Anonymous Post-Quantum Cryptocash

In this paper, we construct an anonymous and decentralized cryptocash system which is potentially secure against quantum computers. In order to achieve that, a linkable ring signature based on ideal lattices is proposed. The size of a signature in our scheme is \(O(\log N)\), where N is the cardinality of the ring. The framework of our cryptocash system follows that of CryptoNote with some modifications. By adopting the short quantum-resistant linkable ring signature scheme, our system is anonymous and efficient. We also introduce how to generate the verifying and signing key pairs of the linkable ring signature temporarily. With these techniques, the privacy of users is protected, even though their transactions are recorded in the public ledger.

[1]  Pierre-Louis Cayrel,et al.  A Lattice-Based Threshold Ring Signature Scheme , 2010, LATINCRYPT.

[2]  Miklós Ajtai,et al.  Generating hard instances of lattice problems (extended abstract) , 1996, STOC '96.

[3]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[4]  Matthew Green,et al.  Zerocoin: Anonymous Distributed E-Cash from Bitcoin , 2013, 2013 IEEE Symposium on Security and Privacy.

[5]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[6]  Fergal Reid,et al.  An Analysis of Anonymity in the Bitcoin System , 2011, 2011 IEEE Third Int'l Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third Int'l Conference on Social Computing.

[7]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[8]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[9]  Léo Ducas,et al.  Lattice Signatures and Bimodal Gaussians , 2013, IACR Cryptol. ePrint Arch..

[10]  Koutarou Suzuki,et al.  Traceable Ring Signature , 2007, Public Key Cryptography.

[11]  Elaine Shi,et al.  Bitter to Better - How to Make Bitcoin a Better Currency , 2012, Financial Cryptography.

[12]  Markulf Kohlweiss,et al.  One-Out-of-Many Proofs: Or How to Leak a Secret and Spend a Coin , 2015, EUROCRYPT.

[13]  Joseph K. Liu,et al.  Linkable Ring Signatures: Security Models and New Schemes , 2005, ICCSA.

[14]  Bo Sun,et al.  Ring Signature Schemes from Lattice Basis Delegation , 2011, ICICS.

[15]  Fergal Reid,et al.  An Analysis of Anonymity in the Bitcoin System , 2011, PASSAT 2011.

[16]  Shai Halevi,et al.  A sufficient condition for key-privacy , 2005, IACR Cryptol. ePrint Arch..

[17]  Daniele Micciancio,et al.  Generalized Compact Knapsacks, Cyclic Lattices, and Efficient One-Way Functions , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[18]  Jin-Yi Cai,et al.  An improved worst-case to average-case connection for lattice problems , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[19]  Oded Goldreich,et al.  On the limits of non-approximability of lattice problems , 1998, STOC '98.

[20]  Craig Gentry,et al.  Trapdoors for hard lattices and new cryptographic constructions , 2008, IACR Cryptol. ePrint Arch..

[21]  Tsz Hon Yuen,et al.  RingCT 2.0: A Compact Accumulator-Based (Linkable Ring Signature) Protocol for Blockchain Cryptocurrency Monero , 2017, ESORICS.

[22]  Yael Tauman Kalai,et al.  A Framework for Efficient Signatures, Ring Signatures and Identity Based Encryption in the Standard Model , 2010, IACR Cryptol. ePrint Arch..

[23]  Shen Noether,et al.  Ring SIgnature Confidential Transactions for Monero , 2015, IACR Cryptol. ePrint Arch..

[24]  Vadim Lyubashevsky,et al.  Lattice Signatures Without Trapdoors , 2012, IACR Cryptol. ePrint Arch..

[25]  Dorit Aharonov,et al.  Lattice problems in NP ∩ coNP , 2005, JACM.

[26]  Daniele Micciancio,et al.  Generalized Compact Knapsacks Are Collision Resistant , 2006, ICALP.

[27]  Adi Shamir,et al.  Quantitative Analysis of the Full Bitcoin Transaction Graph , 2013, Financial Cryptography.

[28]  Ron Steinfeld,et al.  Efficient Public Key Encryption Based on Ideal Lattices , 2009, ASIACRYPT.

[29]  Joseph K. Liu,et al.  Linkable Spontaneous Anonymous Group Signature for Ad Hoc Groups (Extended Abstract) , 2004, ACISP.

[30]  Kevin Lee,et al.  An Empirical Analysis of Linkability in the Monero Blockchain , 2017, ArXiv.

[31]  Ethan Heilman,et al.  An Empirical Analysis of Traceability in the Monero Blockchain , 2017, Proc. Priv. Enhancing Technol..

[32]  Chen Wang,et al.  A New Ring Signature Scheme from NTRU Lattice , 2012, 2012 Fourth International Conference on Computational and Information Sciences.

[33]  Daniele Micciancio Generalized Compact Knapsacks, Cyclic Lattices, and Efficient One-Way Functions , 2007, computational complexity.

[34]  Nicolas van Saberhagen CryptoNote v 2.0 , 2013 .

[35]  Mihir Bellare,et al.  Key-Privacy in Public-Key Encryption , 2001, ASIACRYPT.

[36]  Prateek Saxena,et al.  A Traceability Analysis of Monero's Blockchain , 2017, ESORICS.

[37]  Stefan Katzenbeisser,et al.  Structure and Anonymity of the Bitcoin Transaction Graph , 2013, Future Internet.

[38]  Daniele Micciancio,et al.  Worst-case to average-case reductions based on Gaussian measures , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[39]  Huaxiong Wang,et al.  Zero-Knowledge Arguments for Lattice-Based Accumulators: Logarithmic-Size Ring Signatures and Group Signatures Without Trapdoors , 2016, Journal of Cryptology.