NSA Compromises Tor; Targets Monero

in #monero7 years ago (edited)

monero logo.png
We've all suspected it for the longest time, but now it's official.

The NSA has, either partially or fully, compromised Tor, I2P, and VPN services.

According to a new leaked report, the NSA is also conducting a joint project with the US Army's Cyber Protection Team, in an effort to break the CryptoNote protocol used in Monero(XMR).

Unlike Tor, which is mentioned in passing in the context of it having been compromised, Monero apparently presents a challenge to .gov snooping, in that the cryptocurrency 'doesn't rely on nodes.'

Reading between the lines a little bit here, this appears to be a reference to a well-known attack vector deployed against the Tor network, known as a 'Sybil Attack.'

This strategy entails the creation of a large number of nodes in a decentralized network with the intent to gain disproportional influence and, through traffic analysis, expose users' identities.

This information matches reports in recent years, of the emergence of an unusually large number of tor relays.

Now, it should be noted that XMR does make use of nodes in a manner resembling Bitcoin.

What they probably meant to say is that Monero's implementation of Ring Signatures adds a layer of opacity found neither on Tor, nor on the Bitcoin network.

In very simplified terms, this feature of the XMR protocol breaks the linear relationship between sender and recipient addresses by offering plausible deniability.

Let's say Alice sends a transaction to Bob. In the context of the Bitcoin blockchain, it would be trivial for a third party in possession of both wallet addresses to follow the flow of funds from one pseudonymous entity to another.

On XMR, though, this would be orders of magnitude more laborious, because the data on the blockchain would display four other outputs in addition to Alice's.

If Alice were to 'churn' her XMR between a number of wallets under her control prior to her transaction with Bob, the number of possible candidates would rise at a rate of 5^n, where n stands for the number of churning addresses.

As one can imagine, this complicates things for the NSA, in that it effectively thwarts most forms of network analysis.

As of late August of last year, the US government hadn't yet cracked Monero, and feared the advent of new privacy-enhancing technologies. Among these, perhaps the most notable being the Kovrii project, which aims to provide private transactions on top of Monero, over the I2P network.

However, it's probably a matter of time until the government comes with an effective attack vector against CryptoNote currencies.

Needless to say, this is disappointing news for all liberty-minded individuals out there.

I always suspected the Feds used some form of weaponized exploit to locate the servers of the original Silk Road marketplace, and arrest Ross Ulbricht.

You'd have to be naive to think they'd have any qualms about using whatever underhanded or ethically dubious tool in their massive bag of tricks -- from physical violence, to hacking, to breaking the Tor protocol.

It's an uphill battle given the behemoth we're dealing with, but if anyone's up to the challenge it's Mr. Spagni and the rest of the XMR team.

Sort:  

This is crazy! But also obvious that the NSA would want to unmask Monero tractions, especially now the largest darkweb market Dream has implemented XMR as a payment option.

For sure! Being an investor in cryptocurrencies is stressful as it is with all the volatility. Now imagine being a vendor on a hidden service like Dream Marketplace! Or even a regular buyer, for that matter.

Creepy: I can't upvote this post. I can upvote other stuff just fine, but on this one post the spinner just spins and spins.

That's just bizarre!
Looks like they're on to me. I better start watching out for unmarked white vans parked outside my apartment, and ricin-laced umbrella tips! lol

Thanks for reading, and thanks for the upvote. I still appreciate it, even if it doesn't get included in the blockchain.

You got a 1.23% upvote from @postpromoter courtesy of @deselby!

Want to promote your posts too? Check out the Steem Bot Tracker website for more info. If you would like to support the development of @postpromoter and the bot tracker please vote for @yabapmatt for witness!

Coin Marketplace

STEEM 0.23
TRX 0.22
JST 0.037
BTC 98660.69
ETH 3408.24
USDT 1.00
SBD 3.18