区块链隐私保护研究综述
|
摘要
区块链技术的核心特征是"去中心化"和"去信任化",作为分布式总账技术、智能合约基础平台、分布式新型计算范式,可以有效构建可编程货币、可编程金融和可编程社会,势必将对金融及其他领域带来深远影响,并驱动新一轮技术变革和应用变革.但是区块链技术在提高效率、降低成本、提高数据安全性的同时,也面临严重的隐私泄露问题,得到研究者的广泛关注.将介绍区块链技术架构,定义区块链技术中身份隐私和交易隐私的概念,分析区块链技术在隐私保护方面存在的优势和不足,并分类描述现有研究中针对区块链隐私的攻击方法,例如交易溯源技术和账户聚类技术;然后详细介绍针对区块链网络层、交易层和应用层的隐私保护机制,包括网络层恶意节点检测和限制接入技术、区块链交易层的混币技术、加密技术和限制发布技术,以及针对区块链应用的防御机制;最后,分析了现有区块链隐私保护技术存在的缺陷,展望了未来发展方向.此外,还讨论针对恶意使用区块链技术的监管方法.
Core features of the blockchain technology are"de-centralization"and "de-trusting".As a distributed ledger technology,smart contract infrastructure platform and novel distributed computing paradigm,it can effectively build programmable currency,programmable finance and programmable society,which will have a far-reaching impact on the financial and other fields,and drive a new round of technological change and application change.While blockchain technology can improve efficiency,reduce costs and enhance data security,it is still in the face of serious privacy issues which have been widely concerned by researchers.The survey first analyzes the technical characteristics of the blockchain,defines the concept of identity privacy and transaction privacy,points out the advantages and disadvantages of blockchain technology in privacy protection and introduces the attack methods in existing researches,such as transaction tracing technology and account clustering technology.And then we introduce a variety of privacy mechanisms,including malicious nodes detection and restricting access technology for the network layer,transaction mixing technology,encryption technology and limited release technology for the transaction layer,and some defense mechanisms for blockchain applications layer.In the end,we discuss the limitations of the existing technologies and envision future directions on this topic.In addition,the regulatory approach to malicious use of blockchain technology is discussed.
Core features of the blockchain technology are"de-centralization"and "de-trusting".As a distributed ledger technology,smart contract infrastructure platform and novel distributed computing paradigm,it can effectively build programmable currency,programmable finance and programmable society,which will have a far-reaching impact on the financial and other fields,and drive a new round of technological change and application change.While blockchain technology can improve efficiency,reduce costs and enhance data security,it is still in the face of serious privacy issues which have been widely concerned by researchers.The survey first analyzes the technical characteristics of the blockchain,defines the concept of identity privacy and transaction privacy,points out the advantages and disadvantages of blockchain technology in privacy protection and introduces the attack methods in existing researches,such as transaction tracing technology and account clustering technology.And then we introduce a variety of privacy mechanisms,including malicious nodes detection and restricting access technology for the network layer,transaction mixing technology,encryption technology and limited release technology for the transaction layer,and some defense mechanisms for blockchain applications layer.In the end,we discuss the limitations of the existing technologies and envision future directions on this topic.In addition,the regulatory approach to malicious use of blockchain technology is discussed.
