【Author】
Lee, Kevin; Miller, Andrew
【Source】2018 3RD IEEE EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (EUROS&PW 2018)
【Abstract】Monero, a leading privacy-oriented cryptocurrency, supports a client/server operating mode that allows lightweight clients to avoid storing the entire blockchain, instead relying on a remote node to provide necessary information about the blockchain. However, a weakness of Monero's current blockchain data structure is that lightweight clients cannot authenticate the responses returned from a remote node. In this paper, we show that malicious responses from a remote node can lead to reduced privacy for the client. We discuss several lightweight mitigations that reduce the attack's effectiveness. To fully eliminate this class of attack, we also show how to augment Monero's blockchain data structure with an additional index that clients can use to authenticate responses from remote nodes. Our proposed solution could be implemented as a hard fork, or alternatively through a "Refereed Delegation" approach without needing any fork. We developed a prototype implementation to demonstrate the feasibility of our proposal.
【Keywords】Cryptocurrencies; Privacy; Authenticated Data Structures
【标题】用于保护隐私的Monero轻量级客户端的认证数据结构
【摘要】Monero是领先的面向隐私的加密货币,支持客户端/服务器操作模式,允许轻量级客户端避免存储整个区块链,而不是依赖远程节点提供有关区块链的必要信息。然而,Monero当前区块链数据结构的一个缺点是,轻量级客户端无法验证从远程节点返回的响应。在本文中,我们证明了来自远程节点的恶意响应可以攻击客户端的隐私。我们讨论了几种降低攻击有效性的轻量级缓解措施。为了完全消除此类攻击,我们还展示了如何使用额外的索引来增强Monero的区块链数据结构,客户端可以使用该索引来验证来自远程节点的响应。我们提出的解决方案可以作为硬分叉实现,或者通过“仲裁委托”方法实现,而不需要任何分叉。我们开发了一个原型实现来证明我们的建议的可行性。
评论