Skip to main content
SpringerLink
Log in

Quisquis: A New Design for Anonymous Cryptocurrencies

  • Conference paper
  • First Online:
Advances in Cryptology – ASIACRYPT 2019 (ASIACRYPT 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11921))

Abstract

Despite their usage of pseudonyms rather than persistent identifiers, most existing cryptocurrencies do not provide users with any meaningful levels of privacy. This has prompted the creation of privacy-enhanced cryptocurrencies such as Monero and Zcash, which are specifically designed to counteract the tracking analysis possible in currencies like Bitcoin. These cryptocurrencies, however, also suffer from some drawbacks: in both Monero and Zcash, the set of potential unspent coins is always growing, which means users cannot store a concise representation of the blockchain. Additionally, Zcash requires a common reference string and the fact that addresses are reused multiple times in Monero has led to attacks to its anonymity.

In this paper we propose a new design for anonymous cryptocurrencies, Quisquis, that achieves provably secure notions of anonymity. Quisquis stores a relatively small amount of data, does not require trusted setup, and in Quisquis each address appears on the blockchain at most twice: once when it is generated as output of a transaction, and once when it is spent as input to a transaction. Our result is achieved by combining a DDH-based tool (that we call updatable keys) with efficient zero-knowledge arguments.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    For simplicity we consider a single sender but the notation can easily be generalized to allow for arbitrarily many.

  2. 2.

    Note that if \(\mathsf {acct}= (\mathsf {pk}, com)\) and \(\mathsf {acct}_\delta = (\mathsf {pk}, \mathsf {Commit}_{\mathsf {pk}}(v;r)))\), then \(\mathsf {UpdateDelta}(\mathsf {acct}, \mathsf {acct}_\delta ) = \mathsf {UpdateAcct}(\mathsf {acct}, v; 1, r)\).

  3. 3.

    https://github.com/dalek-cryptography/bulletproofs.

References

  1. Dash. https://www.dash.org/

  2. What is Jubjub? https://z.cash/technology/jubjub.html

  3. Androulaki, E., Karame, G.O., Roeschlin, M., Scherer, T., Capkun, S.: Evaluating user privacy in Bitcoin. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 34–51. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39884-1_4

    Chapter  Google Scholar 

  4. Backes, M., Hanzlik, L., Kluczniak, K., Schneider, J.: Signatures with flexible public key: a unified approach to privacy-preserving signatures. IACR ePrint Archive, Report 2018/191. https://eprint.iacr.org/2018/191.pdf

  5. Bayer, S., Groth, J.: Efficient zero-knowledge argument for correctness of a shuffle. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 263–280. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_17

    Chapter  Google Scholar 

  6. Ben-Sasson, E., et al.: Zerocash: decentralized anonymous payments from Bitcoin. In: 2014 IEEE Symposium on Security and Privacy, Berkeley, CA, USA, 18–21 May 2014, pp. 459–474. IEEE Computer Society Press (2014)

    Google Scholar 

  7. Bissias, G., Ozisik, A.P., Levine, B.N., Liberatore, M.: Sybil-resistant mixing for Bitcoin. In: Proceedings of the 13th Workshop on Privacy in the Electronic Society, pp. 149–158. ACM (2014)

    Google Scholar 

  8. Bonneau, J., Narayanan, A., Miller, A., Clark, J., Kroll, J.A., Felten, E.W.: Mixcoin: anonymity for Bitcoin with accountable mixes. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 486–504. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45472-5_31

    Chapter  Google Scholar 

  9. Bowe, S., Gabizon, A., Green, M.: A multi-party protocol for constructing the public parameters of the Pinocchio zk-SNARK. In: Proceedings of the 5th Workshop on Bitcoin and Blockchain Research (2018)

    Google Scholar 

  10. Bünz, B., Agrawal, S., Zamani, M., Boneh, D.: Zether: towards privacy in a smart contract world. https://crypto.stanford.edu/~buenz/papers/zether.pdf

  11. Bünz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., Maxwell, G.: Bulletproofs: short proofs for confidential transactions and more. IACR Cryptology ePrint Archive 2017, 1066 (2017)

    Google Scholar 

  12. Delgado-Segura, S., Pérez-Solà, C., Navarro-Arribas, G., Herrera-Joancomartí, J.: Analysis of the Bitcoin UTXO set. In: Zohar, A., et al. (eds.) FC 2018. LNCS, vol. 10958, pp. 78–91. Springer, Heidelberg (2019). https://doi.org/10.1007/978-3-662-58820-8_6