引文
[1]Yuan Yong,Wang Feiyue.Blockchain:The state of the art and future trends[J].Acta Automatica Sinica,2016,42(4):481-494(in Chinese)(袁勇,王飞跃.区块链技术发展现状与展望[J].自动化学报,2016,42(4):481-494)
[2]Chris B,Adam W.Bitcoin ringing the bell for a new asset class[EB/OL].[2017-06-10].http://research.ark-invest.com/bitcoin-asset-class
[3]Gartner.Top 10strategic technology trends for 2017[EB/OL].[2017-06-10].http://www.gartner.com/technology/topics/trends.jsp
[4]Wang Jiye,Gao Lingchao,Dong Aiqiang,et al.Block chain based data security sharing network architecture research[J].Journal of Computer Research and Development,2017,54(4):742-749(in Chinese)(王继业,高灵超,董爱强,等.基于区块链的数据安全共享网络体系研究[J].计算机研究与发展,2017,54(4):742-749)
[5]Au M H,Liu J K,Fang Junbin,et al.A new payment system for enhancing location privacy of electric vehicles[J].IEEE Trans on Vehicular Technology,2014,63(1):3-18
[6]Mihaylov M,Jurado S,Avellana N,et al.NRGcoin:Virtual currency for trading of renewable energy in smart grids[C]//Proc of the 11th Int Conf on the European Energy Market.Piscataway,NJ:IEEE,2014:1-6
[7]Nakamoto S.Bitcoin:A peer-to-peer electronic cash system[EB/OL].[2017-08-01].http://www.bitcoin.org/bitcoin.pdf
[8]Bitnodes.Global bitcoin nodes distribution[EB/OL].[2017-06-10].https://bitnodes.21.co/
[9]Shawn W,Tome B,Josh B,et al.Storj:A peer-to-peer cloud storage network[EB/OL].[2017-06-10].https://storj.io/storj.pdf
[10]Dwork C,Naor M.Pricing via processing or combatting Junk Mail[C]//Proc of the 12th Annual Int Cryptology Conf Proceedings.Piscataway,NJ:IEEE,1992:139-147
[11]Larimer D.Transactions as proof-of-stake[EB/OL].[2017-06-10].https://bravenewcoin.com/assets/Uploads/Transactions AsProofOfStake10.pdf
[12]Castro M,Liskov B.Practical byzantine fault tolerance and proactive recovery[J].ACM Trans on Computer Systems,2002,20(4):398-461
[13]Zhou Shuigeng,Li Feng,Tao Yufei,et al.Privacy preservation in database applications:A Survey[J].Chinese Journal of Computers,2009,32(5):847-861(in Chinese)(周水庚,李丰,陶宇飞,等.面向数据库应用的隐私保护研究综述[J].计算机学报,2009,32(5):847-861)
[14]Antonopoulos A M.Mastering Bitcoin[EB/OL].[2017-06-10].https://www.bitcoinbook.info/
[15]Andy D.THE DAO[EB/OL].[2017-06-10].http://ethfans.org/posts/127
[16]Bonneau J,Miller A,Clark J,et al.SoK:Research perspectives and challenges for Bitcoin and cryptocurrencies[C]//Proc of the 2015IEEE Symp on Security and Privacy(SP).Piscataway,NJ:IEEE,2015:104-121
[17]Koshy P,Koshy D,Mcdaniel P.An analysis of anonymity in bitcoin using P2P network traffic[G]//Financial Cryptography and Data Security.Berlin:Springer,2014:469-485
[18]Kaminsky D.Black Ops of TCP/IP 2011[EB/OL].[2017-08-01].https://dankaminsky.com/2011/08/05/bo2k11/
[19]Biryukov A,Khovratovich D,Pustogarov I.Deanonymisation of clients in Bitcoin P2Pnetwork[C]//Proc of the 21st ACM Conf on Computer and Communications Security.New York:ACM,2014:15-29
[20]Reid F,Harrigan M.An analysis of anonymity in the bitcoin system[C]//Proc of the 3rd IEEE Int Conf on Privacy,Security,Risk and Trust.Piscataway,NJ:IEEE,2011:1318-1326
[21]Liao K,Zhao Ziming,Doupe A,et al.Behind closed doors:Measurement and analysis of cryptoLocker ransoms in bitcoin[C]//Proc of the 2016 APWG Symp on Electronic Crime Research(eCrime).Piscataway,NJ:IEEE,2016:1-13
[22]Ron D,Shamir A.Quantitative analysis of the full bitcoin transaction graph[G]//Financial Cryptography and Data Security.Berlin:Springer,2013:6-24
[23]Bitcoinwiki.Coinbase[EB/OL].[2017-06-10].https://en.bitcoin.it/wiki/Coinbase
[24]Bitcoinwiki.Change[EB/OL].[2017-06-10].https://en.bitcoin.it/wiki/Change
[25]Meiklejohn S,Pomarole M,Jordan G,et al.A fistful of bitcoins:Characterizing payments among men with no names[C]//Proc of the 13th ACM Internet Measurement Conf.New York:ACM,2013:127-140
[26]Zhao Chen.Graph-based forensic investigation of bitcoin transactions[D].Ames,Iowa:Iowa State University,2014
[27]Androulaki E,Karame G O,Roeschlin M,et al.Evaluating user privacy in bitcoin[C]//Proc of the 17th Int Conf on Financial Cryptography and Data Security.Okinawa,Japan:Financial Cryptography,2013:34-51
[28]Monaco J V.Identifying bitcoin users by transaction behavior[C]//Proc of 2015SPIE DSS.Baltimore,Maryland:SPIE,2015
[29]Hyperledger.Hyperledger architecture working group paper[EB/OL].[2017-06-10].https://www.hyperledger.org/
[30]Huang Butian,Liu Zhenguang,Chen Jianhai,et al.Behavior pattern clustering in blockchain networks[J].Multimedia Tools&Applications,2017,76(19):20099-20110
[31]Tor.Getting up to speed on Tor's past,present,and future Tor[EB/OL].[2017-06-10].http://www.theonionrouter.com/docs/documentation.html.en
[32]I2P.What does I2Pdo for you?[EB/OL].[2017-06-10].https://geti2p.net/en/
[33]Monero.What is Monero?[EB/OL].[2017-06-10].https://getmonero.org/get-started/what-is-monero/
[34]Chaum D.Untraceable electronic mail,return addresses and digital pseudonyms[J].Communications of the ACM,1981,24(2):84-90
[35]BitLaunder.BitLaunder's mixer vs“major exchanges”mixer[EB/OL].[2017-06-10].https://bitcoin.stackexchange.com/questions/25722/bitlaunders-mixer-vs-major-exchangesmixer/25753
[36]Bitcoin Fog.Accessing bitcoin fog[EB/OL].[2017-06-10].http://bitcoinfog.info/
[37]Blockchain.Wallet[EB/OL].[2017-06-10].https://Blockchain.info/wallet/
[38]Bonneau J,Narayanan A,Miller A,et al.Mixcoin:Anonymity for bitcoin with accountable mixes[C]//Proc of the 18th Int Conf on Financial Cryptography and Data Security Financial.Barbados:Financial Cryptography,2014:486-504
[39]Valenta L,Rowan B.Blindcoin:Blinded,Accountable Mixes for Bitcoin[G]//Financial Cryptography and Data Security.Berlin:Springer,2015:112-126
[40]Shentu Qingchun,Yu Jianping.A blind-mixing scheme for bitcoin based on an elliptic curve cryptography blind digital signature algorithm[EB/OL].[2017-06-10].https://arxiv.org/ftp/arxiv/papers/1510/1510.05833.pdf
[41]Dash.Dash is digital cash[EB/OL].[2017-06-10].https://www.dash.org/
[42]Gregory M.CoinJoin:Bitcoin privacy for the real world[EB/OL].[2017-06-10].http://bitcointalk.org/index.php?topic=279249.0
[43]Andy G.Dark wallet'is about to make bitcoin money laundering easier than ever[EB/OL].[2017-06-10].https://www.wired.com/2014/04/dark-wallet/
[44]Kyle T.CoinShuffle aims to improve privacy in bitcoin[EB/OL].[2017-06-10].http://insidebitcoins.com/news/coinshuffle-aims-to-improve-privacy-in-bitcoin/29269
[45]Belcher.Joinmarket-Coinjoin that people will actually use[EB/OL].[2017-06-10].http://bitcointalk.org/index.php?topic=919116.0
[46]Ruffing T,Moreno-Sanchez P,Kate A.CoinShuffle:Practical decentralized coin mixing for bitcoin[G]//Computer Security(ESORICS 2014).Berlin:Springer,2014:345-364
[47]Bissias G,Ozisik A P,Levine B N,et al.Sybil-resistant mixing for bitcoin[C]//Proc of the 2015ACM Workshop on Privacy in the Electronic Society.New York:ACM,2014:149-158
