學術產出-學位論文
文章檢視/開啟
書目匯出
-
題名 具可控監管與交易保密功能之區塊鏈支付系統
Blockchain-based Confidential Payment System with Controllable Regulation作者 廖御辰
Liao, Yu-Chen貢獻者 左瑞麟
Tso, Ray-Lin
廖御辰
Liao, Yu-Chen關鍵詞 可歸責性
區塊鏈
保密交易
門檻加密
Accountability
Blockchain
Confidential transaction
Threshold encryption日期 2022 上傳時間 5-十月-2022 09:15:19 (UTC+8) 摘要 基於區塊鏈的支付系統(如比特幣等),由於其交易可公開驗證的特性而有廣泛 的應用。此外,為了保護使用者在區塊鏈上的隱私,如一交易的收發人以及交 易金額等,隱私保護貨幣如門羅幣及 Zerocash 等也因此被提出。然而,在缺乏 任何監管措施的情形下,過度的隱私保護系統卻有可能遭到惡意的濫用。因此, 如何同時兼顧隱私保護但又保有適度的監管能力是一個非常重要的問題。在此 篇論文中,我們提出一個具可控監管與交易保密功能之區塊鏈支付系統。為了 保護使用者的隱私且同時進行可控監管,我們使用了門檻同態加密系統來對使 用者的交易金額進行加密。此加密使用監管者的門檻加密金鑰,在保護交易隱 私的同時也限制了監管者對一交易金額進行解密的能力。此外,藉由同態加密 的特性,我們能夠在不對交易金額解密的情形下,更新使用者在經過一交易後 的餘額,進而達到保持使用者隱私的目的。我們所提出的系統也能滿足安全性 的需求,並且我們也實作了此系統的原型用以效能分析。
Blockchain-based payment system (e.g., Bitcoin) is wildly adopted in many scenarios due to the transaction details are publicly accessible. In addition, blockchain-based anonymous payment systems (e.g., Monero and Zerocash) have been proposed to further protect on-chain privacy, such as the balance of the sender and receiver, and the amount of the transaction. However, without any regulation, overly privacy-preserving systems will sometimes be abused for malicious behavior. How to strike a balance between the needs for regulation and privacy become a important issue on such systems. In this paper, we proposed a blockchain-based confidential payment system with controllable regulation. To protect user’s privacy as well as perform controllable regulation, we realized the proposed system by utilizing threshold homomorphic encryption to encrypt user’s transaction values and balance. The encryption is done with regulators’ thresholdized keys and thus limits regulators’ ability to decrypt a transaction. In addition, with the homomorphic property, we can update the user’s balance without decrypting the transaction value or the user’s balance and thus preserve on-chain privacy. The proposed system also satisfies the security requirements and and a prototype implementation is provided for the performance analysis.參考文獻 [AFM+ 14]Giuseppe Ateniese, Antonio Faonio, Bernardo Magri, and Breno de Medeiros. “Certified Bitcoins.” In: ACNS 2014. Vol. 8479. LNCS. Springer. 2014, pp. 80–96 (cit. p. 24).[BBB+ 18]Benedikt Bünz, Jonathan Bootle, Dan Boneh, et al. “Bulletproofs: Short Proofs for Confidential Transactions and More.” In: IEEE S&P 2018. IEEE. 2018, pp. 315–334 (cit. pp. 27, 28, 32, 39).[BBS02]Mihir Bellare, Alexandra Boldyreva, and Jessica Staddon. “Randomness Re-use in Multi- recipient Encryption Schemeas.” In: Public Key Cryptography — PKC 2003. Springer. 2002, pp. 85–99 (cit. p. 27).[BCG+ 14]Eli Ben Sasson, Alessandro Chiesa, Christina Garman, et al. “Zerocash: Decentralized anonymous payments from Bitcoin.” In: IEEE S&P 2014. IEEE. 2014, pp. 459–474 (cit. pp. 1, 4).[But14]Vitalik Buterin. Ethereum: A Next-Generation Smart Contract and Decentralized Application Platform. https://nft2x.com/wp-content/uploads/2021/03/ EthereumWP.pdf. 2014 (cit. p. 1).[CG15]Pyrros Chaidos and Jens Groth. “Making Sigma-protocols non-interactive without random oracles.” In: PKC 2015. Vol. 9020. LNCS. Springer. 2015, pp. 650–670 (cit. pp. 13, 39).