MoneroResearch.info |
Resource type: Miscellaneous BibTeX citation key: Cremers2023 View all bibliographic details |
Categories: Monero-focused Creators: Cremers, Loss, Wagner |
Views: 20/2540
|
Attachments holistic security analysis of monero transactions.pdf [5/843] | URLs https://eprint.iacr.org/2023/321 |
Abstract |
Monero is a popular cryptocurrency with strong privacy guarantees for users’ transactions. At the heart of Monero’s privacy claims lies a complex transaction system called RingCT, which combines several building blocks such as linkable ring signatures, homomorphic commitments, and range proofs, in a unique fashion. In this work, we provide the first rigorous security analysis for RingCT (as given in Zero to Monero, v2.0.0, 2020) in its entirety. This is in contrast to prior works that provided security arguments for only parts of RingCT. To this end, we provide the first holistic security model for Monero’s RingCT. In our model, we then prove the security of RingCT. Our framework is modular in that it allows to view RingCT as a combination of various different sub-protocols. This has the benefit that these components can be easily updated in future versions of RingCT with only minor modifications to our analysis. At a technical level, we introduce several new techniques that we believe to be of independent interest. First, we need to make several subtle modifications to the syntax and security properties of existing building blocks (e.g., linkable ring signatures), which result from the unusual way in which they are combined within RingCT. Then, we show how these building blocks can be combined in order to argue security of the top level transaction scheme. As a technical highlight of our proof, we show that our security goals can be mapped to a suitable graph problem. This allows us to take advantage of ideas from the theory of network flows in our analysis.
|
Notes |
The Authors from the paper joined the Monero Research Lab meeting Wed 08 March 2023, 17:00 UTC to answer questions from the Monero community.
Link to meeting notes: https://github.com/monero-project/meta/issues/808#issuecomment-1460613583 Added by: Jack Last edited by: Jack |