English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 117578/148609 (79%)
Visitors : 70651214      Online Users : 9711
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    政大機構典藏 > 資訊學院 > 資訊科學系 > 學位論文 >  Item 140.119/158473


    Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/158473


    Title: 可抵抗提權攻擊之新型可追蹤隱匿地址方案
    A New Traceable One-time Address Scheme Secure Against Privilege Escalation Attacks
    Authors: 陳則叡
    Chen, Tse-Jui
    Contributors: 左瑞麟
    Tso, Raylin
    陳則叡
    Chen, Tse-Jui
    Keywords: 提權攻擊
    可追蹤性
    一次性地址
    區塊鏈
    Privilege escalation attack
    Traceability
    One-time address
    Blockchain
    Date: 2025
    Issue Date: 2025-08-04 13:57:20 (UTC+8)
    Abstract: 隨著加密貨幣系統對隱私保護的日益重視,一次性地址已被 Monero 等平台廣泛採用以保護用戶匿名性。然而,現有的可追蹤一次性地址方案(如 Zhao 等人提出的方案)仍然容易受到提權攻擊,當一次性密鑰洩露時,攻擊者能夠重建長期密鑰,進而危及所有相關地址和資金。

    為解決此問題,我們提出了一個增強型可追蹤一次性地址方案,該方案能夠容忍衍生密鑰洩露。我們的方案消除了地址生成過程中對安全通道的需求,並提高了用戶端地址識別的效率。我們在隨機預言模型下,基於標準密碼學假設,正式證明了構造的安全性,並通過與現有方法的實驗比較評估其性能。儘管我們的方案在地址生成方面產生了略高的成本,但考慮到其提供的改進安全性和可追蹤性,整體計算開銷仍在可接受範圍內。
    With the growing emphasis on privacy in cryptocurrency systems, one-time addresses have been widely adopted by platforms such as Monero to protect user anonymity. However, existing traceable one-time address schemes—such as the one by Zhao et al.—remain vulnerable to privilege escalation attacks, where the leakage of a one-time secret key enables adversaries to reconstruct the long-term secret key, compromising all associated addresses and funds.

    To address this problem, we propose an enhanced traceable one-time address scheme that tolerates derived secret key leakage. Our scheme removes the requirement for secure channels during address generation and improves the efficiency of user-side address recognition. We formally prove the security of our construction in the random oracle model under standard cryptographic assumptions, and evaluate its performance through experimental comparison with existing approaches. Although our scheme incurs slightly higher cost in address generation, the overall computational overhead remains acceptable given the improved security and traceability it offers.
    Reference: [1] Nicolas Van Saberhagen. Cryptonote v 2.0, 2013.

    [2] Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system. Decentralized business review, 2008.

    [3] Liutao Zhao, Lin Zhong, and Jiawan Zhang. Traceable one-time address solution to the interactive blockchain for digital museum assets. Information Sciences, 625: 157–174, 2023.

    [4] Yu Chen, Xuecheng Ma, Cong Tang, and Man Ho Au. Pgc: Decentralized confidential payment system with auditability. In Computer Security–ESORICS 2020: 25th European Symposium on Research in Computer Security, ESORICS 2020, Guildford, UK, September 14–18, 2020, Proceedings, Part I 25, pages 591–610. Springer, 2020.

    [5] Fergal Reid and Martin Harrigan. An analysis of anonymity in the bitcoin system. Springer, 2013.

    [6] Dorit Ron and Adi Shamir. Quantitative analysis of the full bitcoin transaction graph. In Financial Cryptography and Data Security: 17th International Conference, FC 2013, Okinawa, Japan, April 1-5, 2013, Revised Selected Papers 17, pages 6–24. Springer, 2013.

    [7] Ian Miers, Christina Garman, Matthew Green, and Aviel D Rubin. Zerocoin: Anonymous distributed e-cash from bitcoin. In 2013 IEEE Symposium on Security and Privacy, pages 397–411. IEEE, 2013.

    [8] Eli Ben Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza. Zerocash: Decentralized anonymous payments from bitcoin. In 2014 IEEE symposium on security and privacy, pages 459–474. IEEE, 2014.

    [9] Eli Ben-Sasson, Alessandro Chiesa, Eran Tromer, and Madars Virza. Succinct {Non-Interactive} zero knowledge for a von neumann architecture. In 23rd USENIX Security Symposium (USENIX Security 14), pages 781–796, 2014.

    [10] Joseph K Liu and Duncan S Wong. Linkable ring signatures: Security models and new schemes. In Computational Science and Its Applications–ICCSA 2005: International Conference, Singapore, May 9-12, 2005, Proceedings, Part II 5, pages 614–623. Springer, 2005.

    [11] Shen Noether, Adam Mackenzie, et al. Ring confidential transactions. Ledger, 1: 1–18, 2016.

    [12] Shi-Feng Sun, Man Ho Au, Joseph K Liu, and Tsz Hon Yuen. Ringct 2.0: A compact accumulator-based (linkable ring signature) protocol for blockchain cryptocurrency monero. In Computer Security–ESORICS 2017: 22nd European Symposium on Research in Computer Security, Oslo, Norway, September 11-15, 2017, Proceedings, Part II 22, pages 456–474. Springer, 2017.

    [13] Chao Lin, Debiao He, Xinyi Huang, Muhammad Khurram Khan, and Kim-Kwang Raymond Choo. Dcap: A secure and efficient decentralized conditional anonymous payment system based on blockchain. IEEE Transactions on Information Forensics and Security, 15:2440–2452, 2020.

    [14] Xin Yin, Zhen Liu, Guomin Yang, Guoxing Chen, and Haojin Zhu. Secure hierarchical deterministic wallet supporting stealth address. In European Symposium on Research in Computer Security, pages 89–109. Springer, 2022.

    [15] Zhen Liu, Guomin Yang, Duncan S Wong, Khoa Nguyen, Huaxiong Wang, Xiaorong Ke, and Yining Liu. Secure deterministic wallet and stealth address: Key-insulated and privacy-preserving signature scheme with publicly derived public key. IEEE Transactions on Dependable and Secure Computing, 19(5):2934–2951, 2021.

    [16] Dan Boneh and Matt Franklin. Identity-based encryption from the weil pairing. In Annual international cryptology conference, pages 213–229. Springer, 2001.

    [17] Whitfield Diffie and Martin Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 22(6):644–654, 1976.

    [18] Brent Waters. Efficient identity-based encryption without random oracles. In Annual international conference on the theory and applications of cryptographic techniques, pages 114–127. Springer, 2005.

    [19] Mihir Bellare and Gregory Neven. Multi-signatures in the plain public-key model and a general forking lemma. In Proceedings of the 13th ACM conference on Computer and communications security, pages 390–399, 2006.

    [20] Junke Duan, Licheng Wang, Wei Wang, and Lize Gu. Trct: A traceable anonymous transaction protocol for blockchain. IEEE Transactions on Information Forensics and Security, 18:4391–4405, 2023.
    Description: 碩士
    國立政治大學
    資訊科學系
    110753119
    Source URI: http://thesis.lib.nccu.edu.tw/record/#G0110753119
    Data Type: thesis
    Appears in Collections:[資訊科學系] 學位論文

    Files in This Item:

    File Description SizeFormat
    311901.pdf737KbAdobe PDF0View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback