Paper 2022/974

PEReDi: Privacy-Enhanced, Regulated and Distributed Central Bank Digital Currencies

Amirreza Sarencheh, The University of Edinburgh, IOG
Aggelos Kiayias, The University of Edinburgh, IOG
Markulf Kohlweiss, The University of Edinburgh, IOG
Abstract

Central Bank Digital Currencies (CBDCs) aspire to offer a digital replacement for physical cash and, as such, must address two fundamental yet conflicting requirements. On the one hand, they should be private to prevent the emergence of a financial “panopticon.” On the other hand, they must be regulation friendly, facilitating threshold-limiting, tracing, and counterparty auditing functionalities necessary for compliance with regulations such as Know Your Customer (KYC), Anti-Money Laundering (AML), and Combating the Financing of Terrorism (CFT), as well as financial stability considerations. In this work, we propose PEReDi, a new asynchronous model for CBDCs and present an efficient construction that, for the first time, simultaneously addresses these challenges in full. Moreover, recognizing the necessity of avoiding a single point of failure, our construction is distributed to ensure that all its properties remain intact even when a bounded number of entities are corrupted by an adversary. Achieving all the above properties efficiently is technically involved; among others, our construction employs suitable cryptographic tools to thwart man-in-the-middle attacks, introduces a novel traceability mechanism with significant performance gains over previously known techniques, and, perhaps surprisingly, shows how to obviate Byzantine agreement or broadcast from the optimistic execution path of a payment, something that results in an essentially optimal communication pattern and minimal communication overhead. We demonstrate the efficiency of our payment system by presenting detailed computational and communication cost analyses. Beyond “simple” payments, we also discuss how our scheme can support one-off large transfers while complying with Know Your Transaction (KYT) disclosure requirements. Our CBDC concept is expressed and realized within the Universal Composition (UC) framework, providing a modular and secure way for integration into a broader financial ecosystem.

Note: In the proceedings version of our paper, we assumed that the total number of maintainers required for the system was D=3t+1, where t represents the maximum number of maintainers that can be corrupted by the adversary. Upon further analysis, we identified a need to revise this assumption. We describe a lower bound on D in the updated version of the paper, arguing that 5t+1 maintainers are necessary to prevent adversary-induced faults in the pessimistic execution path of a payment for any efficient realization of our ideal functionality in the asynchronous setting. In the security proof, we demonstrate that 5t+1 is also sufficient.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Major revision. The 29th ACM Conference on Computer and Communications Security (CCS) 2022
Keywords
PrivacyAnonymityRegulatory ComplianceCBDCCryptographyKYCAMLCFTUniversal Composition
Contact author(s)
Amirreza Sarencheh @ ed ac uk
Aggelos Kiayias @ ed ac uk
Markulf Kohlweiss @ ed ac uk
History
2025-02-07: last of 4 revisions
2022-07-29: received
See all versions
Short URL
https://ia.cr/2022/974
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/974,
      author = {Amirreza Sarencheh and Aggelos Kiayias and Markulf Kohlweiss},
      title = {{PEReDi}: Privacy-Enhanced, Regulated and Distributed Central Bank Digital Currencies},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/974},
      year = {2022},
      url = {https://eprint.iacr.org/2022/974}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.