LI Xu-Dong1,2, NIU Yu-Kun1, WEI Ling-Bo1,2, ZHANG Chi1, YU Neng-Hai1
1. CAS Key Laboratory of Electromagnetic Space Information, University of Science and Technology of China, Hefei 230027, China
2. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China
the other is to make some modifications with cryptography techniques such as stealth address, ring signature, zero-knowledge proofs, homomorphic encryption. Finally, challenges and perspectives of privacy protection of Bitcoin and Blockchain are discussed.the other is to make some modifications with cryptography techniques such as stealth address, ring signature, zero-knowledge proofs, homomorphic encryption. Finally, challenges and perspectives of privacy protection of Bitcoin and Blockchain are discussed.
李旭东, 牛玉坤, 魏凌波, 张驰, 俞能海. 比特币隐私保护综述[J]. 密码学报, 2019, 6(2): 133-149.
LI X D, NIU Y K, WEI L B, ZHANG C, YU N H. Overview on Privacy Protection in Bitcoin. Journal of Cryptologic Research, 2019, 6(2): 133-149.
[1] NAKAMOTO S. Bitcoin: A peer-to-peer electronic cash system[EB/OL]. http://bitcoin.org/bitcoin.pdf. 2008.
[2] PFITZMANN A, HANSEN M. A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management[OL]. http://dud.inf.tudresden.de/literatur/Anon_Terminology_v0.34.pdf. 2010.
[3] REID F, HARRIGAN M. An analysis of anonymity in the Bitcoin system[C]. In: Proceedings of 2011 IEEE Third International Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third International Conference on Social Computing. IEEE, 2011: 1318–1326. [DOI: 10.1109/PASSAT/SocialCom.2011.79]
[4] AWAN M K, COREST A. Blockchain transaction analysis using dominant sets[C]. In: Computer Information Systems and Industrial Management—CISIM 2017. Springer Cham, 2017: 229–239. [DOI: 10.1007/978-3-319-59105-6_20]
[5] MAESA D D F, MARINA A, RICCI L. Uncovering the Bitcoin Blockchain: An analysis of the full users graph[C]. In: IEEE International Conference on Data Science and Advanced Analytics. IEEE, 2016: 537–546. [DOI: 10.1109/DSAA.2016.52]
[6] MEIKLEJOHN S, POMAROLE M, JORDAN G, et al. A fistful of Bitcoins: Characterizing payments among men with no names[C]. In: Internet Measurement Conference 2013. ACM, 2013: 127–140. [DOI: 10.1145/2504730.25047]
[7] ANDROULAKI E, KARAME G O, ROESCHLIN M, et al. Evaluating user privacy in Bitcoin[C]. In: Financial Cryptography and Data Security—FC 2013. Springer Berlin Heidelberg, 2013: 34–51. [DOI: 10.1007/978-3-642-39884-1_4]
[8] GOLDFEDER S, KALODNEEER H, REISMAN D, et al. When the cookie meets the Blockchain: Privacy risks of web payments via cryptocurrencies[J]. Proceedings on Privacy Enhancing Technologies, 2018, 2018(4): 179–199. [DOI: 10.1515/popets-2018-0038]
[9] DOUCEUR J R. The Sybil attack[C]. In: Peer-to-Peer Systems—IPTPS 2002. Springer Berlin Heidelberg, 2002: 251–260. [DOI: 10.1007/3-540-45748-8_24]
[10] KAMINSKY D. Black ops of TCP/IP[J]. Black Hat USA, 2011: 44.
[11] KOSHY P, KOSHY D, MCDANIEL P. An analysis of anonymity in Bitcoin using P2P network traffic[C]. In: Financial Cryptography and Data Security—FC 2014. Springer Berlin Heidelberg, 2014: 469–485. [DOI: 10.1007/978-3-662-45472-5_30]
[12] LISCHKE M, FABIAN B. Analyzing the Bitcoin network: The first four years[J]. Future Internet, 2016, 8(4): 7. [DOI: 10.3390/fi8010007]
[13] DINGLEDINE R, MATHEWSON N, SYVERSON P. Tor: The second-generation onion router[C]. In: Proceedings of the 13th Conference on USENIX Security Symposium. USENIX Association, 2004: 303–320.
[14] BIRYUKOV A, KHOVRATOVICH D, PUSTOGAROV I. Deanonymisation of clients in Bitcoin P2P network[C]. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2014: 15–29. [DOI: 10.1145/2660267.2660379]
[15] BIRYUKOV A, PUSTOGAROV I. Bitcoin over Tor isn’t a good idea[C]. In: Proceedings of 2015 IEEE Symposium on Security and Privacy. IEEE, 2015: 122–134. [DOI: 10.1109/SP.2015.15]
[16] KARAME G, AUDROULAKI E. Bitcoin and Blockchain Security[M]. Artech House, 2016: 93–97.
