Breaking Monero Episode 09 Poisoned Outputs (EAE Attack)
Monero's ring signatures provide plausible deniability, but they aren't perfect. We model examples where two colluding parties 'E' attempt to learn information about an individual 'A.' By sending outputs to individuals and tracing their transaction graphs, these colluding parties may perform powerful statistical tests to learn significant information, especially for repeated transactions where they would not normally occur by chance.
Audio is streamed directly from the publisher (aphid.fireside.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Monero's ring signatures provide plausible deniability, but they aren't perfect. We model examples where two colluding parties 'E' attempt to learn information about an individual 'A.' By sending outputs to individuals and tracing their transaction graphs, these colluding parties may perform powerful statistical tests to learn significant information, especially for repeated transactions where they would not normally occur by chance.