Payment Censorship in the Lightning Network Despite Encrypted Communication

Authors Charmaine Ndolo , Florian Tschorsch



PDF
Thumbnail PDF

File

LIPIcs.AFT.2024.12.pdf
  • Filesize: 1.49 MB
  • 24 pages

Document Identifiers

Author Details

Charmaine Ndolo
  • Dresden University of Technology, Germany
Florian Tschorsch
  • Dresden University of Technology, Germany

Cite AsGet BibTex

Charmaine Ndolo and Florian Tschorsch. Payment Censorship in the Lightning Network Despite Encrypted Communication. In 6th Conference on Advances in Financial Technologies (AFT 2024). Leibniz International Proceedings in Informatics (LIPIcs), Volume 316, pp. 12:1-12:24, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2024)
https://doi.org/10.4230/LIPIcs.AFT.2024.12

Abstract

The Lightning network (LN) offers a solution to Bitcoin’s scalability limitations by providing fast and private off-chain payments. In addition to the LN’s long known application-level centralisation, recent work has highlighted its centralisation at the network-level which makes it vulnerable to attacks on privacy by malicious actors. In this work, we explore the LN’s susceptibility to censorship by a network-level actor such as a malicious autonomous system. We show that a network-level actor can identify and censor all payments routed via their network by just examining the packet headers. Our results indicate that it is viable to accurately identify LN messages despite the fact that all inter-peer communication is end-to-end encrypted. Additionally, we describe how a network-level observer can determine a node’s role in a payment path based on timing, direction of flow and message type, and demonstrate the approach’s feasibility using experiments in a live instance of the network. Simulations of the attack on a snapshot of the Lightning mainnet suggest that the impact of the attack varies from mild to potentially dramatic depending on the adversary and type of payments that are censored. We analyse countermeasures the network can implement and come to the conclusion that an adequate solution comprises constant message sizes as well as dummy traffic.

Subject Classification

ACM Subject Classification
  • Networks → Network privacy and anonymity
  • Security and privacy → Software and application security
  • Security and privacy → Distributed systems security
Keywords
  • Lightning network
  • payment channel networks
  • censorship resistance

