计算机科学 ›› 2021, Vol. 48 ›› Issue (11): 62-71.doi: 10.11896/jsjkx.210300025
符朕皓, 林定康, 姜皓晨, 颜嘉麒
FU Zhen-hao, LIN Ding-kang, JIANG Hao-chen, YAN Jia-qi
摘要: 近年来,依托于区块链技术的研究取得了重大突破且发展快速,各种数字货币正在不断兴起并涌入市场。大零币作为到目前为止区块链UTXO模型中隐私性最强的币种,其匿名技术除了为用户自身隐私提供了有力保障之外,同样具有很高的科研价值和广泛的应用前景。因此,为了规范数字货币的合法使用,探寻数字货币匿名技术更广泛的应用前景,各界学者也都在大零币匿名与反匿名技术方面进行了不同角度的研究。聚焦于大零币这一新型数字货币,首先介绍了大零币这一币种的大体框架;其次对大零币采用的匿名技术——zk-SNARKs和屏蔽池交易技术进行了梳理;然后总结并分析了目前各界学者在大零币追踪技术方面的研究;最后对大零币匿名技术和追踪技术的发展进行了展望。
中图分类号:
[1]SASSON E B,CHIESA A,GARMAN C,et al.Zerocash:Decentralized anonymous payments from bitcoin[C]//2014 IEEE Symposium on Security and Privacy.IEEE,2014:459-474. [2]GUO S T,WANG R J,ZHANG F L.Summary of Principle and Application of Blockchain[J].Computer Science,2021,48(2):271-281. [3]YUAN Y,WANG F Y.Current Status and Prospects of Blockchain Technology Development[J].Acta Automatica Sinica,2016,42(4):481-494. [4]NAKAMOTO S.Bitcoin:A peer-to-peer electronic cash system[R].Manubot,2019. [5]LI X D,NIU Y K,WEI L B,et al.Overview on Privacy Protection in Bitcoin[J].Journal of Cryptologic Research,2019,6(2):133-149. [6]ZHU L H,GAO F,FENG M,et al.Survey on Privacy Preserving Techniques for Blockchain Technology[J].Journal of Computer Research and Development,2017,54(10):2170-2186. [7]KOSHY P,KOSHY D,MCDANIEL P.An analysis of anonymity in bitcoin using p2p network traffic[C]//International Conference on Financial Cryptography and Data Security.Springer,2014. [8]BIRYUKOV A,KHOVRATOVICH D,PUSTOGAROV I.Dea-nonymisation of clients in Bitcoin P2P network[C]//Procee-dings of the 2014 ACM SIGSAC Conference on Computer and Communications Security.2014. [9]ANDROULAKI E,KARAME G O,ROESCHLIN M,et al.Evaluating user privacy in bitcoin[C]//International Conference on Financial Cryptography and Data Security.Springer,2013. [10]LIAO K,ZHAO Z,DOUPÉ A,et al.Behind closed doors:mea-surement and analysis of CryptoLocker ransoms in Bitcoin[C]//2016 APWG Symposium on Electronic Crime Research(eCrime).IEEE,2016. [11]RON D,SHAMIR A.Quantitative analysis of the full bitcoin transaction graph[C]//International Conference on Financial Cryptography and Data Security.Springer,2013. [12]MEIKLEJOHN S,POMAROLE M,JORDAN G,et al.A fistful of bitcoins:characterizing payments among men with no names[C]//Proceedings of the 2013 Conference on Internet Measurement Conference.2013. [13]HERRERA-JOANCOMARTÍ J.Research and challenges on bit-coin anonymity[M]//Data Privacy Management,Autonomous Spontaneous Security,and Security Assurance.Springer,2014,3-16. [14]BONNEAU J,NARAYANAN A,MILLER A,et al.Mixcoin:Anonymity for bitcoin with accountable mixes[C]//Internatio-nal Conference on Financial Cryptography and Data Security.Springer,2014. [15]KENDLER E A,ZOHAR A,GOLDBERG S.Eclipse Attacks on Bitcoin's Peer-to-Peer Network[C]//24th USENIX Security Symposium (USENIX Security 15).2015. [16]CONTI M,KUMAR E S,LAL C,et al.A survey on security and privacy issues of bitcoin[J].IEEE Communications Surveys &Tutorials.2018,20(4):3416-3452. [17]SCHRIJVERS O,BONNEAU