[CMT+ 20]Yu Chen, Xuecheng Ma, Cong Tang, and Man Ho Au. “PGC: Decentralized confidential payment system with auditability.” In: ESORICS 2020. Vol. 12308. LNCS. Springer, 2020, pp. 591–610 (cit. p. 5).[CSL+ 18]Mauro Conti, E. Sandeep Kumar, Chhagan Lal, and Sushmita Ruj. “A survey on security and privacy issues of Bitcoin.” In: IEEE Commun. Surv. Tutorials. Vol. 20. IEEE. 2018, pp. 3416–3452 (cit. p. 1).[CZJ+ 17]Ethan Cecchetti, Fan Zhang, Yan Ji, et al. “Solidus: Confidential distributed ledger transactions via PVORM.” In: CCS 2017. ACM. 2017, pp. 701–717 (cit. p. 4).[DF89]Yvo Desmedt and Yair Frankel. “Threshold cryptosystems.” In: CRYPTO 1989. Vol. 435. LNCS. Springer. 1989, pp. 307–315 (cit. p. 17).[FS86]Amos Fiat and Adi Shamir. “How to prove yourself: Practical solutions to identification and signature problems.” In: Conference on the theory and application of cryptographic techniques. Springer. 1986, pp. 186–194 (cit. p. 13).[GGM16]Christina Garman, Matthew Green, and Ian Miers. “Accountable privacy for decentralized anonymous payments.” In: FC 2016. Vol. 9603. LNCS. Springer. 2016, pp. 81–98 (cit. p. 4).[IM13]C. Garman I. Miers and A. D. Rubin M. Green. “Zerocoin: Anonymous distributed E-cash from Bitcoin.” In: IEEE S&P 2013. IEEE. 2013, pp. 397–411 (cit. p. 4).[Kra03]Hugo Krawczyk. “SIGMA: The ‘SIGn-and-MAc’ approach to authenticated Diffie-Hellman and its use in the IKE protocols.” In: CRYPTO 2003. Vol. 2729. LNCS. Springer. 2003, pp. 400–425 (cit. pp. 13, 39).[LHH+ 20]Chao Lin, Debiao He, Xinyi Huang, Muhammad Khurram Khan, and Kim-Kwang Raymond Choo. “DCAP: A secure and efficient decentralized conditional anonymous payment system based on blockchain.” In: IEEE Trans. Inf. Forensics Secur. Vol. 15. 2020, pp. 2440–2452 (cit. p. 4).[MvF15]Killian J. McCarthy, Peter van Santen, and Ingo Fiedler. “Modeling the money launderer: Microtheoretical arguments on anti-money laundering policy.” In: International Review of Law and Economics. Vol. 43. Elsevier. 2015, pp. 148–155 (cit. p. 2).[Nak08]Satoshi Nakamoto. Bitcoin: A Peer-to-Peer Electronic Cash System. https://bitcoin. org/bitcoin.pdf. 2008 (cit. p. 1).[Ped91]Torben Pryds Pedersen. “A threshold cryptosystem without a trusted party.” In: EUROCRYPT. Vol. 547. LNCS. Springer. 1991, pp. 522–526 (cit. p. 10).[Ped92]Torben Pryds Pedersen. “Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing.” In: Advances in Cryptology — CRYPTO ’91. Springer. 1992, pp. 129–140 (cit. p. 8).[Pet19]Maksym Petkus. Why and how zk-SNARK works. http://arxiv.org/abs/1906.07221. 2019 (cit. p. 4).[PW11]Thomas Pietschmann and John Walker. Estimating Illicit Financial Flows Resulting From Drug Trafficking and other Transnational Organized Crimes. https://www.unodc.org/ documents / data - and - analysis / Studies / Illicit _ financial _ flows _ 2011 _ web.pdf. United Nations Office on Drugs and Crime, 2011 (cit. p. 2).[Sab13]N. Van Saberhagen. Cryptonote v 2.0. https://bytecoin.org/old/whitepaper.pdf. 2013 (cit. p. 4).[SAL+ 17]Shi-Feng Sun, Man Ho Au, Joseph K. Liu, and Tsz Hon Yuen. “RingCT 2.0: A compact accumulator-based (linkable ring signature) protocol for blockchain cryptocurrency Monero.” In: ESORICS 2017. Vol. 10493. LNCS. Springer. 2017, pp. 456–474 (cit. p. 1).[SHL+ 21]Xuemin Sherman Shen, Cheng Huang, Dongxiao Liu, et al. “Data management for future wireless networks: Architecture, privacy preservation, and regulation.” In: IEEE Netw. Vol. 35. IEEE. 2021, pp. 8–15 (cit. p. 1).