Connect with us


Research “Lord of the Rings” attempted to break Monero’s ring signatures; see the result



A survey conducted by ACK-J entitled “Lord of the Rings” attempted to break the privacy of Monero Ring Signatures with artificial intelligence support, but failed despite improving the chances of hitting levels “ modest”. See the results.

Search “Lord of the Rings” by ACK-J in Monero

The cypherpunk, developer and community enthusiast of moner (XMR), ACK-J, conducted a nine-month empirical data analysis survey – with the aim of validating the security and privacy of the cryptocurrency’s Ring Signatures.

The research was entitled “Lord of the Rings: An Empirical Analysis of Monero’s Ring Signature Resilience to Artificially Intelligent Attacks” – which in literal translation into Portuguese is: “Lord of the Rings: An Empirical Analysis of Monero’s Ring Signature Resilience to Artificially Intelligent Attacks”.

The research was carried out in partnership with MAGIC Grants and the MAGIC Monero Fund, a fund that aims to finance research and development projects related to Monero.

Researcher ACK-J answered some questions for Magic Grants, about the results obtained and was also present on the r/Monero subreddit, talking about his work.

Survey Results on the Resilience of Ring Signatures for Privacy at Monero

According to ACK-J, the best result produced was to be able to identify, with a 13.3% accuracywhat is the correct origin of an XMR transaction using the ring signatures of 11 members (I’ll explain what that means in a moment).

When considering an 11-member Ring Signature, the hit accuracy on the sender’s output is typically 9% – or 1:11, hitting once every 11 attempts.

With the best 4.3% hit chance (or privacy breach), an attacker could hit approximately 1.46 times every 11 attempts. Which improves the chances of hitting, but still only presents a minimal chance that the privacy will actually be breached – which is very positive for Monero and all those who care about private transactions.

The researcher explained that the exposed work was carried out on a private network in a controlled testing environment, where he was the only sender, recipient and also the other 10 members of the “signature ring” – with the main objective of protecting the privacy of users. of XMR, if the test had obtained better results.

This means that, outside of a controlled environment, the numbers could be slightly different from the ones obtained, but ACK-J stated in a comment on reddit that he really believes that the values ​​obtained are very close and faithful to what should happen on the mainnet.

To improve the chance of hitting the sender of the transactions, he used an Artificial Intelligence model that looked for other public information on the blockchain, crossing all of them and increasing the chance of hitting.

Since the survey was conducted, XMR has already improved its ring signatures

As asked by another user on r/Monero, after the latest hard fork (v15), the ring signatures have been improved to be performed with a total of 16 members, which naturally makes the “random guess” very difficult to find out who is sending values ​​to whom.

Instead of 9% (1:11), the random hit probability has been lowered to 6.25% (1:16).

When asked if, with the artificial intelligence model that managed to improve the hit rate in the previous version to 13.3%, the improvement would be linear post-update (increasing by about 3%), ACK-J stated that he believes that the increase it would not be linear, but he cannot say anything, as no new studies have been carried out.

What are Monero Privacy Ring Signatures and how do they work?

Know more: How is Monero able to provide privacy and freedom?

When someone sends a transaction without ring signatures functionality, the address that receives that transaction can accurately tell what the output (sending address) was used for it.

With the technology of 11-member ring signatures, it’s already different. What happens is the following:

11 different addresses (the real sender plus 10 more) sign the same output, 10 of which are fake and have no real XMR spend validity. In this way, the recipient cannot say which of the 11 outputs was responsible for the transaction he received.

If he tries to “kick” the actual output, he would have a one in eleven chance of getting it right (9%).

To learn more about Ring Signatures, check out this explainer page.

News Source