J,BONEH D,et al.Incentivecompatibility of bitcoin mining pool reward functions[C]//International Conference on Financial Cryptography and Data Security.Springer,2016:477-498. [18]GERVAIS A,KARAME G O,WÜST K,et al.On the security and performance of proof of work blockchains[C]//Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security.2016. [19]BIRYUKOV A,TIKHOMIROV S.Security and privacy of mobile wallet users in Bitcoin,Dash,Monero,and Zcash[J].Pervasive and Mobile Computing,2019,59:101030. [20]DELGADO-SEGURA S,PÉREZ-SOLA C,NAVARRO-ARRI-BAS G,et al.Analysis of the bitcoin utxo set[C]//International Conference on Financial Cryptography and Data Security.Springer,2018. [21]DE SANTIS A,MICALI S,PERSIANO G.Non-interactive zero-knowledge proof systems[C]//Conference on the Theory and Application of Cryptographic Techniques.Springer,1987. [22]PILKINGTON M.Blockchain technology:principles and applications[M]//Research Handbook on Digital Transformations.Edward Elgar Publishing,2016. [23]PINTO A M.An Introduction to the Use of zk-SNARKs inBlockchains[M]//Mathematical Research for Blockchain Eco-nomy.Springer,2020:233-249. [24]WAHBY R S,TZIALLA I,SHELAT A,et al.Doubly-efficient zkSNARKs without trusted setup[C]//2018 IEEE Symposium on Security and Privacy (SP).IEEE,2018. [25]BUTERIN V.Quadratic arithmetic programs:from zero to hero[OL].https://medium.com/@VitalikButerin/quadratic …,2016. [26]BEN-SASSON E,CHIESA A,GENKIN D,et al.SNARKs for C:Verifying program executions succinctly and in zero know-ledge[C]//Annual Cryptology Conference.Springer,2013. [27]BANERJEE A,CLEAR M,TEWARI H.Demystifying the Role of zk-SNARKs in Zcash[C]//2020 IEEE Conference on Application,Information and Network Security (AINS).IEEE,2020. [28]BEN-SASSON E,CHIESA A,RIABZEV M,et al.Aurora:Transparent succinct arguments for R1CS[C]//Annual International Conference on the Theory and Applications of Cryptographic Techniques.Springer,2019. [29]BOWE S,GABIZON A,GREEN M D.A multi-party protocolfor constructing the public parameters of the Pinocchio zk-SNARK[C]//International Conference on Financial Cryptography and Data Security.Springer,2018. [30]PETKUS M.Why and how zk-snark works[J].arXiv:1906.07221.2019. [31]MAYER H.zk-SNARK explained:Basic Principles[OL].https://blog.coinfabrik.com/wp-content/uploads/2017/03/zkSNARK-explained_basic_principles.pdf.2016. [32]ZHOU X,TANG X.Research and implementation of RSA algorithm for encryption and decryption[C]//Proceedings of 2011 6th International Forum on Strategic Technology.IEEE,2011. [33]SMART N P.The exact security of ECIES in the generic group model[C]//IMA International Conference on Cryptography and Coding.Springer,2001:73-84. [34]QUESNELLE J.On the linkability of Zcash transactions[J].arXiv:1712.01210,2017. [35]BIRYUKOV A,FEHER D.Privacy and linkability of mining in zcash[C]//2019 IEEE Conference on Communications and Network Security (CNS).IEEE,2019. [36]BIRYUKOV A,FEHER D.Deanonymization of hidden transactions in