Commit e2de8c3e authored by Sarang Noether's avatar Sarang Noether

Add CLSAG paper as MRL-0011

parent de886635
......@@ -468,7 +468,7 @@ research-lab:
mrl4_abstract: قد حددنا العديد من هجمات التحليل المتاحه ضد بروتوكول كريبتونوت (CryptoNote 2.0) التي تهدف إضعاف عدم إمكانيه التتبع.نقوم بتحليل الحلول الممكنه, ومناقشه مزاياها وعيوبها, ونوصي بالتحسينات اللازمه لبروتوكول مونيرو التي ستقوم بمقاومه تتبع سلسله الكتل علي المدي الطويل. تشمل هذه التحسينات علي مستوي البروتوكول والشبكه أقل عدد لدمج توقيعات-الطوق (n = 2) , علي مستوي البروتوكول رفع هذه القيمه بعد سنتين إلي ( n = 4 ) , وعلي مستوي المحفظه (n = 4) في هذه الأثناء. ننصح أيضاً بنظام الند إلي الند في إرسال مخرجات معامله مونيرو. نناقش أيضاً طريقه إختيار غير موحده تعتمد علي العمر للتخفيف من هجمات تحليل سلسله الكتل الذي تم تحديده هنا. ولكننا لا نقدم أي توصيات رسميه بشأن دمجها لمجموعه متنوعه من الأسباب. ونناقش أيضاً بالتفصيل الأثار المترتبه علي هذه التحسينات. هذا البحث لم يتم مراجعته ولا يعكس سوي نتائج التحقيق الداخلي.
mrl5: المعاملات السريه لتوقيعات الطوق
mrl5_abstract: يُقدم هذا المقال طريقه إخفاء كميه المعاملات في العمله الرقميه اللامركزيه مونيرو . كالبتكوين تعتمد عمله مونيرو علي التوزيع من خلال عمليه إثبات-العمل (التعدين). بروتوكول مونيرو الأساسي مبني علي CryptoNote والذي يستهدم توقعيات-الطوق و مفاتيح المره الواحده لإخفاء واجهه و مصدر المعاملات. مؤخراً, تم مناقشه ودمج أسلوب إخفاء المعاملات بواسطه مُطور البتكوين جورج ماكسويل. في هذا المقال يتم وصف نوع جديد من نظام توقيعات-الطوق وهو توقيع مجهول متعدد الطبقات ويسمح بإخفاء مبلغ المعاملات ومصدرها ووِجهتها بكافئه معقوله . بعض ملحقات البروتوكول متوفره مثال (Aggregate Schnorr Range Proofs) و توقيعات-الطوق المزدوجه (Ring Multisignature).يود الكاتب ذكر أن المسودات المبكره لهذا تم نشرها علي قناه مونيرو والبتكوين عبر ال IRC . تم تسجيل المسودات بسلسله الكتل [14] توضح أنه قد بدأ العمل في صيف 2015 وإكتمل في أوائل شهر أكتوبر 2015 كما تتوفر نسخه إلكترونيه في http://eprint.iacr.org/2015/1098.
mrl6: An Efficient Implementation of Monero Subadresses
mrl6: An Efficient Implementation of Monero Subaddresses
mrl6_abstract: Users of the Monero cryptocurrency who wish to reuse wallet addresses in an unlinkable way must maintain separate wallets, which necessitates scanning incoming transactions for each one. We document a new address scheme that allows a user to maintain a single master wallet address and generate an arbitary number of unlinkable subaddresses. Each transaction needs to be scanned only once to determine if it is destinated for any of the user’s subaddresses. The scheme additionally supports multiple outputs to other subaddresses, and is as efficient as traditional wallet transactions.
mrl7: Sets of Spent Outputs
mrl7_abstract: This technical note generalizes the concept of spend outputs using basic set theory. The definition captures a variety of earlier work on identifying such outputs. We quantify the effects of this analysis on the Monero blockchain and give a brief overview of mitigations.
......@@ -478,6 +478,8 @@ research-lab:
mrl9_abstract: We present threshold ring multi-signatures (thring signatures) for collaborative computation of ring signatures, present a game of existential forgery for thring signatures, and discuss uses of thring signatures in digital currencies that include spender-ambiguous cross-chain atomic swaps for confidential amounts without a trusted setup. We present an implementation of thring signatures that we call linkable spontaneous threshold anonymous group signatures, and prove the implementation existentially unforgeable.
mrl10: Discrete Logarithm Equality Across Groups
mrl10_abstract: This technical note describes an algorithm used to prove knowledge of the same discrete logarithm across different groups. The scheme expresses the common value as a scalar representation of bits, and uses a set of ring signatures to prove each bit is a valid value that is the same (up to an equivalence) across both scalar groups.
mrl11: Compact linkable ring signatures and applications
mrl11_abstract: We describe an efficient linkable ring signature scheme, compact linkable spontaneous anonymous group (CLSAG) signatures, for use in confidential transactions. Compared to the existing signature scheme used in Monero, CLSAG signatures are both smaller and more efficient to generate and verify for ring sizes of interest. We generalize the construction and show how it can be used to produce signatures with coins of different type in the same transaction.
cryptonote: الورقه البيضاء لكريبتونوت (CryptoNote)
cryptonote-whitepaper: الورقه البيضاء لكريبتونوت (CryptoNote)
cryptonote-whitepaper_para: هذه هي الورقه الرسميه لكريبتونوت المكتوبه بواسطه فريق كريبتونوت. قرائتها سوف يعطيك فِهماً حول آليه عمل خوارزميه كريبتونوت في العموم.
