Authors | P. Fauzi, S. Meiklejohn, R. Mercer and C. Orlandi |
Editors | S. D. Galbraith and S. Moriai |
Title | Quisquis: A New Design for Anonymous Cryptocurrencies |
Afilliation | Cryptography |
Project(s) | Simula UiB |
Status | Published |
Publication Type | Proceedings, refereed |
Year of Publication | 2019 |
Conference Name | Advances in Cryptology – ASIACRYPT 2019 |
Volume | 11921 |
Pagination | 649 - 678 |
Publisher | Springer International Publishing |
Place Published | Cham |
ISBN Number | 978-3-030-34577-8 |
ISSN Number | 0302-9743 |
Keywords | cryptocurrencies, cryptographic protocols / anonymity, Zero knowledge |
Abstract | Despite their usage of pseudonyms rather than persistent identifiers, most existing cryptocurrencies do not provide users with any meaningful levels of privacy. This has prompted the creation of privacy-enhanced cryptocurrencies such as Monero and Zcash, which are specifically designed to counteract the tracking analysis possible in currencies like Bitcoin. These cryptocurrencies, however, also suffer from some drawbacks: in both Monero and Zcash, the set of potential unspent coins is always growing, which means users cannot store a concise representation of the blockchain. Additionally, Zcash requires a common reference string and the fact that addresses are reused multiple times in Monero has led to attacks to its anonymity. In this paper we propose a new design for anonymous cryptocurrencies, Quisquis, that achieves provably secure notions of anonymity. Quisquis stores a relatively small amount of data, does not require trusted setup, and in Quisquis each address appears on the blockchain at most twice: once when it is generated as output of a transaction, and once when it is spent as input to a transaction. Our result is achieved by combining a DDH-based tool (that we call updatable keys) with efficient zero-knowledge arguments. |
URL | https://link.springer.com/chapter/10.1007%2F978-3-030-34578-5_23 |
DOI | 10.1007/978-3-030-34578-5_23 |
Citation Key | 27143 |