[48]Ziegeldorf J H,Grossmann F,Henze M,et al.CoinParty:Secure multi-party mixing of bitcoins[C]//Proc of the 5th ACM Conf on Data and Application Security and Privacy.New York:ACM,2015:75-86
[49]Monero.About monero[EB/OL].[2017-06-10].https://getmonero.org/knowledge-base/about
[50]Monero.A note on chain reactions in traceability in cryptoNote2.0[EB/OL].[2017-06-10].https://lab.getmonero.org/pubs/MRL-0001.pdf
[51]Sasson E B,Chiesa A,Garman C,et al.Zerocash:Decentralized anonymous payments from bitcoin[C]//Proc of the 2014IEEE Symp on Security and Privacy.Piscataway,NJ:IEEE,2014:459-474
[52]Miers I,Garman C,Green M,et al.Zerocoin:Anonymous distributed E-Cash from bitcoin[C]//Proc of the 2013IEEE Symp on Security and Privacy(SP)Conf.Piscataway,NJ:IEEE,2013:397-411
[53]Ben-Sasson E,Chiesa A,Genkin D,et al.SNARKs for C:Verifying program executions succinctly and in zero knowledge[G]//Advances in Cryptology(CRYPTO2013).Berlin:Springer,2013:90-108
[54]Joseph P,Thaddeus D.The bitcoin lightning network:Scalable Off-Chain instant payments[EB/OL].[2017-06-10].http://lightning.network/lightning-network-paper.pdf
[55]Okcoin.OKCoin cold wallet security design and protocol[EB/OL].[2017-06-10].https://www.okcoin.com/security.html
[56]Biryukov A,Pustogarov I.Bitcoin over Tor isn't a Good Idea[C]//Proc of the 2015IEEE Symp on Security and Privacy.Piscataway,NJ:IEEE,2014:122-134
[57]Chainalysis.Protecting the integrity of digital assets[EB/OL].[2017-06-10].https://www.chainalysis.com/
[58]Sandia.Beating bitcoin bad guys[EB/OL].[2017-06-10].http://www.sandia.gov/news/publications/labnews/articles/2016/19-08/bitcoin.html
[59]Elliptic.The global standard for blockchain intelligence[EB/OL].[2017-06-10].https://www.elliptic.co/
[60]Blockchaingroup.Blockchain intelligence group[EB/OL].[2017-06-10].https://Blockchaingroup.io/
[2]Chris B,Adam W.Bitcoin ringing the bell for a new asset class[EB/OL].[2017-06-10].http://research.ark-invest.com/bitcoin-asset-class
[3]Gartner.Top 10strategic technology trends for 2017[EB/OL].[2017-06-10].http://www.gartner.com/technology/topics/trends.jsp
[4]Wang Jiye,Gao Lingchao,Dong Aiqiang,et al.Block chain based data security sharing network architecture research[J].Journal of Computer Research and Development,2017,54(4):742-749(in Chinese)(王继业,高灵超,董爱强,等.基于区块链的数据安全共享网络体系研究[J].计算机研究与发展,2017,54(4):742-749)
[5]Au M H,Liu J K,Fang Junbin,et al.A new payment system for enhancing location privacy of electric vehicles[J].IEEE Trans on Vehicular Technology,2014,63(1):3-18
[6]Mihaylov M,Jurado S,Avellana N,et al.NRGcoin:Virtual currency for trading of renewable energy in smart grids[C]//Proc of the 11th Int Conf on the European Energy Market.Piscataway,NJ:IEEE,2014:1-6
[7]Nakamoto S.Bitcoin:A peer-to-peer electronic cash system[EB/OL].[2017-08-01].http://www.bitcoin.org/bitcoin.pdf
[8]Bitnodes.Global bitcoin nodes distribution[EB/OL].[2017-06-10].https://bitnodes.21.co/
[9]Shawn W,Tome B,Josh B,et al.Storj:A peer-to-peer cloud storage network[EB/OL].[2017-06-10].https://storj.io/storj.pdf
[10]Dwork C,Naor M.Pricing via processing or combatting Junk Mail[C]//Proc of the 12th Annual Int Cryptology Conf Proceedings.Piscataway,NJ:IEEE,1992:139-147
[11]Larimer D.Transactions as proof-of-stake[EB/OL].[2017-06-10].https://bravenewcoin.com/assets/Uploads/Transactions AsProofOfStake10.pdf
[12]Castro M,Liskov B.Practical byzantine fault tolerance and proactive recovery[J].ACM Trans on Computer Systems,2002,20(4):398-461
