TY - GEN
T1 - BlindHub
T2 - 44th IEEE Symposium on Security and Privacy, SP 2023
AU - Qin, Xianrui
AU - Pan, Shimin
AU - Mirzaei, Arash
AU - Sui, Zhimei
AU - Ersoy, Oguzhan
AU - Sakzad, Amin
AU - Esgin, Muhammed F.
AU - Liu, Joseph K.
AU - Yu, Jiangshan
AU - Yuen, Tsz Hon
N1 - Funding Information:
We thank Erkan Tairi, Xinyu Li, Ron Steinfeld, Raphael Phan, Shabnam Kasra Kermanshahi, Sushmita Ruj and anonymous reviewers for useful discussions and suggestions. This work is supported by the Australian Research Council (ARC) under project DE210100019 and project DP220101234, the Research Grant Council of Hong Kong (GRF project 106220117).
Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Payment Channel Hub (PCH) is a promising solution to the scalability issue of first-generation blockchains or cryptocurrencies such as Bitcoin. It supports off-chain payments between a sender and a receiver through an intermediary (called the tumbler). Relationship anonymity and value privacy are desirable features of privacy-preserving PCHs, which prevent the tumbler from identifying the sender and receiver pairs as well as the payment amounts. To our knowledge, all existing Bitcoin-compatible PCH constructions that guarantee relationship anonymity allow only a (predefined) fixed payment amount. Thus, to achieve payments with different amounts, they would require either multiple PCH systems or running one PCH system multiple times. Neither of these solutions would be deemed practical.In this paper, we propose the first Bitcoin-compatible PCH that achieves relationship anonymity and supports variable amounts for payment. To achieve this, we have several layers of technical constructions, each of which could be of independent interest to the community. First, we propose BlindChannel, a novel bi-directional payment channel protocol for privacy-preserving payments, where one of the channel parties is unable to see the channel balances. Then, we further propose BlindHub, a three-party (sender, tumbler, receiver) protocol for private conditional payments, where the tumbler pays to the receiver only if the sender pays to the tumbler. The appealing additional feature of BlindHub is that the tumbler cannot link the sender and the receiver while supporting a variable payment amount. To construct BlindHub, we also introduce two new cryptographic primitives as building blocks, namely Blind Adaptor Signature (BAS), and Flexible Blind Conditional Signature (FBCS). BAS is an adaptor signature protocol built on top of a blind signature scheme. FBCS is a new cryptographic notion enabling us to provide an atomic and privacy-preserving PCH. Lastly, we instantiate both BlindChannel and BlindHub protocols and present implementation results to show their practicality.
AB - Payment Channel Hub (PCH) is a promising solution to the scalability issue of first-generation blockchains or cryptocurrencies such as Bitcoin. It supports off-chain payments between a sender and a receiver through an intermediary (called the tumbler). Relationship anonymity and value privacy are desirable features of privacy-preserving PCHs, which prevent the tumbler from identifying the sender and receiver pairs as well as the payment amounts. To our knowledge, all existing Bitcoin-compatible PCH constructions that guarantee relationship anonymity allow only a (predefined) fixed payment amount. Thus, to achieve payments with different amounts, they would require either multiple PCH systems or running one PCH system multiple times. Neither of these solutions would be deemed practical.In this paper, we propose the first Bitcoin-compatible PCH that achieves relationship anonymity and supports variable amounts for payment. To achieve this, we have several layers of technical constructions, each of which could be of independent interest to the community. First, we propose BlindChannel, a novel bi-directional payment channel protocol for privacy-preserving payments, where one of the channel parties is unable to see the channel balances. Then, we further propose BlindHub, a three-party (sender, tumbler, receiver) protocol for private conditional payments, where the tumbler pays to the receiver only if the sender pays to the tumbler. The appealing additional feature of BlindHub is that the tumbler cannot link the sender and the receiver while supporting a variable payment amount. To construct BlindHub, we also introduce two new cryptographic primitives as building blocks, namely Blind Adaptor Signature (BAS), and Flexible Blind Conditional Signature (FBCS). BAS is an adaptor signature protocol built on top of a blind signature scheme. FBCS is a new cryptographic notion enabling us to provide an atomic and privacy-preserving PCH. Lastly, we instantiate both BlindChannel and BlindHub protocols and present implementation results to show their practicality.
UR - http://www.scopus.com/inward/record.url?scp=85166477037&partnerID=8YFLogxK
U2 - 10.1109/SP46215.2023.10179427
DO - 10.1109/SP46215.2023.10179427
M3 - Conference Paper
AN - SCOPUS:85166477037
SN - 9781665493376
T3 - Proceedings - IEEE Symposium on Security and Privacy
SP - 2462
EP - 2480
BT - Proceedings - 44th IEEE Symposium on Security and Privacy, SP 2023
PB - IEEE, Institute of Electrical and Electronics Engineers
CY - Piscataway NJ USA
Y2 - 22 May 2023 through 25 May 2023
ER -