Skip to main content
SpringerLink
Log in

Data Security and Privacy in Bitcoin System: A Survey

  • Survey
  • Published:
Journal of Computer Science and Technology Aims and scope Submit manuscript

Abstract

To date, bitcoin has been the most successful application of blockchain technology and has received considerable attention from both industry and academia. Bitcoin is an electronic payment system based on cryptography rather than on credit. Regardless of whether people are in the same city or country, bitcoin can be sent by any one person to any other person when they reach an agreement. The market value of bitcoin has been rising since its advent in 2009, and its current market value is US160 billion. Since its development, bitcoin itself has exposed many problems and is facing challenges from all the sectors of society; therefore, adversaries may use bitcoin’s weakness to make considerable profits. This survey presents an overview and detailed investigation of data security and privacy in bitcoin system. We examine the studies in the literature/Web in two categories: 1) analyses of the attacks to the privacy, availability, and consistency of bitcoin data and 2) summaries of the countermeasures for bitcoin data security. Based on the literature/Web, we list and describe the research methods and results for the two categories. We compare the performance of these methods and illustrate the relationship between the performance and the methods. Moreover, we present several important open research directions to identify the follow-up studies in this area.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. Antonopoulos A M. Mastering Bitcoin: Unlocking Digital Crypto-Currencies (1st edition). O’Reilly Media, 2014.

  2. Pilkington M. Blockchain technology: Principles and applications. In Research Handbook on Digital Transformations, Olleros F X, Zhegu M (eds.), Edward Elgar Publishing, 2016, pp.225–253.

  3. Shen M, Tang X, Zhu L, Du X, Guizani M. Privacypreserving support vector machine training over blockchain-based encrypted IoT data in smart cities. IEEE Internet of Things Journal, 2019, 6(5): 7702-7712.

    Article  Google Scholar 

  4. Patel D, Bothra J, Patel V. Blockchain exhumed. In Proc. the 2017 Asia Security and Privacy, January 2017, Article No. 15.

  5. Shen M, Ma B, Zhu L, Mijumbi R, Du X, Hu J. Cloud-based approximate constrained shortest distance queries over encrypted graphs with privacy protection. IEEE Trans. Information Forensics and Security, 2018, 13(4): 940-953.

    Article  Google Scholar 

  6. Shen M, Deng Y, Zhu L, Du X, Guizani N. Privacypreserving image retrieval for medical IoT systems: A blockchain-based approach. IEEE Network, 2019, 33(5): 27-33.

    Article  Google Scholar 

  7. Shen M,Wei M, Zhu L,Wang M. Classification of encrypted traffic with second-order Markov chains and application attribute bigrams. IEEE Trans. Information Forensics and Security, 2017, 12(8): 1830-1843.

    Article  Google Scholar 

  8. Zhao H, Li X F, Zhan L K, Wu Z H. Data integrity protection method for microorganism sampling robots based on blockchain technology. Journal of Huazhong University of Science and Technology, 2015, 43(S1): 216-219. (in Chinese)

    Google Scholar 

  9. Zheng B, Zhu L, Shen M, Gao F, Zhang C, Li Y, Yang J. Scalable and privacy-preserving data sharing based on blockchain. J. Comput. Sci. Technol., 2018, 33(3): 557-567.

    Article  MathSciNet  Google Scholar 

  10. White G, Brown K. Future applications of blockchain: Toward a value-based society. In Proc. INCITE Conference, October 2016, pp.290-301.

  11. Shen M, Ma B, Zhu L, Du X, Xu K. Secure phrase search for intelligent processing of encrypted data in cloud-based IoT. IEEE Internet of Things Journal, 2019, 6(2): 1998-2008.

    Article  Google Scholar 

  12. Reid F, Harrigan M. An analysis of anonymity in the Bitcoin system. In Proc. the 3rd Int. IEEE International Conference on Social Computing, October 2011, pp.1318-1326.

  13. Koshy D, Koshy P, Mcdaniel P. An analysis of anonymity in Bitcoin using P2P network traffic. In Proc. the 18th Int. Financial Cryptography and Data Security, March 2014, pp.469-485.

  14. Biryukov A, Khovratovich D, Pustogarov I. Deanonymisation of clients in Bitcoin P2P network. In Proc. the 21st Int. Conference on Computer and Communications Security, November 2014, pp.15-29.

  15. Lear B. Theoretical Bitcoin attacks with less than half of the computational power (draft). arXiv: 1312.7013, 2013. http://arxiv.org/abs/1312.7013, Apr. 2019.

  16. Bag S, Ruj S, Sakurai K. Bitcoin block withholding attack: Analysis and mitigation. IEEE Transactions on Information Forensics & Security, 2017, 12(8): 1967-1978.

    Article  Google Scholar 

  17. Eyal I, Sirer E G. Majority is not enough: Bitcoin mining is vulnerable. In Proc. the 18th International Conference on Financial Cryptography & Data Security, March 2014, pp.436-454.

  18. Rosenfeld M. Analysis of Bitcoin pooled mining reward systems. arXiv: 1112.4980, 2011. https://arxiv.org/pdf/1112.4980, Oct. 2019.

  19. Saad M, Spaulding J, Njilla L, Kamhoua C, Shetty S, Nyang D, Mohaisen A. Exploring the attack surface of Blockchain: A systematic overview. arXiv:1904.03487, 2019. http://arxiv.org/abs/1904.03487, Oct. 2019.

  20. Conti M, Kumar E S, Lal C, Ruj S. A survey on security and privacy issues of Bitcoin. IEEE Communications Surveys & Tutorials, 2018, 20(4): 3416-3452.

    Article  Google Scholar 

  21. Li X, Jiang P, Chen T, Luo H, Wen Q. A survey on the security of blockchain systems. arXiv:1802.06993, 2018. http://arxiv.org/abs/1802.06993, Oct. 2019.

  22. Gervais A, Karame G O, KarlWüst, Glykantzis V, Ritzdorf H, Capkun S. On the security and performance of proof of work blockchains. In Proc. the 2016 ACM SIGSAC Conference, October 2016, pp.3-16.

  23. Yuan Y, Wang F. Blockchain: The state of the art and future trends. Acta Automatica Sinica, 2016, 42(4): 481-494. (in Chinese)

    Google Scholar 

  24. Liao K, Zhao Z, Doupé A, Ahn G. Behind closed doors: Measurement and analysis of CryptoLocker ransoms in Bitcoin. In Proc. the 2016 APWG Symposium on Electronic Crime Research, June 2016, pp.1-13.

  25. Ron D, Shamir A. Quantitative analysis of the full Bitcoin transaction graph. In Proc. the 17th Int. Financial Cryptography and Data Security, April 2013, pp.6-24.

  26. Androulaki E, Karame G O, Roeschlin M, Scherer T, Capkun S. Evaluating user privacy in Bitcoin. In Proc. the 17th International Conference on Financial Cryptography and Data Security, April 2013, pp.34-51.

  27. Monaco J V. Identifying Bitcoin users by transaction behavior. In Proc. SPIE Biometric and Surveillance Technology for Human and Activity Identification XII, May 2015, Article No. 945704.

  28. Meiklejohn S, Pomarole M, Jordan G, Levchenko K, Mc-Coy D, Voelker G M, Savage S. A fistful of Bitcoins: Characterizing payments among men with no names. In Proc. the 2013 Internet Measurement Conference, October 2013, pp.127-140.

  29. Zhao C, Guan Y. A graph-based investigation of Bitcoin transactions. In Proc. the 11th Int. IFIP WG 11.9 International Conference on Digital Forensics, January 2015, pp.79-95.

  30. Zheng B, Zhu L, Shen M, Du X, Guizani M. Identifying the vulnerabilities of bitcoin anonymous mechanism based on address clustering. SCIENCE CHINA Information Sciences, 2020, 63(3): Article No. 132101.

  31. Garay J, Kiayias A, Leonardos N. The Bitcoin backbone protocol with chains of variable difficulty. In Proc. the 37th Annual International Cryptology Conference, August 2017, pp.291-323.

  32. Bonneau J, Miller A, Clark J, Narayanan A, Kroll J A, Felten E W. SoK: Research perspectives and challenges for bitcoin and cryptocurrencies. In Proc. the 2015 IEEE Symposium on Security and Privacy, May 2015, pp.104-121.

  33. Zohar A. Bitcoin: Under the hood. Communications of the ACM, 2015, 58(9): 104-113.

    Article  Google Scholar 

  34. Heilman E, Kendler A, Zohar A, Goldberg S. Eclipse attacks on Bitcoin’s peer-to-peer network. In Proc. the 24th USENIX Security Symposium, August 2015, pp.129-144.

  35. Singh A, Ngan T, Druschel P, Wallach D S. Eclipse attacks on overlay networks: Threats and defenses. In Proc. the 25th IEEE International Conference on Computer Communications, April 2006.

  36. Vasek M, Thornton M, Moore T. Empirical analysis of denial-of-service attacks in the bitcoin ecosystem. In Proc. the 14th International Conference on Financial Cryptography & Data Security, March 2014, pp.57-71.

  37. Asokan N, Janson P A, Steiner M, Waidner M. The state of the art in electronic payment systems. Advances in Computers, 2000, 53: 425-449.

    Article  Google Scholar 

  38. Everaere P, Simplot-Ryl I, Traoré I. Double spending protection for e-cash based on risk management. In Proc. the 13th Int. Conference on Information Security, October 2010, pp.394-408.

  39. Karame G O, Androulaki E, Capkun S. Double-spending fast payments in Bitcoin. In Proc. ACM Conference on Computer and Communications Security, October 2012, pp.906-917.

  40. Pinzón C, Rocha C. Double-spend attack models with time advantange for Bitcoin. Electronic Notes in Theoretical Computer Science, 2016, 329: 79-103.

    Article  MathSciNet  Google Scholar 

  41. Courtois N T, Bahack L. On subversive miner strategies and block withholding attack in Bitcoin digital currency. arXiv:1402.1718, 2014. https://arxiv.org/abs/1402.1718, Apr. 2019.

  42. Sapirshtein A, Sompolinsky Y, Zohar A. Optimal selfish mining strategies in Bitcoin. In Proc. the 20th Int. Conference on Financial Cryptography and Data Security, February 2016, pp.515-532.

  43. Nayak K, Kumar S, Miller A, Shi E. Stubborn mining: Generalizing selfish mining and combining with an eclipse attack. In Proc. the 2016 IEEE European Symposium on Security and Privacy, March 2016, pp.305-320.

  44. Carlsten M, Kalodner H, Weinberg S M, Narayanan A. On the instability of Bitcoin without the block reward. In Proc. the 2016 ACM SIGSAC Conference on Computer & Communications Security, October 2016, pp.154-167.

  45. Eyal I. The miner’s dilemma. In Proc. the 2015 IEEE Symposium on Security and Privacy, May 2015, pp.89-103.

  46. Kwon Y, Kim D, Son Y, Vasserman E Y, Kim Y. Be selfish and avoid dilemmas: Fork after withholding (FAW) attacks on Bitcoin. In Proc. the 24th ACM SIGSAC Conference on Computer and Communications Security, October 2017, pp.195-209.

  47. Biryukov A, Pustogarov I. Bitcoin over Tor isn’t a good idea. In Proc. the 2015 IEEE Symposium on Security and Privacy, May 2015, pp.122-134.

  48. Chaum D. Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM, 1981, 24(2): 84-88.

    Article  Google Scholar 

  49. Bonneau J, Narayanan A, Miller A, Clark J, Kroll J A, Felten E W. Mixcoin: Anonymity for Bitcoin with accountable mixes. In Proc. the 18th International Conference on Financial Cryptography and Data Security, March 2014, pp.486-504.

  50. Valenta L, Rowan B. Blindcoin: Blinded, accountable mixes for Bitcoin. In Proc. the 2015 Financial Cryptography and Data Security, January 2015, pp.112-126.

  51. Chun Q, Tu S, Yu J. A blind-mixing scheme for Bitcoin based on an elliptic curve cryptography blind digital signature algorithm. arXiv: abs/1510.05833, 2015. http://arxiv.org/abs/1510.05833, Apr. 2019.

  52. Ruffing T, Moreno-Sanchez P, Kate A. CoinShuffle: Practical decentralized coin mixing for Bitcoin. In Proc. the 19th European Symposium on Research in Computer Security, September 2014, pp.345-364.

  53. Bissias G, Ozisik A P, Levine B N, Liberatore M. Sybilresistant mixing for Bitcoin. In Proc. the 13th Int. Workshop on Privacy in the Electronic Society, November 2014, pp.149-158.

  54. Ziegeldorf J H, Grossmann F, Henze M, Inden N, Wehrle K. CoinParty: Secure multi-party mixing of Bitcoins. In Proc. the 5th ACM Conference on Data and Application Security and Privacy, March 2015, pp.75-86.

  55. Ben-Sasson E, Chiesa A, Garman C, Green M, Miers I, Tromer E, Virza M. Zerocash: Decentralized anonymous payments from Bitcoin. In Proc. the 2014 IEEE Symposium on Security and Privacy, May 2014, pp.459-474.

  56. Miers I, Garman C, Green M, Rubin A D. Zerocoin: Anonymous distributed e-cash from Bitcoin. In Proc. the 2013 IEEE Symposium on Security and Privacy, May 2013, pp.397-411.

  57. Ben-Sasson E, Chiesa A, Genkin D, Tromer E, Virza M. SNARKs for C: Verifying program executions succinctly and in zero knowledge. In Proc. the 33rd Annual Cryptology Conference, August 2013, pp.90-108.

  58. Poon J, Dryja T. The Bitcoin lightning network: Scalable off-chain instant payments. http://lightning.network/lightning-network-paper.pdf, Oct. 2019.

  59. Dingledine R, Hopper N, Kadianakis G, Mathewson N. One fast guard for life (or 9 months). In Proc. the 7th Int. Workshop on Hot Topics in Privacy Enhancing Technologies, July 2014.

  60. Ruffing T, Kate A, Schröder D. Liar, liar, coins on fire!: Penalizing equivocation by loss of Bitcoins. In Proc. the 22nd ACM SIGSAC Conference on Computer & Communications Security, October 2015, pp.219-230.

  61. Danezis G, Meiklejohn S. Centrally banked cryptocurrencies. In Proc. the 23rd Int. Annual Network and Distributed System Security Symposium, February 2016.

  62. Yang Z, Miao Y, Chen Z Y, Tang C B, Chen X. Zero-determinant Strategy for the Algorithm optimize of Blockchain PoW Consensus. In Proc. the 37th Int. Chinese Control Conference, July 2017, pp.1441-1446.

  63. Miller A, Kosba A, Katz J, Shi E. Nonoutsourceable scratch-off puzzles to discourage Bitcoin mining coalitions. In Proc. the 22nd ACM SIGSAC Conference on Computer and Communications Security, October 2015, pp.680-691.

  64. Shi N. A new proof-of-work mechanism for Bitcoin. Financial Innovation, 2016, 2(1): Article No. 31.

  65. Fujisaki E, Suzuki K. Traceable ring signature. In Proc. the 10th Int. Conf. Practice and Theory in Public-Key Cryptography., April 2007, pp.181-200.

  66. Chaum D, Heyst E V. Group Signatures. In Proc. Workshop on the Theory and Application of Cryptographic Techniques, April 1991, pp.257-265.

  67. Xu H L, Lu Y. Hierarchical certificate-based encryption: Definition and an efficient construction. Applied Mechanics & Materials, 2014, (513-517): 1971-1974.

  68. Badertscher C, Gazi P, Kiayias A, Russell A, Zikas V. Ouroboros genesis: Composable proof-of-stake blockchains with dynamic availability. In Proc. the 25th ACM SIGSAC Conference on Computer and Communications Security, October 2018, pp.913-930.

  69. Ford B, Strauss J. An offline foundation for online accountable pseudonyms. In Proc. the 1st Workshop on Social Network Systems, April 2008, pp.31-36.

  70. Ateniese G, Bonacina I, Faonio A, Galesi N. Proofs of space: When space is of the essence. In Proc. the 9th Int. Conf. on Security and Cryptography for Networks, September 2014, pp.538-557.

  71. Yu H, Gibbons P B, Kaminsky M, Xiao F. SybilLimit: A near-optimal social network defense against sybil attacks. IEEE/ACM Trans. Netw., 2010, 18(3): 885-898.

    Article  Google Scholar 

  72. Kiffer L, Rajaraman R, Shelat A. A better method to analyze blockchain consistency. In Proc. the 25th ACM SIGSAC Conference on Computer and Communications Security, October 2018, pp.729-744.

Download references

Author information

Authors and Affiliations

  1. School of Computer Science and Technology, Beijing Institute of Technology, Beijing, 100081, China

    Lie-Huang Zhu, Bao-Kun Zheng, Meng Shen, Feng Gao, Hong-Yu Li & Ke-Xin Shi

  2. School of Information Management for Law, China University of Political Science and Law, Beijing, 102249, China

    Bao-Kun Zheng

  3. Key Laboratory of Information Network Security, Ministry of Public Security, Shanghai, 201204, China

    Meng Shen

Authors
  1. Lie-Huang Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bao-Kun Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Meng Shen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Feng Gao
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Hong-Yu Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Ke-Xin Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Meng Shen.

Electronic supplementary material

ESM 1

(PDF 143 kb)

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhu, LH., Zheng, BK., Shen, M. et al. Data Security and Privacy in Bitcoin System: A Survey. J. Comput. Sci. Technol. 35, 843–862 (2020). https://doi.org/10.1007/s11390-020-9638-7

Download citation

  • Received:

  • Revised:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11390-020-9638-7

Keywords

Search

Navigation