% Encoding: UTF-8
@COMMENT{BibTeX export based on data in FAU CRIS: https://cris.fau.de/}
@COMMENT{For any questions please write to cris-support@fau.de}
@inproceedings{faucris.230523571,
abstract = {Monero is the largest cryptocurrency with built-in cryptographic privacy features. The transactions are authenticated using zero-knowledge spend proofs, which provide a certain level of anonymity by hiding the source accounts from which the funds are sent among a set of other accounts. Due to its similarities to ring signatures, this core cryptographic component is called Ring Confidential Transactions (RingCT). Because of its practical relevance, several works attempt to analyze the security of RingCT. Since RingCT is rather complex, most of them are either informal, miss fundamental functionalities, or introduce undesirable trusted setup assumptions. Regarding efficiency, Monero currently deploys a scheme in which the size of the spend proof is linear in the ring size. This limits the ring size to only a few accounts, which in turn limits the acquired anonymity significantly and facilitates de-anonymization attacks. As a solution to these problems, we present the first rigorous formalization of RingCT as a cryptographic primitive. We then propose a generic construction of RingCT and prove it secure in our formal security model. By instantiating our generic construction with new efficient zero-knowledge proofs, we obtain Omniring, a fully-fledged RingCT scheme in the discrete logarithm setting that provides the highest concrete and asymptotic efficiency as of today. Omniring is the first RingCT scheme which 1) does not require a trusted setup or pairing-friendly elliptic curves, 2) has a proof size logarithmic in the size of the ring, and 3) allows to share the same ring between all source accounts in a transaction, thereby enabling significantly improved privacy level without sacrificing performance. Our zero-knowledge proofs rely on novel enhancements to the Bulletproofs framework (S&P 2018), which we believe are of independent interest.},
author = {Lai, Russell W. F. and SchrÃ¶der, Dominique and Ronge, Viktoria and Thyagarajan, Sri Aravinda Krishnan and Ruffing, Tim and Wang, Jiafan},
booktitle = {Proceedings of the ACM Conference on Computer and Communications Security},
date = {2019-11-11/2019-11-15},
doi = {10.1145/3319535.3345655},
faupublication = {yes},
isbn = {9781450367479},
keywords = {Anonymity; Cryptocurrency; Monero; Privacy},
note = {CRIS-Team Scopus Importer:2019-12-13},
pages = {31-48},
peerreviewed = {unknown},
publisher = {Association for Computing Machinery},
title = {{Omniring}: {Scaling} private payments without trusted setup: {Formal} foundations and a construction of ring confidential transactions with log-size proofs},
venue = {London},
year = {2019}
}