sharers that provided the impetus for the remarkable BitTorrent technology.
One can only defer the bitcoin privacy issue for so long. At some point, Bitcoin core developers, mining operators, lobbyists, and industry thought leaders have to take a principled position and decide on what side of history they wish to stand.
Bitcoin makes moving money across the internet incredibly easy, but that ease comes with risks.
There are plenty of ways someone can take your money, track your spending, or violate your privacy.
Fortunately, there are also some straightforward measures you can take to safeguard your digital currency and keep your spending habits private. Here are our top five tips to protect your bitcoins:
1. Keep Separate Wallets
If the wallet you use for spending bitcoin also contains your entire bitcoin holdings, your savings will be vulnerable to various types of abuse.
There is no limit to the number of bitcoin addresses (or wallets) that one person may have.
Therefore, you could easily have an address for spending money, an address for savings and even an address for receiving payments.
2. Don’t Keep Your Savings In A Web Wallet
Recently, there have been several cases of web wallets being hacked and subsequently emptied.
While web wallets are convenient, they should only be used like a checking/current account – as a place to store money you will be using in the near future. Thus, if you only keep a small amount of spending money in a wallet that gets hacked, your losses will be limited.
Remember, bitcoin does not work like a credit card. If you lose money fraudulently, that money is gone and there is nobody you can send a refund claim to. You can always contact the police, but it’s unlikely they’ll be able to get your bitcoins back.
3. Protect Your Privacy
Above anything else, remember – never share your private keys with anyone else. If your wallet address (ie your public key) is the equivalent of your bank account number, then your private wallet key is your PIN.
Thanks to taint analysis, it’s possible to work out which bitcoin wallets are likely to be owned by the same person because of their transaction history.
If you have a ‘spending’ wallet and a ‘savings’ wallet, regular transactions between the two will provide a pretty clear signal to hackers which one is the address of your savings wallet.
Illegal activities aside, there is a legitimate reason to obscure that relationship, as it could allow someone to investigate how many bitcoins you have, which is something that should remain private. Would you reveal all of your financial details to a stranger?
The best way to obscure the relationship between your wallets is to transfer funds between them via a mixing service.
4. Cold Storage
Even if you keep your bitcoins in a wallet stored on your computer, you’re still vulnerable to an attack. Bitcoin wallet applications save their data in a predictable location, thus they are particularly vulnerable to Trojan horse attacks.
Such attacks have been reported by bitcoin users. A common solution is to keep your wallet’s private key stored in an offline medium as an added layer of protection. This offline medium could simply be a QR code printed on a piece of paper or a plain text file stored on a USB key.
If you want to transfer bitcoins from an offline wallet to someone/somewhere else, you would first need to scan the QR code or enter the wallet’s private key manually into an application like Blockchain. Once the application has displayed the balance of your wallet, you will be able to transfer bitcoins to the wallet address of your choice.
As an added measure, you could encrypt your private keys so that if they were discovered, they’d be useless without your encryption password – just don’t forget your password!
While the other tips on this list have been about protecting your bitcoin fortune from other people, this one is all about protecting against yourself.
Assuming you are using a desktop client to store your bitcoin wallets, there should be an option to back up your wallet(s). Again, instructions will vary depending on your client.
By using such features, the public and private key to your wallet will be saved into a file. That’s all any bitcoin wallet needs to retrieve your balance, as the actual value attached to your bitcoin addresses are stored as data on the block chain, not on your wallet application.
Once you have a file containing your wallet keys, you can put this anywhere: flash drive, optical disk, portable hard drive, on paper, etc.
You can even store these files on a cloud-based backup system like Dropbox, which offers robust data reliability. However, given that no cloud system is 100% safe, it would be wise to encrypt such data before uploading, Truecrypt is one such tool that can encrypt your wallet files.
One More Thing…
Another example of a secure cold storage wallet is something called a ‘brain wallet’. This is essentially a secret combination of words and numbers you carry around in your head. When you enter your passphrase into a site like brainwallet, it will unscramble it so you can obtain your private key. For more information read our brain wallet guide.
Some of Our Latest Articles:
Next-Generation Bug / Microwave / ELF / Spy Phone / GSM And Camera Detectors (Buy, Rent, Layaway) tinyurl.com/2eo8mlz Open...
— Spy Store Rentals (@MontyHenry1)
Nanny IP (Internet) Cameras, GPS Trackers, Bug Detectors and Listening Devices, etc, (Buy / Rent / Layaway): tinyurl.com/396jlw6...
— Spy Store Rentals (@MontyHenry1)
• Video is Recorded Locally To An Installed SD Card (2GB SD Card included)
• Email Notifications (Motion Alerts, Camera Failure, IP Address Change, SD Card Full)
• Live Monitoring, Recording And Event Playback Via Internet
• Back-up SD Storage Up To 32GB (SD Not Included)
• Digital Wireless Transmission (No Camera Interference)
• View LIVE On Your SmartPhone!
* Nanny Cameras w/ Remote View
* Wireless IP Receiver
* Remote Control
* A/C Adaptor
* 2GB SD Card
* USB Receiver
FACT SHEET: HIDDEN NANNY-SPY (VIEW VIA THE INTERNET) CAMERAS
* Transmission Range of 500 ft Line Of Sight
* Uses 53 Channels Resulting In No Interference
* 12V Power Consumption
* RCA Output
* Supports up to 32gig SD
* 640x480 / 320x240 up to 30fps
* Image Sensor: 1/4" Micron Sensor
* Resolution: 720x480 Pixels
* S/N Ratio: 45 db
* Sensitivity: 11.5V/lux-s @ 550nm
* Video System: NTSC
* White Balance: Auto Tracking
* You Buy Our DVR Boards And We'll Build Your Products! (Optional)
Our New Layaway Plan Adds Convenience For Online Shoppers
Phone: (1888) 344-3742 Toll Free USA
Local: (818) 344-3742
Fax (775) 249-9320
Google+ and Gmail
AOL Instant Messenger
Yahoo Instant Messenger
Alternate Email Address
Join my Yahoo Group!
My RSS Feed