Reference : Privacy Aspects and Subliminal Channels in Zcash |
Scientific congresses, symposiums and conference proceedings : Paper published in a book | |||
Engineering, computing & technology : Computer science | |||
Security, Reliability and Trust | |||
http://hdl.handle.net/10993/41278 | |||
Privacy Aspects and Subliminal Channels in Zcash | |
English | |
Biryukov, Alex ![]() | |
Feher, Daniel [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > > ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)] | |
Vitto, Giuseppe [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >] | |
Nov-2019 | |
Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Securit | |
Yes | |
International | |
ACM SIGSAC Conference on Computer and Communications Security | |
November 2019 | |
London | |
UK | |
[en] privacy ; blockchain ; Zcash ; zk-SNARK ; subliminal channel | |
[en] In this paper we analyze two privacy and security issues for the
privacy-oriented cryptocurrency Zcash. First we study shielded transactions and show ways to fingerprint user transactions, including active attacks.We introduce two new attacks which we call Danaan-gift attack and Dust attack. Following the recent Sapling update of Zcash protocol we study the interaction between the new and the old zk-SNARK protocols and the effects of their interaction on transaction privacy. In the second part of the paper we check for the presence of subliminal channels in the zk-SNARK protocol and in Pedersen Commitments. We show presence of efficient 70-bit channels which could be used for tagging of shielded transactions which would allow the attacker (malicious transaction verifier) to link transactions issued by a maliciously modified zk-SNARK prover, while would be indistinguishable from regular transactions for the honest verifier/user. We discuss countermeasures against both of these privacy issues. | |
Fonds National de la Recherche - FnR | |
FinCrypt R-AGR-3328 | |
Researchers ; Professionals ; Students ; General public | |
http://hdl.handle.net/10993/41278 | |
10.1145/3319535.3345663 | |
https://www.cryptolux.org/index.php/Cryptocurrency_FinTech | |
FnR ; FNR11684537 > Alex Biryukov > FinCrypt > Security, Scalability, and Privacy in Blockchain Applications and Smart Contracts > 01/08/2018 > 31/07/2021 > 2017 |
File(s) associated to this reference | ||||||||||||||||||||||||
Fulltext file(s):
Additional material(s):
| ||||||||||||||||||||||||
All documents in ORBilu are protected by a user license.