计算机科学 ›› 2021, Vol. 48 ›› Issue (11): 62-71.doi: 10.11896/jsjkx.210300025

• 区块链技术* 上一篇    下一篇

大零币匿名技术及追踪技术综述

符朕皓, 林定康, 姜皓晨, 颜嘉麒   

  1. 南京大学信息管理学院 南京210023
  • 收稿日期:2021-03-02 修回日期:2021-05-23 出版日期:2021-11-15 发布日期:2021-11-10
  • 通讯作者: 颜嘉麒(jiaqiyan@nju.edu.cn)
  • 作者简介:191820045@smail.nju.edu.cn
  • 基金资助:
    国家自然科学基金青年项目(71701091);教育部人文社科青年项目(17YJC870020)

Survey of Anonymous and Tracking Technology in Zerocash

FU Zhen-hao, LIN Ding-kang, JIANG Hao-chen, YAN Jia-qi   

  1. School of Information Management,Nanjing University,Nanjing 210023,China
  • Received:2021-03-02 Revised:2021-05-23 Online:2021-11-15 Published:2021-11-10
  • About author:FU Zhen-hao,born in 2001,postgra-duate.His main research interests include blockchain,digital currency and information system.
    YAN Jia-qi,born in 1983,Ph.D,associate professor,is a member of China Computer Federation.His main research interests include blockchain,information systems,data analysis,and information science.
  • Supported by:
    National Natural Science Foundation of China(71701091) and Ministry of Education of Humanities and Social Science Project(17YJC870020).

摘要: 近年来,依托于区块链技术的研究取得了重大突破且发展快速,各种数字货币正在不断兴起并涌入市场。大零币作为到目前为止区块链UTXO模型中隐私性最强的币种,其匿名技术除了为用户自身隐私提供了有力保障之外,同样具有很高的科研价值和广泛的应用前景。因此,为了规范数字货币的合法使用,探寻数字货币匿名技术更广泛的应用前景,各界学者也都在大零币匿名与反匿名技术方面进行了不同角度的研究。聚焦于大零币这一新型数字货币,首先介绍了大零币这一币种的大体框架;其次对大零币采用的匿名技术——zk-SNARKs和屏蔽池交易技术进行了梳理;然后总结并分析了目前各界学者在大零币追踪技术方面的研究;最后对大零币匿名技术和追踪技术的发展进行了展望。

关键词: 区块链, 大零币, 加密货币, 数字货币, 追踪技术, 匿名技术, 零知识证明, 文献综述

Abstract: In recent years,relying on the research breakthrough and rapid development of blockchain technology,a variety of di-gital currencies are rising and flooding into the market.As the currency with the strongest privacy in the UTXO model of blockchain so far,the anonymity technology of Zcash not only provides a strong guarantee for users' privacy,but also has high scienti-fic research value and a wide range of application prospects.Therefore,in order to standardize the legal use of digital currency and explore the wider application prospect of digital currency anonymity technology,scholars from all walks oflife have also conducted research on the anonymity and anti-anonymity technology of Zcash from different angles.Focusing on Zcash,a new digital currency,we first introduce thegeneral framework of Zcash.Secondly,the anonymous technology adopted by Zcash:zk-SNARKs and shielded pool transaction technology,are sorted out.Then we summarize and analyzethe research on Zcash tracking technology by scholars from all walks of life.In the end,anonymous technology and tracking technology development of Zcash are prospected.

Key words: Blockchain, Zcash, Cryptocurrency, Digital currency, Tracking technology, Anonymity technology, Zero-Knowledge proof, Literature review

中图分类号: 

