2013/10/16

Bitcoin as a law enforcement/natsec honeypot: what is the evidence?

Paranoia appears to be the order of the day, given what we know about the NSA and GCHQ thanks to Edward Snowden. Absent from the stories so far is any mention of Bitcoin. I find this odd - Bitcoin is the most cypherpunky of all crypto technologies, after all.

I want to make the case, without necessarily endorsing it, that we should be much more suspicious of Bitcoin than we are at present.

1) Bitcoin was almost certainly a team effort. The design has been peer-reviewed and is found to be remarkably secure, complete and well-rounded[1]. I argue that this suggests that a peer-review or quality control process has already been applied. If one individual cryptographer had written Bitcoin, it would contain far more idiosyncracies than it does, not just in the cryptosystem design but also in the C++ code itself. The core protocol itself, which uses a Turing-incomplete programming language, has had only one major vulnerability found in its design and execution.

For comparison, the Amazon AWS API is also a huge team effort that was also (I assume) designed with the help of competent Internet protocol and cryptography experts, and also has suffered from only one major vulnerability, which was found by a certified genius, Colin Percival. Likewise Colin's own one-person-product, the highly secure backup facility Tarsnap has also had only one serious vulnerability to date.

Bitcoin is at least one order of magnitude more complex than Tarsnap, or the crypto used in v1 of the Amazon AWS API. We should have seen far more bugs of varying severities if it was a one man band.

2) The author(s) created, maintained and then apparently retired a pseudonym (Satoshi Nakamoto) while staying completely anonymous on the Internet.


As an achievement this is almost as impressive as Bitcoin itself, albeit of a different nature.

Using the Internet anonymously is much harder than one would think. Things like Tor are vital of course, but beyond that there is the practice of operational security to a very high standard. One slip-up is enough to junk the whole identity, e.g. logging on to a pseudononymous account from an insecure location, or even sending a cookie obtained via Tor 'in the clear', is enough.

As a real-world example, the assassination of Rafic Hariri in Lebanon was pinned on Hezbollah because one of their agents made a single phone call to his girlfriend with his dedicated operational phone instead of his personal mobile.

3) Bitcoin is, by design, highly vulnerable to network analysis. Network analysis can be used to comb through large graphs looking for patterns or suspicious behaviour. Because the entire transaction graph of Bitcoin is public, anyone can perform network analysis on the whole Bitcoin network. This is not so significant by itself, but becomes vitally important when combined with the next point.

4) In the absence of good network analysis, the Bitcoin network is not legally attackable at the point where hard currency is converted. Network analysis backed up with law enforcement or hacking, however, could be extremely effective, and this fits the MO for some large three letter agencies: as we have seen with the recent disclosures of NSA attacks against SSL and Tor, the most successful attacks are multi-pronged: they combine, for example, legal strong-arming with technical know-how and hacking.

Obtaining the transaction logs of a currency exchange would give a starting points from which the rest of the transaction graph can be de-anonymised.

5) One single party controls more than 25% of all BTCs in circulation.[2] Someone, somewhere has the ability to destabilise the BTC currency exchange market at will. If you think of BTCs as a commodity instead of a currency, it is obvious that anyone holding large reserves can wreak havoc by dumping their holdings on the market. They could also bankrupt or bleed the exchanges dry of working capital by converting large sums of BTC over a period of time.

6) Whoever wrote Bitcoin must have known that it would attract criminals and wingnuts like flies to a honeypot. After all, look at the history of cyptocash and you can't help but notice Jim Bell's 'assassination politics', or realise the potential for mischief within the combination of hidden servers and cryptocash. Once Bitcoin was established and hidden servers were possible via Tor, Silk Road was inevitable. Even with the demise of Silk Road, Bitcoin is still used for money laundering, paying for skimmed credit card numbers and for 0-day exploits - in this last case, maybe even by the NSA itself.