[17] WOOD A D, STANKOVIC J A. Denial of service in sensor networks[J]. Computer, 2002, 35(10): 54–62. [DOI: 10.1109/mc.2002.1039518]
[18] BOJJA V S, FANTI G, VISWANATH P. Dandelion: Redesigning the Bitcoin network for anonymity[OL]. https://arxiv.org/abs/1701.04439v1. [DOI: 10.1145/1235]
[19] FRANCO P. Understanding Bitcoin: Cryptography, Engineering and Economics[M]. John Wiley & Sons, 2014: 123–142.
[20] TENG J K, WU C K. An identity-based group key agreement protocol for low power mobile devices[J]. Chinese Journal of Electronics, 2016, 25(4): 726–733. [DOI: 10.1049/cje.2016.06.038]
[21] SINGH S, SHARMA P K, MOON S Y, et al. Advanced lightweight encryption algorithms for IoT devices: Survey, challenges and solutions[J]. Journal of Ambient Intelligence and Humanized Computing, 2017: 1–18. [DOI: 10.1007/s12652-017-0494-4]
[22] HEARN M, SCHILDBACH A. BitcoinJ[EB/OL]. https://bitcoinj.github.io.[23] BLOOM B H. Space/time trade-offs in Hash coding with allowable errors[J]. Communications of the ACM, 1970, 13(7): 422–426. [DOI: 10.1145/362686.362692]
[24] GERVAIS A, CAPKUN S, KARAME G O, et al. On the privacy provisions of bloom filters in lightweight Bitcoin clients[C]. In: Proceedings of the 30th Annual Computer Security Applications Conference. ACM, 2014: 326–335. [DOI: 10.1145/2664243.2664267]
[25] BONNEAU J, NARAYANAN A, MILLER A, et al. Mixcoin: Anonymity for Bitcoin with accountable mixes[C]. In: Financial Cryptography and Data Security—FC 2014. Springer Berlin Heidelberg, 2014: 486–504. [DOI: 10.1007/978-3-662-45472-5_31]
[26] VALENTA L, ROWAN B. Blindcoin: Blinded, accountable mixes for Bitcoin[C]. In: Financial Cryptography and Data Security—FC 2015. Springer Berlin Heidelberg, 2015: 112–126. [DOI: 10.1007/978-3-662-48051-9_9]
[27] WU W D. Bitcoin mix system design based on blind signature[D]. Shenzhen University, 2015. [DOI: CNKI:CDMD:2.1015.412641]
吴文栋. 基于盲签名技术的比特币混币系统设计与实现[D]. 深圳大学, 2015. [DOI: CNKI:CDMD:2.1015.412641]
[28] SHENTU Q C, YU J P. A blind-mixing scheme for Bitcoin based on an elliptic curve cryptography blind digital signature algorithm[OL]. arXiv:1510.05833. https://arxiv.org/ftp/arxiv/papers/1510/1510.05833.pdf. 2015.
[29] MAXWELL G. CoinJoin: Bitcoin privacy for the real world[EB/OL]. https://bitcointalk.org/index.php?topic=279249. 2013.
[30] BARBER S, BOYEN X, SHI E, et al. Bitter to better—How to make Bitcoin a better currency[C]. In: Financial Cryptography and Data Security—FC 2012. Springer Berlin Heidelberg, 2012: 399–414. [DOI: 10.1007/978-3-642-32946-3_29]
[31] MAXWELL G. CoinSwap: Transaction graph disjoint trustless trading[EB/OL]. https://bitcointalk.org/index.php?topic=321228.0. 2013.
[32] BISSIAS G, OZISIK A P, LEVINE B N, et al. Sybil-resistant mixing for Bitcoin[C]. In: The Workshop on Privacy in the Electronic Society. ACM, 2014: 149–158. [DOI: 10.1145/2665943.2665955]
[33] RUFFING T, MORENO-SANCHEZ P, KATE A. CoinShuffle: Practical decentralized coin mixing for Bitcoin[C]. In: Computer Security—ESORICS 2014, Part II. Springer Cham, 2014: 345–364. [DOI: 10.1007/978-3-319-11212-1_20]
[34] HEILMAN E, ALSHENIBR L, BALDIMTSI F, et al. TumbleBit: An untrusted Bitcoin-compatible anonymous payment hub[C]. In: 2017 Network and Distributed System Security Symposium. San Diego, CA, USA, 2017. [DOI: 10.14722/ndss.2017.23086]
[35] ZIEGELDORF J H, GROSSMANN F, HENZE M, et al. CoinParty: Secure multi-party mixing of Bitcoins[C]. In: Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. ACM, 2015: 75–86. [DOI: 10.1145/2699026.2699100]
[36] DANEZIS G, SERJANTOV A. Statistical disclosure or intersection attacks on anonymity systems[C]. In: Information Hiding—IH 2004. Springer Berlin Heidelberg, 2004: 293–308. [DOI: 10.1007/978-3-540-30114-1_21]
[37] GEISLER M, NIELSEN J B. Asynchronous multiparty computation: Theory and implementation[C]. In: Public Key Cryptography—PKC 2009. Springer Berlin Heidelberg, 2009: 160–179. [DOI: 10.1007/978-3-642-00468-1_10]
[38] POON J, DRYJA T. The Bitcoin lightning network: Scalable off-chain instant payments[EB/OL]. https://lightning.network/lightning-network-paper.pdf. 2015.
