比特币隐私保护综述

doi:10.13868/j.cnki.jcr.000290

摘要
图/表
参考文献(58)
相关文章 (15)

全文: PDF (1984 KB) HTML (1 KB)
输出: BibTeX | EndNote (RIS)

摘要

比特币是利用区块链技术为支撑, 以去中心化方式实现的密码货币. 其通过使用公钥地址作为假名隐藏用户真实身份达到匿名, 然而全网公开的区块链账本对用户隐私构成了极大威胁, 也引起了学术界的广泛关注. 首先, 从隐私保护角度出发, 研究现有的比特币协议存在的缺陷及可能受到的攻击. 然后从不需要修改现有比特币协议的混币技术、离链支付协议, 和修改现有比特币协议的密码学方案, 如隐蔽地址技术、环签名、零知识证明、同态加密, 两个方向探讨对比特币隐私保护做出的改进. 最后展望比特币及区块链隐私保护研究工作.

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	李旭东
	牛玉坤
	魏凌波
	张驰
	俞能海

关键词 ：比特币, 区块链, 匿名, 隐私保护, 零知识证明

Abstract：

the other is to make some modifications with cryptography techniques such as stealth address, ring signature, zero-knowledge proofs, homomorphic encryption. Finally, challenges and perspectives of privacy protection of Bitcoin and Blockchain are discussed.the other is to make some modifications with cryptography techniques such as stealth address, ring signature, zero-knowledge proofs, homomorphic encryption. Finally, challenges and perspectives of privacy protection of Bitcoin and Blockchain are discussed.

Key words： Bitcoin Blockchain anonymity privacy protection zero-knowledge proofs

收稿日期: 2018-02-27 出版日期: 2018-05-24

基金资助:国家重点研发计划(2017YFB0802200); 国家自然科学基金(61702474)

通讯作者: 李旭东, E-mail: xudongli@mail.ustc.edu.cn

引用本文:

李旭东, 牛玉坤, 魏凌波, 张驰, 俞能海. 比特币隐私保护综述[J]. 密码学报, 2019, 6(2): 133-149.
LI X D, NIU Y K, WEI L B, ZHANG C, YU N H. Overview on Privacy Protection in Bitcoin. Journal of Cryptologic Research, 2019, 6(2): 133-149.

链接本文:

http://www.jcr.cacrnet.org.cn/CN/10.13868/j.cnki.jcr.000290 或 http://www.jcr.cacrnet.org.cn/CN/Y2019/V6/I2/133

