RingCT 2.0: A compact accumulator-based (linkable ring signature) protocol for blockchain cryptocurrency Monero

Shi-Feng Sun, Man Ho Au, Joseph K. Liu, Tsz Hon Yuen

    Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

    Abstract

    In this work, we initially study the necessary properties and security requirements of Ring Confidential Transaction (RingCT) protocol deployed in the popular anonymous cryptocurrency Monero. Firstly, we formalize the syntax of RingCT protocol and present several formal security definitions according to its application in Monero. Based on our observations on the underlying (linkable) ring signature and commitment schemes, we then put forward a new efficient RingCT protocol (RingCT 2.0), which is built upon the well-known Pedersen commitment, accumulator with one-way domain and signature of knowledge (which altogether perform the functions of a linkable ring signature). Besides, we show that it satisfies the security requirements if the underlying building blocks are secure in the random oracle model. In comparison with the original RingCT protocol, our RingCT 2.0 protocol presents a significant space saving, namely, the transaction size is independent of the number of groups of input accounts included in the generalized ring while the original RingCT suffers a linear growth with the number of groups, which would allow each block to process more transactions.

    Original languageEnglish
    Title of host publicationComputer Security – ESORICS 2017 - 22nd European Symposium on Research in Computer Security, Proceedings
    EditorsSimon Foley, Einar Snekkenes, Dieter Gollmann
    Place of PublicationCham, Switzerland
    PublisherSpringer
    Pages456-474
    Number of pages19
    Volume10493
    ISBN (Electronic)9783319663999
    ISBN (Print)9783319663982
    DOIs
    Publication statusPublished - 2017
    EventEuropean Symposium On Research In Computer Security 2017 - Oslo, Norway
    Duration: 11 Sep 201715 Sep 2017
    Conference number: 22nd

    Publication series

    NameLecture Notes in Computer Science
    Volume10493
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Conference

    ConferenceEuropean Symposium On Research In Computer Security 2017
    Abbreviated titleESORICS 2017
    CountryNorway
    CityOslo
    Period11/09/1715/09/17

    Cite this

    Sun, S-F., Au, M. H., Liu, J. K., & Yuen, T. H. (2017). RingCT 2.0: A compact accumulator-based (linkable ring signature) protocol for blockchain cryptocurrency Monero. In S. Foley, E. Snekkenes, & D. Gollmann (Eds.), Computer Security – ESORICS 2017 - 22nd European Symposium on Research in Computer Security, Proceedings (Vol. 10493 , pp. 456-474). (Lecture Notes in Computer Science; Vol. 10493 ). Cham, Switzerland: Springer. https://doi.org/10.1007/978-3-319-66399-9_25
    Sun, Shi-Feng ; Au, Man Ho ; Liu, Joseph K. ; Yuen, Tsz Hon. / RingCT 2.0 : A compact accumulator-based (linkable ring signature) protocol for blockchain cryptocurrency Monero. Computer Security – ESORICS 2017 - 22nd European Symposium on Research in Computer Security, Proceedings. editor / Simon Foley ; Einar Snekkenes ; Dieter Gollmann. Vol. 10493 Cham, Switzerland : Springer, 2017. pp. 456-474 (Lecture Notes in Computer Science).
    @inproceedings{a00479893ea64511a00bc0b0de603a87,
    title = "RingCT 2.0: A compact accumulator-based (linkable ring signature) protocol for blockchain cryptocurrency Monero",
    abstract = "In this work, we initially study the necessary properties and security requirements of Ring Confidential Transaction (RingCT) protocol deployed in the popular anonymous cryptocurrency Monero. Firstly, we formalize the syntax of RingCT protocol and present several formal security definitions according to its application in Monero. Based on our observations on the underlying (linkable) ring signature and commitment schemes, we then put forward a new efficient RingCT protocol (RingCT 2.0), which is built upon the well-known Pedersen commitment, accumulator with one-way domain and signature of knowledge (which altogether perform the functions of a linkable ring signature). Besides, we show that it satisfies the security requirements if the underlying building blocks are secure in the random oracle model. In comparison with the original RingCT protocol, our RingCT 2.0 protocol presents a significant space saving, namely, the transaction size is independent of the number of groups of input accounts included in the generalized ring while the original RingCT suffers a linear growth with the number of groups, which would allow each block to process more transactions.",
    author = "Shi-Feng Sun and Au, {Man Ho} and Liu, {Joseph K.} and Yuen, {Tsz Hon}",
    year = "2017",
    doi = "10.1007/978-3-319-66399-9_25",
    language = "English",
    isbn = "9783319663982",
    volume = "10493",
    series = "Lecture Notes in Computer Science",
    publisher = "Springer",
    pages = "456--474",
    editor = "{ Foley}, {Simon } and Snekkenes, {Einar } and Gollmann, {Dieter }",
    booktitle = "Computer Security – ESORICS 2017 - 22nd European Symposium on Research in Computer Security, Proceedings",

