Bitcoin Forum
December 14, 2024, 03:50:10 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: How resistant is Monero against blockchain analysing?  (Read 790 times)
PremiumCodeX (OP)
Hero Member
*****
Offline Offline

Activity: 1204
Merit: 531


Metaverse 👾 Cyberweapons


View Profile
November 17, 2016, 08:16:18 PM
Last edit: November 17, 2016, 08:39:13 PM by PremiumCodeX
 #1

Monero promises high resistance against blockchain analysing.

Have you ever met with a tool that could break this resistance?

It does not have to have 100% success rate, I just would like to know how far the attempts could get.

[TUTORIAL] How to steal $350 000?
Best OS for recovering stolen BTCs.
Visit our FREE Bitcointalk thread.
btc_zero_sum
Sr. Member
****
Offline Offline

Activity: 273
Merit: 250


View Profile
November 17, 2016, 08:26:25 PM
 #2

how did you became sr.member without knowing this basic info?

it's clear how much this rankings mean

btw, to answer your question, check monero and zcash
PremiumCodeX (OP)
Hero Member
*****
Offline Offline

Activity: 1204
Merit: 531


Metaverse 👾 Cyberweapons


View Profile
November 17, 2016, 08:44:33 PM
 #3

btw, to answer your question, check monero and zcash

I am sorry for not providing enough information about my purpose with this question so that you could understand.

As stated in the thread, it does not have to 100% precisely link an address to a person, but I still would like to know what smart tools could do with a resistant blockchain like Monero has.

[TUTORIAL] How to steal $350 000?
Best OS for recovering stolen BTCs.
Visit our FREE Bitcointalk thread.
mrnswtcy
Newbie
*
Offline Offline

Activity: 11
Merit: 0


View Profile
November 18, 2016, 12:02:45 AM
 #4

Nobody ever has said exactly how resistant Dash and Monereo. Not anywhere on this site that I could find. I would  really like to know.
ArticMine
Legendary
*
Offline Offline

Activity: 2282
Merit: 1050


Monero Core Team


View Profile
November 18, 2016, 01:32:08 AM
 #5

Monero promises high resistance against blockchain analysing.

Have you ever met with a tool that could break this resistance?

It does not have to have 100% success rate, I just would like to know how far the attempts could get.

To get some answers to this question I would suggest https://getmonero.org/research-lab/ I would start with the Cryptonote whitepaper and its review by Surae Noether. There are also the MRL research papers. https://lab.getmonero.org/

Concerned that blockchain bloat will lead to centralization? Storing less than 4 GB of data once required the budget of a superpower and a warehouse full of punched cards. https://upload.wikimedia.org/wikipedia/commons/8/87/IBM_card_storage.NARA.jpg https://en.wikipedia.org/wiki/Punched_card
dinofelis
Hero Member
*****
Offline Offline

Activity: 770
Merit: 629


View Profile
November 18, 2016, 10:00:56 AM
 #6

Monero promises high resistance against blockchain analysing.

Have you ever met with a tool that could break this resistance?

It does not have to have 100% success rate, I just would like to know how far the attempts could get.

You can more or less work this out for yourself.  Assuming no vulnerabilities in the implementation, and assuming no such things like compromised machines, or compromised internet connection (which have nothing to do with the crypto currency protocol itself), here's the gist:

You have to assume fractional "real world" knowledge about certain transactions.  That is, you can know some stuff, like Joe went to Mary's coffee shop and paid his coffee with transaction X.   Joe withdrew coins from an exchange with transaction Y.  And so on.

The aim of chain analysis is to use this partial information of known transaction/person links, and to complete it using the block chain itself.  Here we assume that we DON'T use other information, like IP addresses, compromised computers and so on.

The problem with transparant chains like bitcoin is that this partial information is propagated, because we can follow transaction to transaction ; as such, we can learn that Joe was also involved in several other transactions, by looking at the combination of his coins and his change addresses.

A solution to this is to use mixers.  In bitcoin, you have to take the initiative with others, in DASH, you have to take the initiative but it is then done by master nodes, and in monero, it is done automatically by selecting random addresses on the chain. 

Mixing makes the propagation of the partial information ambiguous, but not totally void.  At each mixing stage, you "dilute" your partial knowledge some more.

Now, the big difference between bitcoin and DASH on one hand, and monero on the other, is that mixing is "far and in between" with the first two (because requiring a voluntary act, and a limited set of participants.  While monero does a kind of "mixing" at EVERY transaction, and selects the participants *randomly*.  (strictly speaking, it isn't mixing ; but concerning the propagation of partial knowledge, the ring signature in monero and a mixer, behaves somewhat similar).