[Wil18]Zachary J. Williamson. The AZTEC protocol. https://raw.githubusercontent.com/ AztecProtocol/AZTEC/master/AZTEC.pdf. 2018 (cit. p. 4).[WOD18]Rolf van Wegberg, Jan-Jaap Oerlemans, and Oskar van Deventer. “Bitcoin money laundering: Mixed results? An explorative study on money laundering of cybercrime proceeds using Bitcoin.” In: J. Financial Crime. Emerald Publishing Limited. 2018, pp. 419–435 (cit. p. 2).[XLN+ 22]Liang Xue, Dongxiao Liu, Jianbing Ni, Xiaodong Lin, and Xuemin Sherman Shen. “Enabling regulatory compliance and enforcement in decentralized anonymous payment.” In: IEEE Trans. Dependable Secur. Comput. IEEE. 2022 (cit. p. 5). 描述 碩士
國立政治大學
資訊科學系
109753124資料來源 http://thesis.lib.nccu.edu.tw/record/#G0109753124 資料類型 thesis dc.contributor.advisor 左瑞麟 zh_TW dc.contributor.advisor Tso, Ray-Lin en_US dc.contributor.author (作者) 廖御辰 zh_TW dc.contributor.author (作者) Liao, Yu-Chen en_US dc.creator (作者) 廖御辰 zh_TW dc.creator (作者) Liao, Yu-Chen en_US dc.date (日期) 2022 en_US dc.date.accessioned 5-十月-2022 09:15:19 (UTC+8) - dc.date.available 5-十月-2022 09:15:19 (UTC+8) - dc.date.issued (上傳時間) 5-十月-2022 09:15:19 (UTC+8) - dc.identifier (其他 識別碼) G0109753124 en_US dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/142125 - dc.description (描述) 碩士 zh_TW dc.description (描述) 國立政治大學 zh_TW dc.description (描述) 資訊科學系 zh_TW dc.description (描述) 109753124 zh_TW dc.description.abstract (摘要) 基於區塊鏈的支付系統(如比特幣等),由於其交易可公開驗證的特性而有廣泛 的應用。此外,為了保護使用者在區塊鏈上的隱私,如一交易的收發人以及交 易金額等,隱私保護貨幣如門羅幣及 Zerocash 等也因此被提出。然而,在缺乏 任何監管措施的情形下,過度的隱私保護系統卻有可能遭到惡意的濫用。因此, 如何同時兼顧隱私保護但又保有適度的監管能力是一個非常重要的問題。在此 篇論文中,我們提出一個具可控監管與交易保密功能之區塊鏈支付系統。為了 保護使用者的隱私且同時進行可控監管,我們使用了門檻同態加密系統來對使 用者的交易金額進行加密。此加密使用監管者的門檻加密金鑰,在保護交易隱 私的同時也限制了監管者對一交易金額進行解密的能力。此外,藉由同態加密 的特性,我們能夠在不對交易金額解密的情形下,更新使用者在經過一交易後 的餘額,進而達到保持使用者隱私的目的。我們所提出的系統也能滿足安全性 的需求,並且我們也實作了此系統的原型用以效能分析。 zh_TW dc.description.abstract (摘要) Blockchain-based payment system (e.g., Bitcoin) is wildly adopted in many scenarios due to the transaction details are publicly accessible. In addition, blockchain-based anonymous payment systems (e.g., Monero and Zerocash) have been proposed to further protect on-chain privacy, such as the balance of the sender and receiver, and the amount of the transaction. However, without any regulation, overly privacy-preserving systems will sometimes be abused for malicious behavior. How to strike a balance between the needs for regulation and privacy become a important issue on such systems. In this paper, we proposed a blockchain-based confidential payment system with controllable regulation. To protect user’s privacy as well as perform controllable regulation, we realized the proposed system by utilizing threshold homomorphic encryption to encrypt user’s transaction values and balance. The encryption is done with regulators’ thresholdized keys and thus limits regulators’ ability to decrypt a transaction. In addition, with the homomorphic property, we can update the user’s balance without decrypting the transaction value or the user’s balance and thus preserve on-chain privacy. The proposed system also satisfies the security requirements and and a prototype implementation is provided for the performance analysis. en_US