Recently, a group of researchers at Princeton University have posted an article highlighting privacy issues of making encrypted payments on online merchant sites that use browser cookies to collect user data. The findings of the paper suggest that bitcoin users lose much of the anonymity of the digital currency when buying online. Transactions can be linked to user identities through the very common use of tracking programs that can be used online.
Dillon Reisman and Princeton University scholars Steven Goldfeder, Harry Kalodner and Arvind Narayanan demonstrate in their article entitled “When the cookie meets the block chain: the privacy risks of web payments through cryptones” the subject of tracking cookies.
Remember that a cookie is a small file that sends a web server to the hard disk of the user user who visits it, with information about their preferences and navigation guidelines.
While it’s no wonder that marketers use customer data to re-target ads on social networking networks like Facebook or ad platforms like GoogleAds, it’s interesting to evaluate and see how easy it is to link bitcoin transactions to users at through the use of standard tracking software and lock chain analysis.
In the article, researchers at Princeton University show how third-party web crawlers can deanonymize users of cryptocurrencies. For this study they presented two distinct but complementary attacks. On most shopping websites, third-party crawlers receive information about users’ purchases for advertising and analytical purposes. They demonstrated that if the user pays using a crypto-currency, crawlers often have enough purchase information to uniquely identify the transaction in the blockchain, link it to the user’s cookie, and also to the user’s real identity. The second attack shows that if the crawler is able to link two purchases from the same user to the block chain in this way, it can identify the entire group of user addresses and transactions in the blockchain, even if the user employs anonymity block like CoinJoin. Attacks are passive and therefore can be applied retroactively to past purchases. You can view the complete document at https://arxiv.org/pdf/1708.04748.pdf
We invite you to follow the day by day about the cryptocurrencies, blockchain and bitcoin world at Crypto-economy.
