A lattice-based linkable ring signature supporting stealth addresses

A lattice-based linkable ring signature supporting stealth addresses

First proposed in CryptoNote, a collection of popular privacy-centric cryptocurrencies have employed Linkable Ring Signature and a corresponding Key Derivation Mechanism (KeyDerM) for keeping the payer and payee of a transaction anonymous and unlinkable. The KeyDerM is used for generating a fresh si...

Full description

Saved in:
Bibliographic Details
Main Authors: Liu, Zhen, Nguyen, Khoa, Yang, Guomin, Wang, Huaxiong, Wong, Duncan S.
Other Authors: School of Physical and Mathematical Sciences
Format: Conference or Workshop Item
Language:English
Published: 2020
Subjects:
Engineering::Computer science and engineering
Lattice-Based
Linkable Ring Signature
Online Access:https://hdl.handle.net/10356/138429
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-138429
record_format dspace
spelling sg-ntu-dr.10356-1384292020-09-26T22:03:55Z A lattice-based linkable ring signature supporting stealth addresses Liu, Zhen Nguyen, Khoa Yang, Guomin Wang, Huaxiong Wong, Duncan S. School of Physical and Mathematical Sciences 24th European Symposium on Research in Computer Security The work was supported by the National Natural Science Foundation of China (No. 61672339), the National Cryptography Development Fund (No. MMJJ20170111), the Gopalakrishnan - NTU Presidential Postdoctoral Fellowship 2018, the National Research Foundation, Prime Minister’s Office, Singapore under its Strategic Capability Research Centres Funding Initiative, the Singapore Ministry of Education under Research Grant MOE2016-T2-2-014(S), and the Abelian Foundation. Engineering::Computer science and engineering Lattice-Based Linkable Ring Signature First proposed in CryptoNote, a collection of popular privacy-centric cryptocurrencies have employed Linkable Ring Signature and a corresponding Key Derivation Mechanism (KeyDerM) for keeping the payer and payee of a transaction anonymous and unlinkable. The KeyDerM is used for generating a fresh signing key and the corresponding public key, referred to as a stealth address, for the transaction payee. The stealth address will then be used in the linkable ring signature next time when the payee spends the coin. However, in all existing works, including Monero, the privacy model only considers the two cryptographic primitives separately. In addition, to be applied to cryptocurrencies, the security and privacy models for Linkable Ring Signature should capture the situation that the public key ring of a signature may contain keys created by an adversary (referred to as adversarially-chosen-key attack), since in cryptocurrencies, it is normal for a user (adversary) to create self-paying transactions so that some maliciously created public keys can get into the system without being detected . In this paper, we propose a new cryptographic primitive, referred to as Linkable Ring Signature Scheme with Stealth Addresses (SALRS), which comprehensively and strictly captures the security and privacy requirements of hiding the payer and payee of a transaction in cryptocurrencies, especially the adversarially-chosen-key attacks. We also propose a lattice-based SALRS construction and prove its security and privacy in the random oracle model. In other words, our construction provides strong confidence on security and privacy in twofolds, i.e., being proved under strong models which capture the practical scenarios of cryptocurrencies, and being potentially quantum-resistant. The efficiency analysis also shows that our lattice-based SALRS scheme is practical for real implementations. NRF (Natl Research Foundation, S’pore) MOE (Min. of Education, S’pore) Accepted version 2020-05-06T02:48:14Z 2020-05-06T02:48:14Z 2019 Conference Paper Liu, Z., Nguyen, K., Yang, G., Wang, H., & Wong, D. S. (2019). A lattice-based linkable ring signature supporting stealth addresses. Computer Security – ESORICS 2019, 726-746. doi:10.1007/978-3-030-29959-0_35 9783030299583 https://hdl.handle.net/10356/138429 10.1007/978-3-030-29959-0_35 2-s2.0-85075615647 726 746 en © 2019 Springer Nature Switzerland AG. All rights reserved. This paper was published in Computer Security – ESORICS 2019 and is made available with permission of Springer Nature Switzerland AG. application/pdf
institution Nanyang Technological University
building NTU Library
country Singapore
collection DR-NTU
language English
topic Engineering::Computer science and engineering
Lattice-Based
Linkable Ring Signature
spellingShingle Engineering::Computer science and engineering
Lattice-Based
Linkable Ring Signature
Liu, Zhen
Nguyen, Khoa
Yang, Guomin
Wang, Huaxiong
Wong, Duncan S.
A lattice-based linkable ring signature supporting stealth addresses
description First proposed in CryptoNote, a collection of popular privacy-centric cryptocurrencies have employed Linkable Ring Signature and a corresponding Key Derivation Mechanism (KeyDerM) for keeping the payer and payee of a transaction anonymous and unlinkable. The KeyDerM is used for generating a fresh signing key and the corresponding public key, referred to as a stealth address, for the transaction payee. The stealth address will then be used in the linkable ring signature next time when the payee spends the coin. However, in all existing works, including Monero, the privacy model only considers the two cryptographic primitives separately. In addition, to be applied to cryptocurrencies, the security and privacy models for Linkable Ring Signature should capture the situation that the public key ring of a signature may contain keys created by an adversary (referred to as adversarially-chosen-key attack), since in cryptocurrencies, it is normal for a user (adversary) to create self-paying transactions so that some maliciously created public keys can get into the system without being detected . In this paper, we propose a new cryptographic primitive, referred to as Linkable Ring Signature Scheme with Stealth Addresses (SALRS), which comprehensively and strictly captures the security and privacy requirements of hiding the payer and payee of a transaction in cryptocurrencies, especially the adversarially-chosen-key attacks. We also propose a lattice-based SALRS construction and prove its security and privacy in the random oracle model. In other words, our construction provides strong confidence on security and privacy in twofolds, i.e., being proved under strong models which capture the practical scenarios of cryptocurrencies, and being potentially quantum-resistant. The efficiency analysis also shows that our lattice-based SALRS scheme is practical for real implementations.
author2 School of Physical and Mathematical Sciences
author_facet School of Physical and Mathematical Sciences
Liu, Zhen
Nguyen, Khoa
Yang, Guomin
Wang, Huaxiong
Wong, Duncan S.
format Conference or Workshop Item
author Liu, Zhen
Nguyen, Khoa
Yang, Guomin
Wang, Huaxiong
Wong, Duncan S.
author_sort Liu, Zhen
title A lattice-based linkable ring signature supporting stealth addresses
title_short A lattice-based linkable ring signature supporting stealth addresses
title_full A lattice-based linkable ring signature supporting stealth addresses
title_fullStr A lattice-based linkable ring signature supporting stealth addresses
title_full_unstemmed A lattice-based linkable ring signature supporting stealth addresses
title_sort lattice-based linkable ring signature supporting stealth addresses
publishDate 2020
url https://hdl.handle.net/10356/138429
_version_ 1681056800794738688

Similar Items