When the cookie meets the blockchain: Privacy risks of web payments via cryptocurrencies

Open access


We show how third-party web trackers can deanonymize users of cryptocurrencies. We present two distinct but complementary attacks. On most shopping websites, third party trackers receive information about user purchases for purposes of advertising and analytics. We show that, if the user pays using a cryptocurrency, trackers typically possess enough information about the purchase to uniquely identify the transaction on the blockchain, link it to the user’s cookie, and further to the user’s real identity. Our second attack shows that if the tracker is able to link two purchases of the same user to the blockchain in this manner, it can identify the user’s cluster of addresses and transactions on the blockchain, even if the user employs blockchain anonymity techniques such as CoinJoin. The attacks are passive and hence can be retroactively applied to past purchases. We discuss several mitigations, but none are perfect.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [1] Step by step running the tumbler. Github https://github.com/JoinMarket-Org/joinmarket/wiki/Step-by-steprunning-the-tumbler 2017.

  • [2] Gunes Acar Christian Eubank Steven Englehardt Marc Juarez Arvind Narayanan and Claudia Diaz. The web never forgets: Persistent tracking mechanisms in the wild. In Proceedings of ACM Conference on Computer and Communications Security 2014.

  • [3] Elli Androulaki Ghassan O Karame Marc Roeschlin Tobias Scherer and Srdjan Capkun. Evaluating user privacy in bitcoin. In Financial Cryptography and Data Security 2013.

  • [4] Julia Angwin and Jennifer Valentino-Devries. Google’s iphone tracking. Wall Street Journal 2012.

  • [5] K Atlas. Weak privacy guarantees for sharedcoin mixing service 2014.

  • [6] Kristov Atlas. The inevitability of privacy in lightning networks. https://www.kristovatlas.com/the-inevitability-ofprivacy-in-lightning-networks/ 2017.

  • [7] Eli Ben-Sasson Alessandro Chiesa Christina Garman Matthew Green Ian Miers Eran Tromer and Madars Virza. Zerocash: Decentralized Anonymous Payments from Bitcoin. In IEEE Symposium on Security and Privacy 2014.

  • [8] Alex Biryukov Dmitry Khovratovich and Ivan Pustogarov. Deanonymisation of clients in bitcoin p2p network. In Proceedings of ACM Conference on Computer and Communications Security 2014.

  • [9] Alex Biryukov and Ivan Pustogarov. Bitcoin over tor isn’t a good idea. In IEEE Symposium on Security and Privacy 2015.

  • [10] George Bissias A Pinar Ozisik Brian N Levine and Marc Liberatore. Sybil-resistant mixing for bitcoin. In Proceedings of WPES. ACM 2014.

  • [11] Joseph Bonneau Andrew Miller Jeremy Clark Arvind Narayanan Joshua A. Kroll and Edward W. Felten. Research perspectives and challenges for bitcoin and cryptocurrencies. In IEEE Symposium on Security and Privacy 2015.

  • [12] Joseph Bonneau Arvind Narayanan Andrew Miller Jeremy Clark Joshua A. Kroll and Edward W. Felten. Mixcoin: Anonymity for bitcoin with accountable mixes. In Financial Cryptography and Data Security. 2014.

  • [13] Justin Brookman Phoebe Rouge Aaron Alva Alva and Christina Yeung. Cross-device tracking: Measurement and disclosures. 2018.

  • [14] Ceren Budak Sharad Goel Justin Rao and Georgios Zervas. Understanding emerging threats to online advertising. In Proceedings of the ACM Conference on Economics and Computation 2016.

  • [15] Peter Eckersley. How unique is your web browser? 2010.

  • [16] Steven Englehardt and Arvind Narayanan. Online tracking: A 1-million-site measurement and analysis. In Proceedings of ACM Conference on Computer and Communications Security 2016.

  • [17] Steven Englehardt Dillon Reisman Christian Eubank Peter Zimmerman Jonathan Mayer Arvind Narayanan and Edward W Felten. Cookies that give you away: The surveillance implications of web tracking. In Proceedings of the Conference on World Wide Web 2015.

  • [18] Giulia Fanti and Pramod Viswanath. Anonymity properties of the bitcoin p2p network. arXiv preprint arXiv:1703.08761 2017.

  • [19] Arthur Gervais Alexandros Filios Vincent Lenders and Srdjan Capkun. Quantifying web adblocker privacy. IACR Cryptology ePrint Archive 2016.

