PGC: Decentralized Confidential Payment System with Auditability

被引:25
作者
Chen, Yu [1 ,2 ,3 ,4 ]
Ma, Xuecheng [5 ,6 ]
Tang, Cong [7 ]
Au, Man Ho [8 ]
机构
[1] Shandong Univ, Sch Cyber Sci & Technol, Qingdao 266237, Peoples R China
[2] State Key Lab Cryptol, POB 5159, Beijing 100878, Peoples R China
[3] Shandong Univ, Key Lab Cryptol Technol & Informat Secur, Minist Educ, Qingdao 266237, Peoples R China
[4] Shandong Inst Blockchain, Jinan, Peoples R China
[5] Chinese Acad Sci, Inst Informat Engn, State Key Lab Informat Secur, Beijing 100093, Peoples R China
[6] Univ Chinese Acad Sci, Sch Cyber Secur, Beijing 100049, Peoples R China
[7] Beijing Temi Co Ltd, Pgc Info, Beijing, Peoples R China
[8] Univ Hong Kong, Dept Comp Sci, Pok Fu Lam, Peoples R China
来源
COMPUTER SECURITY - ESORICS 2020, PT I | 2020年 / 12308卷
基金
中国国家自然科学基金;
关键词
Cryptocurrencies; Decentralized payment system; Confidential transactions; Auditable; Twisted ElGamal; SECURE;
D O I
10.1007/978-3-030-58951-6_29
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Many existing cryptocurrencies fail to provide transaction anonymity and confidentiality. As the privacy concerns grow, a number of works have sought to enhance privacy by leveraging cryptographic tools. Though strong privacy is appealing, it might be abused in some cases. In decentralized payment systems, anonymity poses great challenges to system's auditability, which is a crucial property for scenarios that require regulatory compliance and dispute arbitration guarantee. Aiming for a middle ground between privacy and auditability, we introduce the notion of decentralized confidential payment (DCP) system with auditability. In addition to offering confidentiality, DCP supports privacy-preserving audit in which an external party can specify a set of transactions and then request the participant to prove their compliance with a large class of policies. We present a generic construction of auditable DCP system from integrated signature and encryption scheme and non-interactive zero-knowledge proof systems. We then instantiate our generic construction by carefully designing the underlying building blocks, yielding a standalone cryptocurrency called PGC. In PGC, the setup is transparent, transactions are less than 1.3KB and take under 38ms to generate and 15 ms to verify. At the core of PGC is an additively homomorphic public-key encryption scheme that we newly introduce, twisted ElGamal, which is not only as secure as standard exponential ElGamal, but also friendly to Sigma protocols and Bulletproofs. This enables us to easily devise zero-knowledge proofs for basic correctness of transactions as well as various application-dependent policies in a modular fashion.
引用
收藏
页码:591 / 610
页数:20
相关论文
共 26 条
[1]  
[Anonymous], Zcash: privacy-protecting digital currency
[2]   Deanonymisation of Clients in Bitcoin P2P Network [J].
Biryukov, Alex ;
Khovratovich, Dmitry ;
Pustogarov, Ivan .
CCS'14: PROCEEDINGS OF THE 21ST ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2014, :15-29
[3]   Mixcoin: Anonymity for Bitcoin with Accountable Mixes [J].
Bonneau, Joseph ;
Narayanan, Arvind ;
Miller, Andrew ;
Clark, Jeremy ;
Kroll, Joshua A. ;
Felten, Edward W. .
FINANCIAL CRYPTOGRAPHY AND DATA SECURITY, FC 2014, 2014, 8437 :486-504
[4]   Zether: Towards Privacy in a Smart Contract World [J].
Bunz, Benedikt ;
Agrawal, Shashank ;
Zamani, Mahdi ;
Boneh, Dan .
FINANCIAL CRYPTOGRAPHY AND DATA SECURITY, FC 2020, 2020, 12059 :423-443
[5]   Bulletproofs: Short Proofs for Confidential Transactions and More [J].
Bunz, Benedikt ;
Bootle, Jonathan ;
Boneh, Dan ;
Poelstra, Andrew ;
Wuille, Pieter ;
Maxwell, Greg .
2018 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP), 2018, :315-334
[6]  
Chaum D., 1993, Advances in Cryptology - CRYPTO '92. 12th Annual International Cryptology Conference Proceedings, P89
[7]  
Chen Y., 2019, Report 2019/319
[8]   A secure and optimally efficient multi-authority election scheme [J].
Cramer, R ;
Gennaro, R ;
Schoenmakers, B .
EUROPEAN TRANSACTIONS ON TELECOMMUNICATIONS, 1997, 8 (05) :481-490
[9]  
Dash, ABOUT US
[10]   Quisquis: A New Design for Anonymous Cryptocurrencies [J].
Fauzi, Prastudy ;
Meiklejohn, Sarah ;
Mercer, Rebekah ;
Orlandi, Claudio .
ADVANCES IN CRYPTOLOGY - ASIACRYPT 2019, PT I, 2019, 11921 :649-678