An airdrop that preserves recipient privacy

A common approach to bootstrapping a new cryptocurrency is an airdrop, an arrangement in which existing users give away currency to entice new users to join. But current airdrops offer no recipient privacy: they leak which recipients have claimed the funds, and this information is easily linked to off-chain identities.

[1]  Ueli Maurer,et al.  Unifying Zero-Knowledge Proofs of Knowledge , 2009, AFRICACRYPT.

[2]  Benjamin Wesolowski,et al.  Efficient Verifiable Delay Functions , 2019, Journal of Cryptology.

[3]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[4]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[5]  Jeremy Clark,et al.  Mixcoin: Anonymity for Bitcoin with Accountable Mixes , 2014, Financial Cryptography.

[6]  Jens Groth,et al.  Efficient Zero-Knowledge Arguments for Arithmetic Circuits in the Discrete Log Setting , 2016, EUROCRYPT.

[7]  Dan Boneh,et al.  A Survey of Two Verifiable Delay Functions , 2018, IACR Cryptol. ePrint Arch..

[8]  Dan Boneh,et al.  Bulletproofs: Short Proofs for Confidential Transactions and More , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[9]  Eli Ben-Sasson,et al.  Scalable Zero Knowledge with No Trusted Setup , 2019, CRYPTO.

[10]  Pieter Wuille,et al.  Confidential Assets , 2018, Financial Cryptography Workshops.

[11]  Bodo Möller Algorithms for Multi-exponentiation , 2001, Selected Areas in Cryptography.

[12]  Jesper Madsen,et al.  ZKBoo: Faster Zero-Knowledge for Boolean Circuits , 2016, USENIX Security Symposium.

[13]  Burton S. Kaliski,et al.  RSA factoring challenge , 2005, Encyclopedia of Cryptography and Security.

[14]  Mary Maller,et al.  Marlin: Preprocessing zkSNARKs with Universal and Updatable SRS , 2020, IACR Cryptol. ePrint Arch..

[15]  Jens Groth,et al.  On the Size of Pairing-Based Non-interactive Arguments , 2016, EUROCRYPT.

[16]  Jacques Stern,et al.  Security Arguments for Digital Signatures and Blind Signatures , 2015, Journal of Cryptology.

[17]  Ariel Gabizon,et al.  Improved prover efficiency and SRS size in a Sonic-like system , 2019, IACR Cryptol. ePrint Arch..

[18]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[19]  Georg Fuchsbauer,et al.  Aggregate Cash Systems: A Cryptographic Investigation of Mimblewimble , 2019, IACR Cryptol. ePrint Arch..

[20]  Daniel Slamanig,et al.  Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives , 2017, CCS.

[21]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[22]  Dawn Xiaodong Song,et al.  Libra: Succinct Zero-Knowledge Proofs with Optimal Prover Computation , 2019, IACR Cryptol. ePrint Arch..

[23]  Silvio Micali,et al.  Everything Provable is Provable in Zero-Knowledge , 1990, CRYPTO.

[24]  Kazue Sako,et al.  An Efficient Scheme for Proving a Shuffle , 2001, CRYPTO.

[25]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[26]  Atsuko Miyaji,et al.  Efficient elliptic curve exponentiation , 1997, ICICS.

[27]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[28]  Ian Miers,et al.  Scalable Multi-party Computation for zk-SNARK Parameters in the Random Beacon Model , 2017, IACR Cryptol. ePrint Arch..

[29]  Yuval Ishai,et al.  Ligero: Lightweight Sublinear Arguments Without a Trusted Setup , 2017, Designs, Codes and Cryptography.

[30]  Amir Herzberg,et al.  Committing Encryption and Publicly-Verifiable SignCryption , 2003, IACR Cryptol. ePrint Arch..

[31]  Ernest F. Brickell,et al.  Design Validations for Discrete Logarithm Based Signature Schemes , 2000, Public Key Cryptography.

[32]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[33]  Carsten Lund,et al.  Practical zero-knowledge proofs: Giving hints and using deficiencies , 1988, Journal of Cryptology.

[34]  Yael Tauman Kalai,et al.  Delegating computation: interactive proofs for muggles , 2008, STOC.

[35]  Tatsuaki Okamoto,et al.  Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations , 1997, CRYPTO.

[36]  Nir Bitansky,et al.  Succinct Non-Interactive Arguments via Linear Interactive Proofs , 2013, Journal of Cryptology.

[37]  Georg Fuchsbauer,et al.  Anonymous Proxy Signatures , 2008, SCN.

[38]  Jan Camenisch,et al.  Proving in Zero-Knowledge that a Number Is the Product of Two Safe Primes , 1998, EUROCRYPT.

[39]  Masayuki Abe,et al.  1-out-of-n Signatures from a Variety of Keys , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[40]  Nicolas van Saberhagen CryptoNote v 2.0 , 2013 .

[41]  Victor Shoup,et al.  OAEP Reconsidered , 2001, CRYPTO.

[42]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[43]  Justin Thaler,et al.  Time-Optimal Interactive Proofs for Circuit Evaluation , 2013, CRYPTO.

[44]  Eli Ben-Sasson,et al.  Secure Sampling of Public Parameters for Succinct Zero Knowledge Proofs , 2015, 2015 IEEE Symposium on Security and Privacy.

[45]  Jeroen van de Graaf,et al.  A Simple and Secure Way to Show the Validity of Your Public Key , 1987, CRYPTO.

[46]  Dan Boneh,et al.  Batching Techniques for Accumulators with Applications to IOPs and Stateless Blockchains , 2019, IACR Cryptol. ePrint Arch..

[47]  Yuval Ishai,et al.  Sub-linear Zero-Knowledge Argument for Correctness of a Shuffle , 2008, EUROCRYPT.

[48]  Ji Luo,et al.  Compact Zero-Knowledge Proofs of Small Hamming Weight , 2018, IACR Cryptol. ePrint Arch..

[49]  S A R A H M E I K L E J O H N,et al.  A Fistful of Bitcoins Characterizing Payments Among Men with No Names , 2013 .

[50]  Shen Noether,et al.  Ring Confidential Transactions , 2016, Ledger.

[51]  Craig Gentry,et al.  Quadratic Span Programs and Succinct NIZKs without PCPs , 2013, IACR Cryptol. ePrint Arch..

[52]  Matthew Green,et al.  A multi-party protocol for constructing the public parameters of the Pinocchio zk-SNARK , 2018, IACR Cryptol. ePrint Arch..

[53]  Jeremy Clark,et al.  SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies , 2015, 2015 IEEE Symposium on Security and Privacy.

[54]  Helger Lipmaa,et al.  Progression-Free Sets and Sublinear Pairing-Based Non-Interactive Zero-Knowledge Arguments , 2012, TCC.

[55]  Johannes Buchmann,et al.  A Survey on {IQ} Cryptography , 2001 .

[56]  Ariel Gabizon,et al.  PLONK: Permutations over Lagrange-bases for Oecumenical Noninteractive arguments of Knowledge , 2019, IACR Cryptol. ePrint Arch..

[57]  Ivan Damgård,et al.  Generic Lower Bounds for Root Extraction and Signature Schemes in General Groups , 2002, EUROCRYPT.

[58]  Graham Cormode,et al.  Practical verified computation with streaming interactive proofs , 2011, ITCS '12.

[59]  Krzysztof Pietrzak,et al.  Simple Verifiable Delay Functions , 2018, IACR Cryptol. ePrint Arch..

[60]  Jens Groth,et al.  Efficient Zero-Knowledge Argument for Correctness of a Shuffle , 2012, EUROCRYPT.

[61]  Ghassan O. Karame,et al.  Evaluating User Privacy in Bitcoin , 2013, Financial Cryptography.

[62]  Tal Rabin,et al.  An efficient non-interactive statistical zero-knowledge proof system for quasi-safe prime products , 1998, CCS '98.

[63]  Jan Camenisch,et al.  Efficiency Limitations for Σ-Protocols for Group Homomorphisms , 2010, TCC.

[64]  Yehuda Lindell,et al.  Fast Distributed RSA Key Generation for Semi-Honest and Malicious Adversaries , 2018, IACR Cryptol. ePrint Arch..

[65]  Douglas Wikström,et al.  Efficiency Limitations of Σ-Protocols for Group Homomorphisms Revisited , 2012, SCN.

[66]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[67]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[68]  T-H. Hubert Chan,et al.  C ∅ C ∅ : A Framework for Building Composable Zero-Knowledge Proofs , 2016 .

[69]  Jens Groth,et al.  A Verifiable Secret Shuffle of Homomorphic Encryptions , 2003, Journal of Cryptology.

[70]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[71]  Eli Ben-Sasson,et al.  Interactive Oracle Proofs , 2016, TCC.

[72]  Dan Boneh,et al.  True2F: Backdoor-Resistant Authentication Tokens , 2018, 2019 IEEE Symposium on Security and Privacy (SP).

[73]  Mihir Bellare,et al.  Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions , 2003, EUROCRYPT.

[74]  Elaine Shi,et al.  Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[75]  Matthew K. Franklin,et al.  Efficient Generation of Shared RSA Keys (Extended Abstract) , 1997, CRYPTO.

[76]  Ronald Cramer,et al.  Modular Design of Secure yet Practical Cryptographic Protocols , 1997 .

[77]  Abhi Shelat,et al.  Full Accounting for Verifiable Outsourcing , 2017, CCS.

[78]  Jacob C. N. Schuldt,et al.  On the Security of the Schnorr Signature Scheme and DSA Against Related-Key Attacks , 2015, ICISC.

[79]  Eli Ben-Sasson,et al.  Succinct Non-Interactive Zero Knowledge for a von Neumann Architecture , 2014, USENIX Security Symposium.

[80]  Neil Gandal,et al.  Competition in the Cryptocurrency Market , 2014, SSRN Electronic Journal.

[81]  Manuel Blum,et al.  Comparison of Two Pseudo-Random Number Generators , 1982, CRYPTO.

[82]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[83]  Aggelos Kiayias,et al.  Anonymous Identification in Ad Hoc Groups , 2004, EUROCRYPT.

[84]  Eli Ben-Sasson,et al.  Aurora: Transparent Succinct Arguments for R1CS , 2019, IACR Cryptol. ePrint Arch..

[85]  Jan Camenisch,et al.  Efficiency Limitations for Sigma-Protocols for Group Homomorphisms , 2009, IACR Cryptol. ePrint Arch..

[86]  Jacques Stern,et al.  Security Proofs for Signature Schemes , 1996, EUROCRYPT.

[87]  Rafail Ostrovsky,et al.  Efficient Arguments without Short PCPs , 2007, Twenty-Second Annual IEEE Conference on Computational Complexity (CCC'07).

[88]  Rafail Ostrovsky,et al.  Cryptography with constant computational overhead , 2008, STOC.

[89]  Mihir Bellare,et al.  Multi-signatures in the plain public-Key model and a general forking lemma , 2006, CCS '06.

[90]  Rainer Bohme,et al.  The Operational Cost of Ethereum Airdrops , 2019 .

[91]  J. Rhode Putting it all together. , 2005, Dental economics - oral hygiene.

[92]  Tanja Lange,et al.  High-speed high-security signatures , 2011, Journal of Cryptographic Engineering.

[93]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[94]  C. Andrew Neff,et al.  A verifiable secret shuffle and its application to e-voting , 2001, CCS '01.

[95]  Ivan Damgård,et al.  Zero-Knowledge Proofs for Finite Field Arithmetic; or: Can Zero-Knowledge be for Free? , 1998, CRYPTO.

[96]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[97]  Abhi Shelat,et al.  Doubly-Efficient zkSNARKs Without Trusted Setup , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[98]  Ueli Maurer,et al.  Efficient Proofs of Knowledge of Discrete Logarithms and Representations in Groups with Hidden Order , 2005, Public Key Cryptography.

[99]  Markulf Kohlweiss,et al.  Sonic: Zero-Knowledge SNARKs from Linear-Size Universal and Updatable Structured Reference Strings , 2019, IACR Cryptol. ePrint Arch..

[100]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[101]  Craig Gentry,et al.  Pinocchio: Nearly Practical Verifiable Computation , 2013, 2013 IEEE Symposium on Security and Privacy.

[102]  Eike Kiltz,et al.  The Algebraic Group Model and its Applications , 2018, IACR Cryptol. ePrint Arch..

[103]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[104]  Pedro Moreno-Sanchez,et al.  CoinShuffle: Practical Decentralized Coin Mixing for Bitcoin , 2014, ESORICS.

[105]  Jens Groth,et al.  Short Pairing-Based Non-interactive Zero-Knowledge Arguments , 2010, ASIACRYPT.