Monero has one further advantage: the ambiguity of which transaction actually happened.  In a mixer, all incoming coins are really spend, and appear in the outgoing channels.  With monero, the incoming coins are not necessarily spend.  They can appear several times, and you don't know WHICH "mixing transaction" actually propagated them.  It looks like multiple spending of the same coin in monero, but only one is "real", though you don't know which one.

All this means that with monero, you need much more "partial knowledge" in order to "complete the trace" than with bitcoin or DASH.  But of course, from a certain amount of partial knowledge, chain analysis becomes moot: if you know already ALMOST everything, then the little it can buy you is not so important.  Chain analysis is interesting when only a little bit of knowledge can learn you a lot.

If I have to know 90% of Joe's transactions before the monero chain tells me the 10% that remains, that's much less interesting than when with 10% of Joe's transactions and the bitcoin block chain, I can find out the remaining 90%.
twodrive01
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
December 03, 2016, 10:54:56 PM
 #7

Somebody must have published actual analysis of attempts to analyse. I'm sure companies that specialize in that type of thing know but nobody is saying.

It would great to see side by side analysis of zcash, dash, monero
rapazev
Full Member
***
Offline Offline

Activity: 210
Merit: 100



View Profile
December 03, 2016, 11:08:24 PM
 #8

how did you became sr.member without knowing this basic info?

it's clear how much this rankings mean

btw, to answer your question, check monero and zcash

and what does that have to do with the question? who said only tech geeks are investing in crypto coins?
white paper information could be easily "manipulated" by devs and an analysis from a IT engineer would be a deal breaker.

BTW, ranking only means time/post, not knowledge..
adhitthana
Legendary
*
Offline Offline

Activity: 1190
Merit: 1000



View Profile
December 04, 2016, 08:42:28 AM
 #9

Monero promises high resistance against blockchain analysing.

Have you ever met with a tool that could break this resistance?

It does not have to have 100% success rate, I just would like to know how far the attempts could get.

You can more or less work this out for yourself.  Assuming no vulnerabilities in the implementation, and assuming no such things like compromised machines, or compromised internet connection (which have nothing to do with the crypto currency protocol itself), here's the gist:

You have to assume fractional "real world" knowledge about certain transactions.  That is, you can know some stuff, like Joe went to Mary's coffee shop and paid his coffee with transaction X.   Joe withdrew coins from an exchange with transaction Y.  And so on.

The aim of chain analysis is to use this partial information of known transaction/person links, and to complete it using the block chain itself.  Here we assume that we DON'T use other information, like IP addresses, compromised computers and so on.

The problem with transparant chains like bitcoin is that this partial information is propagated, because we can follow transaction to transaction ; as such, we can learn that Joe was also involved in several other transactions, by looking at the combination of his coins and his change addresses.

A solution to this is to use mixers.  In bitcoin, you have to take the initiative with others, in DASH, you have to take the initiative but it is then done by master nodes, and in monero, it is done automatically by selecting random addresses on the chain. 

Mixing makes the propagation of the partial information ambiguous, but not totally void.  At each mixing stage, you "dilute" your partial knowledge some more.

Now, the big difference between bitcoin and DASH on one hand, and monero on the other, is that mixing is "far and in between" with the first two (because requiring a voluntary act, and a limited set of participants.  While monero does a kind of "mixing" at EVERY transaction, and selects the participants *randomly*.  (strictly speaking, it isn't mixing ; but concerning the propagation of partial knowledge, the ring signature in monero and a mixer, behaves somewhat similar).

Monero has one further advantage: the ambiguity of which transaction actually happened.  In a mixer, all incoming coins are really spend, and appear in the outgoing channels.  With monero, the incoming coins are not necessarily spend.  They can appear several times, and you don't know WHICH "mixing transaction" actually propagated them.  It looks like multiple spending of the same coin in monero, but only one is "real", though you don't know which one.

All this means that with monero, you need much more "partial knowledge" in order to "complete the trace" than with bitcoin or DASH.  But of course, from a certain amount of partial knowledge, chain analysis becomes moot: if you know already ALMOST everything, then the little it can buy you is not so important.  Chain analysis is interesting when only a little bit of knowledge can learn you a lot.

If I have to know 90% of Joe's transactions before the monero chain tells me the 10% that remains, that's much less interesting than when with 10% of Joe's transactions and the bitcoin block chain, I can find out the remaining 90%.

Very good post
generalizethis
Legendary
*
Offline Offline

Activity: 1750
Merit: 1036


Facts are more efficient than fud


View Profile WWW
December 04, 2016, 09:29:34 AM
 #10

how did you became sr.member without knowing this basic info?

it's clear how much this rankings mean

btw, to answer your question, check monero and zcash

and what does that have to do with the question? who said only tech geeks are investing in crypto coins?
white paper information could be easily "manipulated" by devs and an analysis from a IT engineer would be a deal breaker.

BTW, ranking only means time/post, not knowledge..