  • [20] Arthur Gervais Hubert Ritzdorf Mario Lucic and Srdjan Capkun. Quantifying location privacy leakage from transaction prices. ESORICS 2016.

  • [21] Google. Google charts faq. https://developers.google.com/chart/interactive/faq.

  • [22] Ethan Heilman Leen Alshenibr Foteini Baldimtsi Alessandra Scafuro and Sharon Goldberg. Tumblebit: An untrusted bitcoin-compatible anonymous payment hub. NDSS 2016.

  • [23] Ethan Heilman Foteini Baldimtsi and Sharon Goldberg. Blindly signed contracts: Anonymous on-blockchain and offblockchain bitcoin transactions. In Financial Cryptography Workshops 2016.

  • [24] Matthias Hellwig and Alexander Souza. Approximation algorithms for generalized and variable-sized bin covering. In Approximation Randomization and Combinatorial Optimization. Algorithms and Techniques pages 194–205. 2012.

  • [25] Jordi Herrera-Joancomartí and Cristina Pérez-Solà. Privacy in bitcoin transactions: new challenges from blockchain scalability solutions. In Modeling Decisions for Artificial Intelligence pages 26–44. Springer 2016.

  • [26] Kashmir Hill and Surya Mattu. Before You Hit ’Submit’ This Company Has Already Logged Your Personal Data. https://gizmodo.com/before-you-hit-submit-this-companyhas-already-logge-1795906081 2017.

  • [27] Péter L Juhász József Stéger Dániel Kondor and Gábor Vattay. A bayesian approach to identify bitcoin users. arXiv preprint arXiv:1612.06747 2016.

  • [28] Harry Kalodner Steven Goldfeder Alishah Chator Malte Möser and Arvind Narayanan. Blocksci: Design and applications of a blockchain analysis platform. arXiv preprint arXiv:1709.02489 2017.

  • [29] John Koetsier. 90% of marketers say retargeting now as good as search ads email marketing. VentureBeat https://venturebeat.com/2014/12/16/90-of-marketers-sayretargeting-now-as-good-as-search-ads-email-marketing/ 2014.

  • [30] Philip Koshy Diana Koshy and Patrick D. McDaniel. An analysis of anonymity in bitcoin using P2P network traffic. In Financial Cryptography and Data Security.

  • [31] Balachander Krishnamurthy Konstantin Naryshkin and Craig Wills. Privacy leakage vs. protection measures: the growing disconnect. In W2SP 2011.

  • [32] Balachander Krishnamurthy and Craig E Wills. On the leakage of personally identifiable information via online social networks. In Proceedings of the ACM workshop on Online social networks 2009.

  • [33] Katharina Krombholz Aljosha Judmayer Matthias Gusenbauer and Edgar Weippl. The other side of the coin: User experiences with bitcoin security and privacy. In Financial Cryptography and Data Security 2016.

  • [34] Amrit Kumar Clément Fischer Shruti Tople and Prateek Saxena. A traceability analysis of monero’s blockchain. IACR Cryptology ePrint Archive 2017.

  • [35] Pierre Laperdrix Walter Rudametkin and Benoit Baudry. Beauty and the beast: Diverting modern web browsers to build unique browser fingerprints. In IEEE Symposium on Security and Privacy 2016.

  • [36] Adam Lerner Anna Kornfeld Simpson Tadayoshi Kohno and Franziska Roesner. Internet jones and the raiders of the lost trackers: An archaeological study of web tracking from 1996 to 2016. In Proceedings of the USENIX Security Symposium 2016.

  • [37] Timothy Libert. Exposing the invisible web: An analysis of third-party http requests on 1 million websites. International Journal of Communication 9:18 2015.

  • [38] Giulio Malavolta Pedro Moreno-Sanchez Aniket Kate Matteo Maffei and Srivatsan Ravi. Concurrency and privacy with payment-channel networks. 2017.

  • [39] Gregory Maxwell. CoinJoin: Bitcoin Privacy for the Real World 2013.

  • [40] Jonathan R Mayer and John C Mitchell. Third-party web tracking: Policy and technology. In IEEE Symposium on Security and Privacy 2012.

  • [41] Sarah Meiklejohn and Claudio Orlandi. Privacy-enhancing overlays in bitcoin. In Financial Cryptography and Data Security 2015.

  • [42] Sarah Meiklejohn Marjori Pomarole Grant Jordan Kirill Levchenko Damon McCoy Geoffrey M Voelker and Stefan Savage. A fistful of bitcoins: Characterizing payments among men with no names. In Proceedings of ACM IMC 2013.

  • [43] Georg Merzdovnik Markus Huber Damjan Buhov Nick Nikiforakis Sebastian Neuner Martin Schmiedecker and Edgar Weippl. Block me if you can: A large-scale study of tracker-blocking tools. In IEEE Symposium on Security and Privacy 2017.

  • [44] Ian Miers Christina Garman Matthew Green and Aviel D Rubin. Zerocoin: Anonymous distributed e-cash from bitcoin. In IEEE Symposium on Security and Privacy 2013.

  • [45] Andrew Miller Malte Möser Kevin Lee and Arvind Narayanan. An empirical analysis of linkability in the monero blockchain. Proceedings on Privacy Enhancing Technologies 2018.

  • [46] Malte Möser and Rainer Böhme. Anonymous alone? measuring bitcoin’s second-generation anonymization techniques.

  • [47] Malte Möser and Rainer Böhme. Join me on a market for anonymity. In Proceedings of WPES. ACM 2016.

  • [48] Satoshi Nakamoto. Bitcoin: A Peer-to-Peer Electronic Cash System 2008.

  • [49] Till Neudecker and Hannes Hartenstein. Could network information facilitate address clustering in bitcoin?

  • [50] Nick Nikiforakis Luca Invernizzi Alexandros Kapravelos Steven Van Acker Wouter Joosen Christopher Kruegel Frank Piessens and Giovanni Vigna. You are what you include: large-scale evaluation of remote javascript inclusions. In Proceedings of ACM Conference on Computer and Communications Security 2012.

  • [51] Esteban Ordano. We need more coinjoin. https://medium.com/@eordano/we-need-more-coinjoin-c7fefd12dc5e 2015.

  • [52] Joseph Poon and Thaddeus Dryja. The bitcoin lightning network: Scalable off-chain instant payments. 2015.

  • [53] Rebecca S. Portnoff Danny Yuxing Huang Periwinkle Doerfler Sadia Afroz and Damon McCoy. Backpage and bitcoin: Uncovering human traickers. In Proceedings of the Conference on Knowledge Discovery and Data Mining 2017.

  • [54] r/Bitcoin. r/Bitcoin Bitcoin Websites. Reddit https://docs.google.com/document/d/1pFHJ34pZ_5Umfmlk_eAIcBSscSAA-3xd6qWYzeEYhec/edit 2017.

  • [55] Fergal Reid and Martin Harrigan. An analysis of anonymity in the bitcoin system. In Security and Privacy in Social Networks pages 197–223. Springer 2013.

  • [56] Franziska Roesner Tadayoshi Kohno and David Wetherall. Detecting and defending against third-party tracking on the web. In USENIX Symposium on Networked Systems Design and Implementation 2012.

  • [57] Dorit Ron and Adi Shamir. Quantitative analysis of the full bitcoin transaction graph. In Financial Cryptography and Data Security 2013.

  • [58] Tim Ruffing Pedro Moreno-Sanchez and Aniket Kate. Coinshuffle: Practical decentralized coin mixing for bitcoin. ESORICS 2014.

  • [59] Jan-Willem Selij. Coinshuffle anonymity in the block chain. 2015.

  • [60] Ashkan Soltani Shannon Canty Quentin Mayo Lauren Thomas and Chris Jay Hoofnagle. Flash cookies and privacy. In AAAI Spring Symposium: Intelligent Information Privacy Management 2010.

  • [61] Aditya K Sood and Richard J Enbody. Malvertising – exploiting web advertising. Computer Fraud & Security 2011.

  • [62] Spendabit.co. Merchants Accepting Bitcoin - Spendabit. https://spendabit.co/merchants 2017.

  • [63] Nicolas van Saberhagen. Cryptonote v2.0. https://cryptonote.org/whitepaper.pdf 2013.

  • [64] Shaileshh Bojja Venkatakrishnan Giulia Fanti and Pramod Viswanath. Dandelion: Redesigning the bitcoin network for anonymity. arXiv preprint arXiv:1701.04439 2017.

  • [65] Danny Yang Jack Gavigan and Zooko Wilcox-O’Hearn. Survey of confidentiality and privacy preserving technologies for blockchains. https://z.cash/static/R3_Confidentiality_and_Privacy_Report.pdf 2016.

  • [66] Zhonghao Yu Sam Macbeth Konark Modi and Josep M Pujol. Tracking the trackers. In Proceedings of the Conference on World Wide Web 2016.

Journal information
Cited By
All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 2436 1586 108
PDF Downloads 1771 1151 70