    Chapter  Google Scholar 

  13. Fauzi, P., Meiklejohn, S., Mercer, R., Orlandi, C.: Quisquis: a new design for anonymous cryptocurrencies. https://eprint.iacr.org/2018/990

  14. Fleischhacker, N., Krupp, J., Malavolta, G., Schneider, J., Schröder, D., Simkin, M.: Efficient unlinkable sanitizable signatures from signatures with re-randomizable keys. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 301–330. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49384-7_12

    Chapter  Google Scholar 

  15. Fuchsbauer, G., Orrù, M., Seurin, Y.: Aggregate cash systems: a cryptographic investigation of mimblewimble. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11476, pp. 657–689. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17653-2_22

    Chapter  Google Scholar 

  16. Heilman, E., Alshenibr, L., Baldimtsi, F., Scafuro, A., Goldberg, S.: TumbleBit: an untrusted Bitcoin-compatible anonymous payment hub. In: Proceedings of NDSS 2017 (2017)

    Google Scholar 

  17. Heilman, E., Kendler, A., Zohar, A., Goldberg, S.: Eclipse attacks on Bitcoin’s peer-to-peer network. In: Proceedings of the USENIX Security Symposium (2017)

    Google Scholar 

  18. Hinteregger, A., Haslhofer, B.: An empirical analysis of Monero cross-chain traceability. CoRR, abs/1812.02808 (2018)

    Google Scholar 

  19. Kappos, G., Yousaf, H., Maller, M., Meiklejohn, S.: An empirical analysis of anonymity in Zcash. In: Enck, W., Felt, A.P. (eds.) 27th USENIX Security Symposium, USENIX Security 2018, Baltimore, MD, USA, 15–17 August 2018, pp. 463–477. USENIX Association (2018)

    Google Scholar 

  20. Kumar, A., Fischer, C., Tople, S., Saxena, P.: A traceability analysis of Monero’s blockchain. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10493, pp. 153–173. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66399-9_9

    Chapter  Google Scholar 

  21. Lerner, S.D.: AppeCoin: practical anonymous peer-to-peer e-cash system. https://bitslog.files.wordpress.com/2014/04/appecoin28.pdf

  22. Malavolta, G., Schröder, D.: Efficient ring signatures in the standard model. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 128–157. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70697-9_5

    Chapter  MATH  Google Scholar 

  23. Maxwell, G.: CoinJoin: Bitcoin privacy for the real world. In: Post on Bitcoin Forum (2013)

    Google Scholar 

  24. Meiklejohn, S., Mercer, R.: Möbius: trustless tumbling for transaction privacy. In: Proceedings on Privacy Enhancing Technologies (2018)

    Article  Google Scholar 

  25. Meiklejohn, S., Orlandi, C.: Privacy-enhancing overlays in Bitcoin. In: Brenner, M., Christin, N., Johnson, B., Rohloff, K. (eds.) FC 2015. LNCS, vol. 8976, pp. 127–141. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48051-9_10

    Chapter  Google Scholar 

  26. Meiklejohn, S., et al.: A fistful of Bitcoins: characterizing payments among. men with no names. In: Proceedings of the 2013 Internet Measurement Conference, pp. 127–140. ACM (2013)

    Google Scholar 

  27. Miller, A., Möser, M., Lee, K., Narayanan, A.: An empirical analysis of linkability in the Monero blockchain. In: Proceedings on Privacy Enhancing Technologies (2018)

    Google Scholar 

  28. Moreno-Sanchez, P., Zafar, M.B., Kate, A.: Listening to whispers of Ripple: linking wallets and deanonymizing transactions in the Ripple network. In: Proceedings on Privacy Enhancing Technologies 2016, vol. 4, pp. 436–453 (2016)

    Article  Google Scholar 

  29. Möser, M., Böhme, R., Breuker, D.: An inquiry into money laundering tools in the Bitcoin ecosystem. In: Proceedings of the APWG E-Crime Researchers Summit (2013)

    Google Scholar 

  30. Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System (2008). bitcoin.org/bitcoin.pdf

