The Silk Road: An Online Marketplace By Adam Cronin

The Silk Road: An Online Marketplace

By Adam Cronin

Project Overview

• Main goal: Research The Silk Road and how it provides anonymity• Mechanisms for providing anonymity• Failures in anonymity

What is The Silk Road?

• An anonymous online marketplace created to

facilitate the online sales of both legal and

illegal items

• People around the world can trade with each

other without divulging their identity

• A means of circumventing buying and selling

restrictions that may be in effect due to

geographic location

Anonymity in a Marketplace

• Requirements for an anonymous online

marketplace

• Accessing the site

• Ability to post/advertise items for sale

• Ability to browse available items

• Transactions

• Sending item from seller to buyer

The Silk Road’s Solution

• Requirements for an anonymous online marketplace

• Accessing the site Tor

• Ability to post/advertise items for sale Register

Account

• Ability to browse available items Register

Account

• Transactions Bitcoin• Sending item from seller to buyer Still have to

give an address…

Tor

• The Tor browser is essentially a means of

anonymously sending network data

• Data is sent through a series of nodes

• Each node is a volunteer

• Each node only knows the previous node and

the next node so single compromised node isn’t

a huge issue

How Tor Works

• Tor installs an Onion Proxy onto the user’s

computer

• The OP creates a virtual circuit that defines the

path through the Tor nodes that leads to the user’s

end destination

• Tor downloads list of all potential Tor nodes in

the network

• Uses the list to choose an Entry node, an

Intermediate node, and an Exit node

How Tor Works (Cont’d)

• Creates a Transport Layer Security (TLS)

connection between itself and the Entry Node

• Uses encryption to prevent eavesdropping,

tampering, or message forgery

• Then starts the process of creating the virtual

circuit

• To create a VC, can send three commands:

create, extend, and delete

Tor

Onion Proxy

Destination Server

Create TLS Connection

Onion Proxy TLS,

K1

(Transport Layer Security)

Destination Server

Create Command on Entry Node

Onion Proxy

Destination Server

Create

Create Command on Intermediate Node

Onion Proxy

Destination Server

Extend

Create

Create Command on Exit Node

Onion Proxy

Destination Server

Extend

Create

Send Message

Onion Proxy

Destination Server

Extend

Create

Traditional Online Transactions• Traditional online transaction requires a middle

man

• Buyer Bank Seller

• Disadvantages of trusted third-party

• Access to user’s money

• Knowledge of all transactions and who with

• Transactions can be disputed and reversed

Bitcoin• A peer-to-peer electronic cash system

• Goal: move away from the traditional form of

cash exchange

• Remove trusted third-party (ex: banks)

• Instead of third-party, broadcast every

transaction to all nodes on the Bitcoin network

• Transactions can’t be reversed or disputed

Bitcoin• Each user holds their Bitcoins in a wallet which is

referenced during transactions

• Bitcoin characterized as a “chain of digital

signatures”• Each user has a public and private key so that

only the owner of a wallet can transfer Bitcoins• During a transaction, a signature is created

and added to the coin

• Private key used to generate signature

• Public key used to verify the signature

Failures in Anonymity

• Tor by itself doesn’t encrypt data leaving the exit

node or returning to the exit node

• A passive attacker who watches both the sender

and the receiver could link the two with high

probability

• Compromised TLS key for Onion Proxy could lead

to impersonation

• Receiver of package must still give an address

Failures in Anonymity

• The Silk Road has been shut down twice and the

people running the site were arrested

• A new clone is started up every time The Silk

Road gets shut down

References• [1] Christin, Nicolas. "Traveling the Silk Road: A Measurement

Analysis of a Large Anonymous Online Marketplace." (2012): n. pag. Carnegie Mellon, 30 July 2012. Web. 12 Oct. 2015. <https://www.cylab.cmu.edu/files/pdfs/tech_reports/CMUCyLab12018.pdf>.

• [2] Dingledine, Roger, Nick Mathewson, and Paul Syverson. "Tor: The Second-Generation Onion Router." (n.d.): n. pag. Web. 5 Oct. 2015. < https://svn.torproject.org/svn/projects/design-paper/tor-design.pdf>.

• [3] Dierks, T. & C. Allen. “The TLS Protocol Version 1.0.” January 1999. (6 November 2015)

• [4] Nakamoto, Satoshi. "Bitcoin: A Peer-to-Peer Electronic Cash System." (n.d.): n. pag. Web. 5 Oct. 2015. <https://bitcoin.org/bitcoin.pdf>.

• [5] Biryukov, Alex, and Ivan Pustogarov. "Bitcoin over Tor Isn't a Good Idea." 2015 IEEE Symposium on Security and Privacy (2015): n. pag. 8 Jan. 2015. Web.