Perfect Privacy or Strong Deniability? (Brandon "suraeNoether" Goodell)

Most customers (say Alice and Bob) of privacy-respecting ledgers use a custodial exchange (Eve). Such an exchange can easily ascertain what happened in the event that Alice withdraws from Eve, then Alice sends to Bob, and then Bob deposits at Eve. We discuss how heuristics for tracing the flow of money in a privacy-respecting ledger can be used to construct statistical hypotheses, how parallelizable graphtheoretic approaches can be used to construct maximum likelihood estimates under these hypotheses of the transaction history in polylogarithmic time, and how custodial exchanges can leverage their custodial information to assess the goodness of their estimates. These techniques can be used to rapidly test hypotheses of customer behavior, but suffer issues with sensitivity and specificity (especially against customers with knowledge of the underlying heuristics, who may attempt a frame-up on other customers). We show some preliminary results about how the anonymity set size influences both the power of these tests and the time it takes to apply these approaches. We conclude the privacy claims in cryptocurrencies like Monero or Zcash reduce to that of plausible deniability against adversaries with extra knowledge. Brandon Goodell (Surae Noether) is a mathematician and researcher and Monero Research Lab. He has contributed to the Monero community since 2014. His work has most recently been focused on security proofs for new cryptographic protocols as well as statistical approaches to blockchain analysis.

Napsat komentář

Vaše emailová adresa nebude zveřejněna. Vyžadované informace jsou označeny *