[13]Zhou Shuigeng,Li Feng,Tao Yufei,et al.Privacy preservation in database applications:A Survey[J].Chinese Journal of Computers,2009,32(5):847-861(in Chinese)(周水庚,李丰,陶宇飞,等.面向数据库应用的隐私保护研究综述[J].计算机学报,2009,32(5):847-861)
[14]Antonopoulos A M.Mastering Bitcoin[EB/OL].[2017-06-10].https://www.bitcoinbook.info/
[15]Andy D.THE DAO[EB/OL].[2017-06-10].http://ethfans.org/posts/127
[16]Bonneau J,Miller A,Clark J,et al.SoK:Research perspectives and challenges for Bitcoin and cryptocurrencies[C]//Proc of the 2015IEEE Symp on Security and Privacy(SP).Piscataway,NJ:IEEE,2015:104-121
[17]Koshy P,Koshy D,Mcdaniel P.An analysis of anonymity in bitcoin using P2P network traffic[G]//Financial Cryptography and Data Security.Berlin:Springer,2014:469-485
[18]Kaminsky D.Black Ops of TCP/IP 2011[EB/OL].[2017-08-01].https://dankaminsky.com/2011/08/05/bo2k11/
[19]Biryukov A,Khovratovich D,Pustogarov I.Deanonymisation of clients in Bitcoin P2Pnetwork[C]//Proc of the 21st ACM Conf on Computer and Communications Security.New York:ACM,2014:15-29
[20]Reid F,Harrigan M.An analysis of anonymity in the bitcoin system[C]//Proc of the 3rd IEEE Int Conf on Privacy,Security,Risk and Trust.Piscataway,NJ:IEEE,2011:1318-1326
[21]Liao K,Zhao Ziming,Doupe A,et al.Behind closed doors:Measurement and analysis of cryptoLocker ransoms in bitcoin[C]//Proc of the 2016 APWG Symp on Electronic Crime Research(eCrime).Piscataway,NJ:IEEE,2016:1-13
[22]Ron D,Shamir A.Quantitative analysis of the full bitcoin transaction graph[G]//Financial Cryptography and Data Security.Berlin:Springer,2013:6-24
[23]Bitcoinwiki.Coinbase[EB/OL].[2017-06-10].https://en.bitcoin.it/wiki/Coinbase
[24]Bitcoinwiki.Change[EB/OL].[2017-06-10].https://en.bitcoin.it/wiki/Change
[25]Meiklejohn S,Pomarole M,Jordan G,et al.A fistful of bitcoins:Characterizing payments among men with no names[C]//Proc of the 13th ACM Internet Measurement Conf.New York:ACM,2013:127-140
[26]Zhao Chen.Graph-based forensic investigation of bitcoin transactions[D].Ames,Iowa:Iowa State University,2014
[27]Androulaki E,Karame G O,Roeschlin M,et al.Evaluating user privacy in bitcoin[C]//Proc of the 17th Int Conf on Financial Cryptography and Data Security.Okinawa,Japan:Financial Cryptography,2013:34-51
[28]Monaco J V.Identifying bitcoin users by transaction behavior[C]//Proc of 2015SPIE DSS.Baltimore,Maryland:SPIE,2015
[29]Hyperledger.Hyperledger architecture working group paper[EB/OL].[2017-06-10].https://www.hyperledger.org/
[30]Huang Butian,Liu Zhenguang,Chen Jianhai,et al.Behavior pattern clustering in blockchain networks[J].Multimedia Tools&Applications,2017,76(19):20099-20110
[31]Tor.Getting up to speed on Tor's past,present,and future Tor[EB/OL].[2017-06-10].http://www.theonionrouter.com/docs/documentation.html.en
[32]I2P.What does I2Pdo for you?[EB/OL].[2017-06-10].https://geti2p.net/en/
[33]Monero.What is Monero?[EB/OL].[2017-06-10].https://getmonero.org/get-started/what-is-monero/
[34]Chaum D.Untraceable electronic mail,return addresses and digital pseudonyms[J].Communications of the ACM,1981,24(2):84-90
[35]BitLaunder.BitLaunder's mixer vs“major exchanges”mixer[EB/OL].[2017-06-10].https://bitcoin.stackexchange.com/questions/25722/bitlaunders-mixer-vs-major-exchangesmixer/25753
[36]Bitcoin Fog.Accessing bitcoin fog[EB/OL].[2017-06-10].http://bitcoinfog.info/
[37]Blockchain.Wallet[EB/OL].[2017-06-10].https://Blockchain.info/wallet/
