Privacy in blockchain systems

Osmanoglu, Murat; Selcuk, Ali Aydin

doi:10.3906/elk-2105-183

Privacy in blockchain systems

Murat OSMANOĞLU, (Ankara Üniversitesi, Mühendislik Fakültesi, Bilgisayar Mühendisliği Bölümü, Ankara, Türkiye)

Ali Aydın SELÇUK (TOBB Ekonomi ve Teknoloji Üniversitesi, Mühendislik Fakültesi, Bilgisayar Mühendisliği Bölümü, Ankara, Türkiye)

Turkish Journal of Electrical Engineering and Computer Sciences

2 0

Yıl: 2022 Cilt: 30 Sayı: SI-12 Sayfa Aralığı: 344 - 360 Metin Dili: İngilizce DOI: 10.3906/elk-2105-183 İndeks Tarihi: 08-07-2022

Privacy in blockchain systems

Öz:

Privacy of blockchains has been a matter of discussion since the inception of Bitcoin. Various techniques with a varying degree of privacy protection and complexity have been proposed over the past decade. In this survey, we present a systematic analysis of these proposals in four categories: (i) identity, (ii) transaction, (iii) consensus, and (iv) smart contract privacy. Each of these categories have privacy requirements of its own, and various solutions have been proposed to meet these requirements. Almost every technique in the literature of privacy enhancing technologies have been applied to blockchains: mix networks, zero-knowledge proofs, blind signatures, ring signatures, secure MPC, homomorphic encryption, to name just a few. We analyze each category separately in the paper. We first define the related privacy issues, and then review the proposed solutions. The limitations of each solution and the attacks discovered are also discussed along with the proposals. For each category, we first define the relevant privacy issues, and then review the proposed solutions along with their features and limitations.

Anahtar Kelime:

