Researchers Discover Flaws in Digital Currency Monero That Could Reveal Identity of Users

Researchers have discovered flaws in Monero, a digital currency that boasts a high degree of anonymity, that could lead to the identification of users. From a report: Monero is designed to mix up any given Monero "coin" with other payments, so that anyone scouring Monero's blockchain can't link it to any particular identity or previous transaction from the same source. But in a recent paper, a team of researchers from a broad collection of institutions -- including Princeton, Carnegie Mellon, Boston University, MIT, and the University of Illinois at Urbana-Champaign -- point to flaws in that mixing that make it possible to nonetheless extract individual transactions.

That shouldn't just worry anyone trying to stealthily spend Monero today. It also means evidence of earlier not-quite-untraceable payments remain carved into Monero's blockchain for years to come, visible for any snoop that cares to look.

A Fool and his Crypto Currency

[bobstreo]

Are soon parted... /s

There is a reason there is FDIC insurance in the US...

Re:

[bobbied]

Are soon parted... /s

There is a reason there is FDIC insurance in the US...

Teddy Roosevelt did that FIDC thing in a somewhat successful effort to stem the tide of the great depression by printing a LOT of money to bail out the insolvent banks. This was designed to stop the bank runs that where sucking all the cash out of the economy by stuffing it into mattresses for safe keeping.

It was the original "To BIG to fail" bail out, at taxpayers expense and we've not been able to stop doing it for every financial hiccup since.

Re:

[vtcodger]

Franklin, not Teddy. And Roosevelt might well have been more interested in protecting depositors than in protecting banks.

Re:

[bobbied]

Yes, Franklin.. Sorry for the mistake.

Protecting depositors by bailing out banks... To get money back into circulation by getting it back into banks and not stuffed in mattresses... Sort of the "trickle down theory" if you think about it.

Actually, I think the real benefit was to expand the money supply dramatically and quickly. Even with that, recovery was muted by the dust bowel and what Carter would have called a "general malaise" where the population was focused on possible impending doom and hesitant

Re:

[BranMan]

" In 1900 a million dollars was quite the mound of cash..."

Actually, not so much - yes it was a LOT of money back then, but the US also printed $5,000 bills. So a million could be a neat little stack of 200 bills. Today, however, it's a mound.

Anyone surprised...

[YukariHirai]

Anyone who's surprised by this isn't suspicious enough of the idea that a currency built on a permanent public ledger of transactions could possibly be anonymous.

The cryptographers in the world, all hacked

[raymorris]

It wouldn't matter if they WERE the best and brightest. If you study cryptography you learn about famous cryptographers such as Polybius, Trithemius, VigenÃre, Stager, Scherbius, Rivest, and Schneier. These are the best cryptographers the world has ever seen. They all have own thing in common - their creations have all been hacked, broken.

A fundamental law is that it is easier to break something than to make that thing. Physicists call this "maximum entropy" - things naturally tend away from order an

Re:

[Srin Tuar]

> Schneier

Not all of Schneier's works have been broken yet, and many crypto algorithms have only been broken due to small key sizes, and not due to cryptanalysis.

> Physicists call this "maximum entropy"

I suspect entropy actually favors the cryptographer. After all, there is more order in a message decoded than the random noise of a encrypted message never decoded.

> In cryptography, as in crime, one side has an almost insurmountable advantage.

Right now that advantage rests with the encrypter. Its f

Re:

[jwymanm]

His argument still stands that those who create and build something have everything going against their works in that a single flaw in their complex systems can bring the whole thing down. Kind of like creativity in general. Those who create are constantly ridiculed for not doing it well enough or thought out enough even by those who never create or do anything. Something made even worse by our consumer first society.

We DID break SSL PFS. Mistake of fact there

[raymorris]

> If they have been used correctly, such as the way ssl does PFS, wherein the keys used at the time are only ever used once then forgotten, it becomes impossible to glean any record of past transactions

SSL PFS has in fact been broken. Over 80% of web servers used group 1, most SSL VPNs used group 2, and all of the others used group 3 or 5. We know for sure group 1 was publicly factored, allowing the (backward) decryption of most web SSL. There is evidence that NSA factored group 2, allowing them to de

Re:

[CSMoran]

A fundamental law is that it is easier to break something than to make that thing. Physicists call this "maximum entropy" - things naturally tend away from order and structure, things break more easily than they are made.

