| Bitcoin was the first widely adopted cryptocurrency scheme,it's distributed peer-to-peer network is known as the blockchain,bitcoin is decentralized by blockchain,which is widely used in financial transactions,medical care,voting systerm and other application scenarios.Bitcoin uses pseudonyms(public keys,also known as wallet addresses in bitcoin transactions)to protect uses anonymity,but this approach is not secure:people can find out the connection between users and pseudonyms through statistical analysis To protect users anonymity,some cryptocurrency schemes have been proposed,including Zerocoin,Zerocash,RingCT and others.However,these schemes are based on traditional cryptographic schemes,which cannot resist quantum computing attacksIn this paper,a decentralized cryptocurrency scheme based on lattice-based zero-knowledge argument is proposed to solve the problem of payers' anonymity in bitcoin transactions.The idea is shown as follows:payer mints a bitcoin into altcoin,pays an altcoin collection U including this altcoin by zero-knowledge argument protocol,miners on blockchain verify the validity of the altcoin and whether it is double-spent.Specifically,the payer first randomly generates altcoin d with no value and no possession,combines a bitcoin(also known as transaction on the blockchain)with this altcoin by signature scheme.Then payer randomly selects a collection U including this altcoin,computes the root value u by lattice-based Merkel Tree Accumulator algorithm,then computes the value w corresponding to d,uses noninteractive zero-knowledge argument of knowledge to proof that:d?U without showing d,and d did not appear in the previous transactions Finally,the miners on the blockchain verify the noninteractive zero-knowledge argument by Verify.In the above scheme,in order to achieve the purpose of antiquantum attack,this paper proposes to use the Merkel tree Accumulator lattice-based zero-knowledge argument protocol.In order to achieve the unforgeable and undouble-spend,this paper proposes a lattice-based Pedersen commitment protocol output d and improves the lattice-based zero-knowledge argument protocol.In order to achieve noninteraction of zero-knowledge argument protocol,this paper uses fiat-shamir transformation function to replace challenge.Then design the scheme and prove the security of the scheme.Finally,design the system which is based on open source blockchain FISCO BCOS,test the system performance and analyzes the results to verify the feasibility.The whole operation time of each stage of the proposed scheme in this paper is about 1 second,which can be used in the actual scene within a reasonable range. |
PDF Full Text Request