dc.description.tableofcontents 致謝 v摘要 viiAbstract ixContents xiList of Tables xiiiList of Figures xvList of Definitions xvii1 Intorduction 11.1 Contribution 31.2 RelatedWorks 41.3 Organization 52 Preliminaries 72.1 Commitmentscheme 72.2 Public-KeyEncryption 92.3 Threshold Cryptosystem without a Trusted Party 102.4 AdditiveHomomorphicEncryption 112.5 DigitalSignature 112.6 Zero-knowledgeProofs 123 Confidential Blockchain Payment System with Regulation 153.1 SystemDescription 153.2 SystemModel 183.3 SecurityModel 194 The Proposed System 235 Security Analysis 376 Performance Evaluation 397 Conclusion and Future Work 41Bibliography 43 zh_TW dc.format.extent 746191 bytes - dc.format.mimetype application/pdf - dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0109753124 en_US dc.subject (關鍵詞) 可歸責性 zh_TW dc.subject (關鍵詞) 區塊鏈 zh_TW dc.subject (關鍵詞) 保密交易 zh_TW dc.subject (關鍵詞) 門檻加密 zh_TW dc.subject (關鍵詞) Accountability en_US dc.subject (關鍵詞) Blockchain en_US dc.subject (關鍵詞) Confidential transaction en_US dc.subject (關鍵詞) Threshold encryption en_US dc.title (題名) 具可控監管與交易保密功能之區塊鏈支付系統 zh_TW dc.title (題名) Blockchain-based Confidential Payment System with Controllable Regulation en_US dc.type (資料類型) thesis en_US dc.relation.reference (參考文獻) [AFM+ 14]Giuseppe Ateniese, Antonio Faonio, Bernardo Magri, and Breno de Medeiros. “Certified Bitcoins.” In: ACNS 2014. Vol. 8479. LNCS. Springer. 2014, pp. 80–96 (cit. p. 24).[BBB+ 18]Benedikt Bünz, Jonathan Bootle, Dan Boneh, et al. “Bulletproofs: Short Proofs for Confidential Transactions and More.” In: IEEE S&P 2018. IEEE. 2018, pp. 315–334 (cit. pp. 27, 28, 32, 39).[BBS02]Mihir Bellare, Alexandra Boldyreva, and Jessica Staddon. “Randomness Re-use in Multi- recipient Encryption Schemeas.” In: Public Key Cryptography — PKC 2003. Springer. 2002, pp. 85–99 (cit. p. 27).[BCG+ 14]Eli Ben Sasson, Alessandro Chiesa, Christina Garman, et al. “Zerocash: Decentralized anonymous payments from Bitcoin.” In: IEEE S&P 2014. IEEE. 2014, pp. 459–474 (cit. pp. 1, 4).[But14]Vitalik Buterin. Ethereum: A Next-Generation Smart Contract and Decentralized Application Platform. https://nft2x.com/wp-content/uploads/2021/03/ EthereumWP.pdf. 2014 (cit. p. 1).[CG15]Pyrros Chaidos and Jens Groth. “Making Sigma-protocols non-interactive without random oracles.” In: PKC 2015. Vol. 9020. LNCS. Springer. 2015, pp. 650–670 (cit. pp. 13, 39).[CMT+ 20]Yu Chen, Xuecheng Ma, Cong Tang, and Man Ho Au. “PGC: Decentralized confidential payment system with auditability.” In: ESORICS 2020. Vol. 12308. LNCS. Springer, 2020, pp. 591–610 (cit. p. 5).[CSL+ 18]Mauro Conti, E. Sandeep Kumar, Chhagan Lal, and Sushmita Ruj. “A survey on security and privacy issues of Bitcoin.” In: IEEE Commun. Surv. Tutorials. Vol. 20. IEEE. 2018, pp. 3416–3452 (cit. p. 1).[CZJ+ 17]Ethan Cecchetti, Fan Zhang, Yan Ji, et al. “Solidus: Confidential distributed ledger transactions via PVORM.” In: CCS 2017. ACM. 2017, pp. 701–717 (cit. p. 4).[DF89]Yvo Desmedt and Yair Frankel. “Threshold cryptosystems.” In: CRYPTO 1989. Vol. 435. LNCS. Springer. 1989, pp. 307–315 (cit. p. 17).[FS86]Amos Fiat and Adi Shamir. “How to prove yourself: Practical solutions to identification and signature problems.” In: Conference on the theory and application of cryptographic techniques. Springer. 