Related papers: EGNInfoLeaker: Unveiling the Risks of Public Key Reuse and User Identity Leakage in Blockchain

EGNInfoLeaker: Unveiling the Risks of Public Key Reuse and User Identity Leakage in Blockchain

URL: http://arxiv.org/abs/2507.01635v1
Date: Wed, 02 Jul 2025 12:07:03 GMT
Title: EGNInfoLeaker: Unveiling the Risks of Public Key Reuse and User Identity Leakage in Blockchain
Authors: Chenyu Li, Xueping Liang, Xiaorui Gong, Xiu Zhang,
Abstract summary: In this paper, we design a system called EGNInfoLeaker.<n>Our study is the first work that uncovers widespread public key reuse across peer-to-peer networks.<n>Going forward, our detection framework provides a foundation for enhancing real-world privacy preservation in decentralized networks.
Score: 10.349392384230274
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: While Ethereum's discovery protocols (Discv4/ Discv5) incorporate robust cryptographic designs to protect user privacy, real-world deployment reveals critical vulnerabilities when users deviate from security guidelines. In this paper, we design a system called EGNInfoLeaker. Our study is the first work that uncovers widespread public key reuse across Ethereum's peer-to-peer networks - a practice that fundamentally undermines the protocol's privacy guarantees. Through systematic analysis of 300 real-world network snapshots, we identify 83 users controlling 483 service nodes via public key reuse, enabling precise de-anonymization through IP correlation. Using evidence collected by EGNInfoLeaker, our Graph-Based Identity Association Algorithm links users to network entities and generates comprehensive user profiles. For User27, it exposes the public key, IP, network ID, location (country/region/city), and ISP/ORG details. The EGNInfoLeaker system demonstrates how such cryptographic misuse transforms theoretical anonymity into practical identity leakage, exposing users to surveillance and targeted attacks. These findings establish that protocol security depends not only on sound design but also on strict user compliance. Going forward, our detection framework provides a foundation for enhancing real-world privacy preservation in decentralized networks.

Related papers

Information-Theoretic Decentralized Secure Aggregation with Collusion Resilience [98.31540557973179]
We study the problem of decentralized secure aggregation (DSA) from an information-theoretic perspective.<n>We characterize the optimal rate region, which specifies the minimum achievable communication and secret key rates for DSA.<n>Our results establish the fundamental performance limits of DSA, providing insights for the design of provably secure and communication-efficient protocols.
arXiv Detail & Related papers (2025-08-01T12:51:37Z)
Devil's Hand: Data Poisoning Attacks to Locally Private Graph Learning Protocols [46.94619400437805]
This work introduces the first data poisoning attack targeting locally private graph learning protocols.<n>The attacker injects fake users into the protocol, manipulates these fake users to establish links with genuine users, and sends carefully crafted data to the server.<n>The effectiveness of the attack is demonstrated both theoretically and empirically.
arXiv Detail & Related papers (2025-06-11T14:46:11Z)
Balancing Confidentiality and Transparency for Blockchain-based Process-Aware Information Systems [46.404531555921906]
We propose an architecture for blockchain-based PAISs aimed at preserving both confidentiality and transparency.<n>Smart contracts enact, enforce and store public interactions, while attribute-based encryption techniques are adopted to specify access grants to confidential information.
arXiv Detail & Related papers (2024-12-07T20:18:36Z)
Unveiling Privacy Vulnerabilities: Investigating the Role of Structure in Graph Data [17.11821761700748]
This study advances the understanding and protection against privacy risks emanating from network structure. We develop a novel graph private attribute inference attack, which acts as a pivotal tool for evaluating the potential for privacy leakage through network structures. Our attack model poses a significant threat to user privacy, and our graph data publishing method successfully achieves the optimal privacy-utility trade-off.
arXiv Detail & Related papers (2024-07-26T07:40:54Z)
Pudding: Private User Discovery in Anonymity Networks [9.474649136535705]
Pudding is a novel private user discovery protocol. It hides contact relationships between users, prevents impersonation, and conceals which usernames are registered on the network. Pudding can be deployed on Loopix and Nym without changes to the underlying anonymity network protocol.
arXiv Detail & Related papers (2023-11-17T19:06:08Z)
Blockchain-empowered Federated Learning for Healthcare Metaverses: User-centric Incentive Mechanism with Optimal Data Freshness [66.3982155172418]
We first design a user-centric privacy-preserving framework based on decentralized Federated Learning (FL) for healthcare metaverses. We then utilize Age of Information (AoI) as an effective data-freshness metric and propose an AoI-based contract theory model under Prospect Theory (PT) to motivate sensing data sharing.
arXiv Detail & Related papers (2023-07-29T12:54:03Z)
Conditional Generative Adversarial Network for keystroke presentation attack [0.0]
We propose to study a new approach aiming to deploy a presentation attack towards a keystroke authentication system. Our idea is to use Conditional Generative Adversarial Networks (cGAN) for generating synthetic keystroke data that can be used for impersonating an authorized user. Results indicate that the cGAN can effectively generate keystroke dynamics patterns that can be used for deceiving keystroke authentication systems.
arXiv Detail & Related papers (2022-12-16T12:45:16Z)
Cross-Network Social User Embedding with Hybrid Differential Privacy Guarantees [81.6471440778355]
We propose a Cross-network Social User Embedding framework, namely DP-CroSUE, to learn the comprehensive representations of users in a privacy-preserving way. In particular, for each heterogeneous social network, we first introduce a hybrid differential privacy notion to capture the variation of privacy expectations for heterogeneous data types. To further enhance user embeddings, a novel cross-network GCN embedding model is designed to transfer knowledge across networks through those aligned users.
arXiv Detail & Related papers (2022-09-04T06:22:37Z)
Towards Private Learning on Decentralized Graphs with Local Differential Privacy [45.47822758278652]
em Solitude is a new privacy-preserving learning framework based on graph neural networks (GNNs) Our new framework can simultaneously protect node feature privacy and edge privacy, and can seamlessly incorporate with any GNN with privacy-utility guarantees.
arXiv Detail & Related papers (2022-01-23T23:20:56Z)
Sphynx: ReLU-Efficient Network Design for Private Inference [49.73927340643812]
We focus on private inference (PI), where the goal is to perform inference on a user's data sample using a service provider's model. Existing PI methods for deep networks enable cryptographically secure inference with little drop in functionality. This paper presents Sphynx, a ReLU-efficient network design method based on micro-search strategies for convolutional cell design.
arXiv Detail & Related papers (2021-06-17T18:11:10Z)
Framework for a DLT Based COVID-19 Passport [0.0]
We describe a mechanism that allows one to store the COVID-19 vaccination details of individuals on a publicly readable, decentralised, immutable blockchain. Our main contribution is the employment of a provably secure input-hiding, locality-sensitive hashing algorithm over an iris extraction technique.
arXiv Detail & Related papers (2020-08-03T18:28:19Z)
CryptoSPN: Privacy-preserving Sum-Product Network Inference [84.88362774693914]
We present a framework for privacy-preserving inference of sum-product networks (SPNs) CryptoSPN achieves highly efficient and accurate inference in the order of seconds for medium-sized SPNs.
arXiv Detail & Related papers (2020-02-03T14:49:18Z)

This list is automatically generated from the titles and abstracts of the papers in this site.