Cryptology ePrint Archive: Report 2018/176

Fine-Tuning Decentralized Anonymous Payment Systems based on Arguments for Arithmetic Circuit Satisfiability

Kamil Kluczniak and Man Ho Au

Abstract: Digital currencies like Bitcoin and other blockchain based systems provide means to record monetary transfers between accounts. In Bitcoin like systems transactions are published on a decentralized ledger and reveal the sender, receiver and amount of a transfer, hence such systems give only moderate anonymity guarantees.

Payment systems like ZCash attempt to offer much stronger anonymity by hiding the origin, destination and value of a payment. The ZCash system is able to offer strong anonymity, mainly due to use of Zero-Knowledge Succinct Non-interactive Arguments of Knowledge (ZK-SNARK) of arithmetic circuit satisfiability. One drawback of ZCash is that the arithmetic circuit is rather large, thus requires a large common reference string and complex prover for the ZK-SNARK. In fact, the memory and prover complexity is dominated by the ZK-SNARK in use and is mainly determined by the complexity of the circuit.

In this paper we design a Decentralized Anonymous Payment system (DAP), functionally similar to ZCash, however with significantly smaller arithmetic circuits, thus greatly reducing the memory and prover complexity of the system. Our construction is based on algebraic primitives, from the realm of elliptic curve and lattice based cryptography, which satisfiability might be efficiently verified by an arithmetic circuit.

Category / Keywords: cryptographic protocols / digital currencies, anonymity, zero knowledge, lattice techniques

Date: received 12 Feb 2018

Contact author: kamil kluczniak at polyu edu hk

Available format(s): PDF | BibTeX Citation

Version: 20180214:124911 (All versions of this report)

Short URL: ia.cr/2018/176

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]