Yep. And that's why atoms and molecules never form crystals, right? You've heard of non-decreasing entropy of a closed system and misconstrued it.
The reality is that systems *minimize* Gibbs free energy, G=U+pV-TS. Entropy is only this "S" bit.

Re:

[rtb61]

I'm just waiting for the cheapest crypt currency exchange to open, you know the one run by a three letter agency. You know they will quietly snaffle one up and then will, instead of mining currency, they will mine data and then, first the big sharks who can not be allowed to run wild and then after some time all the little piranha will feel that noose tighten, when they start issuing more public arrest warrants and brag about taking over that exchange, good luck.

Re:

[gweihir]

I am not surprised that this version still has flaws. Your argument is entirely bogus though and just shows that you do not understand security.

Re:

[thegarbz]

Just because its in a public ledger does not mean it isn't anonymous. What it means is that it is traceable within that ledger. In order to identify *who* actually did something you still need to go through an exercise of deanonymising the user. Just because you know that {cryptohash} bought realhash for $10 doesn't automatically tell you who {cryptohash} is.

Kind of like this post here on Slashdot. If you take a careful look at your replies you may be able to deanonymise one of the Anonymous Cowards who rep

Re:

[humankind]

We've seen time and time again, how meta information can be much more revealing than people think.

You don't have to necessarily make any mistakes to have previously thought details about a transaction become obvious. The most obvious way people's personal info is compromised is not through their own mistakes, but the mistake of a friend or business associate who gets compromised.

In fact any digital-realm transaction, whether we're talking about crypto, e-mail or an internet post, is probably one of the le

Re:

[YukariHirai]

Really, it's more akin to my posts, rather than any Anonymous Cowards replying to my posts. There is the common thread, my username, attached to every post I've made. Looking at every post I've made and what I've said about my real life in them, one could build a profile on me - incomplete, but potentially enough to match to a profile from a different source.

Cryptocurrencies will be less anonymous than that. In my posts I could be embellishing the truth (or outright lying) enough to throw off a match, thoug

Cryptoscam everywhere!

[Anonymous Coward]

If so-called cryptocurrencies are really good innovation, why they attract so many criminals/criminal activity?
Could it really be because, all cryptocurrencies themselves are scams, and that is why they attract all kinds of criminals/criminal activity?

If so-called cryptocurrencies are really currency, why no company/store can use Bitcoin as currency anymore?
Because the price of Bitcoin proved to be extremely unstable to use as a currency?
Would the result be different, if Bitcoin replaced by any other "crypt

I beg to differ!

[DontBeAMoran]

The price of Dogecoin is extremely stable.

From day one, one Dogecoin has always been equal to one Dogecoin.

Is this the same attack that keeps being reported?

[FeelGood314]

Monero has several functions to create anonymity, each one on it's own doesn't do it but combined there is a nice proof that they do. Every 6 months some idiot points out that one of the functions can be beaten. It's so common I'm not even going to bother reading the paper this time.

Re:

[humankind]

In this way the government can side-step and bypass the BoR/civil rights by employing a third-party.

Which amendment in the Bill of Rights says a company doesn't have the right to refuse to service another company?

Re:

[BlueStrat]

In this way the government can side-step and bypass the BoR/civil rights by employing a third-party.

Which amendment in the Bill of Rights says a company doesn't have the right to refuse to service another company?

It's the one right next to the amendment allowing the government to strong-arm and blackmail financial institutions with threats of endless investigations by government regulators into refusing to allow legal businesses to perform legal commercial transactions with law-abiding citizens for purely political reasons.

Strat

Old news...

[Daneel Olivaw R.]

https://getmonero.org/2017/04/... [getmonero.org] FYI: the link is more than a year old.