Research And Instantiation Of Ring Secret Transaction Protocol Based On Multivariable Public Key Cryptosystem

Since Satoshi Nakamoto proposed the concept of Bitcoin in 2008,cryptocurrency has entered people's sight.This is a decentralized digital currency that uses cryptographic principles to ensure the security of the transaction process.After more than ten years of research and development,many cryptocurrencies that refer to the ideas and principles of Bitcoin have been proposed.At present,the mainstream cryptocurrencies include Bitcoin,Dash,and Monero.The characteristics of cryptocurrency are decentralized transactions and a high degree of anonymity.Since there is no third-party supervision and the transaction process is anonymous,how to protect the security of the transaction process is particularly important.In Monero,the security of the transaction process is protected by the ring confidential transaction protocol.The ring confidential transaction protocol can hide the actual amount in the transaction and confuse the actual expenditure of the transaction spender,thereby achieving anonymous and safe transactions.Purpose.However,the currently used ring secret transaction protocol in the Monero community is based on the discrete logarithm problem.According to the Shure algorithm,quantum computers can solve the discrete logarithm problem in polynomial time.Therefore,once a large-scale quantum computer comes out,the ring secret transaction protocol based on the discrete logarithm problem will no longer be secure,and there is an urgent need to find a post-quantum cryptographic scheme that can resist quantum computer attacks.Multivariate public key cryptography is one of the main research directions of post-quantum cryptography.Its security is based on the difficulty of solving MQ problems.Research shows that MQ problems are NPhard problems.Even quantum computers cannot be in polynomial time to solve.And compared with other post-quantum cryptographic schemes,the signature generated by the multivariable-based signature scheme is small,and the calculation speed is fast and the required computing resources are small in the signature verification process,which has good research value.According to the characteristics of the ring confidential transaction protocol,this paper uses the multivariable ring signature scheme as the underlying signature scheme,and designs a multivariable ring confidential transaction protocol.The protocol uses the additive homomorphism of the public key of the multivariable signature scheme to realize the commitment to the transaction amount,and performs a ring signature on the commitment.The identity of the transaction participants.At the same time,during the transaction generation process,the trader's private key will be used to generate a unique key-image,and it will participate in the signature generation process and become part of the signature.By comparing whether the same key-image exists in this blockchain,it can effectively prevent Transaction double spend.Compared with the existing post-quantum secure lattice-ring confidential transaction protocol,the proposed scheme has more advantages in terms of signature size and verification efficiency.The above-mentioned multivariable ring confidential transaction protocol is generated based on the general multivariable ring signature scheme.It is instantiated to meet security requirements.By analyzing the instantiated scheme,it can be seen that a problem that restricts the application of the multivariable scheme is that its key is too large.In order to solve this problem,this paper uses the idea of the circular public key in Cyclic Rainbow to insert a matrix with a special structure into the public key,to compress the public key size.In addition,using this method to compress the public key can also speed up the signature verification process.The compressed public key size can be reduced by up to 65.4%,and the signature verification process can be optimized by up to 59.6%.