Research On Privacy And Regulation In Consortium Blockchain Based Cryptocurrencies

Cryptocurrencies are a kind of digital currency based on public key cryptography.Since bitcoin was proposed in 2008,cryptocurrencies have received wide attention due to some merits such as decentralized,public and transparent,privacy-preserving.Among them,privacy-preserving is one of the most attractive features of cryptocurrencies.If the sensitive information of users is disclosed during the transaction,malicious merchants may acquire benefits by selling the transaction users' information.However,due to the abuse of anonymity in cryptocurrencies transactions,money laundering,forbidden trading,extortion and other illegal behaviors occur from time to time,the notorious black silk road is an example,which is black market for drug transactions.It used bitcoin and Tor to avoid tracking or punishment by government and banks.Thus,balancing the anonymity and accountability in cryptocurrencies is one of the key issues to make cryptocurrencies practical.In this thesis,we mainly focus on how to balance the two seemingly contradictory issues,i.e.,users' privacy-preserving and regulation in anonymous cryptocurrencies.Anonymity is a necessary property to protect users' privacy.Bitcoin,which protects users' privacy with pseudonyms mechanism,is not enough to protect users' privacy in real-world applications.One payer's addresses will be linked if the payer uses multiple addresses to pay for the same materials.Tracing is an effective way for regulation.However,the existing tracing methods for cryptocurrencies always trace a one-time address or a random bit-strings instead of the real-world identities,which will not be used for a long time by the user.We suggest to use linkable group signatures as the transaction signature algorithm in consortium blockchain based anonymous cryptocurrencies to protect users' privacy while tracing malicious payers' real identity.The contributions of this thesis are as follows.(1)An efficient linkable group signature.We propose a concrete construction of linkable group signature based on the group signature due to Boneh et al.There is a group manager in a group,users can apply to join the group to be a legal group member,then the group member can generate a group signature on behalf of the whole group.The proposed scheme makes use of linear encryption to help the group manager to trace a group member's identity,and generates a group signature by computing a zero-knowledge proof of knowledge(ZKPK)of a triple tuple of VR-SDH.If a group member signs the same message twice,then the two signatures can be publicly linked,which can be used for double-spending detection in anonymous cryptocurrencies.We prove the security of our linkable group signature scheme in the random oracle model.We evaluate the performance of the proposed scheme and then implement the proposed linkable group signature on a desktop,which shows its practicability in reality.(2)Threshold linkable group signature.Inspired by the idea of distributed key generation protocol proposed by Gennaro et al,we propose an effective threshold linkable group signature scheme.More than one supervision authority is involved in the group.According to secret sharing,the supervision private key is distributed to n supervision authorities,among which any t supervision authority can reconstruct the supervision key by sharing its shared key.The scheme makes use of ElGamal encryption to help the group manager to trace a group member's identity with reconstructed supervision key,and generates a group signature by generating a zero-knowledge proof of knowledge(ZKPK)of a triple tuple of SDH.If a group member signs the same message twice,the tags in signatures will be publicly linked,which can be used for double-spending detection in anonymous cryptocurrencies.We evaluate the performance of the proposed scheme and simulation experiments illustrate the effectiveness of the proposed scheme.