zcash[OL].https://cryptolux.org/images/d/d9/Zcash.pdf?via=indexdotco. [37]BIRYUKOV A,FEHER D,VITTO G.Privacy aspects and subliminal channels in Zcash[C]//Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security.2019. [38]BRADBURY D.The problem with Bitcoin[J].Computer Fraud &Security,2013,2013(11):5-8. [39] CHAUM D L.Untraceable electronic mail,return addresses,and digital pseudonyms[J].Communications of the ACM,1981,24(2):84-90. [40]DE BALTHASAR T,HERNANDEZ-CASTRO J.An analysis of bitcoin laundry services[C]//Nordic Conference on Secure IT Systems.Springer,2017. [41]STANDAERT F.Introduction to side-channel attacks[M]//Secure Integrated Circuits and Systems.Springer,2010:27-42. [42]KOCHER P,JAFFE J,JUN B.Differential power analysis[C]//Annual International Cryptology Conference.Springer,1999. [43]TRAMÈR F,BONEH D,PATERSON K.Remote side-channel attacks on anonymous transactions[C]//29th {USENIX} Security Symposium ({USENIX} Security 20).2020. [44]TRAMER F,BONEH D,PATERSON K G.PING and RE-JECT:The Impact of Side-Channels on Zcash Privacy[OL].https://crypto.stanford.edu/timings/. [45]BRUMLEY D,BONEH D.Remote timing attacks are practical[J].Computer Networks,2005,48(5):701-716. [46]BRUMLEY B B,TUVERI N.Remote timing attacks are stillpractical[C]//European Symposium on Research in Computer Security.Springer,2011. [47]KAPPOS G,YOUSAF H,MALLER M,et al.An empiricalanalysis of anonymity in zcash[C]//27th {USENIX} Security Symposium ({USENIX} Security 18).2018. [48]SIMMONS G J.The prisoners' problem and the subliminalchannel[C]//Advances in Cryptology.Springer,1984. [49]SIMMONS G J.The subliminal channel and digital signatures[C]//Workshop on the Theory and Application of of Cryptographic Techniques.Springer,1984. [50]ZHANG T,WU Q H,TANG Z X.Bitcoin blockchain based information convert transmission[J].Chinese Journal of Network and Information Security,2021,7(1):84-92. [51]LI T R,CHAMRAJNAGAR A S,FONG X R,et al.Sentiment-based prediction of alternative cryptocurrency price fluctuations using gradient boosting tree model[J].Frontiers in Physics,2019,7:98. [52]AVERIN A,SAMARTSEV A,SACHENKO N.Review ofMethods for Ensuring Anonymity and De-Anonymization in Blockchain[C]//2020 International Conference Quality Ma-nagement,Transport and Information Security,Information Technologies (IT&QM&IS).IEEE,2020. [53]EYAL I,SIRER E G.Majority is not enough:Bitcoin mining is vulnerable[C]//International conference on financial cryptography and data security.Springer,2014. [54]PHILLIP A,CHAN J S,PEIRIS S.A new look at cryptocurrencies[J].Economics Letters,2018,163:6-9. [55]BEN-SASSON E,CHIESA A,TROMER E,et al.Succinct non-interactive zero knowledge for a von Neumann architecture[C]//23rd {USENIX} Secu-rity Symposium ({USENIX} Security 14).2014. [56]LV L T,CUI D W,HEI X H,et al.Three Mechanisms of Key Encryption Algorithm in Network System[J].Computer Engineering,2003(14):114-116. [57]HAN X,YUAN Y,WANG F Y.Security Problems on Block-chain:The State of the Art and Future Trends[J].Acta Automatica Sinica.2019,45(1):206-225. [58]WANG H,SONG X F,KE J M,et al.Blockchain and Privacy Preserving Mechanisms in Cryptocurrency[J].Netinfo Security,2017(7):32-39. |
