Reference : Privacy Aspects and Subliminal Channels in Zcash
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/41278
Privacy Aspects and Subliminal Channels in Zcash
English
Biryukov, Alex mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) > ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)]
Feher, Daniel [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > > ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)]
Vitto, Giuseppe [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Nov-2019
Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Securit
Yes
International
ACM SIGSAC Conference on Computer and Communications Security
November 2019
London
UK
[en] privacy ; blockchain ; Zcash ; zk-SNARK ; subliminal channel
[en] In this paper we analyze two privacy and security issues for the
privacy-oriented cryptocurrency Zcash. First we study shielded
transactions and show ways to fingerprint user transactions, including
active attacks.We introduce two new attacks which we call
Danaan-gift attack and Dust attack. Following the recent Sapling
update of Zcash protocol we study the interaction between the new
and the old zk-SNARK protocols and the effects of their interaction
on transaction privacy. In the second part of the paper we check for
the presence of subliminal channels in the zk-SNARK protocol and
in Pedersen Commitments. We show presence of efficient 70-bit
channels which could be used for tagging of shielded transactions
which would allow the attacker (malicious transaction verifier)
to link transactions issued by a maliciously modified zk-SNARK
prover, while would be indistinguishable from regular transactions
for the honest verifier/user. We discuss countermeasures against
both of these privacy issues.
Fonds National de la Recherche - FnR
FinCrypt R-AGR-3328
Researchers ; Professionals ; Students ; General public
http://hdl.handle.net/10993/41278
10.1145/3319535.3345663
https://www.cryptolux.org/index.php/Cryptocurrency_FinTech
FnR ; FNR11684537 > Alex Biryukov > FinCrypt > Security, Scalability, and Privacy in Blockchain Applications and Smart Contracts > 01/08/2018 > 31/07/2021 > 2017

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
Post_sapling_ZC_paper.pdfAuthor postprint995.79 kBView/Open

Additional material(s):

File Commentary Size Access
Open access
Post_sapling_slides.pdfSlides of the presentation3.21 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.