Cryptology ePrint Archive: Report 2018/660

A New Blind ECDSA Scheme for Bitcoin Transaction Anonymity

Xun Yi and Kwok-Yan Lam and Dieter Gollmann

Abstract: In this paper, we consider a scenario where a bitcoin liquidity provider sells bitcoins to clients. When a client pays for a bitcoin online, the provider is able to link the client's payment information to the bitcoin sold to that client. To address the clients' privacy concern, it is desirable for the provider to perform the bitcoin transaction with blind signatures. However, existing blind signature schemes are incompatible with the Elliptic Curve Digital Signature Algorithm (ECDSA) which is used by most of the existing bitcoin protocol, thus cannot be applied directly in Bitcoin. In this paper, we propose a new blind signature scheme that allows generating a blind signature compatible with the standard ECDSA. Afterwards, we make use of the new scheme to achieve bitcoin transaction anonymity. The new scheme is built on a variant of the Paillier cryptosystem and its homomorphic properties. As long as the modified Paillier cryptosystem is semantically secure, the new blind signature scheme has blindness and unforgeability.

Category / Keywords: Blind signature, ECDSA, Paillier cryptosystem, Bitcoin, Blockchain

Date: received 28 Jun 2018, last revised 7 Jul 2018

Contact author: xun yi at rmit edu au

Available format(s): PDF | BibTeX Citation

Note: Dr. Tancrède Lepoint asked us to revise ePrint xxxx/5260 and add “and” between all the authors’ names in the HTML author field.

Version: 20180708:232846 (All versions of this report)

Short URL: ia.cr/2018/660


[ Cryptology ePrint archive ]