How a 27-Year-Old Codebreaker Busted the Myth of Bitcoin’s Anonymity


When Meiklejohn started college at Brown in 2004, she discovered cryptography. This branch of computer science appealed directly to her puzzle addiction—what was an encryption system, after all, but another secret language demanding to be deciphered?

There was a maxim in cryptography, often referred to as Schneier’s law after the cryptographer Bruce Schneier. It asserted that anyone can develop an encryption system clever enough that they can’t themselves think of a way to break it. Yet, like all the best conundrums and mysteries that had fascinated Meiklejohn since childhood, another person with a different way of approaching a cipher could look at that “unbreakable” system and see a way to crack it and unspool a whole world of decrypted revelations.

Studying the science of ciphers, Meiklejohn began to recognize the importance of privacy and the need for surveillance-resistant communications. She was not quite a cypherpunk: The intellectual appeal of building and breaking codes drove her more than any ideological drive to defeat surveillance. But like many cryptographers, she nonetheless came to believe in the need for truly unbreakable encryption, technologies that could carve out a space for sensitive communications—whether dissidents organizing against a repressive government or whistleblowers sharing secrets with journalists—where no snoop could reach. She credited her intuitive acceptance of that principle to her years as a teenager who kept to herself, trying to maintain her own privacy in a Manhattan apartment, with a federal prosecutor for a mother.

Meiklejohn showed real talent as a cryptographer and soon became an undergraduate teaching assistant to Anna Lysyanskaya, a brilliant and highly accomplished computer scientist. Lysyanskaya had herself studied under the legendary Ron Rivest, whose name was represented by the R in the RSA algorithm that formed the basis for most modern encryption, used everywhere from web browsers to encrypted email to instant messaging protocols. RSA was one of the few fundamental encryption protocols that had not succumbed to Schneier’s law in more than 30 years.

Lysyanskaya was at the time working on a pre-Bitcoin cryptocurrency called eCash, first developed in the 1990s by David Chaum, a cryptographer whose groundbreaking work on anonymity systems had made possible technologies from VPNs to Tor. After finishing her undergraduate degree, Meiklejohn began a master’s degree at Brown under Lysyanskaya’s wing, researching methods to make Chaum’s eCash, a truly anonymous payment system, more scalable and efficient.

The cryptocurrency scheme they were laboring to optimize was, Meiklejohn admits in hindsight, difficult to imagine working in practice. Unlike Bitcoin, it had a serious problem: An anonymous spender of eCash could essentially forge a coin and pass it off to an unsuspecting recipient. When that recipient deposited the coin at a kind of eCash bank, the bank could perform a check that would reveal the coin to be a forgery and the fraudster’s anonymity protections could be stripped away to reveal the identity of the bad actor. But by then, the fraudster might have already run off with their ill-gotten goods.

Still, eCash had a unique advantage that made it a fascinating system to work on: The anonymity it offered was truly uncrackable. In fact, eCash was based on a mathematical technique called zero-knowledge proofs, which could establish the validity of a payment without the bank or recipient learning anything else at all about the spender or their money. That mathematical sleight of hand meant that eCash was provably secure. Schneier’s law did not apply: No amount of cleverness or computing power would ever be able to undo its anonymity.

When Meiklejohn first heard about Bitcoin in 2011, she had started her PhD studies at UCSD but was spending the summer as a researcher at Microsoft. A friend at the University of Washington had mentioned to her that there was a new digital payment system that people were using to buy drugs on sites like the Silk Road. Meiklejohn had moved on from her eCash studies by then; she was busy with other research—systems that would allow people to pay road tolls without revealing their personal movements, for instance, and a thermal camera technique that revealed PIN codes typed into an ATM by looking for heat remnants on the keypad. So, with heads-down focus, she filed Bitcoin’s existence away in her brain, barely considering it again for the next year.

Then, one day on a UCSD computer science department group hike in late 2012, a young UCSD research scientist named Kirill Levchenko suggested to Meiklejohn that perhaps they should start looking into this burgeoning Bitcoin phenomenon. Levchenko was fascinated, he explained as they trekked around the jagged landscape of the Anza Borrego Desert State Park, by Bitcoin’s unique proof-of-work system. That system demanded that anyone who wanted to mine the currency expend enormous computing resources performing calculations— essentially a vast, automated puzzle-solving competition—whose results were then copied into transactions on the blockchain. By then, ambitious bitcoiners were already developing custom mining microprocessors just for generating this strange new form of money, and Bitcoin’s ingenious system meant that any single bad actor who might want to write a false transaction into the blockchain would have to use a collection of computers that possessed more computational power than all those many thousands of miners. It was a brilliant approach that added up to a secure currency with no central authority.



Source link