| 摘要: |
| 区块链是比特币、以太坊等加密货币的基础设施,提供了一种去中心化、不可篡改和可验证的账本,可以记录数字资产的交易。区块链账本的公开透明特性使得交易便于验证,但同时也暴露了隐私信息,可能会对个人和企业的安全造成影响。近年来,许多区块链隐私保护研究都集中在交易用户的匿名性和交易内容的保密性两方面。然而,强大的隐私性使得恶意用户很容易隐藏交易地址和非法交易内容,这给当前的一些监管机构如反洗钱组织等带来了挑战。一些可追踪可审计的区块链方案往往不能同时提供匿名性和机密性,此外,还存在监管操作单一、监管越权、需要与被监管方交互等问题。在本文中,我们提出了一种基于Sigma协议的分权监管的强隐私保护方案,可以达到匿名性、机密性、地址可追踪以及内容可审计的目的。我们通过Bresson等人提出的带有双陷门解密机制的同态公钥密码系统实现交易内容的机密性与可审计性,通过一次性地址实现交易方地址的匿名性与可追踪性。为了限制监管者的权利,我们设计了新颖的监管模式,将地址追踪与内容审计的权限分离,各方监管者之间相互制约且需要进行合作。我们基于Sigma协议设计了四种类型的零知识证明用于交易的公开验证,包括所有权证明、一致性证明、平衡证明和范围证明,不需要可信设置。此外,我们提供了方案的安全定义和形式化的安全性分析,并实现了零知识证明协议和方案算法,以展示所提方案的实用性。 |
| 关键词: 区块链 加密货币 Sigma协议 隐私保护 监管 |
| DOI: |
| 投稿时间:2023-01-23修订日期:2023-03-15 |
| 基金项目: |
|
| Privacy-Preserving Blockchain with Separation of Regulation Based on Sigma Protocols |
|
DingJiong, Xu Haixia
|
| (Institute of Information Engineering) |
| Abstract: |
| Blockchain is the basic infrastructure of cryptocurrencies such as Bitcoin and Ethereum, providing a decentralized, tamper-resistant and publicly verifiable ledger that can record transactions of digital assets. The open and transparent characteristics of the blockchain ledger facilitate the transaction verification, but at the same time reveal sensitive information that could cause threats for the security of individuals and companies. In recent years, many studies have focused on anonymity and confidentiality for users. However, strong privacy makes it easy for malicious users to hide addresses and illegal transaction contents, which creates regulation issues for current institutions such as the anti-money laundering organization. Some traceable and auditable blockchain schemes often do not provide both anonymity and confidentiality. In addition, there exist problems such as few regulation operations, regulation overreaching, and the need to interact with the regulated parties. In this paper, we present a strong privacy-preserving scheme with the separation of regulation power based on efficient Sigma protocols, which obtains the purposes of anonymity, confidentiality, traceable addresses and auditable transaction contents. We achieve confidentiality and auditability of the transaction content by the homomorphic public-key cryptosystem with a double trapdoor decryption mechanism proposed by Bresson, Catalano, and Pointcheval. We also achieve anonymity and traceability of the transaction participant's address by a one-time address. To limit the authority of the regulator, we design a novel regulation model that separates the authority of address tracing from that of content audit, where regulators can condition and cooperate with each other. We design four zero-knowledge proofs based on the Sigma protocol for the public verification of transactions without trusted setup, including the ownership proof, the consistency proof, the balance proof and the range proof. Moreover, we provide security definitions and formal security analysis of our scheme, and implement zero-knowledge proofs and system algorithms to demonstrate the practicability. |
| Key words: blockchain cryptocurrency Sigma protocol privacy protection regulation |