Belge Türü: Makale Makale Türü: Araştırma Makalesi Erişim Türü: Erişime Açık

[1] Alsalami N, Zhang B. SoK: A systematic study of anonymity in cryptocurrencies. In: IEEE Conference on Dependable and Secure Computing; Hangzhou, China; 2019. pp. 1-9.
[2] Androulaki E, Camenisch J, Caro AD, Dubovitskaya M, Elkhiyaoui K et al. Privacy-preserving auditable token payments in a permissioned blockchain system. In: the 2nd ACM Conference on Advances in Financial Technologies; New York, NY, USA; 2020. pp. 255-267.
[3] Androulaki E, Karame G, Roeschlin M, Scherer T, Capkun S. Evaluating user privacy in bitcoin. In: Financial Cryptography and Data Security; Okinawa, Japan; 2013. pp. 34-51.
[4] Androulaki E, Karame GO. Hiding transaction amounts and balances in bitcoin. In: International Conference on Trust and Trustworthy Computing; Heraklion, Crete; 2014. pp. 161-178.
[5] Azouvi S, McCorry P, Meiklejohn S. Betting on blockchain consensus with fantomette. CoRR, abs/1805.06786.
[6] Baldimtsi F, Madathil V, Scafuro A, Zhou L. Anonymous lottery in the proof-of-stake setting. In: IEEE Computer Security Foundations Symposium; Boston, MA, USA; 2020. pp. 318-333.
[7] Baum C, Damg̊ard I, Orlandi C. Publicly auditable secure multi-party computation. In: International Conference on Security and Cryptography for Networks; Amalfi, Italy; 2014. pp. 175-196.
[8] Ben-Sasson E, Chiesa A, Garman C, Green M, Miers I et al. Zerocash: Decentralized anonymous payments from bitcoin. In: IEEE Symposium on Security and Privacy; Berkeley, CA, USA; 2014. pp. 459-474.
[9] Ben-Sasson E, Chiesa A, Green M, Tromer E, Virza M. Secure sampling of public parameters for succinct zero knowledge proofs. In: IEEE Symposium on Security and Privacy; San Jose, CA, USA; 2015. pp. 287-304.
[10] Benhamouda F, Halevi S, Halevi T. Supporting private data on Hyperledger Fabric with secure multiparty computation. In: IEEE International Conference on Cloud Engineering; Orlando, FL, USA; 2018. pp. 357-363.
[11] Bicer O, Kupcu A. Anonymous, attribute based, decentralized, secure, and fair e-donation. In: Privacy Enhancing Technologies Symposium; 2020. pp. 196-219.
[12] Biryukov A, Khovratovich D, Pustogarov I. Deanonymisation of clients in bitcoin P2P network. In: ACM SIGSAC Conference on Computer and Communications Security; Scottsdale, AZ, USA; 2014. pp. 15-29.
[13] Bissias GD, Ozisik AP, Levine BN, Liberatore M. Sybil-resistant mixing for bitcoin. In: the 13th Workshop on Privacy in the Electronic Society; Scottsdale, AZ, USA; 2014. pp. 149-158.
[14] Bitansky N, Canetti R, Chiesa A, Tromer E. From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again. In: Innovations in Theoretical Computer Science; Cambridge, MA, USA; 2012. pp. 326-349.
[15] Blum M, Santis AD, Micali S, Persiano G. Noninteractive zero-knowledge. SIAM Journal on Computing 1991; 20 (6):1084–1118.
[16] Boneh D, Eskandarian S, Hanzlik L, Greco N. Single secret leader election. In: ACM Conference on Advances in Financial Technologies; New York, NY, USA; 2020. pp. 12-24.
[17] Bonneau J, Narayanan A, Miller A, Clark J, Kroll JA et al. Mixcoin: Anonymity for bitcoin with accountable mixes. In: Financial Cryptography and Data Security; Christ Church, Barbados; 2014. pp. 486-504.
[18] Bowe S, Gabizon A, Green MD. A multi-party protocol for constructing the public parameters of the pinocchio zk-snark. In: Financial Cryptography and Data Security; Nieuwpoort, Curacao; 2018. pp. 64-77.
[19] Bulck JV, Minkin M, Weisse O, Genkin D, Kasikci B et al. Breaking virtual memory protection and the SGX ecosystem with foreshadow. IEEE Micro 2019; 39 (3):66–74.
[20] Bunz B, Agrawal S, Zamani M, Boneh D. Zether: Towards privacy in a smart contract world. In: Financial Cryptography and Data Security; Kota Kinabalu, Malaysia; 2020. pp. 423-443.
[21] Bunz B, Bootle J, Boneh D, Poelstra A, Wuille P et al. Bulletproofs: Short proofs for confidential1transactions and more. In: IEEE Symposium on Security and Privacy; San Francisco, CA, USA; 2018. pp. 315-334.
[22] Buterin V. (2018). Ethereum: A next-generation smart contract and decentralized application platform [online]. Website https://ethereum.org/en/whitepaper/ [accessed 15 May 2021].
[23] Chainalysis Team (2021). Alt-right groups and personalities involved in the January 2021 Capitol riot received over 500K in bitcoin from French donor one month prior [online]. Website https://blog.chainalysis.com/reports/capitolriot-bitcoin-6donation-alt-right-domestic-extremism [accessed 17 May 2021].