1986, pp. 186–194 (cit. p. 13).[GGM16]Christina Garman, Matthew Green, and Ian Miers. “Accountable privacy for decentralized anonymous payments.” In: FC 2016. Vol. 9603. LNCS. Springer. 2016, pp. 81–98 (cit. p. 4).[IM13]C. Garman I. Miers and A. D. Rubin M. Green. “Zerocoin: Anonymous distributed E-cash from Bitcoin.” In: IEEE S&P 2013. IEEE. 2013, pp. 397–411 (cit. p. 4).[Kra03]Hugo Krawczyk. “SIGMA: The ‘SIGn-and-MAc’ approach to authenticated Diffie-Hellman and its use in the IKE protocols.” In: CRYPTO 2003. Vol. 2729. LNCS. Springer. 2003, pp. 400–425 (cit. pp. 13, 39).[LHH+ 20]Chao Lin, Debiao He, Xinyi Huang, Muhammad Khurram Khan, and Kim-Kwang Raymond Choo. “DCAP: A secure and efficient decentralized conditional anonymous payment system based on blockchain.” In: IEEE Trans. Inf. Forensics Secur. Vol. 15. 2020, pp. 2440–2452 (cit. p. 4).[MvF15]Killian J. McCarthy, Peter van Santen, and Ingo Fiedler. “Modeling the money launderer: Microtheoretical arguments on anti-money laundering policy.” In: International Review of Law and Economics. Vol. 43. Elsevier. 2015, pp. 148–155 (cit. p. 2).[Nak08]Satoshi Nakamoto. Bitcoin: A Peer-to-Peer Electronic Cash System. https://bitcoin. org/bitcoin.pdf. 2008 (cit. p. 1).[Ped91]Torben Pryds Pedersen. “A threshold cryptosystem without a trusted party.” In: EUROCRYPT. Vol. 547. LNCS. Springer. 1991, pp. 522–526 (cit. p. 10).[Ped92]Torben Pryds Pedersen. “Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing.” In: Advances in Cryptology — CRYPTO ’91. Springer. 1992, pp. 129–140 (cit. p. 8).[Pet19]Maksym Petkus. Why and how zk-SNARK works. http://arxiv.org/abs/1906.07221. 2019 (cit. p. 4).[PW11]Thomas Pietschmann and John Walker. Estimating Illicit Financial Flows Resulting From Drug Trafficking and other Transnational Organized Crimes. https://www.unodc.org/ documents / data - and - analysis / Studies / Illicit _ financial _ flows _ 2011 _ web.pdf. United Nations Office on Drugs and Crime, 2011 (cit. p. 2).[Sab13]N. Van Saberhagen. Cryptonote v 2.0. https://bytecoin.org/old/whitepaper.pdf. 2013 (cit. p. 4).[SAL+ 17]Shi-Feng Sun, Man Ho Au, Joseph K. Liu, and Tsz Hon Yuen. “RingCT 2.0: A compact accumulator-based (linkable ring signature) protocol for blockchain cryptocurrency Monero.” In: ESORICS 2017. Vol. 10493. LNCS. Springer. 2017, pp. 456–474 (cit. p. 1).[SHL+ 21]Xuemin Sherman Shen, Cheng Huang, Dongxiao Liu, et al. “Data management for future wireless networks: Architecture, privacy preservation, and regulation.” In: IEEE Netw. Vol. 35. IEEE. 2021, pp. 8–15 (cit. p. 1).[Wil18]Zachary J. Williamson. The AZTEC protocol. https://raw.githubusercontent.com/ AztecProtocol/AZTEC/master/AZTEC.pdf. 2018 (cit. p. 4).[WOD18]Rolf van Wegberg, Jan-Jaap Oerlemans, and Oskar van Deventer. “Bitcoin money laundering: Mixed results? An explorative study on money laundering of cybercrime proceeds using Bitcoin.” In: J. Financial Crime. Emerald Publishing Limited. 2018, pp. 419–435 (cit. p. 2).[XLN+ 22]Liang Xue, Dongxiao Liu, Jianbing Ni, Xiaodong Lin, and Xuemin Sherman Shen. “Enabling regulatory compliance and enforcement in decentralized anonymous payment.” In: IEEE Trans. Dependable Secur. Comput. IEEE. 2022 (cit. p. 5). zh_TW dc.identifier.doi (DOI) 10.6814/NCCU202201524 en_US