[38]Bonneau J,Narayanan A,Miller A,et al.Mixcoin:Anonymity for bitcoin with accountable mixes[C]//Proc of the 18th Int Conf on Financial Cryptography and Data Security Financial.Barbados:Financial Cryptography,2014:486-504
[39]Valenta L,Rowan B.Blindcoin:Blinded,Accountable Mixes for Bitcoin[G]//Financial Cryptography and Data Security.Berlin:Springer,2015:112-126
[40]Shentu Qingchun,Yu Jianping.A blind-mixing scheme for bitcoin based on an elliptic curve cryptography blind digital signature algorithm[EB/OL].[2017-06-10].https://arxiv.org/ftp/arxiv/papers/1510/1510.05833.pdf
[41]Dash.Dash is digital cash[EB/OL].[2017-06-10].https://www.dash.org/
[42]Gregory M.CoinJoin:Bitcoin privacy for the real world[EB/OL].[2017-06-10].http://bitcointalk.org/index.php?topic=279249.0
[43]Andy G.Dark wallet'is about to make bitcoin money laundering easier than ever[EB/OL].[2017-06-10].https://www.wired.com/2014/04/dark-wallet/
[44]Kyle T.CoinShuffle aims to improve privacy in bitcoin[EB/OL].[2017-06-10].http://insidebitcoins.com/news/coinshuffle-aims-to-improve-privacy-in-bitcoin/29269
[45]Belcher.Joinmarket-Coinjoin that people will actually use[EB/OL].[2017-06-10].http://bitcointalk.org/index.php?topic=919116.0
[46]Ruffing T,Moreno-Sanchez P,Kate A.CoinShuffle:Practical decentralized coin mixing for bitcoin[G]//Computer Security(ESORICS 2014).Berlin:Springer,2014:345-364
[47]Bissias G,Ozisik A P,Levine B N,et al.Sybil-resistant mixing for bitcoin[C]//Proc of the 2015ACM Workshop on Privacy in the Electronic Society.New York:ACM,2014:149-158
[48]Ziegeldorf J H,Grossmann F,Henze M,et al.CoinParty:Secure multi-party mixing of bitcoins[C]//Proc of the 5th ACM Conf on Data and Application Security and Privacy.New York:ACM,2015:75-86
[49]Monero.About monero[EB/OL].[2017-06-10].https://getmonero.org/knowledge-base/about
[50]Monero.A note on chain reactions in traceability in cryptoNote2.0[EB/OL].[2017-06-10].https://lab.getmonero.org/pubs/MRL-0001.pdf
[51]Sasson E B,Chiesa A,Garman C,et al.Zerocash:Decentralized anonymous payments from bitcoin[C]//Proc of the 2014IEEE Symp on Security and Privacy.Piscataway,NJ:IEEE,2014:459-474
[52]Miers I,Garman C,Green M,et al.Zerocoin:Anonymous distributed E-Cash from bitcoin[C]//Proc of the 2013IEEE Symp on Security and Privacy(SP)Conf.Piscataway,NJ:IEEE,2013:397-411
[53]Ben-Sasson E,Chiesa A,Genkin D,et al.SNARKs for C:Verifying program executions succinctly and in zero knowledge[G]//Advances in Cryptology(CRYPTO2013).Berlin:Springer,2013:90-108
[54]Joseph P,Thaddeus D.The bitcoin lightning network:Scalable Off-Chain instant payments[EB/OL].[2017-06-10].http://lightning.network/lightning-network-paper.pdf
[55]Okcoin.OKCoin cold wallet security design and protocol[EB/OL].[2017-06-10].https://www.okcoin.com/security.html
[56]Biryukov A,Pustogarov I.Bitcoin over Tor isn't a Good Idea[C]//Proc of the 2015IEEE Symp on Security and Privacy.Piscataway,NJ:IEEE,2014:122-134
[57]Chainalysis.Protecting the integrity of digital assets[EB/OL].[2017-06-10].https://www.chainalysis.com/
[58]Sandia.Beating bitcoin bad guys[EB/OL].[2017-06-10].http://www.sandia.gov/news/publications/labnews/articles/2016/19-08/bitcoin.html
[59]Elliptic.The global standard for blockchain intelligence[EB/OL].[2017-06-10].https://www.elliptic.co/
[60]Blockchaingroup.Blockchain intelligence group[EB/OL].[2017-06-10].https://Blockchaingroup.io/