  31. Noether, S., Mackenzie, A., et al.: Ring confidential transactions. Ledger 1, 1–18 (2016)

    Article  Google Scholar 

  32. Poelstra, A.: Mimblewimble (2016). https://download.wpsoftware.net/bitcoin/ wizardry/mimblewimble.pdf

  33. Reid, F., Harrigan, M.: An analysis of anonymity in the Bitcoin system. In: Altshuler, Y., Elovici, Y., Cremers, A., Aharony, N., Pentland, A. (eds.) Security and Privacy in Social Networks, pp. 197–223. Springer, New York (2013)

    Chapter  Google Scholar 

  34. Ron, D., Shamir, A.: Quantitative analysis of the Full Bitcoin Transaction Graph. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 6–24. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39884-1_2

    Chapter  Google Scholar 

  35. Ruffing, T., Moreno-Sanchez, P.: ValueShuffle: mixing confidential transactions for comprehensive transaction privacy in Bitcoin. In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 133–154. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70278-0_8

    Chapter  Google Scholar 

  36. Ruffing, T., Moreno-Sanchez, P., Kate, A.: CoinShuffle: practical decentralized coin mixing for Bitcoin. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8713, pp. 345–364. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11212-1_20

    Chapter  Google Scholar 

  37. Spagnuolo, M., Maggi, F., Zanero, S.: BitIodine: extracting intelligence from the Bitcoin network. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 457–468. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45472-5_29

    Chapter  Google Scholar 

  38. Valenta, L., Rowan, B.: Blindcoin: blinded, accountable mixes for Bitcoin. In: Brenner, M., Christin, N., Johnson, B., Rohloff, K. (eds.) FC 2015. LNCS, vol. 8976, pp. 112–126. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48051-9_9

    Chapter  Google Scholar 

  39. Waters, B.R., Felten, E.W., Sahai, A.: Receiver anonymity via incomparable public keys. In: Jajodia, S., Atluri, V., Jaeger, T. (eds.) ACM CCS 2003, Washington D.C., USA, 27–30 October 2003, pp. 112–121. ACM Press (2003)

    Google Scholar 

  40. Yu, Z., Au, M.H., Yu, J., Yang, R., Xu, Q., Lau, W.F.: New empirical traceability analysis of CryptoNote-style blockchains. In: Goldberg, I., Moore, T. (eds.) Financial Cryptography and Data Security, FC 2019. LNCS, vol. 11598, pp. 133–149. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-32101-7_9

    Chapter  Google Scholar 

Download references

Acknowledgements

Sarah Meiklejohn was supported in part by EPSRC Grant EP/N028104/1. Most of this work was done while the other three authors were working at Aarhus University and were supported by: the Concordium Blockhain Research Center, Aarhus University, Denmark; the Carlsberg Foundation under the Semper Ardens Research Project CF18-112 (BCM); the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme under grant agreement No 803096 (SPEC); the Danish Independent Research Council under Grant-ID DFF-6108-00169 (FoCC); the European Union’s Horizon 2020 research and innovation programme under grant agreement No 731583 (SODA).

Author information

Authors and Affiliations

  1. Simula UiB, Bergen, Norway

    Prastudy Fauzi

  2. University College London, London, UK

    Sarah Meiklejohn

  3. O(1) Labs, San Francisco, USA

    Rebekah Mercer

  4. Department of Computer Science, DIGIT, Aarhus University, Aarhus, Denmark

    Claudio Orlandi

Authors
  1. Prastudy Fauzi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sarah Meiklejohn
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rebekah Mercer
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Claudio Orlandi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Prastudy Fauzi .

Editor information

Editors and Affiliations

  1. University of Auckland, Auckland, New Zealand

    Steven D. Galbraith

  2. Security Fundamentals Lab, NICT, Tokyo, Japan

    Shiho Moriai

Rights and permissions

Reprints and permissions

Copyright information

© 2019 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Fauzi, P., Meiklejohn, S., Mercer, R., Orlandi, C. (2019). Quisquis: A New Design for Anonymous Cryptocurrencies. In: Galbraith, S., Moriai, S. (eds) Advances in Cryptology – ASIACRYPT 2019. ASIACRYPT 2019. Lecture Notes in Computer Science(), vol 11921. Springer, Cham. https://doi.org/10.1007/978-3-030-34578-5_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-34578-5_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-34577-8

  • Online ISBN: 978-3-030-34578-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation