UCoin: An Efficient Privacy Preserving Scheme for Cryptocurrencies

Abstract

In cryptocurrencies, privacy of users is preserved using pseudonymity . However, it has been shown that pseudonymity does not result in anonymity if a user's transactions are linkable. This makes cryptocurrencies vulnerable to deanonymization attacks. The current solutions proposed in the literature suffer from at least one of the following issues: (1) requiring a trusted third–party entity, (2) poor performance, and (3) incompatible with the standard structure of cryptocurrencies. In this article, we propose Unlinkable Coin (UCoin), a secure mix–based approach to address these issues. In UCoin, the link between the input (payer) and output (payee) addresses in a transaction is broken. This is done by mixing the transactions of multiple users into a single aggregated transaction in which the output addresses have been secretly shuffled. In our protocol design, we first develop HDC–net, a secure shuffling protocol that enables a group of users to anonymously publish their data. Then, we deploy the proposed HDC–net protocol in the UCoin architecture (as a mixing unit) to generate the aggregate transactions. We show that UCoin (1) does not rely on a trusted third–party, (2) can mix 50 transactions in 6.3 seconds that is 18% faster than the current solutions, and (3) is fully compatible with the architecture of cryptocurrencies.