Countermeasures to information leakage of Bloom Filters in Bitcoin lightweight clients

by Albert Szmigielski Keep the state about the seed. When a device restarts and uses a different seed (as well as other filter information) to create a new bloom filter, the probability of having the same false positives is very low. Therefore an adversary with access to two bloom filters from the same client, created with different seeds can easily check if addresses appear in both filters. If so, they are addresses of the SPV client, otherwise they are false positives. Keeping the state about the seed would not give that advantage to the adversary. When an SPV client restarts it will create the exact same filter. Disadvantages The need to store a seed and some other information about the

Read more

Bloom Filters in Bitcoin SPV (Lightweight) Clients – Part I

Bitcoin lightweight clients are wallets that do not download and store the whole blockchain locally. Currently (Oct 2015), the Bitcoin blockchain is about 45GB and growing. Downloading the whole blockchain onto a smart phone makes no sense. Satoshi envisioned lightweight clients in the original whitepaper [1]. The whitepaper introduced Simple Payment Verification – a way to verify payments without having to download the complete blockchain. A thin client (another name for a lightweight client) only downloads the block headers by connecting to a full node. Then it requests transactions matching its own addresses. To be clear a lightweight client sends its addresses to a full node requesting all the transaction that mach those addresses. The full node responds with those

Read more