That's why you need approval from strong community with core beliefs, as far as caring about what privacy entails, Monero has the strongest community, with a subset of BTC Devs who have similar standards. Authority isn't as good as real data, but if you don't have an understanding of cryptographic systems, then you have to trust someone, or at least know what each module is supposed to do.

virasog
Legendary
*
Offline Offline

Activity: 3192
Merit: 1173


Leading Crypto Sports Betting & Casino Platform


View Profile
December 04, 2016, 06:10:10 PM
 #11

Monero promises high resistance against blockchain analysing.

Have you ever met with a tool that could break this resistance?

It does not have to have 100% success rate, I just would like to know how far the attempts could get.

You can more or less work this out for yourself.  Assuming no vulnerabilities in the implementation, and assuming no such things like compromised machines, or compromised internet connection (which have nothing to do with the crypto currency protocol itself), here's the gist:

You have to assume fractional "real world" knowledge about certain transactions.  That is, you can know some stuff, like Joe went to Mary's coffee shop and paid his coffee with transaction X.   Joe withdrew coins from an exchange with transaction Y.  And so on.

The aim of chain analysis is to use this partial information of known transaction/person links, and to complete it using the block chain itself.  Here we assume that we DON'T use other information, like IP addresses, compromised computers and so on.

The problem with transparant chains like bitcoin is that this partial information is propagated, because we can follow transaction to transaction ; as such, we can learn that Joe was also involved in several other transactions, by looking at the combination of his coins and his change addresses.

A solution to this is to use mixers.  In bitcoin, you have to take the initiative with others, in DASH, you have to take the initiative but it is then done by master nodes, and in monero, it is done automatically by selecting random addresses on the chain. 

Mixing makes the propagation of the partial information ambiguous, but not totally void.  At each mixing stage, you "dilute" your partial knowledge some more.

Now, the big difference between bitcoin and DASH on one hand, and monero on the other, is that mixing is "far and in between" with the first two (because requiring a voluntary act, and a limited set of participants.  While monero does a kind of "mixing" at EVERY transaction, and selects the participants *randomly*.  (strictly speaking, it isn't mixing ; but concerning the propagation of partial knowledge, the ring signature in monero and a mixer, behaves somewhat similar).

Monero has one further advantage: the ambiguity of which transaction actually happened.  In a mixer, all incoming coins are really spend, and appear in the outgoing channels.  With monero, the incoming coins are not necessarily spend.  They can appear several times, and you don't know WHICH "mixing transaction" actually propagated them.  It looks like multiple spending of the same coin in monero, but only one is "real", though you don't know which one.

All this means that with monero, you need much more "partial knowledge" in order to "complete the trace" than with bitcoin or DASH.  But of course, from a certain amount of partial knowledge, chain analysis becomes moot: if you know already ALMOST everything, then the little it can buy you is not so important.  Chain analysis is interesting when only a little bit of knowledge can learn you a lot.

If I have to know 90% of Joe's transactions before the monero chain tells me the 10% that remains, that's much less interesting than when with 10% of Joe's transactions and the bitcoin block chain, I can find out the remaining 90%.



Very interesting to read and the way you explained it is outstanding. I think you would prefer to you Monero for privacy than using DASH or Bitcoin. Would your prefer Zcash? what do you have to say about Zcash vs Monero? I know it's out of topic but if you could state your views, it would help a lot.

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
dinofelis
Hero Member
*****
Offline Offline

Activity: 770
Merit: 629


View Profile
December 05, 2016, 06:52:46 AM
 #12


Very interesting to read and the way you explained it is outstanding. I think you would prefer to you Monero for privacy than using DASH or Bitcoin. Would your prefer Zcash? what do you have to say about Zcash vs Monero? I know it's out of topic but if you could state your views, it would help a lot.


My idea is that the *cryptography* used in ZCASH is potentially much better at anonymity than monero if it isn't broken.  However, the way it is implemented in ZCASH ruins it totally, because it is *optional*.  As such, it is not much better than in DASH (it IS better, because one "mixes" with ALL previous anonymous transactions, and not just with the "players of the moment").  But probably anonymous transactions will again be far and in between.

It is a fundamental rule that "anonymity" shouldn't be optional, because then it stands out.

If everybody writing a letter uses an open post card, and only a few people use enveloppes to "be anonymous" then they stand out as having something to hide.  If everybody uses an enveloppe, then "using an enveloppe" doesn't stand out.

The point is that it might be that the anonymity in Monero is "good enough".   If Monero needs 90% of real world knowledge to allow you to extrapolate the remaining 10%, that's good enough.  If Monero needs 30% of real world knowledge to allow you to extrapolate the remaining 70%, that could then still be improved.  I don't know what the real numbers are, but from a certain point on, it is good enough.

Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!