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads

References

  1. Bolt: Basis of lightning technology (lightning network specifications). URL: https://github.com/lightning/bolts.
  2. XDP - IO Visor Project. https://www.iovisor.org/technology/xdp, 2016. [Accessed 01/02/2024].
  3. Maria Apostolaki, Cedric Maire, and Laurent Vanbever. Perimeter: A network-layer attack on the anonymity of cryptocurrencies. In Financial Cryptography and Data Security - 25th International Conference, FC 2021, Virtual Event, March 1-5, 2021, Revised Selected Papers, Part I, volume 12674 of Lecture Notes in Computer Science, pages 147-166. Springer, 2021. URL: https://doi.org/10.1007/978-3-662-64322-8_7.
  4. Simurgh Aryan, Homa Aryan, and J. Alex Halderman. Internet censorship in iran: A first look. In 3rd USENIX Workshop on Free and Open Communications on the Internet (FOCI 13), Washington, D.C., 2013. USENIX Association. URL: https://www.usenix.org/conference/foci13/workshop-program/presentation/aryan.
  5. Michael D. Bailey, David Dittrich, Erin Kenneally, and Douglas Maughan. The menlo report. IEEE Secur. Priv., 10(2):71-75, 2012. URL: https://doi.org/10.1109/MSP.2012.52.
  6. Ferenc Béres, István András Seres, and András A. Benczúr. A cryptoeconomic traffic analysis of bitcoins lightning network. CoRR, 2019. URL: https://arxiv.org/abs/1911.09432.
  7. Gilberto Bertin. Xdp in practice: integrating xdp into our ddos mitigation pipeline. In Technical Conference on Linux Networking, Netdev, volume 2, pages 1-5. The NetDev Society, 2017. Google Scholar
  8. Kevin Bock, George Hughey, Xiao Qiang, and Dave Levin. Geneva: Evolving censorship evasion strategies. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pages 2199-2214. Association for Computing Machinery, 2019. URL: https://doi.org/10.1145/3319535.3363189.
  9. Pedro Casas, Matteo Romiti, Peter Holzer, Sami Ben Mariem, Benoit Donnet, and Bernhard Haslhofer. Where is the light(ning) in the taproot dawn? unveiling the bitcoin lightning (IP) network. In 10th IEEE International Conference on Cloud Networking, CloudNet 2021, Cookeville, TN, USA, November 8-10, 2021, pages 87-90. IEEE, 2021. URL: https://doi.org/10.1109/CLOUDNET53349.2021.9657121.
  10. George Danezis and Ian Goldberg. Sphinx: A compact and provably secure mix format. In 30th IEEE Symposium on Security and Privacy (SP 2009), 17-20 May 2009, Oakland, California, USA, pages 269-282. IEEE Computer Society, 2009. URL: https://doi.org/10.1109/SP.2009.15.
  11. Kevin P. Dyer, Scott E. Coull, Thomas Ristenpart, and Thomas Shrimpton. Peek-a-boo, i still see you: Why efficient traffic analysis countermeasures fail. In 2012 IEEE Symposium on Security and Privacy, pages 332-346, 2012. URL: https://doi.org/10.1109/SP.2012.28.
  12. Oguzhan Ersoy, Stefanie Roos, and Zekeriya Erkin. How to profit from payments channels. In Financial Cryptography and Data Security - 24th International Conference, FC 2020, Kota Kinabalu, Malaysia, February 10-14, 2020 Revised Selected Papers, volume 12059 of Lecture Notes in Computer Science, pages 284-303. Springer, 2020. URL: https://doi.org/10.1007/978-3-030-51280-4_16.
  13. Arturo Filastò and Jacob Appelbaum. OONI: Open observatory of network interference. In 2nd USENIX Workshop on Free and Open Communications on the Internet (FOCI 12). USENIX Association, 2012. URL: https://www.usenix.org/system/files/conference/foci12/foci12-final12.pdf.
  14. Daniel Kahn Gillmor. Empirical dns padding policy. https://dns.cmrg.net/ndss2017-dprive-empirical-DNS-traffic-size.pdf, 2017. [Accessed 03/04/2024].
  15. Nguyen Phong Hoang, Arian Akhavan Niaki, Jakub Dalek, Jeffrey Knockel, Pellaeon Lin, Bill Marczak, Masashi Crete-Nishihata, Phillipa Gill, and Michalis Polychronakis. How great is the great firewall? measuring chinaquoterights DNS censorship. In 30th USENIX Security Symposium (USENIX Security 21), pages 3381-3398. USENIX Association, 2021. URL: https://www.usenix.org/conference/usenixsecurity21/presentation/hoang.
  16. Toke Høiland-Jørgensen, Jesper Dangaard Brouer, Daniel Borkmann, John Fastabend, Tom Herbert, David Ahern, and David Miller. The express data path: fast programmable packet processing in the operating system kernel. In Proceedings of the 14th International Conference on emerging Networking EXperiments and Technologies, CoNEXT 2018, Heraklion, Greece, December 04-07, 2018, pages 54-66. ACM, 2018. URL: https://doi.org/10.1145/3281411.3281443.
  17. OpenNet Initiative. Turkmenistan, December 2010. URL: https://opennet.net/research/profiles/turkmenistan.
