Authenticated Data Structures for Privacy-Preserving Monero Light Clients

Kevin Lee, Andrew K. Miller
{"title":"Authenticated Data Structures for Privacy-Preserving Monero Light Clients","authors":"Kevin Lee, Andrew K. Miller","doi":"10.1109/EuroSPW.2018.00010","DOIUrl":null,"url":null,"abstract":"Monero, a leading privacy-oriented cryptocurrency, supports a client/server operating mode that allows lightweight clients to avoid storing the entire blockchain, instead relying on a remote node to provide necessary information about the blockchain. However, a weakness of Monero's current blockchain data structure is that lightweight clients cannot authenticate the responses returned from a remote node. In this paper, we show that malicious responses from a remote node can lead to reduced privacy for the client. We discuss several lightweight mitigations that reduce the attack's effectiveness. To fully eliminate this class of attack, we also show how to augment Monero's blockchain data structure with an additional index that clients can use to authenticate responses from remote nodes. Our proposed solution could be implemented as a hard fork, or alternatively through a \"Refereed Delegation\" approach without needing any fork. We developed a prototype implementation to demonstrate the feasibility of our proposal.","PeriodicalId":326280,"journal":{"name":"2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","volume":"37 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EuroSPW.2018.00010","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4

Abstract

Monero, a leading privacy-oriented cryptocurrency, supports a client/server operating mode that allows lightweight clients to avoid storing the entire blockchain, instead relying on a remote node to provide necessary information about the blockchain. However, a weakness of Monero's current blockchain data structure is that lightweight clients cannot authenticate the responses returned from a remote node. In this paper, we show that malicious responses from a remote node can lead to reduced privacy for the client. We discuss several lightweight mitigations that reduce the attack's effectiveness. To fully eliminate this class of attack, we also show how to augment Monero's blockchain data structure with an additional index that clients can use to authenticate responses from remote nodes. Our proposed solution could be implemented as a hard fork, or alternatively through a "Refereed Delegation" approach without needing any fork. We developed a prototype implementation to demonstrate the feasibility of our proposal.
保护隐私的Monero轻客户端的认证数据结构
Monero是一种领先的面向隐私的加密货币,支持客户端/服务器操作模式,允许轻量级客户端避免存储整个区块链,而是依赖远程节点提供有关区块链的必要信息。然而,Monero当前区块链数据结构的一个弱点是轻量级客户端无法验证从远程节点返回的响应。在本文中,我们证明了来自远程节点的恶意响应会导致客户端的隐私降低。我们将讨论几种降低攻击有效性的轻量级缓解措施。为了完全消除这类攻击,我们还展示了如何使用一个额外的索引来增强Monero的区块链数据结构,客户端可以使用该索引来验证来自远程节点的响应。我们提出的解决方案可以作为硬分叉来实现,或者通过“refered Delegation”方法来实现,而不需要任何分叉。我们开发了一个原型实现来证明我们建议的可行性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信