Verteidigung Dissertation von Dominic Deuber: „Cryptocurrencies within the conflicting tension between law and IT security“

Symbolbild zum Artikel. Der Link öffnet das Bild in einer großen Anzeige.

Am 31. März 2023 um 15:00 Uhr verteidigt Dominic Deuber seine Dissertation zum Thema „Cryptocurrencies within the conflicting tension between law and IT security“.

Die Verteidigung findet vor Ort in der Fürther Str. 246c, 90429 Nürnberg statt und wird zudem per Zoom übertragen.

Zur Teilnahme via Zoom verwenden Sie die folgenden Daten:

Meeting ID: 653 8949 9735 Passcode: 605571

Unten stehend finden Sie die Kurzfassung des Vortrags in englischer Sprache.

Bitcoin and other cryptocurrencies are digital means of payment. They primarily differ from traditional fiat money by not requiring a central authority to issue new units of the currency or process payments. Cryptocurrencies achieve this decentralization by using a ledger of transactions. Participants in a network maintain the ledger and decide which transactions to add to it. The ledger is immutable: transactions cannot be removed anymore once added. Besides, cryptocurrency transactions differ from classical bank transfers in that cryptocurrency users can generate new pseudonyms for each transaction and are not restricted to account numbers that banks can directly link to the account holders. In addition, transactions can contain arbitrary data beyond payment information. These properties of cryptocurrencies raise issues within the conflicting tension between law and IT security. This work deals with three of these issues.

First, network participants face criminal liability if illegal content is embedded into the ledger. In the case of personal data on the ledger, the participants might be obliged to erase it to comply with data protection regulations, namely the right to be forgotten. We propose a protocol that allows removing content from the ledger. Our protocol does not require any additional trust assumptions as it employs the exact mechanism used by the participants to maintain the ledger. By allowing the participants to break the immutability property, they can more effectively comply with the law.

Second, cryptocurrencies are the primary means of payment on the dark web. Thus, law enforcement commonly analyses cryptocurrency transactions. These analyses include tracing payment flows and linking multiple pseudonyms used in transactions that belong to the same person. The ultimate goal of these analyses is to identify the persons behind the pseudonyms. Cryptocurrency analyses typically rely on assumptions. These assumptions are often not questioned by law enforcement. However, their reliability is crucial to justify any subsequent investigation against an identified person. We extracted assumptions from scientific papers doing such analyses and classified them. In addition, we argue the reliability of each class of assumptions and introduce criteria to consider when arguing reliability on a case-by-case basis. Law enforcement, expert witnesses, and legal decision-makers can use our taxonomy and criteria to address the reliability of findings obtained from cryptocurrency analyses.

Third, although envisioned as digital cash, Bitcoin does not achieve the level of anonymity afforded by cash. As the ledger is public, everyone can trace payment flows and link multiple pseudonyms that belong to the same person. Mixing protocols emerged as a way to improve anonymity in Bitcoin. The basic idea of mixing is to combine coins of multiple users to harden payment flow analyses and pseudonym linkage. We analyzed the built-in mixing of the cryptocurrency Dash, which works similarly to the mixing protocols run on top of Bitcoin. We found two anonymity issues. First, users spent mixed and unmixed coins together, thereby lifting the anonymity gained from mixing. Second, as mixing in Dash requires coins with a fixed value, the mixed coins typically need to be combined after mixing to pay a specific amount. This combination of mixed coins allows intersecting each coin’s anonymity set, which might also lift anonymity gains from mixing. To prevent the need to combine coins after mixing, we propose a mixing algorithm that does not require coins with fixed values. Furthermore, we provide insights that the found anonymity issues could also be present in Bitcoin.