【Author】
Jia, Yanxue; Sun, Shi-Feng; Zhang, Yuncong; Zhang, Qingzhao; Ding, Ning; Liu, Zhiqiang; Liu, Joseph K.; Gu, Dawu
【Source】IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
【Abstract】Ring confidential transaction (RingCT) protocol is widely used in cryptocurrency to protect the privacy of both users' identities and transaction amounts. Most recently, a new RingCT protocol (called RingCT 2.0) was proposed by leveraging cryptographic accumulators, which can achieve a constant-size output theoretically but still far from being practical due to the heavy zero-knowledge associated with the accumulator. In this article, we revisit the design of ring confidential transaction protocol and put forward a more efficient privacy-preserving payment protocol, which is built upon an extended version of one-out-of-many proof and a special multi-signature. Compared with previous works, the new protocol is not only more practical, but also does not suffer from a trusted setup. Besides, we show that the protocol satisfies the security requirements provided that the underlying cryptographic primitives are secure in the random oracle model. We implement our new payment protocol in Java, and the experimental results show that it is efficient enough to be used in practice.
【Keywords】Blockchain; payment protocol; confidential transaction; zero-knowledge proof
【标题】PBT:一种新的区块链交易隐私保护支付协议
【摘要】环签保密交易(RingCT)协议被广泛用于加密货币,以保护用户的身份和交易金额的隐私。最近,一种新的RingCT协议(称为RingCT 2.0)被提出来,利用加密累积器,理论上可以实现恒定大小的输出,但由于与累积器相关的沉重的零知识,仍然远未实用。在这篇文章中,我们重新审视了环签保密交易协议的设计,并提出了一个更有效的保护隐私的支付协议,该协议建立在一对多证明的扩展版本和一个特殊的多重签名之上。与以前的工作相比,新协议不仅更加实用,而且不存在可信设置的问题。此外,我们表明该协议满足安全要求,前提是底层密码原语在随机预言模型中是安全的。我们在Java中实现了我们的新支付协议,实验结果表明,它的效率足以在实践中使用。
评论