Sandia National Laboratories Joins the War on Bitcoin Anonymity
The Sandia National Laboratories, a major United States Department of Energy research and development facility, with campuses in Albuquerque, New Mexico and Livermore, California, managed and operated by the Sandia Corporation (a wholly owned subsidiary of Lockheed Martin), is joining the war on Bitcoin anonymity.
Sandia researchers have created a set of requirements for an analysis tool that can be used to fight the use of bitcoin by criminals. The Department of Homeland Security (DHS) Science and Technology (S&T) directorate requested that Sandia set up a graphical user interface or a front end on the Sandia research environment so DHS agents can test the algorithms Sandia is using in actual investigations. The result of Sandia’s work could eventually be delivered to other federal law enforcement agencies.
It’s worth noting that Sandia, adopting a position that is now becoming widespread among financial operators, institutions and administrations, is persuaded that Bitcoin is here to stay and is poised to have a disruptive but positive impact on the economy. The problem is that the potential for anonymity offered by Bitcoin has been and continues to be exploited by criminals to escape detection.
“In many ways, figuring out how to effectively combat illicit Bitcoin commerce and reduce its perception as a tool of criminals can encourage more people and companies to adopt Bitcoin for legitimate purposes,” said Sandia researcher, Andrew Cox, who is leading the project.
“Our job was to understand how Bitcoin works,” added Cox. “Bitcoin is a new, semi-anonymous currency that holds the potential to change the way all sorts of transactions work in a way that might really benefit the economy. Some of the potential benefits include making monetary transactions much more efficient and thereby driving down the costs of doing business, making transaction histories more transparent, which could help both financial markets and financial regulation and, depending on who you ask, reducing the risks associated with inflation and reliance on centralized monetary institutions. All that being said, it has been clear that criminals have been pioneers in using Bitcoin. They use it for drugs, for guns, child pornography and all sorts of terrible stuff.”
A solution is abandoning Bitcoin and re-using specific aspects of its underlying blockchain technologies to create non-anonymous digital currencies with some of the other desired features of Bitcoin — cheap transactions permanently recorded in a tamper-proof ledger. This is the approach followed by “permissioned blockchains” and current plans for central bank issued digital currencies.
However, it’s not certain that a permissioned, centrally controlled blockchain could leverage the network effect that powers Bitcoin. Legendary cryptographer Nick Szabo and other experts are persuaded that banks should embrace the crowd-sourced power and resiliency of permissionless blockchains like Bitcoin.
Another solution is to de-anonymize bitcoin transactions with blockchain network analysis tools such as those developed by companies like Elliptic and Chainalysis. In fact, bitcoin transactions are not anonymous. The full transaction history of any bitcoin address, including every transaction associated with that address, is permanently recorded in the tamper-proof public blockchain and is open to analysis. The illusion of anonymity stems from the pseudonymous nature of bitcoin addresses, which are not explicitly associated with their owners, although blockchain network analysis can often de-anonymize bitcoin users. This is Sandia’s approach.
According to Cox, there is no “silver bullet” algorithm to effectively de-anonymize Bitcoin. To do so would involve cross-referencing anonymous data with other, traditional sources of investigative data to identify suspects. “To be successful, the reality is it’s going to take different types of algorithms and additional types of investigative techniques including good old-fashioned police work,” said Cox. “They’re all going to have to be combined.”
The Sandia team set up a research testbed to experiment with algorithms that can de-anonymize illicit Bitcoin users, including a mix of traditional and novel investigative techniques. Of course, the criminals try to evade detection by using different bitcoin addresses, but the Sandia research results show that known methods often reveal that the same users are using the different Bitcoin addresses.
“It doesn’t mean that we get their actual names because there aren’t any names associated with Bitcoin,” said Cox. “But it will show that some transactions are controlled by the same user.” Then, when one of the transactions is de-anonymized and linked to a criminal, law enforcement will be able to refer back to the rest of the associated Bitcoin addresses they need to deal with. “Our clients are happy about the requirements we’ve developed and the research we’ve done on what types of tools and capabilities are needed,” concluded Cox.
The researchers are now in the process of generating their own methods by characterizing transactions of Bitcoin users and applying machine learning methods to uncover patterns of interest.