Privacy preservation for transaction initiators: stronger key image ring signature and smart contract-based framework

• Autorzy: Odoom Justice , Huang Xiaofang , Danso Samuel , Nyarko Benedicta Nana Esi

Identyfikatory

DOI

10.7494/csci.2023.24.1.4643

• Języki publikacji: EN

Abstrakty

EN

Recently, blockchain technology has garnered a great deal of support; however, an attenuating factor to its global adoption in certain use cases is privacypreservation (owing to its inherent transparency). A widely explored cryptographic option to address this challenge has been a ring signature that, aside from its privacy guarantee, must be double-spending resistant. In this paper, we identify and prove a catastrophic flaw for double-spending attacks in a lightweight ring signature scheme and proceed to construct a new fortified commitment scheme that uses a signer’s entire private key. Subsequently, we compute a stronger key image to yield a double-spending-resistant signature scheme that is solidly backed by formal proof. Inherent in our solution is a novel, zero-knowledge-based, secure, and cost-effective smart contract for public key aggregation. We test our solution on a private blockchain as well as a Kovan testnet along with a performance analysis that attests to its efficiency and usability – and, we make the code publicly available on GitHub.

Słowa kluczowe

EN

blockchain; double spending; privacy; ring signature; smart contract; transaction initiator; lightweight

• Wydawca: Wydawnictwa AGH
• Czasopismo: Computer Science
• Rocznik: 2023
• Tom: T. 24 (1)
• Strony: 75--96
• Opis fizyczny: Bibliogr. 52 poz., rys., tab.

Twórcy

autor

Odoom Justice

• Southwest University of Science and Technology, Department of Computer Science and Technology, Mianyang 621010 Sichuan China

autor

Huang Xiaofang

• Southwest University of Science and Technology, Department of Computer Science and Technology, Mianyang 621010 Sichuan China

autor

Danso Samuel

• Ghana Communication Technology University, Faculty of Engineering, Accra, PMB 100, Ghana

autor

Nyarko Benedicta Nana Esi

• Southwest University of Science and Technology, Department of Information Engineering, Mianyang 621010 Sichuan China