[1] NAKAMOTO S. Bitcoin: A peer-to-peer electronic cash system[EB/OL]. http://bitcoin.org/bitcoin.pdf. 2008.
[2] PFITZMANN A, HANSEN M. A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management[OL]. http://dud.inf.tudresden.de/literatur/Anon_Terminology_v0.34.pdf. 2010.
[3] REID F, HARRIGAN M. An analysis of anonymity in the Bitcoin system[C]. In: Proceedings of 2011 IEEE Third International Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third International Conference on Social Computing. IEEE, 2011: 1318–1326. [DOI: 10.1109/PASSAT/SocialCom.2011.79]
[4] AWAN M K, COREST A. Blockchain transaction analysis using dominant sets[C]. In: Computer Information Systems and Industrial Management—CISIM 2017. Springer Cham, 2017: 229–239. [DOI: 10.1007/978-3-319-59105-6_20]
[5] MAESA D D F, MARINA A, RICCI L. Uncovering the Bitcoin Blockchain: An analysis of the full users graph[C]. In: IEEE International Conference on Data Science and Advanced Analytics. IEEE, 2016: 537–546. [DOI: 10.1109/DSAA.2016.52]
[6] MEIKLEJOHN S, POMAROLE M, JORDAN G, et al. A fistful of Bitcoins: Characterizing payments among men with no names[C]. In: Internet Measurement Conference 2013. ACM, 2013: 127–140. [DOI: 10.1145/2504730.25047]
[7] ANDROULAKI E, KARAME G O, ROESCHLIN M, et al. Evaluating user privacy in Bitcoin[C]. In: Financial Cryptography and Data Security—FC 2013. Springer Berlin Heidelberg, 2013: 34–51. [DOI: 10.1007/978-3-642-39884-1_4]
[8] GOLDFEDER S, KALODNEEER H, REISMAN D, et al. When the cookie meets the Blockchain: Privacy risks of web payments via cryptocurrencies[J]. Proceedings on Privacy Enhancing Technologies, 2018, 2018(4): 179–199. [DOI: 10.1515/popets-2018-0038]
[9] DOUCEUR J R. The Sybil attack[C]. In: Peer-to-Peer Systems—IPTPS 2002. Springer Berlin Heidelberg, 2002: 251–260. [DOI: 10.1007/3-540-45748-8_24]
[10] KAMINSKY D. Black ops of TCP/IP[J]. Black Hat USA, 2011: 44.
[11] KOSHY P, KOSHY D, MCDANIEL P. An analysis of anonymity in Bitcoin using P2P network traffic[C]. In: Financial Cryptography and Data Security—FC 2014. Springer Berlin Heidelberg, 2014: 469–485. [DOI: 10.1007/978-3-662-45472-5_30]
[12] LISCHKE M, FABIAN B. Analyzing the Bitcoin network: The first four years[J]. Future Internet, 2016, 8(4): 7. [DOI: 10.3390/fi8010007]
[13] DINGLEDINE R, MATHEWSON N, SYVERSON P. Tor: The second-generation onion router[C]. In: Proceedings of the 13th Conference on USENIX Security Symposium. USENIX Association, 2004: 303–320.
[14] BIRYUKOV A, KHOVRATOVICH D, PUSTOGAROV I. Deanonymisation of clients in Bitcoin P2P network[C]. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2014: 15–29. [DOI: 10.1145/2660267.2660379]
[15] BIRYUKOV A, PUSTOGAROV I. Bitcoin over Tor isn’t a good idea[C]. In: Proceedings of 2015 IEEE Symposium on Security and Privacy. IEEE, 2015: 122–134. [DOI: 10.1109/SP.2015.15]
[16] KARAME G, AUDROULAKI E. Bitcoin and Blockchain Security[M]. Artech House, 2016: 93–97.
[17] WOOD A D, STANKOVIC J A. Denial of service in sensor networks[J]. Computer, 2002, 35(10): 54–62. [DOI: 10.1109/mc.2002.1039518]
[18] BOJJA V S, FANTI G, VISWANATH P. Dandelion: Redesigning the Bitcoin network for anonymity[OL]. https://arxiv.org/abs/1701.04439v1. [DOI: 10.1145/1235]
[19] FRANCO P. Understanding Bitcoin: Cryptography, Engineering and Economics[M]. John Wiley & Sons, 2014: 123–142.
