Cryptology ePrint Archive: Report 2018/990

Quisquis: A New Design for Anonymous Cryptocurrencies

Prastudy Fauzi and Sarah Meiklejohn and Rebekah Mercer and Claudio Orlandi

Abstract: Despite their usage of pseudonyms rather than persistent identifiers, most existing cryptocurrencies do not provide users with any meaningful levels of privacy. This has prompted the creation of privacy-enhanced cryptocurrencies such as Monero and Zcash, which are specifically designed to counteract the tracking analysis possible in currencies like Bitcoin. These cryptocurrencies, however, also suffer from some drawbacks: in both Monero and Zcash, the set of potential unspent coins is always growing, which means users cannot store a concise representation of the blockchain. In Zcash, furthermore, users cannot deny their participation in anonymous transactions.

In this paper, we address both of these limitations. By combining a technique we call updatable keys with efficient zero-knowledge arguments, we propose a new cryptocurrency, Quisquis, that achieves provably secure notions of anonymity while still allowing users to deny participation and store a relatively small amount of data.

Category / Keywords: cryptographic protocols / anonymity, cryptocurrencies

Date: received 15 Oct 2018, last revised 20 Feb 2019

Contact author: prastudy fauzi at gmail com,prastudy@cs au dk,orlandi@cs au dk,s meiklejohn@ucl ac uk,bekah@cs au dk

Available format(s): PDF | BibTeX Citation

Note: Updated comparisons section, including efficiency of the most recent implementations of Monero and Zcash.

Version: 20190220:182450 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]