P
pumpingiron22
Senior Member
- Mar 2, 2014
- 221
- 39
New Anonymous Payment System For Bitcoin: Ericsson
http://www.technology.org/2014/05/23/new-anonymous-payment-system-bitcoin-zerocash/
Posted on*May 23, 2014
Bitcoin*is the first digital currency to achieve widespread adoption. Most prior e-currency systems could not do away with some kind of central governing body that would prevent a very basic kind of fraud called double spending.
Zerocash is an anonymizing extention of an already existing Bitcoin cryptocurrency. Image credit: Web-dev-chris via*Wikimedia Commons
Due to the fact that digital currencies are just bits of information, there is* no reason why a malicious user would not simply replicate this information instead of actually giving it to someone when performing a transaction, thus being able to spend the same amount of digital money two (or more) times.
While clever e-currency schemes did surface during the last two decades from time to time, no one had neither the will nor the resources to set up large financial institutions just to prove the soundness of their designs. Hence, one of the biggest merits of Bitcoin – and one of its technological breakthroughs – is its smart design that prevents double spending without the need of central banking authority.
However, it is also what makes Bitcoin quite the opposite of anonymous, despite popular belief. Every Bitcoin transaction is kept on a public ledger called the*block chain. Each individual payment is put on the block chain, thus allowing users to verify that the transaction took place and ensure that the same coins can no longer be spent by the same user. Anyone can see the block chain, along with who paid whom (the addresses) and how much.
Users may obfuscate their identities by channeling their Bitcoin activity through distributed anonymization networks or*mixes*– services that mix up quantities of Bitcoin among users to render the coins untraceable – but each of these methods are not something a regular user would do. Those who are not willing to put extra effort into anonymizing their Bitcoin activities, leave their transactions public – in fact, much more public than regular, national currency banking.
A group of cryptography engineers from MIT, Technion, John Hopkins and Tel Aviv universities, devised a new protocol that provides decentralized crypto-currency, capable of fully anonymous transactions. It is called Zerocash and it is a continuation and extention of the Zerocoin project, previously started by some of the authors. Zerocash, just like its predecessor, is not an independent currency: it is an extension of Bitcoin or any similar crypto-currency that the authors generally refer to as*Basecoin, which can be anonymized by converting it to Zerocash and retrieved as Basecoin if the user wishes so.
The functionality is achieved by separating the protocol into two separate types of transactions:*mint*andpour*transactions. Mint transactions allow users to convert their Basecoins to Zerocash. This is achieved by means of a cryptographic commitment – a pseudorandom function that “envelopes” the serial number randomly attributed to user’s coins, which can later be retrieved or spent by the same user. The spending part is called the pour transaction.
How is anonymity achieved? The key part of the protocol is that a user who has commited some amount of their coins to the public Zerocash ledger can prove that they know enough information about*some*coin in the ledger, without revealing*which*coin it is, and without revealing their own identity. The proof is then verified by the miners in a similar way regular Bitcoin transactions are verified. The scheme is known as zero-knowledge proof: the kind of proof where an agent proves that they know some secret without revealing any of its contents. It allows Zerocash transactions to be executed without revealing neither the source, nor the address, nor the value of the transaction.
Part of the protocol was already instantiated in the prior Zerocoin project. However, it had great limits as to the anonymity provided, as well as implementational disadvantages that made Zerocoin unacceptable to the Bitcoin community. One of the main drawbacks was the size of the information on the coins that are commited to the ledger. Because, much like in Bitcoin protocol, all of this information must be kept public, even small sizes can bee too costly in the long run.
Zerocash has an elegant way to overcome this obstacle: it feeds each of the mint commitments to a cryptographic hash function; each hash-value then becomes a node in a tree-like data structure known as a*Merkle tree; each node is concatenated with others in such a way that the information is efficiently kept with the retained ability to retrieve it when needed – for example, when a user wishes to prove that they know a certain part of all this information as in the case of pour transactions.
Zerocash is a promising development in the field of crypto-currencies. It is developed by some of the brightest crypto-engineers, using state of art cryptography. Even though an actual implementation in Bitcoin is yet to be seen, care given to both mathematical and implementational aspects of the protocol suggests that users will soon be able to try out Zerocash for themselves.
