Advertisement

A Lattice-Based Anonymous Distributed E-Cash from Bitcoin

  • Zeming Lu
  • Zoe L. JiangEmail author
  • Yulin Wu
  • Xuan Wang
  • Yantao Zhong
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11821)

Abstract

Although Bitcoin was the first widely adopted cryptographic currency system, it provides a limited form of anonymity and privacy. To protect the anonymity and privacy of Bitcoin transactions, many Bitcoin-based cryptocurrency extensions were proposed. However, most of the systems with anonymity and privacy are based on traditional cryptographic algorithms, which may become insecure in the next decades due to the attack of quantum computing. In this paper, we propose a lattice-based distributed e-cash scheme protecting payer’s anonymity, which is built upon the framework of Zerocoin and lattice-based zero-knowledge argument. Firstly, payer who owes a transaction redeems it to a newly-minted coin. Secondly, to pay for the next transaction, he/she collects a set of such coins to hide his owns, which can further hide his/her identity. Thirdly, to prove that the payer has one of the coins and no attempts to double-spend have occurred, we adapt a zero-knowledge argument of membership based on a lattice-based accumulator and a commitment protocol. Finally, the security proof of the scheme are given.

Keywords

Bitcoin Anonymity Lattice-based cryptocurrency Zero-knowledge argument 

Notes

Acknowledgements

This work is supported in part National Natural Science Foundation of China (No. 61872109), Guangdong Key R&D Program (No. 2019B010136001), Key Technology Program of Shenzhen, China, (No. JSGG20170824163239586).

References

  1. 1.
    Ajtai, M.: Generating hard instances of the short basis problem. In: Wiedermann, J., van Emde Boas, P., Nielsen, M. (eds.) ICALP 1999. LNCS, vol. 1644, pp. 1–9. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48523-6_1CrossRefGoogle Scholar
  2. 2.
    Ajtai, M.: Generating hard instances of lattice problems (extended abstract). In: Miller, G.L. (ed.) STOC, pp. 99–108. ACM (1996)Google Scholar
  3. 3.
    Bonneau, J., Narayanan, A., Miller, A., Clark, J., Kroll, J.A., Felten, E.W.: Mixcoin: anonymity for bitcoin with accountable mixes. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 486–504. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-45472-5_31CrossRefGoogle Scholar
  4. 4.
    Camenisch, J., Lysyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 61–76. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45708-9_5CrossRefGoogle Scholar
  5. 5.
    Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the 40th Annual ACM Symposium on Theory of Computing, pp. 197–206. ACM (2008)Google Scholar
  6. 6.
    Goldreich, O., Goldwasser, S., Halevi, S.: Collision-free hashing from lattice problems. In: Goldreich, O. (ed.) Studies in Complexity and Cryptography. Miscellanea on the Interplay between Randomness and Computation. LNCS, vol. 6650, pp. 30–39. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22670-0_5CrossRefGoogle Scholar
  7. 7.
    Herrera-Joancomartí, J.: Research and challenges on bitcoin anonymity. In: Garcia-Alfaro, J., et al. (eds.) DPM/QASA/SETOP -2014. LNCS, vol. 8872, pp. 3–16. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-17016-9_1CrossRefGoogle Scholar
  8. 8.
    Kawachi, A., Tanaka, K., Xagawa, K.: Concurrently secure identification schemes based on the worst-case hardness of lattice problems. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 372–389. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-89255-7_23CrossRefGoogle Scholar
  9. 9.
    Libert, B., Ling, S., Nguyen, K., Wang, H.: Zero-knowledge arguments for lattice-based accumulators: logarithmic-size ring signatures and group signatures without trapdoors. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 1–31. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49896-5_1CrossRefGoogle Scholar
  10. 10.
    Liu, J.K., Wei, V.K., Wong, D.S.: Linkable spontaneous anonymous group signature for Ad Hoc groups. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 325–335. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-27800-9_28CrossRefGoogle Scholar
  11. 11.
    Lyubashevsky, V.: Lattice-based identification schemes secure under active attacks. In: Cramer, R. (ed.) PKC 2008. LNCS, vol. 4939, pp. 162–179. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-78440-1_10CrossRefGoogle Scholar
  12. 12.
    Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. In: 45th Annual IEEE Symposium on Foundations of Computer Science, pp. 372–381. IEEE (2004)Google Scholar
  13. 13.
    Miers, I., Garman, C., Green, M., Rubin, A.D.: Zerocoin: anonymous distributed e-cash from bitcoin. In: 2013 IEEE Symposium on Security and Privacy, pp. 397–411. IEEE (2013)Google Scholar
  14. 14.
    Sasson, E.B., et al.: Zerocash: decentralized anonymous payments from bitcoin. In: 2014 IEEE Symposium on Security and Privacy, pp. 459–474 (2014).  https://doi.org/10.1109/SP.2014.36
  15. 15.
    Shor, J.S., Bemis, L., Kurtz, A.D., Grimberg, I., Weiss, B.Z., Macmillian, M.F., Choyke, W.J.: Characterization of nanocrystallites in porous p-type 6H-SiC. J. Appl. Phys. 76(7), 4045–4049 (1994)CrossRefGoogle Scholar
  16. 16.
    Sun, S.-F., Au, M.H., Liu, J.K., Yuen, T.H.: RingCT 2.0: a compact accumulator-based (linkable ring signature) protocol for blockchain cryptocurrency monero. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10493, pp. 456–474. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-66399-9_25CrossRefGoogle Scholar
  17. 17.
    Valenta, L., Rowan, B.: Blindcoin: blinded, accountable mixes for bitcoin. In: Brenner, M., Christin, N., Johnson, B., Rohloff, K. (eds.) FC 2015. LNCS, vol. 8976, pp. 112–126. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48051-9_9CrossRefGoogle Scholar
  18. 18.
    Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987).  https://doi.org/10.1007/3-540-47721-7_12CrossRefGoogle Scholar
  19. 19.
    Ben-Sasson, E., Chiesa, A., Genkin, D., Tromer, E., Virza, M.: SNARKs for C: verifying program executions succinctly and in zero knowledge. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 90–108. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40084-1_6CrossRefzbMATHGoogle Scholar
  20. 20.
    Lu, X., Au, M.H., Zhang, Z.: Raptor: a practical lattice-based (linkable) ring signature. In: Deng, R.H., Gauthier-Umaña, V., Ochoa, M., Yung, M. (eds.) ACNS 2019. LNCS, vol. 11464, pp. 110–130. Springer, Cham (2019).  https://doi.org/10.1007/978-3-030-21568-2_6CrossRefGoogle Scholar
  21. 21.
    Yang, R., Au, M.H., Zhang, Z., Xu, Q., Yu, Z., Whyte, W.: Efficient lattice-based zero-knowledge arguments with standard soundness: construction and applications. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 147–175. Springer, Cham (2019).  https://doi.org/10.1007/978-3-030-26948-7_6CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Harbin Institute of TechnologyShenzhenChina
  2. 2.Cyberspace Security Research Center, Peng Cheng LaboratoryShenzhenChina
  3. 3.Shenzhen Network Security Testing Technology Co. LtdShenzhenChina

Personalised recommendations