  18. Marc Juarez, Mohsen Imani, Mike Perry, Claudia Díaz, and Matthew Wright. Toward an efficient website fingerprinting defense. In Computer Security - ESORICS 2016 - 21st European Symposium on Research in Computer Security, Heraklion, Greece, September 26-30, 2016, Proceedings, Part I, volume 9878 of Lecture Notes in Computer Science, pages 27-46. Springer, 2016. URL: https://doi.org/10.1007/978-3-319-45744-4_2.
  19. George Kappos, Haaroon Yousaf, Ania M. Piotrowska, Sanket Kanjalkar, Sergi Delgado-Segura, Andrew Miller, and Sarah Meiklejohn. An empirical analysis of privacy in the lightning network. In Financial Cryptography and Data Security - 25th International Conference, FC 2021, Virtual Event, March 1-5, 2021, Revised Selected Papers, Part I, volume 12674 of Lecture Notes in Computer Science, pages 167-186. Springer, 2021. URL: https://doi.org/10.1007/978-3-662-64322-8_8.
  20. Albert Kwon, Mashael AlSabah, David Lazar, Marc Dacier, and Srinivas Devadas. Circuit fingerprinting attacks: Passive deanonymization of tor hidden services. In 24th USENIX Security Symposium, USENIX Security 15, Washington, D.C., USA, August 12-14, 2015, pages 287-302. USENIX Association, 2015. URL: https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/kwon.
  21. Jian-Hong Lin, Kevin Primicerio, Tiziano Squartini, Christian Decker, and Claudio J. Tessone. Lightning network: a second path towards centralisation of the bitcoin economy. CoRR, 2020. URL: https://arxiv.org/abs/2002.02819.
  22. Angelique Faye Loe and Elizabeth Anne Quaglia. You shall not join: A measurement study of cryptocurrency peer-to-peer bootstrapping techniques. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, November 11-15, 2019, pages 2231-2247. ACM, 2019. URL: https://doi.org/10.1145/3319535.3345649.
  23. A. Mayrhofer. Padding policies for extension mechanisms for dns (edns(0)). https://datatracker.ietf.org/doc/html/rfc8467, 2018. [Accessed 03/04/2024].
  24. Ayelet Mizrahi and Aviv Zohar. Congestion attacks in payment channel networks. In Financial Cryptography and Data Security - 25th International Conference, FC 2021, Virtual Event, March 1-5, 2021, Revised Selected Papers, Part II, volume 12675 of Lecture Notes in Computer Science, pages 170-188. Springer, 2021. URL: https://doi.org/10.1007/978-3-662-64331-0_9.
  25. Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system, 2008. URL: https://nakamotoinstitute.org/bitcoin/.
  26. Charmaine Ndolo and Florian Tschorsch. On the (not so) surprising impact of multi-path payments on performance and privacy in the lightning network. In Computer Security. ESORICS 2023 International Workshops - CyberICS, DPM, CBT, and SECPRE, The Hague, The Netherlands, September 25-29, 2023, Revised Selected Papers, Part I, volume 14398 of Lecture Notes in Computer Science, pages 411-427. Springer, 2023. URL: https://doi.org/10.1007/978-3-031-54204-6_25.
  27. Rishab Nithyanand, Oleksii Starov, Phillipa Gill, Adva Zair, and Michael Schapira. Measuring and mitigating as-level adversaries against tor. In 23rd Annual Network and Distributed System Security Symposium, NDSS 2016, San Diego, California, USA, February 21-24, 2016. The Internet Society, 2016. URL: http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2017/09/measuring-mitigating-as-level-adversaries-against-tor.pdf.
  28. Sadia Nourin, Van Tran, Xi Jiang, Kevin Bock, Nick Feamster, Nguyen Phong Hoang, and Dave Levin. Measuring and evading turkmenistan’s internet censorship: A case study in large-scale measurements of a low-penetration country. In Proceedings of the ACM Web Conference 2023, WWW '23, pages 1969-1979. Association for Computing Machinery, 2023. URL: https://doi.org/10.1145/3543507.3583189.
  29. Trevor Perrin. The noise protocol framework. https://noiseprotocol.org/noise.pdf, 2018. [Accessed 05/04/2024].
  30. Joseph Poon and Thaddeus Dryja. The bitcoin lightning network: Scalable off-chain instant payments, January 2016. URL: https://lightning.network/lightning-network-paper.pdf.
  31. Elias Rohrer and Florian Tschorsch. Counting down thunder: Timing attacks on privacy in payment channel networks. In AFT '20: 2nd ACM Conference on Advances in Financial Technologies, New York, NY, USA, October 21-23, 2020, pages 214-227. ACM, 2020. URL: https://doi.org/10.1145/3419614.3423262.
  32. Muhammad Saad and David Mohaisen. Three birds with one stone: Efficient partitioning attacks on interdependent cryptocurrency networks. In 44th IEEE Symposium on Security and Privacy, SP 2023, San Francisco, CA, USA, May 21-25, 2023, pages 111-125. IEEE, 2023. URL: https://doi.org/10.1109/SP46215.2023.10179456.
  33. Dominik Scholz, Daniel Raumer, Paul Emmerich, Alexander Kurtz, Krzysztof Lesiak, and Georg Carle. Performance implications of packet filtering with linux ebpf. In 30th International Teletraffic Congress, ITC 2018, Vienna, Austria, September 3-7, 2018 - Volume 1, pages 209-217. IEEE, 2018. URL: https://doi.org/10.1109/ITC30.2018.00039.
