Privacy Aspects and Subliminal Channels in Zcash

Biryukov, Alex; Feher, Daniel; Vitto, Giuseppe

doi:10.1145/3319535.3345663

Download

Paper published in a book (Scientific congresses, symposiums and conference proceedings)

Privacy Aspects and Subliminal Channels in Zcash

Biryukov, Alex; Feher, Daniel; Vitto, Giuseppe

2019 • In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Securit

Peer reviewed

Permalink
https://hdl.handle.net/10993/41278

DOI
10.1145/3319535.3345663

Files (2)Send to Details Statistics Bibliography Similar publications

Files

Full Text

Post_sapling_ZC_paper.pdf

Author postprint (1.02 MB)

Download

Annexes

Post_sapling_slides.pdf

(3.28 MB)

Slides of the presentation

Download

All documents in ORBilu are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

privacy; blockchain; Zcash; zk-SNARK; subliminal channel

Abstract :

[en] In this paper we analyze two privacy and security issues for the privacy-oriented cryptocurrency Zcash. First we study shielded transactions and show ways to fingerprint user transactions, including active attacks.We introduce two new attacks which we call Danaan-gift attack and Dust attack. Following the recent Sapling update of Zcash protocol we study the interaction between the new and the old zk-SNARK protocols and the effects of their interaction on transaction privacy. In the second part of the paper we check for the presence of subliminal channels in the zk-SNARK protocol and in Pedersen Commitments. We show presence of efficient 70-bit channels which could be used for tagging of shielded transactions which would allow the attacker (malicious transaction verifier) to link transactions issued by a maliciously modified zk-SNARK prover, while would be indistinguishable from regular transactions for the honest verifier/user. We discuss countermeasures against both of these privacy issues.

Disciplines :

Computer science

Author, co-author :

Biryukov, Alex ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

Feher, Daniel ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)

Vitto, Giuseppe ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

External co-authors :

Language :

English

Title :

Privacy Aspects and Subliminal Channels in Zcash

Publication date :

November 2019

Event name :

ACM SIGSAC Conference on Computer and Communications Security

Event place :

London, United Kingdom

Event date :

November 2019

Audience :

International

Main work title :

Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Securit

Peer reviewed :

Peer reviewed

Focus Area :

Security, Reliability and Trust

Additional URL :

https://www.cryptolux.org/index.php/Cryptocurrency_FinTech

FnR Project :

FNR11684537 - Security, Scalability, And Privacy In Blockchain Applications And Smart Contracts, 2017 (01/08/2018-31/07/2021) - Alex Biryukov

Name of the research project :

FinCrypt R-AGR-3328

Funders :

FNR - Fonds National de la Recherche [LU]

Available on ORBilu :

since 12 December 2019

Statistics

Number of views

346 (22 by Unilu)

Number of downloads

7269 (22 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

OpenCitations

WoS citations^™