  • TP311
[1]SASSON E B,CHIESA A,GARMAN C,et al.Zerocash:Decentralized anonymous payments from bitcoin[C]//2014 IEEE Symposium on Security and Privacy.IEEE,2014:459-474.
[2]GUO S T,WANG R J,ZHANG F L.Summary of Principle and Application of Blockchain[J].Computer Science,2021,48(2):271-281.
[3]YUAN Y,WANG F Y.Current Status and Prospects of Blockchain Technology Development[J].Acta Automatica Sinica,2016,42(4):481-494.
[4]NAKAMOTO S.Bitcoin:A peer-to-peer electronic cash system[R].Manubot,2019.
[5]LI X D,NIU Y K,WEI L B,et al.Overview on Privacy Protection in Bitcoin[J].Journal of Cryptologic Research,2019,6(2):133-149.
[6]ZHU L H,GAO F,FENG M,et al.Survey on Privacy Preserving Techniques for Blockchain Technology[J].Journal of Computer Research and Development,2017,54(10):2170-2186.
[7]KOSHY P,KOSHY D,MCDANIEL P.An analysis of anonymity in bitcoin using p2p network traffic[C]//International Conference on Financial Cryptography and Data Security.Springer,2014.
[8]BIRYUKOV A,KHOVRATOVICH D,PUSTOGAROV I.Dea-nonymisation of clients in Bitcoin P2P network[C]//Procee-dings of the 2014 ACM SIGSAC Conference on Computer and Communications Security.2014.
[9]ANDROULAKI E,KARAME G O,ROESCHLIN M,et al.Evaluating user privacy in bitcoin[C]//International Conference on Financial Cryptography and Data Security.Springer,2013.
[10]LIAO K,ZHAO Z,DOUPÉ A,et al.Behind closed doors:mea-surement and analysis of CryptoLocker ransoms in Bitcoin[C]//2016 APWG Symposium on Electronic Crime Research(eCrime).IEEE,2016.
[11]RON D,SHAMIR A.Quantitative analysis of the full bitcoin transaction graph[C]//International Conference on Financial Cryptography and Data Security.Springer,2013.
[12]MEIKLEJOHN S,POMAROLE M,JORDAN G,et al.A fistful of bitcoins:characterizing payments among men with no names[C]//Proceedings of the 2013 Conference on Internet Measurement Conference.2013.
[13]HERRERA-JOANCOMARTÍ J.Research and challenges on bit-coin anonymity[M]//Data Privacy Management,Autonomous Spontaneous Security,and Security Assurance.Springer,2014,3-16.
[14]BONNEAU J,NARAYANAN A,MILLER A,et al.Mixcoin:Anonymity for bitcoin with accountable mixes[C]//Internatio-nal Conference on Financial Cryptography and Data Security.Springer,2014.
[15]KENDLER E A,ZOHAR A,GOLDBERG S.Eclipse Attacks on Bitcoin's Peer-to-Peer Network[C]//24th USENIX Security Symposium (USENIX Security 15).2015.
[16]CONTI M,KUMAR E S,LAL C,et al.A survey on security and privacy issues of bitcoin[J].IEEE Communications Surveys &Tutorials.2018,20(4):3416-3452.
[17]SCHRIJVERS O,BONNEAU J,BONEH D,et al.Incentivecompatibility of bitcoin mining pool reward functions[C]//International Conference on Financial Cryptography and Data Security.Springer,2016:477-498.
[18]GERVAIS A,KARAME G O,WÜST K,et al.On the security and performance of proof of work blockchains[C]//Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security.2016.
[19]BIRYUKOV A,TIKHOMIROV S.Security and privacy of mobile wallet users in Bitcoin,Dash,Monero,and Zcash[J].Pervasive and Mobile Computing,2019,59:101030.
[20]DELGADO-SEGURA S,PÉREZ-SOLA C,NAVARRO-ARRI-BAS G,et al.Analysis of the bitcoin utxo set[C]//International Conference on Financial Cryptography and Data Security.Springer,2018.
[21]DE SANTIS A,MICALI S,PERSIANO G.Non-interactive zero-knowledge proof systems[C]//Conference on the Theory and Application of Cryptographic Techniques.Springer,1987.
[22]PILKINGTON M.Blockchain technology:principles and applications[M]//Research Handbook on Digital Transformations.Edward Elgar Publishing,2016.