[39] DECKER C, WATTENHOFER R. A fast and scalable payment network with Bitcoin duplex micropayment channels[C]. In: Stabilization, Safety, and Security of Distributed Systems—SSS 2015. Springer Cham, 2015: 3–18. [DOI: 10.1007/978-3-319-21741-3_1]
[40] MILLER A, BENTOV I, KUMARESAN R, et al. Sprites: Payment channels that go faster than lightning[OL]. https://arxiv.org/abs/1702.05812v1, 2017.
[41] GREEN M, MIERS I. Bolt: Anonymous payment channels for decentralized currencies[C]. In: 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2017: 473–489. [DOI: 10.1145/3133956.3134093]
[42] TODD P. Stealth addresses[EB/OL]. 2014. https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2014-January/004020.html
[43] SABERHAGEN N V. CryptoNote v 2.0[R/OL]. https://cryptonote.org/whitepaper.pdf. 2013.
[44] RIVEST R, SHAMIR A, TAUMAN Y. How to leak a secret[C]. In: Advances in Cryptology—ASIACRYPT 2001. Springer Berlin Heidelberg, 2001: 552–565. [DOI: 10.1007/3-540-45682-1_32]
[45] NOETHER S, MACKENZIE A. Ring confidential transactions[J]. Ledger, 2016, 1: 1–18. [DOI: 10.5195/LEDGER.2016.34]
[46] WOOD G. Ethereum: A secure decentralised generalised transaction ledger[EB/OL]. https://gavwood.com/paper.pdf. 2014.[47] GOLDWASSER S, MICALI S, RACKOFF C. The knowledge complexity of interactive proof-systems[C]. In: Proceedings of the Seventeenth Annual ACM Symposium on Theory of Computing. ACM, 1985: 291–304. [DOI:10.1145/22145.22178]
[48] MIERS I, GARMAN C, GREEN M, et al. Zerocoin: Anonymous distributed E-cash from Bitcoin[C]. In: 2013 IEEE Symposium on Security and Privacy. IEEE, 2013: 397–411. [DOI: 10.1109/SP.2013.34]
[49] SASSON E B, CHIESA A, GARMAN C, et al. Zerocash: Decentralized anonymous payments from Bitcoin[C]. In: 2014 IEEE Symposium on Security and Privacy. IEEE, 2014: 459–474. [DOI: 10.1109/SP.2014.36]
[50] RIVEST R L, ADLEMAN L, DERTOUZOS M L. On data banks and privacy homomorphisms[J]. Foundations of Secure Computation, 1978, 4(11): 169–180.
[51] FRAN?A B F. Privacy and pruning in the mini-blockchain[EB/OL]. https://cryptonite.info/files/Anonymity_account_tree.pdf. 2014.
[52] BRUCE J D. The mini-blockchain scheme[EB/OL]. https://cryptonite.info/files/mbc-scheme-rev3.pdf. 2017.
[53] FRAN?A B F. Homomorphic mini-blockchain scheme[EB/OL]. http://cryptonite.info/files/HMBC.pdf. 2015.
[54] MAXWELL G. Confidential transactions[EB/OL]. https://people.xiph.org/greg/confidential_values.txt. 2015.
[55] PEDERSEN T P. Non-interactive and information-theoretic secure verifiable secret sharing[C]. In: Advances in Cryptology—CRYPTO’91. Springer Berlin Heidelberg, 1991: 129–140. [DOI: 10.1007/3-540-46766-1_9]
[56] LIANG X B, LI Q L, YIN K T, et al. A Blockchain privacy protection method based on additive homomorphic encryption[P]. China. CN106549749A. 2017-03-29.
梁秀波, 李启雷, 尹可挺, 等. 一种基于加法同态加密的区块链隐私保护方法[P]. 中国. CN106549749A. 2017-03-29.
[57] WANG Q, QIN B, HU J, et al. Preserving transaction privacy in Bitcoin[J]. Future Generation Computer Systems, 2017, In Press. [DOI: 10.1016/j.future.2017.08.026]
[58] PAILLIER P. Public-key cryptosystems based on composite degree residuosity classes[C]. In: Advances in Cryptology—EUROCRYPT’99. Springer Berlin Heidelberg, 1999: 223–238. [DOI: 10.1007/3-540-48910-X_16]