[24] Chaum D. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 1981; 24:84-88.
[25] Chaum D. Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM 1985; 28 (10):1030-1044.
[26] Chaum D, van Heyst E. Group signatures. In: International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT); Brighton, UK; 1991. pp. 257-265.
[27] Chen J, Micali S. Algorand: A secure and efficient distributed ledger. Theoretical Computer Science 2019; 777:155– 183.
[28] Chen L, Lee W, Chang C, Choo KR, Zhang N. Blockchain based searchable encryption for electronic health record sharing. Future Generation Computer Systems 2019; 95:420–429.
[29] Cheng R, Zhang F, Kos J, He W, Hynes N et al. Ekiden: A platform for confidentiality-preserving, trustworthy, and performant smart contracts. In: IEEE European Symp. on Security and Privacy; Stockholm, Sweden; 2019.
[30] David B, Gazi P, Kiayias A, Russell A. Ouroboros praos: An adaptively-secure, semi-synchronous proof-of-stake blockchain. In: International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT); 2018. pp. 66-98.
[31] Dingledine R, Mathewson N, Syverson PF. Tor: The second-generation onion router. In: USENIX Security Symposium; San Diego, CA, USA; 2004. pp. 303-320.
[32] Fujisaki E, Suzuki K. Traceable ring signature. In: International Conference on Practice and Theory in Public-Key Cryptography; Beijing, China; 2007. pp. 181-200.
[33] Ganesh C, Orlandi C, Tschudi D. Proof-of-stake protocols for privacy-aware blockchains. In: EUROCRYPT; Darmstadt, Germany; 2019. pp. 690-719.
[34] Garman C, Green M, Miers I. Accountable privacy for decentralized anonymous payments. In: Financial Cryptography and Data Security; Frigate Bay, St. Kitts and Nevis; 2016. pp. 81-98.
[35] Garman C, Green M, Miers I, Rubin AD. Rational zero: Economic security for zerocoin with everlasting anonymity. In: Financial Cryptography and Data Security; Christ Church, Barbados; 2014. pp. 140-155.
[36] Genkin D, Papadopoulos D, Papamanthou C. Privacy in decentralized cryptocurrencies. Communications of the ACM 2018; 61 (6):78–88.
[37] Goldwasser S, Micali S, Rackoff C. The knowledge complexity of interactive proof-systems (extended abstract). In: ACM Symposium on Theory of Computing; Providence, Rhode Island, USA; 1985. pp. 291-304.
[38] Graf M, Kuesters R, Rausch D. Accountability in a permissioned blockchain: Formal analysis of hyperledger fabric. In: IEEE European Symposium on Security and Privacy; Genoa, Italy; 2020. pp. 236-255.
[39] Greenberg A. (2015). Prosecutors trace 13.4M in bitcoins from the Silk Road to Ulbricht’s laptop [online]. Website https://www.wired.com/2015/01/prosecutors-trace-13-4-million-bitcoins-silk-road-ulbrichts-laptop/ [accessed 19 May 2021]
[40] Halevi T, Benhamouda F, Caro AD, Halevi S, Jutla CS et al. Initial public offering (IPO) on permissioned blockchain using secure multiparty computation. In: IEEE International Conference on Blockchain; Atlanta, GA, USA; 2019. pp. 91-98.
[41] Heilman E, Alshenibr L, Baldimtsi F, Scafuro A, Goldberg S. Tumblebit: An untrusted bitcoin-compatible anonymous payment hub. In: NDSS; San Diego, California, USA; 2017.
[42] Hu S, Cai C, Wang Q, Wang C, Luo X. et al. Searching an encrypted cloud meets blockchain: A decentralized, reliable and fair realization. In: IEEE Conference on Computer Communications; Honolulu, HI, USA; 2018.
[43] Hyperledger Fabric (2021). What is Hyperledger Fabric? [online]. Website https://www.ibm.com/topics/hyperledger [accessed 6 May 2021]
[44] Kappos G, Yousaf H, Maller M, Meiklejohn S. An empirical analysis of anonymity in zcash. In: USENIX Security Symposium; Baltimore, MD, USA; 2018. pp. 463-477.
[45] Kerber T, Kiayias A, Kohlweiss M, Zikas V. Ouroboros crypsinous: Privacy-preserving proof-of-stake. In: IEEE Symposium on Security and Privacy; San Francisco, CA, USA; 2019. pp. 157-174.
[46] Khalilov MCK, Levi A. A survey on anonymity and privacy in bitcoin-like digital cash systems. IEEE Communications Surveys and Tutorials 2018; 20(3):2543-2585.
[47] Kohlweiss M, Madathil V, Nayak K, Scafuro A. (2021). On the anonymity guarantees of anonymous proof-of-stake protocols [online]. Website https://eprint.iacr.org/2021/409 [accessed 10 May 2021].
[48] Kosba AE, Miller A, Shi E, Wen Z, Papamanthou C. Hawk: The blockchain model of cryptography and privacypreserving smart contracts. In: IEEE Symposium on Security and Privacy; San Jose, CA, USA; 2016.
[49] Kumar A, Fischer C, Tople S, Saxena P. A traceability analysis of monero’s blockchain. In: European Symposium on Research in Computer Security; Oslo, Norway; 2017. pp. 153-173.
[50] Lu Y, Tang Q, Wang G. Zebralancer: Private and anonymous crowdsourcing system atop open blockchain. In: IEEE International Conference on Distributed Computing Systems; Vienna, Austria; 2018. pp. 853-865.
[51] Maxwell G. (2013). Coinjoin: Bitcoin privacy for the real world [online]. Website https://bitcointalk.org/index.php?topic=279249.0 [accessed 11 April 2021].
[52] Maxwell G. (2013). Coinswap: Transaction graph disjoint trustless trading [online]. Website https://bitcointalk.org/index.php?topic=321228.0. [accessed 11 April 2021].
53] Meiklejohn S, Pomarole M, Jordan G, Levchenko K, McCoy D et al. A fistful of bitcoins: characterizing payments among men with no names. Communications of the ACM 2016; 59 (4):86–93.
[54] Miers I, Garman C, Green M, Rubin AD. Zerocoin: Anonymous distributed e-cash from bitcoin. In: IEEE Symposium on Security and Privacy; Berkeley, CA, USA; 2013. pp. 397–411.
[55] Moore T, Christin N. Beware the middleman: Empirical analysis of bitcoin-exchange risk. In: Financial Cryptography and Data Security; Okinawa, Japan; 2013. pp. 25-33.
[56] Nakamoto S. (2008). Bitcoin: A peer-to-peer electronic cash system [online]. Website http://bitcoin.org/bitcoin.pdf [accessed 14 May 2021].
[57] Narula N, Vasquez W, Virza M. zkledger: Privacy-preserving auditing for distributed ledgers. In: USENIX Symposium on Networked Systems Design and Implementation; Renton, WA, USA; 2018. pp. 65-80.
[58] Noether S. (2015). Ring signature confidential transactions for monero [online]. Website http://eprint.iacr.org/2015/1098 [accessed 11 May 2021].
[59] Ozdemir A, Wahby RS, Whitehat B, Boneh D. Scaling verifiable computation using efficient set accumulators In: USENIX Security Symposium; 2020. pp. 2075-2092.
[60] Rivest RL, Shamir A, Tauman Y. How to leak a secret. In: International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT); Gold Coast, Australia; 2001. pp. 552-565.
[61] Ruffing T, Moreno-Sanchez P, Kate A. Coinshuffle: Practical decentralized coin mixing for bitcoin. In: European Symposium on Research in Computer Security; Wroclaw, Poland; 2014. pp. 345-364.
[62] Ruffing T, Moreno-Sanchez P, Kate A. P2P mixing and unlinkable bitcoin transactions. In: Network and Distributed System Security Symposium; San Diego, California, USA; 2017.
[63] Song DX, Wagner DA, Perrig A. Practical techniques for searches on encrypted data. In: IEEE Symposium on Security and Privacy; Berkeley, California, USA; 2000. pp. 44-55.
[64] Steffen S, Bichsel B, Gersbach M, Melchior N. et al. zkay: Specifying and enforcing data privacy in smart contracts. In: ACM SIGSAC Conference on Computer and Communications Security; London, UK; 2019. pp. 1759-1776.
[65] Sun S, Au MH, Liu JK, Yuen TH. Ringct 2.0: A compact accumulator-based (linkable ring signature) protocol for blockchain cryptocurrency monero. In: ESORICS; Oslo, Norway; 2017.
[66] Tang Q. Towards blockchain-enabled searchable encryption. In: International Conference on Information and Communications Security; Beijing, China; 2019. pp. 482-500.
[67] Valenta L, Rowan B. Blindcoin: Blinded, accountable mixes for bitcoin. In: Financial Cryptography and Data Security; San Juan, Puerto Rico; 2015. pp. 112-126.
[68] van Saberhagen N. (2013). Cryptonote v 2.0 [online]. Website https://bytecoin.org/old/whitepaper.pdf [accessed 13 May 2021].
[69] Xu J, Xue K, Li S, Tian H, Hong J et al. Healthchain: A blockchain-based privacy preserving scheme for large-scale health data. IEEE Internet of Things Journal 2019; 6 (5):8770–8781.
[70] Yuen TH, Sun S, Liu JK, Au MH, Esgin MF et al. RingCT 3.0 for blockchain confidential transaction: Shorter size and stronger security. In: Financial Cryptography and Data Security; Kota Kinabalu, Malaysia; 2020.
[71] Zhang Z, Li W, Liu H, Liu J. A refined analysis of Zcash anonymity. IEEE Access 2020; 8:31845–31853.
[72] Ziegeldorf JH, Grossmann F, Henze M, Inden N, Wehrle K. Coinparty: Secure multi-party mixing of bitcoins. In: ACM Conference on Data and Application Security and Privacy; San Antonio, TX, USA; 2015.
[73] Zyskind G, Nathan O, Pentland A. Enigma: Decentralized computation platform with guaranteed privacy. CoRR, abs/1506.03471, 2015.

APA	Osmanoglu M, Selcuk A (2022). Privacy in blockchain systems. , 344 - 360. 10.3906/elk-2105-183
Chicago	Osmanoglu Murat,Selcuk Ali Aydin Privacy in blockchain systems. (2022): 344 - 360. 10.3906/elk-2105-183
MLA	Osmanoglu Murat,Selcuk Ali Aydin Privacy in blockchain systems. , 2022, ss.344 - 360. 10.3906/elk-2105-183
AMA	Osmanoglu M,Selcuk A Privacy in blockchain systems. . 2022; 344 - 360. 10.3906/elk-2105-183
Vancouver	Osmanoglu M,Selcuk A Privacy in blockchain systems. . 2022; 344 - 360. 10.3906/elk-2105-183
IEEE	Osmanoglu M,Selcuk A "Privacy in blockchain systems." , ss.344 - 360, 2022. 10.3906/elk-2105-183
ISNAD	Osmanoglu, Murat - Selcuk, Ali Aydin. "Privacy in blockchain systems". (2022), 344-360. https://doi.org/10.3906/elk-2105-183

APA	Osmanoglu M, Selcuk A (2022). Privacy in blockchain systems. Turkish Journal of Electrical Engineering and Computer Sciences, 30(SI-12), 344 - 360. 10.3906/elk-2105-183
Chicago	Osmanoglu Murat,Selcuk Ali Aydin Privacy in blockchain systems. Turkish Journal of Electrical Engineering and Computer Sciences 30, no.SI-12 (2022): 344 - 360. 10.3906/elk-2105-183
MLA	Osmanoglu Murat,Selcuk Ali Aydin Privacy in blockchain systems. Turkish Journal of Electrical Engineering and Computer Sciences, vol.30, no.SI-12, 2022, ss.344 - 360. 10.3906/elk-2105-183
AMA	Osmanoglu M,Selcuk A Privacy in blockchain systems. Turkish Journal of Electrical Engineering and Computer Sciences. 2022; 30(SI-12): 344 - 360. 10.3906/elk-2105-183
Vancouver	Osmanoglu M,Selcuk A Privacy in blockchain systems. Turkish Journal of Electrical Engineering and Computer Sciences. 2022; 30(SI-12): 344 - 360. 10.3906/elk-2105-183
IEEE	Osmanoglu M,Selcuk A "Privacy in blockchain systems." Turkish Journal of Electrical Engineering and Computer Sciences, 30, ss.344 - 360, 2022. 10.3906/elk-2105-183
ISNAD	Osmanoglu, Murat - Selcuk, Ali Aydin. "Privacy in blockchain systems". Turkish Journal of Electrical Engineering and Computer Sciences 30/SI-12 (2022), 344-360. https://doi.org/10.3906/elk-2105-183