    }

    Sun, S-F, Au, MH, Liu, JK & Yuen, TH 2017, RingCT 2.0: A compact accumulator-based (linkable ring signature) protocol for blockchain cryptocurrency Monero. in S Foley, E Snekkenes & D Gollmann (eds), Computer Security – ESORICS 2017 - 22nd European Symposium on Research in Computer Security, Proceedings. vol. 10493 , Lecture Notes in Computer Science, vol. 10493 , Springer, Cham, Switzerland, pp. 456-474, European Symposium On Research In Computer Security 2017, Oslo, Norway, 11/09/17. https://doi.org/10.1007/978-3-319-66399-9_25

    RingCT 2.0 : A compact accumulator-based (linkable ring signature) protocol for blockchain cryptocurrency Monero. / Sun, Shi-Feng; Au, Man Ho; Liu, Joseph K.; Yuen, Tsz Hon.

    Computer Security – ESORICS 2017 - 22nd European Symposium on Research in Computer Security, Proceedings. ed. / Simon Foley; Einar Snekkenes; Dieter Gollmann. Vol. 10493 Cham, Switzerland : Springer, 2017. p. 456-474 (Lecture Notes in Computer Science; Vol. 10493 ).

    Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

    TY - GEN

    T1 - RingCT 2.0

    T2 - A compact accumulator-based (linkable ring signature) protocol for blockchain cryptocurrency Monero

    AU - Sun, Shi-Feng

    AU - Au, Man Ho

    AU - Liu, Joseph K.

    AU - Yuen, Tsz Hon

    PY - 2017

    Y1 - 2017

    N2 - In this work, we initially study the necessary properties and security requirements of Ring Confidential Transaction (RingCT) protocol deployed in the popular anonymous cryptocurrency Monero. Firstly, we formalize the syntax of RingCT protocol and present several formal security definitions according to its application in Monero. Based on our observations on the underlying (linkable) ring signature and commitment schemes, we then put forward a new efficient RingCT protocol (RingCT 2.0), which is built upon the well-known Pedersen commitment, accumulator with one-way domain and signature of knowledge (which altogether perform the functions of a linkable ring signature). Besides, we show that it satisfies the security requirements if the underlying building blocks are secure in the random oracle model. In comparison with the original RingCT protocol, our RingCT 2.0 protocol presents a significant space saving, namely, the transaction size is independent of the number of groups of input accounts included in the generalized ring while the original RingCT suffers a linear growth with the number of groups, which would allow each block to process more transactions.

    AB - In this work, we initially study the necessary properties and security requirements of Ring Confidential Transaction (RingCT) protocol deployed in the popular anonymous cryptocurrency Monero. Firstly, we formalize the syntax of RingCT protocol and present several formal security definitions according to its application in Monero. Based on our observations on the underlying (linkable) ring signature and commitment schemes, we then put forward a new efficient RingCT protocol (RingCT 2.0), which is built upon the well-known Pedersen commitment, accumulator with one-way domain and signature of knowledge (which altogether perform the functions of a linkable ring signature). Besides, we show that it satisfies the security requirements if the underlying building blocks are secure in the random oracle model. In comparison with the original RingCT protocol, our RingCT 2.0 protocol presents a significant space saving, namely, the transaction size is independent of the number of groups of input accounts included in the generalized ring while the original RingCT suffers a linear growth with the number of groups, which would allow each block to process more transactions.

    UR - http://www.scopus.com/inward/record.url?scp=85029538361&partnerID=8YFLogxK

    U2 - 10.1007/978-3-319-66399-9_25

    DO - 10.1007/978-3-319-66399-9_25

    M3 - Conference Paper

    SN - 9783319663982

    VL - 10493

    T3 - Lecture Notes in Computer Science

    SP - 456

    EP - 474

    BT - Computer Security – ESORICS 2017 - 22nd European Symposium on Research in Computer Security, Proceedings

    A2 - Foley, Simon

    A2 - Snekkenes, Einar

    A2 - Gollmann, Dieter

    PB - Springer

    CY - Cham, Switzerland

    ER -

    Sun S-F, Au MH, Liu JK, Yuen TH. RingCT 2.0: A compact accumulator-based (linkable ring signature) protocol for blockchain cryptocurrency Monero. In Foley S, Snekkenes E, Gollmann D, editors, Computer Security – ESORICS 2017 - 22nd European Symposium on Research in Computer Security, Proceedings. Vol. 10493 . Cham, Switzerland: Springer. 2017. p. 456-474. (Lecture Notes in Computer Science). https://doi.org/10.1007/978-3-319-66399-9_25