7) 'Satoshi Nakamoto' is an anagram of 'Ma, I took NSA oath!' :-) But seriously:


To summarise, Bitcoin was apparently designed by good cryptographers and peer-reviewed before it was released. It was almost certainly written by a team of good coders.[1] The entity that did this practiced impeccable operational security. Bitcoin was designed to be difficult to attack by non-state actors, but was also designed to be inherently vulnerable to network analysis, especially so when combined with legal and covert access techniques. A single entity retains the ability to severely disrupt the BTC market through its control of large reserves, and only the most unaware or blinkered recluse could have failed to realise its potential target market mainly consisted of rogues and blackguards.

Whether or not this points to a law enforcement or national security agency as I've suggested, I think it's evident that we cannot assume that the creation of Bitcoin was motivated by altruism, or even by the strain of libertarian cypherpunk ideology that gave Bitcoin such fertile soil in which to grow.

Dan Kaminsky was quoted by Matthew Green as saying "authorship is a better predictor of quality than openness", and likewise, motive is a better predictor of the true purpose of a tool than its quality. The motive of the creators of Bitcoin remains completely unknown.

***

Corrections and footnotes

[1] As per the HN discussion, apparently the first BitCoin client was quite buggy in the beginning. Only one exploit was used on the network, but see the Bitcoin CVE list here for a more realistic list of the software bugs encountered in Bitcoin. Worth noting is that this is a separate issue to bugs in the design of the cryptosystem. Thanks to nwh on HN for the pointer.

[2] I previously stated that "...and has tried to hide that fact" but this is based on a misreading of the paper. Thanks to mcphilip on HN for pointing that out.

There's an interesting discussion over at Hacker News where some good counterpoints are made.

8 comments:

  1. "Internet as a law enforcement/natsec honeypot: what is the evidence?"
    [same mambo jumbo]

    ReplyDelete
  2. Hi, I came here to say this.

    "This."


    P.S. Great ideas.

    ReplyDelete
  3. What an interesting website name, I'll have to look thru your archives.

    The honeypot idea seems like a very plausible explanation.

    Here's a paranoid idea, you might find interesting: what if Microsoft loses enough market share to become unprofitable. Do they have a backup plan in the form of switching to the RIAA business model- suing all who have ever pirated their software?
    Surely they are as capable of tracking their softwares use, as the RIAA?

    ReplyDelete
  4. You should read http://www.gwern.net/Bitcoin%20is%20Worse%20is%20Better

    ReplyDelete
  5. The Secret Service is using Cyber Corps programs as bitcoin mining operations in addition to their usual existence as funnels into the NSA.

    ReplyDelete
  6. Funny this is what I always had in the back of my head and a reason I never jumped on the old hayride as it seems. The questions I had were re the developer or developers too but this was in reference to Educational Institution that was originally listed as I believe it is front so to speak for N S A and that has recdntly been confirmed in fellatio article on Tailored Access Program linking N S A to research schools and corps.
    Thank you for helping.

    ReplyDelete
  7. If you accept that technology is in the MIC released in a different tim then and then marry that with quantum computing and overlay the "intelligence" full spectrum dominance evangelist doctrine of the current USA government it would hardly be a suprise that bitcoin is a honey type culling device. Silkie Veiled Threat?
    Myself I wondered why some of the controlled opposition of the "Alternative Media" downplayed it while earnest types practically swooned that it would overturn the current financial structure in the West.
    Also it seems previous there was a big "bust" of another type crypto currency and then voila there was bitcoin along with it's Scarlet Pimper creator so it is not to much of a stretch that this maybe true.
    A good test to use is too look at certain non American ornon/anti Western types and what these peoples use or don't use. I think I could say more but drones would prevent that.

    ReplyDelete
  8. If you accept that technology is in the MIC released in a different tim then and then marry that with quantum computing and overlay the "intelligence" full spectrum dominance evangelist doctrine of the current USA government it would hardly be a suprise that bitcoin is a honey type culling device. Silkie Veiled Threat?
    Myself I wondered why some of the controlled opposition of the "Alternative Media" downplayed it while earnest types practically swooned that it would overturn the current financial structure in the West.
    Also it seems previous there was a big "bust" of another type crypto currency and then voila there was bitcoin along with it's Scarlet Pimper creator so it is not to much of a stretch that this maybe true.
    A good test to use is too look at certain non American ornon/anti Western types and what these peoples use or don't use. I think I could say more but drones would prevent that.

    ReplyDelete