[23]PINTO A M.An Introduction to the Use of zk-SNARKs inBlockchains[M]//Mathematical Research for Blockchain Eco-nomy.Springer,2020:233-249.
[24]WAHBY R S,TZIALLA I,SHELAT A,et al.Doubly-efficient zkSNARKs without trusted setup[C]//2018 IEEE Symposium on Security and Privacy (SP).IEEE,2018.
[25]BUTERIN V.Quadratic arithmetic programs:from zero to hero[OL].https://medium.com/@VitalikButerin/quadratic …,2016.
[26]BEN-SASSON E,CHIESA A,GENKIN D,et al.SNARKs for C:Verifying program executions succinctly and in zero know-ledge[C]//Annual Cryptology Conference.Springer,2013.
[27]BANERJEE A,CLEAR M,TEWARI H.Demystifying the Role of zk-SNARKs in Zcash[C]//2020 IEEE Conference on Application,Information and Network Security (AINS).IEEE,2020.
[28]BEN-SASSON E,CHIESA A,RIABZEV M,et al.Aurora:Transparent succinct arguments for R1CS[C]//Annual International Conference on the Theory and Applications of Cryptographic Techniques.Springer,2019.
[29]BOWE S,GABIZON A,GREEN M D.A multi-party protocolfor constructing the public parameters of the Pinocchio zk-SNARK[C]//International Conference on Financial Cryptography and Data Security.Springer,2018.
[30]PETKUS M.Why and how zk-snark works[J].arXiv:1906.07221.2019.
[31]MAYER H.zk-SNARK explained:Basic Principles[OL].https://blog.coinfabrik.com/wp-content/uploads/2017/03/zkSNARK-explained_basic_principles.pdf.2016.
[32]ZHOU X,TANG X.Research and implementation of RSA algorithm for encryption and decryption[C]//Proceedings of 2011 6th International Forum on Strategic Technology.IEEE,2011.
[33]SMART N P.The exact security of ECIES in the generic group model[C]//IMA International Conference on Cryptography and Coding.Springer,2001:73-84.
[34]QUESNELLE J.On the linkability of Zcash transactions[J].arXiv:1712.01210,2017.
[35]BIRYUKOV A,FEHER D.Privacy and linkability of mining in zcash[C]//2019 IEEE Conference on Communications and Network Security (CNS).IEEE,2019.
[36]BIRYUKOV A,FEHER D.Deanonymization of hidden transactions in zcash[OL].https://cryptolux.org/images/d/d9/Zcash.pdf?via=indexdotco.
[37]BIRYUKOV A,FEHER D,VITTO G.Privacy aspects and subliminal channels in Zcash[C]//Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security.2019.
[38]BRADBURY D.The problem with Bitcoin[J].Computer Fraud &Security,2013,2013(11):5-8.
[39] CHAUM D L.Untraceable electronic mail,return addresses,and digital pseudonyms[J].Communications of the ACM,1981,24(2):84-90.
[40]DE BALTHASAR T,HERNANDEZ-CASTRO J.An analysis of bitcoin laundry services[C]//Nordic Conference on Secure IT Systems.Springer,2017.
[41]STANDAERT F.Introduction to side-channel attacks[M]//Secure Integrated Circuits and Systems.Springer,2010:27-42.
[42]KOCHER P,JAFFE J,JUN B.Differential power analysis[C]//Annual International Cryptology Conference.Springer,1999.
[43]TRAMÈR F,BONEH D,PATERSON K.Remote side-channel attacks on anonymous transactions[C]//29th {USENIX} Security Symposium ({USENIX} Security 20).2020.
[44]TRAMER F,BONEH D,PATERSON K G.PING and RE-JECT:The Impact of Side-Channels on Zcash Privacy[OL].https://crypto.stanford.edu/timings/.
[45]BRUMLEY D,BONEH D.Remote timing attacks are practical[J].Computer Networks,2005,48(5):701-716.
[46]BRUMLEY B B,TUVERI N.Remote timing attacks are stillpractical[C]//European Symposium on Research in Computer Security.Springer,2011.
[47]KAPPOS G,YOUSAF H,MALLER M,et al.An empiricalanalysis of anonymity in zcash[C]//27th {USENIX} Security Symposium ({USENIX} Security 18).2018.
[48]SIMMONS G J.The prisoners' problem and the subliminalchannel[C]//Advances in Cryptology.Springer,1984.