  34. István András Seres, László Gulyás, Dániel A. Nagy, and Péter Burcsi. Topological analysis of bitcoin’s lightning network. In Mathematical Research for Blockchain Economy, 1st International Conference, MARBLE 2019, Santorini, Greece, May 6-9, 2019, pages 1-12. Springer, 2019. URL: https://doi.org/10.1007/978-3-030-37110-4_1.
  35. RFE/RL’s Turkmen Service. Internet in turkmenistan, already the world’s slowest, faces further restrictions, January 2022. URL: https://www.rferl.org/a/turkmenistan-internet-slowest-restrictions/31652467.html.
  36. Vitaly Shmatikov and Ming-Hsiu Wang. Timing analysis in low-latency mix networks: Attacks and defenses. In Computer Security - ESORICS 2006, 11th European Symposium on Research in Computer Security, Hamburg, Germany, September 18-20, 2006, Proceedings, volume 4189 of Lecture Notes in Computer Science, pages 18-33. Springer, 2006. URL: https://doi.org/10.1007/11863908_2.
  37. Paulo Silva. Impact of geo-distribution and mining pools on blockchains: A study of ethereum - practical experience report and ongoing phd work. In 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks, DSN 2020, Valencia, Spain, June 29 - July 2, 2020 - Supplemental Volume, pages 73-74. IEEE, 2020. URL: https://doi.org/10.1109/DSN-S50200.2020.00039.
  38. Srivatsan Sridhar, Onur Ascigil, Navin V. Keizer, François Genon, Sébastien Pierre, Yiannis Psaras, Etienne Rivière, and Michal Król. Content censorship in the interplanetary file system. CoRR, 2023. URL: https://doi.org/10.48550/arXiv.2307.12212.
  39. Yixin Sun, Anne Edmundson, Laurent Vanbever, Oscar Li, Jennifer Rexford, Mung Chiang, and Prateek Mittal. RAPTOR: routing attacks on privacy in tor. In 24th USENIX Security Symposium, USENIX Security 15, Washington, D.C., USA, August 12-14, 2015, pages 271-286. USENIX Association, 2015. URL: https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/sun.
  40. Sergei Tikhomirov, Pedro Moreno-Sanchez, and Matteo Maffei. A quantitative analysis of security, anonymity and scalability for the lightning network. In IEEE European Symposium on Security and Privacy Workshops, EuroS&P Workshops 2020, Genoa, Italy, September 7-11, 2020, pages 387-396. IEEE, 2020. URL: https://doi.org/10.1109/EUROSPW51379.2020.00059.
  41. Saar Tochner, Stefan Schmid, and Aviv Zohar. Hijacking routes in payment channel networks: A predictability tradeoff. CoRR, 2019. URL: https://arxiv.org/abs/1909.06890.
  42. Florian Tramèr, Dan Boneh, and Kenny Paterson. Remote side-channel attacks on anonymous transactions. In 29th USENIX Security Symposium, USENIX Security 2020, August 12-14, 2020, pages 2739-2756. USENIX Association, 2020. URL: https://www.usenix.org/conference/usenixsecurity20/presentation/tramer.
  43. Theo von Arx, Muoi Tran, and Laurent Vanbever. Revelio: A network-level privacy attack in the lightning network. In 8th IEEE European Symposium on Security and Privacy, EuroS&P 2023, Delft, Netherlands, July 3-7, 2023, pages 942-957. IEEE, 2023. URL: https://doi.org/10.1109/EUROSP57164.2023.00060.
  44. Anton Wahrstätter, Jens Ernstberger, Aviv Yaish, Liyi Zhou, Kaihua Qin, Taro Tsuchiya, Sebastian Steinhorst, Davor Svetinovic, Nicolas Christin, Mikolaj Barczentewicz, and Arthur Gervais. Blockchain censorship. In Proceedings of the ACM on Web Conference 2024, WWW 2024, Singapore, May 13-17, 2024, pages 1632-1643. ACM, 2024. URL: https://doi.org/10.1145/3589334.3645431.
  45. Xueyang Xu, Zhuoqing Morley Mao, and J. Alex Halderman. Internet censorship in china: Where does the filtering occur? In Passive and Active Measurement - 12th International Conference, PAM 2011, Atlanta, GA, USA, March 20-22, 2011. Proceedings, volume 6579 of Lecture Notes in Computer Science, pages 133-142. Springer, 2011. URL: https://doi.org/10.1007/978-3-642-19260-9_14.
  46. Tarun Kumar Yadav, Akshat Sinha, Devashish Gosain, Piyush Kumar Sharma, and Sambuddho Chakravarty. Where the light gets in: Analyzing web censorship mechanisms in india. In Proceedings of the Internet Measurement Conference 2018, IMC '18, pages 252-264. Association for Computing Machinery, 2018. URL: https://doi.org/10.1145/3278532.3278555.
  47. Philipp Zabka, Klaus-Tycho Förster, Stefan Schmid, and Christian Decker. Node classification and geographical analysis of the lightning cryptocurrency network. In ICDCN '21: International Conference on Distributed Computing and Networking, Virtual Event, Nara, Japan, January 5-8, 2021, pages 126-135. ACM, 2021. URL: https://doi.org/10.1145/3427796.3427837.
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail