Saturday, 29 December 2018

Does Lightning Network Onion Routing provide TOR-like privacy?

No.

In fact, LN doesn't claim to be anything like TOR. The closest association I've found is LN claims to use a "mix-net like packet". Still, some LN proponents use this comparison to "shore-up" their arguments for LN privacy.

However, there are important caveats missing from LNs stated privacy claims which clearly invalidate any similarity between the two networks.

Persistent LN channel open/close/capacity information provides a data-point which can be used to derive information about route participants.

TOR specifically avoids a similar type of information leak by negotiating bandwidth offsets on a per-circuit basis to avoid fingerprinting by observation of net-flow.

LN payments are not and will never be as private/anonymous as communications on the TOR anonymity network) as long as channel open capacities are known to network participants.

The LN onion readme (archive) states;

...by encoding payment routes within a mix-net like packet, we are able to achieve the following security and privacy features:

  1. Participants in a route don't know their exact position within the route
  2. Participants within a route don't know the source of the payment, nor the ultimate destination of the payment
  3. Participants within a route aren't aware exactly how many other participants were involved in the payment route
  4. Each new payment route is computationally indistinguishable from any other payment route

Statements 1,2,3 are invalid during common routings.

Statement 4. I dunno...

Sample Route: nodeA -> nodeB -> nodeC -> nodeD

Statement 1 is invalidated; If nodeA (originator) has no other open channels than with a forwarding nodeB.

In this case, nodeB can know that it is the second hop in the route; it can be aware of its exact position in the route.

Statement 2 is invalidated; If nodeB knows that it is the second hop, it also knows nodeA is the source of the payment.

These caveats apply to the destination if destination nodeD has no other channels except with forwarding nodeC.

(Bonus: Statement 3 is invalid if there is any "collusion" between nodeB and nodeC.)

Sample Route: nodeX -> nodeY -> nodeZ

Statement 3 is invalidated; If nodeX and nodeZ have no other open channels, nodeY can know that it is the second hop in the route, the final hop in the route and that the route had exactly 3 participants.

TLDR;

The LN Onion Readme is missing important caveats and is misleading in its current state.

Any positive association of LN privacy to TOR privacy is a false equivalency.

submitted by /u/deepechain
[link] [comments]

source https://www.reddit.com/r/btc/comments/aaewme/does_lightning_network_onion_routing_provide/

No comments:

Post a Comment