Privacy Aspects and Subliminal Channels in Zcash

BIRYUKOV, Alex; FEHER, Daniel; VITTO, Giuseppe

doi:10.1145/3319535.3345663

Télécharger

Communication publiée dans un ouvrage (Colloques, congrès, conférences scientifiques et actes)

Privacy Aspects and Subliminal Channels in Zcash

BIRYUKOV, Alex; FEHER, Daniel; VITTO, Giuseppe

2019 • In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Securit

Peer reviewed

Permalien
https://hdl.handle.net/10993/41278

DOI
10.1145/3319535.3345663

Documents (2)Envoyer vers Détails Statistiques Bibliographie Publications similaires

Documents

Texte intégral

Post_sapling_ZC_paper.pdf

Postprint Auteur (1.02 MB)

Télécharger

Annexes

Post_sapling_slides.pdf

(3.28 MB)

Slides of the presentation

Télécharger

Tous les documents dans ORBilu sont protégés par une licence d'utilisation.

Envoyer vers

RIS BibTex APA Chicago Permalink X Linkedin

Détails

Mots-clés :

privacy; blockchain; Zcash; zk-SNARK; subliminal channel

Résumé :

[en] In this paper we analyze two privacy and security issues for the privacy-oriented cryptocurrency Zcash. First we study shielded transactions and show ways to fingerprint user transactions, including active attacks.We introduce two new attacks which we call Danaan-gift attack and Dust attack. Following the recent Sapling update of Zcash protocol we study the interaction between the new and the old zk-SNARK protocols and the effects of their interaction on transaction privacy. In the second part of the paper we check for the presence of subliminal channels in the zk-SNARK protocol and in Pedersen Commitments. We show presence of efficient 70-bit channels which could be used for tagging of shielded transactions which would allow the attacker (malicious transaction verifier) to link transactions issued by a maliciously modified zk-SNARK prover, while would be indistinguishable from regular transactions for the honest verifier/user. We discuss countermeasures against both of these privacy issues.

Disciplines :

Sciences informatiques

Auteur, co-auteur :

BIRYUKOV, Alex ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

FEHER, Daniel ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)

VITTO, Giuseppe ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

Co-auteurs externes :

Langue du document :

Anglais

Titre :

Privacy Aspects and Subliminal Channels in Zcash

Date de publication/diffusion :

novembre 2019

Nom de la manifestation :

ACM SIGSAC Conference on Computer and Communications Security

Lieu de la manifestation :

London, Royaume-Uni

Date de la manifestation :

November 2019

Manifestation à portée :

International

Titre de l'ouvrage principal :

Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Securit

Peer reviewed :

Peer reviewed

Focus Area :

Security, Reliability and Trust

URL complémentaire :

https://www.cryptolux.org/index.php/Cryptocurrency_FinTech

Projet FnR :

FNR11684537 - Security, Scalability, And Privacy In Blockchain Applications And Smart Contracts, 2017 (01/08/2018-31/07/2021) - Alex Biryukov

Intitulé du projet de recherche :

FinCrypt R-AGR-3328

Organisme subsidiant :

FNR - Fonds National de la Recherche

Disponible sur ORBilu :

depuis le 12 décembre 2019

Statistiques

Nombre de vues

492 (dont 23 Unilu)

Nombre de téléchargements

7791 (dont 28 Unilu)

Voir plus de statistiques

citations Scopus^®

citations Scopus^®
sans auto-citations

OpenCitations

citations OpenAlex

citations WoS^™