Bibliografia

• [1] Abou J.J., Saade R.G.: Blockchain Applications – Usage in Different Domains, IEEE Access, vol. 7, pp. 45360–45381, 2019. doi: 10.1109/ACCESS.2019.2902501.
• [2] Antonopoulos A.M.: Mastering Bitcoin: Programming the open blockchain, O’Reilly Media, Inc., 2017.
• [3] Au M.H., Liu J.K., Susilo W., Yuen T.H.: Constant-size ID-based linkable and revocable-iff-linked ring signature. In: Progress in Cryptology – INDOCRYPT 2006. 7th International Conference on Cryptology in India, Kolkata, India, December 11–13, 2006, Proceedings, pp. 364–378, Springer, 2006.
• [4] Au M.H., Liu J.K., Susilo W., Yuen T.H.: Secure ID-based linkable and revocableiff-linked ring signature with constant-size construction, Theoretical Computer Science, vol. 469, pp. 1–14, 2013.
• [5] Ben Sasson E., Chiesa A., Garman C., Green M., Miers I., Tromer E., Virza M.: Zerocash: Decentralized Anonymous Payments from Bitcoin. In: 2014 IEEE Symposium on Security and Privacy, pp. 459–474, 2014. doi: 10.1109/SP.2014.36.
• [6] Benet J.: IPFS-content addressed, versioned, P2P file system, arXiv preprint arXiv:14073561, 2014.
• [7] Bresson E., Stern J., Szydlo M.: Threshold ring signatures and applications to ad-hoc groups. In: Advances in Cryptology – CRYPTO 2002, 22nd Annual International Cryptology Conference Santa Barbara, California, USA, August 18–22, 2002, Proceedings, pp. 465–480, Springer, 2002.
• [8] Bunz B., Agrawal S., Zamani M., Boneh D.: Zether: Towards Privacy in a Smart Contract World. In: J. Bonneau, N. Heninger (eds.), Financial Cryptography and Data Security. 24th International Conference, FC 2020, Kota Kinabalu, Malaysia, February 10–14, 2020 Revised Selected Papers, pp. 423–443, Springer, Cham, 2020. doi: 10.1007/978-3-030-51280-4 23.
• [9] Canellis D.: Major cryptocurrency exchange delists Bitcoin Gold following $18M hack, 2018. https://thenextweb.com/hardfork/2018/09/03/bittrex- delistsbitcoin-gold/. [Online; accessed 11 July 2021].
• [10] Chandran N., Groth J., Sahai A.: Ring signatures of sub-linear size without random oracles. In: Automata, Languages and Programming. 34th International Colloquium, ICALP 2007, Wroclaw, Poland, July 9–13, 2007, Proceedings, pp. 423–434, Springer, 2007.
• [11] Fiat A., Shamir A.: How to prove yourself: Practical solutions to identification and signature problems. In: Proceedings on Advances in Cryptology – CRYPTO’86, pp. 186–194, Springer, 1986.
• [12] Fujisaki E., Suzuki K.: Traceable ring signature. In: Public Key Cryptography – PKC 2007. 10th International Conference on Practice and Theory in PublicKey Cryptography, Beijing, China, April 16–20, 2007, Proceedings, pp. 181–200, Springer, 2007.
• [13] Gaihre A., Luo Y., Liu H.: Do Bitcoin Users Really Care About Anonymity? An Analysis of the Bitcoin Transaction Graph. In: 2018 IEEE International Conference on Big Data (Big Data), pp. 1198–1207, 2018. doi: 10.1109/ BigData.2018.8622442.
• [14] Goldfeder S., Kalodner H., Reisman D., Narayanan A.: When the cookie meets the blockchain: Privacy risks of web payments via cryptocurrencies, Proceedings on Privacy Enhancing Technologies, vol. 2018, pp. 179–199, 2017. doi: 10.1515/ popets-2018-0038.
• [15] Jeong I.R., Kwon J.O., Lee D.H.: Analysis of revocable-iff-linked ring signature scheme, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, vol. 92(1), pp. 322–325, 2009.
• [16] Jia H., Tang C.: Cryptanalysis of a non-interactive deniable ring signature scheme, International Journal of Information Security, vol. 20(1), pp. 103–112, 2021.
• [17] Joshi A.P., Han M., Wang Y.: A survey on security and privacy issues of blockchain technology, Mathematical Foundations of Computing, vol. 1(2), pp. 121–147, 2018. doi: 10.3934/mfc.2018007.
• [18] Kosba A., Miller A., Shi E., Wen Z., Papamanthou C.: Hawk: The blockchain model of cryptography and privacy-preserving smart contracts. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 839–858, IEEE, 2016.
• [19] Kus M.C., Levi A.: Investigation and Application of Differential Privacy in Bitcoin, IEEE Access, vol. 10, pp. 25534–25554, 2022.
• [20] Leung A., Chen L., Mitchell C.: On a Possible Privacy Flaw in Direct Anonymous Attestation (DAA). In: Trusted Computing – Challenges and Applications. First International Conference on Trusted Computing and Trust in Information Technologies, TRUST 2008 Villach, Austria, March 11–12, 2008 Proceedings, pp. 179–190, Springer, 2008. doi: 10.1007/978-3-540-68979-9 14.
• [21] Li X., Mei Y., Gong J., Xiang F., Sun Z.: A Blockchain Privacy Protection Scheme Based on Ring Signature, IEEE Access, vol. 8, pp. 76765–76772, 2020.
• [22] Li Y., Marier-Bienvenue T., Perron-Brault A., Wang X., Par´e G.: Blockchain technology in business organizations: A scoping review. In: Proceedings of the 51st Hawaii International Conference on System Sciences, pp. 4474–4483, 2018.
• [23] Liu J.K., Au M.H., Susilo W., Zhou J.: Online/offline ring signature scheme. In: Information and Communications Security. 11th International Conference, ICICS 2009, pp. 80–90, Springer, 2009.
• [24] Liu J.K., Au M.H., Susilo W., Zhou J.: Linkable ring signature with unconditional anonymity, IEEE Transactions on Knowledge and Data Engineering, vol. 26(1), pp. 157–165, 2013.
• [25] Liu J.K., Wei V.K., Wong D.S.: Linkable spontaneous anonymous group signature for ad hoc groups. In: Information Security and Privacy. 9th Australasian Conference, ACISP 2004, Sydney, Australia, July 13–15, 2004, Proceedings, pp. 325–335, Springer, 2004.