[20] TENG J K, WU C K. An identity-based group key agreement protocol for low power mobile devices[J]. Chinese Journal of Electronics, 2016, 25(4): 726–733. [DOI: 10.1049/cje.2016.06.038]
[21] SINGH S, SHARMA P K, MOON S Y, et al. Advanced lightweight encryption algorithms for IoT devices: Survey, challenges and solutions[J]. Journal of Ambient Intelligence and Humanized Computing, 2017: 1–18. [DOI: 10.1007/s12652-017-0494-4]
[22] HEARN M, SCHILDBACH A. BitcoinJ[EB/OL]. https://bitcoinj.github.io.[23] BLOOM B H. Space/time trade-offs in Hash coding with allowable errors[J]. Communications of the ACM, 1970, 13(7): 422–426. [DOI: 10.1145/362686.362692]
[24] GERVAIS A, CAPKUN S, KARAME G O, et al. On the privacy provisions of bloom filters in lightweight Bitcoin clients[C]. In: Proceedings of the 30th Annual Computer Security Applications Conference. ACM, 2014: 326–335. [DOI: 10.1145/2664243.2664267]
[25] BONNEAU J, NARAYANAN A, MILLER A, et al. Mixcoin: Anonymity for Bitcoin with accountable mixes[C]. In: Financial Cryptography and Data Security—FC 2014. Springer Berlin Heidelberg, 2014: 486–504. [DOI: 10.1007/978-3-662-45472-5_31]
[26] VALENTA L, ROWAN B. Blindcoin: Blinded, accountable mixes for Bitcoin[C]. In: Financial Cryptography and Data Security—FC 2015. Springer Berlin Heidelberg, 2015: 112–126. [DOI: 10.1007/978-3-662-48051-9_9]
[27] WU W D. Bitcoin mix system design based on blind signature[D]. Shenzhen University, 2015. [DOI: CNKI:CDMD:2.1015.412641]
吴文栋. 基于盲签名技术的比特币混币系统设计与实现[D]. 深圳大学, 2015. [DOI: CNKI:CDMD:2.1015.412641]
[28] SHENTU Q C, YU J P. A blind-mixing scheme for Bitcoin based on an elliptic curve cryptography blind digital signature algorithm[OL]. arXiv:1510.05833. https://arxiv.org/ftp/arxiv/papers/1510/1510.05833.pdf. 2015.
[29] MAXWELL G. CoinJoin: Bitcoin privacy for the real world[EB/OL]. https://bitcointalk.org/index.php?topic=279249. 2013.
[30] BARBER S, BOYEN X, SHI E, et al. Bitter to better—How to make Bitcoin a better currency[C]. In: Financial Cryptography and Data Security—FC 2012. Springer Berlin Heidelberg, 2012: 399–414. [DOI: 10.1007/978-3-642-32946-3_29]
[31] MAXWELL G. CoinSwap: Transaction graph disjoint trustless trading[EB/OL]. https://bitcointalk.org/index.php?topic=321228.0. 2013.
[32] BISSIAS G, OZISIK A P, LEVINE B N, et al. Sybil-resistant mixing for Bitcoin[C]. In: The Workshop on Privacy in the Electronic Society. ACM, 2014: 149–158. [DOI: 10.1145/2665943.2665955]
[33] RUFFING T, MORENO-SANCHEZ P, KATE A. CoinShuffle: Practical decentralized coin mixing for Bitcoin[C]. In: Computer Security—ESORICS 2014, Part II. Springer Cham, 2014: 345–364. [DOI: 10.1007/978-3-319-11212-1_20]
[34] HEILMAN E, ALSHENIBR L, BALDIMTSI F, et al. TumbleBit: An untrusted Bitcoin-compatible anonymous payment hub[C]. In: 2017 Network and Distributed System Security Symposium. San Diego, CA, USA, 2017. [DOI: 10.14722/ndss.2017.23086]
[35] ZIEGELDORF J H, GROSSMANN F, HENZE M, et al. CoinParty: Secure multi-party mixing of Bitcoins[C]. In: Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. ACM, 2015: 75–86. [DOI: 10.1145/2699026.2699100]
[36] DANEZIS G, SERJANTOV A. Statistical disclosure or intersection attacks on anonymity systems[C]. In: Information Hiding—IH 2004. Springer Berlin Heidelberg, 2004: 293–308. [DOI: 10.1007/978-3-540-30114-1_21]
[37] GEISLER M, NIELSEN J B. Asynchronous multiparty computation: Theory and implementation[C]. In: Public Key Cryptography—PKC 2009. Springer Berlin Heidelberg, 2009: 160–179. [DOI: 10.1007/978-3-642-00468-1_10]
