[cryptography] an untraceability extension to Bitcoin using a combination of digital commitments, one-way accumulators and zero-knowledge proofs,
ianG
iang at iang.org
Fri Apr 12 15:40:36 PDT 2013
Steve Bellovin posted this on another list, hattip to him.
http://www.forbes.com/sites/andygreenberg/2013/04/12/zerocoin-add-on-for-bitcoin-could-make-it-truly-anonymous-and-untraceable/
For those following Bitcoin this is news. Matthew Green writes:
For those who just want the TL;DR, here it is:
Zerocoin is a new cryptographic extension to Bitcoin that (if adopted)
would bring true cryptographic anonymity to Bitcoin. It works at the
protocol level and doesn't require new trusted parties or services. With
some engineering, it might (someday) turn Bitcoin into a completely
untraceable, anonymous electronic currency.
http://blog.cryptographyengineering.com/2013/04/zerocoin-making-bitcoin-anonymous.html
(iang adds:)
Bitcoin is psuedonymous but traceable, which is to say that all
transactions are traceable from identity to identity, but those identities
are psuedonyms, being (hashes of) public keys. This is pretty weak. In
contrast, Chaumian blinding was untraceable but typically identified
according to an issuer's regime. Because Chaumian mathematics required a
mint, this devolved to trusted/identified, so again not as strong as some
hoped.
Bitcoin fixed this 'flaw' by decorporating the mint into an algorithm.
This suggests a new axis of distributed. But Bitcoin lost the
untraceability in the process, thus rendering it a rather ridiculous
attempt at privacy, as the entire graph was on display. Bitcoin is more
or less worse at privacy than Chaumian cash ever was.
The holy grail in Chaumian times was untraceable & unidentifiable, to
which Bitcoin added distributed. This paper by Miers, Garman, Green &
Rubin suggests untraceable & psuedonymous & distributed is possible:
http://spar.isi.jhu.edu/~mgreen/ZerocoinOakland.pdf
(I haven't as yet read the paper so there may be killer details in there.)
iang
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the Testlist
mailing list