[1] | 王子凯, 朱健, 张伯钧, 胡凯. 区块链与智能合约并行方法研究与实现 Research and Implementation of Parallel Method in Blockchain and Smart Contract 计算机科学, 2022, 49(9): 312-317. https://doi.org/10.11896/jsjkx.210800102 |
[2] | 周航, 姜河, 赵琰, 解相朋. 适用于各单元共识交易的电力区块链系统优化调度研究 Study on Optimal Scheduling of Power Blockchain System for Consensus Transaction ofEach Unit 计算机科学, 2022, 49(6A): 771-776. https://doi.org/10.11896/jsjkx.210600241 |
[3] | 李博, 向海昀, 张宇翔, 廖浩德. 面向食品溯源场景的PBFT优化算法应用研究 Application Research of PBFT Optimization Algorithm for Food Traceability Scenarios 计算机科学, 2022, 49(6A): 723-728. https://doi.org/10.11896/jsjkx.210800018 |
[4] | 傅丽玉, 陆歌皓, 吴义明, 罗娅玲. 区块链技术的研究及其发展综述 Overview of Research and Development of Blockchain Technology 计算机科学, 2022, 49(6A): 447-461. https://doi.org/10.11896/jsjkx.210600214 |
[5] | 高健博, 张家硕, 李青山, 陈钟. RegLang:一种面向监管的智能合约编程语言 RegLang:A Smart Contract Programming Language for Regulation 计算机科学, 2022, 49(6A): 462-468. https://doi.org/10.11896/jsjkx.210700016 |
[6] | 毛典辉, 黄晖煜, 赵爽. 符合监管合规性的自动合成新闻检测方法研究 Study on Automatic Synthetic News Detection Method Complying with Regulatory Compliance 计算机科学, 2022, 49(6A): 523-530. https://doi.org/10.11896/jsjkx.210300083 |
[7] | 王思明, 谭北海, 余荣. 面向6G可信可靠智能的区块链分片与激励机制 Blockchain Sharding and Incentive Mechanism for 6G Dependable Intelligence 计算机科学, 2022, 49(6): 32-38. https://doi.org/10.11896/jsjkx.220400004 |
[8] | 孙浩, 毛瀚宇, 张岩峰, 于戈, 徐石成, 何光宇. 区块链跨链技术发展及应用 Development and Application of Blockchain Cross-chain Technology 计算机科学, 2022, 49(5): 287-295. https://doi.org/10.11896/jsjkx.210800132 |
[9] | 阳真, 黄松, 郑长友. 基于区块链与改进CP-ABE的众测知识产权保护技术研究 Study on Crowdsourced Testing Intellectual Property Protection Technology Based on Blockchain and Improved CP-ABE 计算机科学, 2022, 49(5): 325-332. https://doi.org/10.11896/jsjkx.210900075 |
[10] | 任畅, 赵洪, 蒋华. 一种量子安全拜占庭容错共识机制 Quantum Secured-Byzantine Fault Tolerance Blockchain Consensus Mechanism 计算机科学, 2022, 49(5): 333-340. https://doi.org/10.11896/jsjkx.210400154 |
[11] | 冯了了, 丁滟, 刘坤林, 马科林, 常俊胜. 区块链BFT共识算法研究进展 Research Advance on BFT Consensus Algorithms 计算机科学, 2022, 49(4): 329-339. https://doi.org/10.11896/jsjkx.210700011 |
[12] | 王鑫, 周泽宝, 余芸, 陈禹旭, 任昊文, 蒋一波, 孙凌云. 一种面向电能量数据的联邦学习可靠性激励机制 Reliable Incentive Mechanism for Federated Learning of Electric Metering Data 计算机科学, 2022, 49(3): 31-38. https://doi.org/10.11896/jsjkx.210700195 |
[13] | 张潆藜, 马佳利, 刘子昂, 刘新, 周睿. 以太坊Solidity智能合约漏洞检测方法综述 Overview of Vulnerability Detection Methods for Ethereum Solidity Smart Contracts 计算机科学, 2022, 49(3): 52-61. https://doi.org/10.11896/jsjkx.210700004 |
[14] | 杨昕宇, 彭长根, 杨辉, 丁红发. 基于演化博弈的理性拜占庭容错共识算法 Rational PBFT Consensus Algorithm with Evolutionary Game 计算机科学, 2022, 49(3): 360-370. https://doi.org/10.11896/jsjkx.210900110 |
[15] | 范家幸, 王志伟. 基于门限环签名的分级匿名表决方案 Hierarchical Anonymous Voting Scheme Based on Threshold Ring Signature 计算机科学, 2022, 49(1): 321-327. https://doi.org/10.11896/jsjkx.201000032 |
|