diff --git a/sietch.bib b/sietch.bib index ab05339..c5f00a7 100644 --- a/sietch.bib +++ b/sietch.bib @@ -1,11 +1,11 @@ -% [CBCTIME] Canvel, B., Hiltgen, A., Vaudenay, S., and M. Vuagnoux, -% "Password Interception in a SSL/TLS Channel", Advances in -% Cryptology -- CRYPTO , 2003. -% -% [COMPLEAK] -% Kelsey, K., "Compression and information leakage of -% plaintext", Fast software encryption , 2002. -% +% Thank You, Satoshi +@misc{Bitcoin, + author={Satoshi Nakamoto}, + title={Bitcoin: A Peer-to-Peer Electronic Cash System}, + date={2020-05-08}, + url={https://bitcoin.org/bitcoin.pdf}, + urldate={2020-05-08} +} @misc{Zcash, author={Daira Hopwood}, @@ -14,6 +14,55 @@ urldate={2020-05-08} } +@misc{CBCTIME, + author={Canvel, B., Hiltgen, A., Vaudenay, S., and M. Vuagnoux}, + title={Password Interception in a SSL/TLS Channel}, + url={https://www.iacr.org/cryptodb/archive/2003/CRYPTO/1069/1069.pdf}, + howpublished={Advances in Cryptology -- CRYPTO 2003} +} + +% http://www.breachattack.com/ +@misc{BREACH, + author={Wikipedia}, + url={https://en.wikipedia.org/wiki/BREACH}, + urldate={2020-05-08} +} + +@misc{CRIME, + author={Wikipedia}, + url={https://en.wikipedia.org/wiki/CRIME}, + urldate={2020-05-08} + +} + +@misc{HEIST, + author={Mathy Vanhoef and Tom Van Goethem}, + url={https://tom.vg/papers/heist_blackhat2016.pdf}, + urldate={2020-05-08} +} +% https://tom.vg/papers/heist_blackhat2016.pdf + +%@misc{COMPLEAK, +% author={Kelsey, K.}, +% title={Compression and information leakage of plaintext}, +% howpublished={Fast software encryption, 2002} +%} + +%@inproceedings{fse-2002-3091, +@misc{COMPLEAK, + title={Compression and Information Leakage of Plaintext}, + booktitle={Fast Software Encryption, 9th International Workshop, FSE 2002, Leuven, Belgium, February 4-6, 2002, Revised Papers}, + series={Lecture Notes in Computer Science}, + publisher={Springer}, + volume={2365}, + pages={263-276}, + url={https://iacr.org/archive/fse2002/23650264/23650264.pdf}, + doi={10.1007/3-540-45661-9_21}, + author={John Kelsey}, + year=2002 +} + + @misc{SietchRPC, author={The Hush Developers}, title={hushd src/wallet/rpcwallet.cpp}, diff --git a/sietch.pdf b/sietch.pdf index 3ae4902..8f61a4d 100644 Binary files a/sietch.pdf and b/sietch.pdf differ diff --git a/sietch.tex b/sietch.tex index a6bd30d..375e280 100644 --- a/sietch.tex +++ b/sietch.tex @@ -547,7 +547,7 @@ the core concepts here can be applied. \nsubsection{Types Of Shielded Transactions} There are many types of shielded transactions, mirroring the complexity of transparent transactions -in Bitcoin Protocol. Here we introduce a convention for describing transactions and list commononly seen transactions: +in \cite{Bitcoin} Protocol. Here we introduce a convention for describing transactions and list commononly seen transactions: \begin{itemize} @@ -781,10 +781,18 @@ that particular reason is conveniently given when consensus-level errors are emi The ITM Attack is a special case of what we name \textbf{Metaverse Metadata Attacks}, applied to Zcash Protocol shielded transaction graphs. -The term \textbf{Metaverse} is appropriate because alternate possible blockchain histories can be simulated to see what consensus rules would have produced. By meticulously changing -one piece of data at a time, the analyst can use the consensus rules at that moment in blockchain history as an \textbf{oracle}. In this sense, \textbf{Metaverse} attacks can be classified as \textbf{consensus oracle attacks}, similar to \textbf{compression oracle} attacks and \textbf{padding oracle} attacks such as BREACH and CRIME against TLS. +The term \textbf{Metaverse} is appropriate because alternate possible blockchain histories can be simulated to see what consensus rules would have produced. +By meticulously changing one piece of data at a time, the analyst can use the consensus rules at that moment in blockchain history as an \textbf{oracle}. +In this sense, \textbf{Metaverse} attacks can be classified as \textbf{consensus oracle attacks}, similar to \textbf{compression oracle} attacks and \textbf{padding oracle} +attacks such as \cite{BREACH}, \cite{CRIME} and \cite{HEIST} against SSL/TLS. -As far as the authors know this is a new technique that has not been publicly described. Blockchain consensus rules can be simulated in a vacuum and the scientific method of changing one variable at a time can be used to extract metadata from privacy coin public data. +While the above attacks are \textbf{side-channel attacks} using the timing response of requests, +Metaverse Metadata Attacks are side-channels that study public chain data and consensus-level +errors in simulations. + +As far as the authors know this is a new technique that has not been publicly described. +Blockchain consensus rules can be simulated in a vacuum and the scientific method of changing one variable at a time can be used to extract metadata from privacy coin public data. +There is untold amounts of metadata which can be "mined" from public blockchain data married to OSINT datasources. \nsection{Sietch: Theory}