• [26] Liu X., Zhang M., Zheng Y., Yang Y.: A linkable Ring Signature Electronic Cash Scheme Based on Blockchain. In: 2020 3rd International Conference on Smart BlockChain (SmartBlock), pp. 1–4, 2020. doi: 10.1109/ SmartBlock52591.2020.00037.
• [27] Luu L., Chu D., Olickel H., Saxena P., Hobor A.: Making smart contracts smarter. In: CCS’16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 254–269, 2016.
• [28] Malina L., Hajny J., Dzurenda P., Ricci S.: Lightweight Ring Signatures for Decentralized Privacy-preserving Transactions. In: ICETE (2), pp. 692–697, 2018.
• [29] Mao X., You L., Cao C., Hu G., Hu L.: Linkable Ring Signature Scheme Using Biometric Cryptosystem and NIZK and Its Application, Security and Communication Networks, vol. 2021, pp. 1–14, 2021. doi: 10.1155/2021/7266564.
• [30] Meiklejohn S., Mercer R.: Mobius: Trustless tumbling for transaction privacy, Proceedings on Privacy Enhancing Technologies, vol. 2018(2), pp. 105–121, 2018. doi: 10.1515/popets-2018-0015.
• [31] Moser M., Bohme R.: Anonymous Alone? Measuring Bitcoin’s SecondGeneration Anonymization Techniques. In: 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 32–41, 2017. doi: 10.1109/ EuroSPW.2017.48.
• [32] Motamed A.P., Bahrak B.: Quantitative analysis of cryptocurrencies transaction graph, Applied Network Science, vol. 4, 2019. doi: 10.1007/s41109-019-0249-6.
• [33] Nakamoto S.: Bitcoin: A Peer-to-Peer Electronic Cash System. Whitepaper, 2009.
• [34] Nassurdine M., Zhang H., Zhang F.: Identity Based Linkable Ring Signature with Logarithmic Size. In: Y. Yu, M. Yung (eds.), Information Security and Cryptology. 17th International Conference, Inscrypt 2021, Virtual Event, August 12–14, 2021, Revised Selected Papers, pp. 42–60, Springer, 2021. doi: 10.1007/ 978-3-030-88323-2 3.
• [35] Nechvatal J., Barker E., Bassham L., Burr W., Dworkin M., Foti J., Roback E.: Report on the Development of the Advanced Encryption Standard (AES), Journal of Research (NIST JRES), vol. 3(106), 2001. https://www.nist.gov/ publications/report-development-advanced-encryption-standard-aes.
• [36] Noether S., Mackenzie A., Lab T.: Ring Confidential Transactions, Ledger, vol. 1, pp. 1–18, 2016. doi: 10.5195/LEDGER.2016.34.
• [37] Qin M.J., Zhao Y.L., Ma Z.J.: Practical constant-size ring signature, Journal of Computer Science and Technology, vol. 33(3), pp. 533–541, 2018.
• [38] Ren Y., Guan H., Zhao Q.: An efficient lattice-based linkable ring signature scheme with scalability to multiple layer, Journal of Ambient Intelligence and Humanized Computing, pp. 1547–1556, 2022.
• [39] Ren Y., Zhao Q., Guan H., Lin Z.: On Design of Single-Layer and Multilayer Code-Based Linkable Ring Signatures, IEEE Access, vol. 8, pp. 17854–17862, 2020. doi: 10.1109/ACCESS.2020.2967789.
• [40] Schnorr C.P.: Efficient signature generation by smart cards, Journal of Cryptology, vol. 4(3), pp. 161–174, 1991.
• [41] Sultan K., Ruhi U., Lakhani R.: Conceptualizing blockchains: characteristics & applications, arXiv preprint arXiv:180603693, 2018.
• [42] Wang D., Zhao J., Wang Y.: A Survey on Privacy Protection of Blockchain: The Technology and Application, IEEE Access, vol. 8, pp. 108766–108781, 2020.
• [43] Wang H., Zhao S.: Cryptanalysis of Several Linkable Ring Signature Schemes. In: 2010 Second International Conference on Networks Security, Wireless Communications and Trusted Computing, vol. 1, pp. 302–305, 2010. doi: 10.1109/ NSWCTC.2010.76.
• [44] Wang L., Shen X., Li J., Shao J., Yang Y.: Cryptographic primitives in blockchains, Journal of Network and Computer Applications, vol. 127, 2018. doi: 10.1016/j.jnca.2018.11.003.
• [45] Williamson Z.J.: The Aztec protocol. https://github.com/AztecProtocol/ AZTEC/blob/master/AZTEC.pdf. Accessed on 2 July 2021.
• [46] Williamson Z.J.: The Aztec protocol, 2018. https://github.com/AztecProtocol/ AZTEC.
• [47] Wood G.: Ethereum: A secure decentralised generalised transaction ledger, Ethereum Project Yellow Paper, vol. 151(2014), pp. 1–32, 2014.
• [48] Yang X., Wu W., Liu J.K., Chen X.: Lightweight anonymous authentication for ad hoc group: A ring signature approach. In: Provable Security. 9th International Conference, ProvSec 2015, Kanazawa, Japan, November 24–26, 2015, Proceedings, pp. 215–226, Springer, 2015.
• [49] Yuen T.H., Liu J.K., Au M.H., Susilo W., Zhou J.: Efficient linkable and/or threshold ring signature without random oracles, The Computer Journal, vol. 56(4), pp. 407–421, 2013.
• [50] Zhang F., Kim K.: ID-based blind signature and ring signature from pairings. In: Advances in Cryptology – ASIACRYPT 2002. 8th International Conference on the Theory and Application of Cryptology and Information Security, Queenstown, New Zealand, December 1–5, 2002, Proceedings, pp. 533–547, Springer, 2002.
• [51] Zhang J., Bai W., Jiang Z.: On the Security of a Practical Constant-Size Ring Signature Scheme, International Journal of Network Security, vol. 22(3), pp. 394–398, 2020.
• [52] Zheng Z., Xie S., Dai H., Chen X., Wang H.: An overview of blockchain technology: Architecture, consensus, and future trends. In: 2017 IEEE International Congress on Big Data (BigData congress), pp. 557–564, 2017.

Uwagi

PL

Opracowanie rekordu ze środków MEiN, umowa nr SONP/SP/546092/2022 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2022-2023).