Cryptology ePrint Archive: Report 2022/132

On Defeating Graph Analysis of Anonymous Transactions

Christoph Egger and Russell W. F. Lai and Viktoria Ronge and Ivy K. Y. Woo and Hoover H. F. Yin

Abstract: In a ring-signature-based anonymous cryptocurrency, signers of a transaction are hidden among a set of potential signers, called a ring, whose size is much smaller than the number of all users. The ring-membership relations specified by the sets of transactions thus induce bipartite transaction graphs, whose distribution is in turn induced by the ring sampler underlying the cryptocurrency.

Since efficient graph analysis could be performed on transaction graphs to potentially deanonymise signers, it is crucial to understand the resistance of (the transaction graphs induced by) a ring sampler against graph analysis. Of particular interest is the class of partitioning ring samplers. Although previous works showed that they provide almost optimal local anonymity, their resistance against global, e.g. graph-based, attacks were unclear.

In this work, we analyse transaction graphs induced by partitioning ring samplers. Specifically, we show (partly analytically and partly empirically) that, somewhat surprisingly, by setting the ring size to be at least logarithmic in the number of users, a graph-analysing adversary is no better than the one that performs random guessing in deanonymisation up to constant factor of 2.

Category / Keywords: anonymous cryptocurrencies, ring signatures, random directed graph connectivity

Original Publication (in the same form): PoPETs 2022
DOI: 10.2478/popets-2022-0059

Date: received 5 Feb 2022, last revised 11 Apr 2022

Contact author: egger at cs fau de, russell lai at cs fau de, viktoria ronge at fau de, ivy kyw at protonmail com, hfyin at inc cuhk edu hk

Available format(s): PDF | BibTeX Citation

Version: 20220411:180452 (All versions of this report)

Short URL: ia.cr/2022/132