Coin Transfer Unlinkability Under the Counterparty Adversary Model
DOI:
https://doi.org/10.5195/ledger.2022.260Abstract
Unlinkability is a crucial property of cryptocurrencies that protects users from deanonymization attacks. However, currently, even anonymous cryptocurrencies do not necessarily attain unlinkability under specific conditions. For example, Mimblewimble, which is considered to attain coin unlinkability using its transaction kernel offset technique, is vulnerable under the assumption that privacy adversaries can send their coins to or receive coins from the challengers. This paper first illustrates the privacy issue in Mimblewimble that could allow two colluded adversaries to merge a person’s two independent chunks of personally identifiable information (PII) into a single PII. To analyze the privacy issue, we formulate unlinkability between two sets of objects and a privacy adversary model in cryptocurrencies called the counterparty adversary model. On these theoretical bases, we define an abstract model of blockchain-based cryptocurrency transaction protocols called the coin transfer system, and unlinkability over it called coin transfer unlinkability (CT-unlinkability). Furthermore, we introduce zero-knowledgeness for the coin transfer systems to propose a method to easily prove the CT-unlinkability of cryptocurrency transaction protocols. Finally, we prove that Zerocash is CT-unlinkable by using our proving method to demonstrate its effectiveness.
References
Amarasinghe, N., Boyen, X., Mckague, M. “A Survey of Anonymity of Cryptocurrencies.” In Australasian Computer Science Week Multiconference (ACSW). 1 1–10 (2019) https://doi.org/10.1145/3290688.3290693.
Androulaki, E., Karame, G. O., Roeschlin, M., Scherer, T., Capkun, S. “Evaluating User Privacy in Bitcoin.” In 17th International Conference, Financial Cryptography and Data Security (FC). LNCS 7859 34–51 (2013) https://doi.org/10.1007/978-3-642-39884-1_4.
Backes, M., Kate, A., Manoharan, P., Meiser, S., Mohammadi, E. “AnoA: A Framework for Analyzing Anonymous Communication Protocols.” In 26th IEEE Computer Security Foundations Symposium (CSF). 1 163–178 (2013) https://doi.org/10.1109/CSF.2013.18.
Beam community. “Beam: The Scalable Confidential Cryptocurrency.” (2020) (accessed 22 July 2022) https://docs.beam.mw/BEAM_Position_Paper_0.3.pdf.
Ben-Sasson, E., Chiesa, A., Tromer, E., Virza, M. “Succinct Non-Interactive Zero Knowledge for a von Neumann Architecture.” In 23rd USENIX Security Symposium. 1 781–796 (2014) https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/ben-sasson.
Ben-sasson, E., et al. “Zerocash: Decentralized Anonymous Payments from Bitcoin.” In 35th IEEE Sympo- sium on Security and Privacy (S&P). 1 459–474 (2014) https://doi.org/10.1109/SP.2014.36.
Bonneau, J., Miller, A., Clark, J., Narayanan, A., Kroll, J. A., Felten, E. W. “SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies.” In 36th IEEE Symposium on Security and Privacy (S&P). 1 104–121 (2015) http://doi.org/10.1109/SP.2015.14.
Goldreich, O. Foundations of Cryptography: Volume 1, Basic Tools. Cambridge: Cambridge University Press (2001).
Grin community. “Introduction to Mimblewimble and Grin.” (2017) (accessed 22 July 2022) https://github.com/mimblewimble/grin/blob/master/doc/intro.md.
Groth, J. “On the Size of Pairing-Based Non-interactive Arguments.” In 35th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT). LNCS 9666 305–326 (2016) https://doi.org/10.1007/978-3-662-49896-5_11.
Jedusor, T. E. “Mimblewimble.” (2016) (accessed 19 August 2022) https://docs.beam.mw/Mimblewimble.pdf.
Maxwell, G. “Confidential Transactions.” (2015) (accessed 22 July 2022) https://www.weusecoins.com/confidential-transactions/.
Nakamoto, S. “Bitcoin: A Peer-to-Peer Electronic Cash System.” (2008) (accessed 22 July 2022) https://bitcoin.org/bitcoin.pdf.
National Institute of Standards and Technology (NIST). “Guide to Protecting the Confidentiality of Personally Identifiable Information (PII).” (2010) (accessed 22 July 2022) https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-122.pdf.
Parno, B., Howell, J., Gentry, C., Raykova, M. “Pinocchio: Nearly Practical Verifiable Computation.” In 34th IEEE Symposium on Security and Privacy (S&P). 1 238–252 (2013) https://doi.org/10.1109/SP.2013.47.
Pfitzmann, A., Hansen, M. “A Terminology for Talking About pPrivacy by Data Minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management.” (2010) (accessed 22 July 2022) http://www.maroki.de/pub/dphistory/2010_Anon_Terminology_v0.34.pdf.
Poelstra, A. “Mimblewimble.” (2016) (accessed 22 July 2022) https://scalingbitcoin.org/papers/mimblewimble.pdf.
Ruffing, T., Moreno-Sanchez, P. “ValueShuffle: Mixing Confidential Transactions for Comprehensive Transaction Privacy in Bitcoin.” 133–154 (2017) https://doi.org/10.1007/978-3-319-70278-0_8.
Silveira, A., Betarte, G., Cristia, M., Luna, C. “A Formal Analysis of the Mimblewimble Cryptocurrency Protocol.” Sensors 21.17 5951 (2021) https://doi.org/10.3390/s21175951.
Zcash community “Zcash github.” (2019) (accessed 22 July 2022) https://github.com/zcash/zcash.
Downloads
Additional Files
Published
Versions
- 2022-08-31 (2)
- 2022-08-29 (1)
How to Cite
Issue
Section
License
Copyright (c) 2022 Takeshi Miyamae, Kanta Matsuura
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- The Author retains copyright in the Work, where the term “Work” shall include all digital objects that may result in subsequent electronic publication or distribution.
- Upon acceptance of the Work, the author shall grant to the Publisher the right of first publication of the Work.
- The Author shall grant to the Publisher and its agents the nonexclusive perpetual right and license to publish, archive, and make accessible the Work in whole or in part in all forms of media now or hereafter known under a Creative Commons Attribution 4.0 International License or its equivalent, which, for the avoidance of doubt, allows others to copy, distribute, and transmit the Work under the following conditions:
- Attribution—other users must attribute the Work in the manner specified by the author as indicated on the journal Web site;
- The Author is able to enter into separate, additional contractual arrangements for the nonexclusive distribution of the journal's published version of the Work (e.g., post it to an institutional repository or publish it in a book), as long as there is provided in the document an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post online a prepublication manuscript (but not the Publisher’s final formatted PDF version of the Work) in institutional repositories or on their Websites prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work. Any such posting made before acceptance and publication of the Work shall be updated upon publication to include a reference to the Publisher-assigned DOI (Digital Object Identifier) and a link to the online abstract for the final published Work in the Journal.
- Upon Publisher’s request, the Author agrees to furnish promptly to Publisher, at the Author’s own expense, written evidence of the permissions, licenses, and consents for use of third-party material included within the Work, except as determined by Publisher to be covered by the principles of Fair Use.
- The Author represents and warrants that:
- the Work is the Author’s original work;
- the Author has not transferred, and will not transfer, exclusive rights in the Work to any third party;
- the Work is not pending review or under consideration by another publisher;
- the Work has not previously been published;
- the Work contains no misrepresentation or infringement of the Work or property of other authors or third parties; and
- the Work contains no libel, invasion of privacy, or other unlawful matter.
- The Author agrees to indemnify and hold Publisher harmless from Author’s breach of the representations and warranties contained in Paragraph 6 above, as well as any claim or proceeding relating to Publisher’s use and publication of any content contained in the Work, including third-party content.
- The Author agrees to digitally sign the Publisher’s final formatted PDF version of the Work.
Revised 7/16/2018. Revision Description: Removed outdated link.