Original source:*Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza.*Zerocash: Decentralized Anonymous Payments from Bitcoin
http://www.technology.org/2014/05/23/new-anonymous-payment-system-bitcoin-zerocash/
Posted on*May 23, 2014
Bitcoin*is the first digital currency to achieve widespread adoption. Most prior e-currency systems could not do away with some kind of central governing body that would prevent a very basic kind of fraud called double spending.
Zerocash is an anonymizing extention of an already existing Bitcoin cryptocurrency. Image credit: Web-dev-chris via*Wikimedia Commons
Due to the fact that digital currencies are just bits of information, there is* no reason why a malicious user would not simply replicate this information instead of actually giving it to someone when performing a transaction, thus being able to spend the same amount of digital money two (or more) times.
While clever e-currency schemes did surface during the last two decades from time to time, no one had neither the will nor the resources to set up large financial institutions just to prove the soundness of their designs. Hence, one of the biggest merits of Bitcoin – and one of its technological breakthroughs – is its smart design that prevents double spending without the need of central banking authority.
However, it is also what makes Bitcoin quite the opposite of anonymous, despite popular belief. Every Bitcoin transaction is kept on a public ledger called the*block chain. Each individual payment is put on the block chain, thus allowing users to verify that the transaction took place and ensure that the same coins can no longer be spent by the same user. Anyone can see the block chain, along with who paid whom (the addresses) and how much.
Users may obfuscate their identities by channeling their Bitcoin activity through distributed anonymization networks or*mixes*– services that mix up quantities of Bitcoin among users to render the coins untraceable – but each of these methods are not something a regular user would do. Those who are not willing to put extra effort into anonymizing their Bitcoin activities, leave their transactions public – in fact, much more public than regular, national currency banking.
A group of cryptography engineers from MIT, Technion, John Hopkins and Tel Aviv universities, devised a new protocol that provides decentralized crypto-currency, capable of fully anonymous transactions. It is called Zerocash and it is a continuation and extention of the Zerocoin project, previously started by some of the authors. Zerocash, just like its predecessor, is not an independent currency: it is an extension of Bitcoin or any similar crypto-currency that the authors generally refer to as*Basecoin, which can be anonymized by converting it to Zerocash and retrieved as Basecoin if the user wishes so.
The functionality is achieved by separating the protocol into two separate types of transactions:*mint*andpour*transactions. Mint transactions allow users to convert their Basecoins to Zerocash. This is achieved by means of a cryptographic commitment – a pseudorandom function that “envelopes” the serial number randomly attributed to user’s coins, which can later be retrieved or spent by the same user. The spending part is called the pour transaction.
How is anonymity achieved? The key part of the protocol is that a user who has commited some amount of their coins to the public Zerocash ledger can prove that they know enough information about*some*coin in the ledger, without revealing*which*coin it is, and without revealing their own identity. The proof is then verified by the miners in a similar way regular Bitcoin transactions are verified. The scheme is known as zero-knowledge proof: the kind of proof where an agent proves that they know some secret without revealing any of its contents. It allows Zerocash transactions to be executed without revealing neither the source, nor the address, nor the value of the transaction.
Part of the protocol was already instantiated in the prior Zerocoin project. However, it had great limits as to the anonymity provided, as well as implementational disadvantages that made Zerocoin unacceptable to the Bitcoin community. One of the main drawbacks was the size of the information on the coins that are commited to the ledger. Because, much like in Bitcoin protocol, all of this information must be kept public, even small sizes can bee too costly in the long run.
Zerocash has an elegant way to overcome this obstacle: it feeds each of the mint commitments to a cryptographic hash function; each hash-value then becomes a node in a tree-like data structure known as a*Merkle tree; each node is concatenated with others in such a way that the information is efficiently kept with the retained ability to retrieve it when needed – for example, when a user wishes to prove that they know a certain part of all this information as in the case of pour transactions.
Zerocash is a promising development in the field of crypto-currencies. It is developed by some of the brightest crypto-engineers, using state of art cryptography. Even though an actual implementation in Bitcoin is yet to be seen, care given to both mathematical and implementational aspects of the protocol suggests that users will soon be able to try out Zerocash for themselves.
Original source:*Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza.*Zerocash: Decentralized Anonymous Payments from Bitcoin