[49]SIMMONS G J.The subliminal channel and digital signatures[C]//Workshop on the Theory and Application of of Cryptographic Techniques.Springer,1984.
[50]ZHANG T,WU Q H,TANG Z X.Bitcoin blockchain based information convert transmission[J].Chinese Journal of Network and Information Security,2021,7(1):84-92.
[51]LI T R,CHAMRAJNAGAR A S,FONG X R,et al.Sentiment-based prediction of alternative cryptocurrency price fluctuations using gradient boosting tree model[J].Frontiers in Physics,2019,7:98.
[52]AVERIN A,SAMARTSEV A,SACHENKO N.Review ofMethods for Ensuring Anonymity and De-Anonymization in Blockchain[C]//2020 International Conference Quality Ma-nagement,Transport and Information Security,Information Technologies (IT&QM&IS).IEEE,2020.
[53]EYAL I,SIRER E G.Majority is not enough:Bitcoin mining is vulnerable[C]//International conference on financial cryptography and data security.Springer,2014.
[54]PHILLIP A,CHAN J S,PEIRIS S.A new look at cryptocurrencies[J].Economics Letters,2018,163:6-9.
[55]BEN-SASSON E,CHIESA A,TROMER E,et al.Succinct non-interactive zero knowledge for a von Neumann architecture[C]//23rd {USENIX} Secu-rity Symposium ({USENIX} Security 14).2014.
[56]LV L T,CUI D W,HEI X H,et al.Three Mechanisms of Key Encryption Algorithm in Network System[J].Computer Engineering,2003(14):114-116.
[57]HAN X,YUAN Y,WANG F Y.Security Problems on Block-chain:The State of the Art and Future Trends[J].Acta Automatica Sinica.2019,45(1):206-225.
[58]WANG H,SONG X F,KE J M,et al.Blockchain and Privacy Preserving Mechanisms in Cryptocurrency[J].Netinfo Security,2017(7):32-39.
[1] 郭显, 王雨悦, 冯涛, 曹来成, 蒋泳波, 张迪. 基于区块链的工业控制系统角色委派访问控制机制[J]. 计算机科学, 2021, 48(9): 306-316.
[2] 王日宏, 周航, 徐泉清, 张立锋. 用于联盟链的非拜占庭容错共识算法[J]. 计算机科学, 2021, 48(9): 317-323.
[3] 张小艳, 李秦伟, 付福杰. 基于数字承诺的区块链交易金额保密验证方法[J]. 计算机科学, 2021, 48(9): 324-329.
[4] 周艺华, 贾玉欣, 贾立圆, 方嘉博, 侍伟敏. 基于红黑树的共享电子病历数据完整性验证方案[J]. 计算机科学, 2021, 48(9): 330-336.
[5] 刘嘉琪, 刘贝丽, 彭韬, 段江, 康立, 陈智. 基于区块链的音频版权存证模型[J]. 计算机科学, 2021, 48(6A): 438-442.
[6] 唐飞, 陈云龙, 冯卓. 基于区块链和代理重加密的电子处方共享方案[J]. 计算机科学, 2021, 48(6A): 498-503.
[7] 李嘉明, 赵阔, 屈挺, 刘晓翔. 基于知识图谱的区块链物联网领域研究分析[J]. 计算机科学, 2021, 48(6A): 563-567.
[8] 郭上铜, 王瑞锦, 张凤荔. 区块链技术原理与应用综述[J]. 计算机科学, 2021, 48(2): 271-281.
[9] 王卫红, 陈震宇. 基于改进区块链的智能制造安全模型[J]. 计算机科学, 2021, 48(2): 295-302.
[10] 季钰翔, 黄建华, 王喆, 郑红, 唐瑞琮. 基于信任度匹配的改进PBFT共识算法[J]. 计算机科学, 2021, 48(2): 303-310.
[11] 闫凯伦, 张继连. 一种可用于数据和模型分享的模型链[J]. 计算机科学, 2021, 48(2): 311-316.
[12] 毛瀚宇, 聂铁铮, 申德荣, 于戈, 徐石成, 何光宇. 区块链即服务平台关键技术及发展综述[J]. 计算机科学, 2021, 48(11): 4-11.
[13] 李玉, 段宏岳, 殷昱煜, 高洪皓. 基于区块链的去中心化众包技术综述[J]. 计算机科学, 2021, 48(11): 12-27.
[14] 陈先来, 赵晓宇, 曾工棉, 安莹. 基于区块链的患者在线交流模型[J]. 计算机科学, 2021, 48(11): 28-35.
[15] 廉文娟, 赵朵朵, 范修斌, 耿玉年, 范新桐. 基于认证及区块链的CFL_BLP_BC模型[J]. 计算机科学, 2021, 48(11): 36-45.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] 周文辉, 石敏, 朱登明, 周军. 基于残差注意力网络的地震数据超分辨率方法[J]. 计算机科学, 2021, 48(8): 24 -31 .
[2] 王梓强, 胡晓光, 李晓筱, 杜卓群. 移动机器人全局路径规划算法综述[J]. 计算机科学, 2021, 48(10): 19 -29 .
[3] 刘天星, 李伟, 许铮, 张立华, 戚骁亚, 甘中学. 面向高维连续行动空间的蒙特卡罗树搜索算法[J]. 计算机科学, 2021, 48(10): 30 -36 .
[4] 张建行, 刘全. 基于情节经验回放的深度确定性策略梯度方法[J]. 计算机科学, 2021, 48(10): 37 -43 .
[5] . 目录[J]. 计算机科学, 2021, 48(11): 0 .
[6] 高洪皓, 郑子彬, 殷昱煜, 丁勇. 区块链技术专题序言[J]. 计算机科学, 2021, 48(11): 1 -3 .
[7] 毛瀚宇, 聂铁铮, 申德荣, 于戈, 徐石成, 何光宇. 区块链即服务平台关键技术及发展综述[J]. 计算机科学, 2021, 48(11): 4 -11 .
[8] 李玉, 段宏岳, 殷昱煜, 高洪皓. 基于区块链的去中心化众包技术综述[J]. 计算机科学, 2021, 48(11): 12 -27 .
[9] 陈先来, 赵晓宇, 曾工棉, 安莹. 基于区块链的患者在线交流模型[J]. 计算机科学, 2021, 48(11): 28 -35 .
[10] 廉文娟, 赵朵朵, 范修斌, 耿玉年, 范新桐. 基于认证及区块链的CFL_BLP_BC模型[J]. 计算机科学, 2021, 48(11): 36 -45 .