[38] POON J, DRYJA T. The Bitcoin lightning network: Scalable off-chain instant payments[EB/OL]. https://lightning.network/lightning-network-paper.pdf. 2015.
[39] DECKER C, WATTENHOFER R. A fast and scalable payment network with Bitcoin duplex micropayment channels[C]. In: Stabilization, Safety, and Security of Distributed Systems—SSS 2015. Springer Cham, 2015: 3–18. [DOI: 10.1007/978-3-319-21741-3_1]
[40] MILLER A, BENTOV I, KUMARESAN R, et al. Sprites: Payment channels that go faster than lightning[OL]. https://arxiv.org/abs/1702.05812v1, 2017.
[41] GREEN M, MIERS I. Bolt: Anonymous payment channels for decentralized currencies[C]. In: 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2017: 473–489. [DOI: 10.1145/3133956.3134093]
[42] TODD P. Stealth addresses[EB/OL]. 2014. https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2014-January/004020.html
[43] SABERHAGEN N V. CryptoNote v 2.0[R/OL]. https://cryptonote.org/whitepaper.pdf. 2013.
[44] RIVEST R, SHAMIR A, TAUMAN Y. How to leak a secret[C]. In: Advances in Cryptology—ASIACRYPT 2001. Springer Berlin Heidelberg, 2001: 552–565. [DOI: 10.1007/3-540-45682-1_32]
[45] NOETHER S, MACKENZIE A. Ring confidential transactions[J]. Ledger, 2016, 1: 1–18. [DOI: 10.5195/LEDGER.2016.34]
[46] WOOD G. Ethereum: A secure decentralised generalised transaction ledger[EB/OL]. https://gavwood.com/paper.pdf. 2014.[47] GOLDWASSER S, MICALI S, RACKOFF C. The knowledge complexity of interactive proof-systems[C]. In: Proceedings of the Seventeenth Annual ACM Symposium on Theory of Computing. ACM, 1985: 291–304. [DOI:10.1145/22145.22178]
[48] MIERS I, GARMAN C, GREEN M, et al. Zerocoin: Anonymous distributed E-cash from Bitcoin[C]. In: 2013 IEEE Symposium on Security and Privacy. IEEE, 2013: 397–411. [DOI: 10.1109/SP.2013.34]
[49] SASSON E B, CHIESA A, GARMAN C, et al. Zerocash: Decentralized anonymous payments from Bitcoin[C]. In: 2014 IEEE Symposium on Security and Privacy. IEEE, 2014: 459–474. [DOI: 10.1109/SP.2014.36]
[50] RIVEST R L, ADLEMAN L, DERTOUZOS M L. On data banks and privacy homomorphisms[J]. Foundations of Secure Computation, 1978, 4(11): 169–180.
[51] FRAN?A B F. Privacy and pruning in the mini-blockchain[EB/OL]. https://cryptonite.info/files/Anonymity_account_tree.pdf. 2014.
[52] BRUCE J D. The mini-blockchain scheme[EB/OL]. https://cryptonite.info/files/mbc-scheme-rev3.pdf. 2017.
[53] FRAN?A B F. Homomorphic mini-blockchain scheme[EB/OL]. http://cryptonite.info/files/HMBC.pdf. 2015.
[54] MAXWELL G. Confidential transactions[EB/OL]. https://people.xiph.org/greg/confidential_values.txt. 2015.
[55] PEDERSEN T P. Non-interactive and information-theoretic secure verifiable secret sharing[C]. In: Advances in Cryptology—CRYPTO’91. Springer Berlin Heidelberg, 1991: 129–140. [DOI: 10.1007/3-540-46766-1_9]
[56] LIANG X B, LI Q L, YIN K T, et al. A Blockchain privacy protection method based on additive homomorphic encryption[P]. China. CN106549749A. 2017-03-29.
梁秀波, 李启雷, 尹可挺, 等. 一种基于加法同态加密的区块链隐私保护方法[P]. 中国. CN106549749A. 2017-03-29.
[57] WANG Q, QIN B, HU J, et al. Preserving transaction privacy in Bitcoin[J]. Future Generation Computer Systems, 2017, In Press. [DOI: 10.1016/j.future.2017.08.026]
[58] PAILLIER P. Public-key cryptosystems based on composite degree residuosity classes[C]. In: Advances in Cryptology—EUROCRYPT’99. Springer Berlin Heidelberg, 1999: 223–238. [DOI: 10.1007/3-540-48910-X_16]