......
......@@ -468,7 +468,7 @@ research-lab:
mrl4_abstract: Wir identifizieren verschiedene Blockchainanalyseangriffe, die zur Verfügung stehen, um die Unnachverfolgbarkeit des CryptoNote-2.0-Protokolls auszuhebeln. Es werden verschiedene Lösungen untersucht und deren jeweilige Vorzüge und Nachteile bewertet und Verbesserungen am Protokoll Moneros vorgeschlagen, die die Widerstandsfähigkeit gegen Blockchainanalysen auf hoffentlich lange Sicht gewähren können. Unsere Vorschläge beinhalten eine Änderung der netzwerkweiten Mindestzahl an Verschleierungspartnern je Ringsignatur auf Protokollebene von n = 2 und eine Anhebung dieses Werts auf n = 4 nach zwei Jahren sowie das Setzen der Standardzahl auf zunächst n = 4. Wir empfehlen weiterhin eine Torrent-ähnliche Methode, um Moneros zu versenden, sowie eine uneinheitliche, altersabhängige Selektierung der Verschleierungspartner, um anderen Formen der Blockchainanalyse entgegen zu wirken. Aus verschiedenen Gründen werden jedoch keine formellen Vorschläge zur Implementierung gegeben. Die Auswirkungen dieser Verbesserungen werden etwas genauer betrachtet. Diese Abhandlung wurde nicht peer-reviewed und spiegelt nur die Ergebnisse interner Untersuchungen wider.
mrl5: Vertrauliche Ringsignaturtransaktionen (Ring Signature Confidential Transactions)
mrl5_abstract: Dieser Artikel gibt eine Einführung in eine Methode, Transaktionsbeträge in der stark dezentralisierten, anonymen Kryptowährung Monero zu verstecken. Ähnlich wie Bitcoin ist Monero eine Kryptowährung, die durch einen dezentralen, verteilten „Proof-of-Work“-Miningprozess herausgegeben wird. Das ursprüngliche Monero-Protokoll basierte auf CryptoNote, welches Ringsignaturen und einmalige Schlüssel verwendet, um Ursprung und Ziel von Transaktionen zu verstecken. Vor kurzem wurde eine Vorgehensweise diskutiert, es mithilfe von Verpflichtungserklärungen auf Transaktionen zu ermöglichen, die Beträge der Transaktionen zu verstecken. Diese wurden von Gregory Maxwell, einem der Hauptentwickler Bitcoins, implementiert. In diesem Artikel wird ein neuer Typ von Ringsignaturen – eine mehrschichtig verknüpfte, spontane, anonyme Gruppensignatur – beschrieben, der es ermöglicht, Beträge, Ursprünge und Ziele von Transaktionen zu verstecken und dabei eine akzeptable Effizienz unter Beibehaltung der Verifizierbarkeit der vertrauenslosen Coingenerierung zu bewahren. Einige notwendige Erweiterungen des Protokolls werden vorgestellt, wie beispielsweise aggregierte Schnorr-Range-Proofs und Multiringsignaturen. Der Autor merkt an, dass frühe Entwürfe hiervon in der Monero-Community und dem „Bitcoin Research“-IRC-Channel veröffentlicht wurden. Auf der Blockchain hinterlegte Hashes dieser Versionen können in [14] eingesehen werden, die zeigen, dass die Arbeiten daran im Sommer 2015 aufgenommmen und Anfang Oktober 2015 vollendet wurden. Eine elektronische Version findet sich unter http://eprint.iacr.org/2015/1098.
mrl6: Eine effiziente Implementierung von Subadressen (An Efficient Implementation of Monero Subadresses)
mrl6: Eine effiziente Implementierung von Subadressen (An Efficient Implementation of Monero Subaddresses)
mrl6_abstract: Nutzer der Kryptowährung Monero, die ihre Walletadressen wiederholt nutzen möchten, aber dabei eine Verknüpfbarkeit vermeiden wollen, müssen mehrere Wallets nutzen, was ein Durchsuchen der Blockchain für jede einzelne bedeutet. Wir dokumentieren eine neue Variante für Adressen, die es dem Nutzer ermöglicht, eine einzelne Hauptadresse zu verwalten und eine beliebige Anzahl an Subadressen für diese zu generieren. Dies bietet den weiteren Vorteil, dass die Blockchain nur ein Mal für eine beliebige Anzahl an Subadressen durchsucht werden muss, um zu erkennen, ob sie für eine dieser bestimmt ist. Weiterhin unterstützt diese Variante mehrfache Ausgänge an andere Subadressen und ist genauso effizient wie herkömmliche Transaktionen.
mrl7: Mengen von ausgegebenen Outputs (Sets of Spent Outputs)
mrl7_abstract: Diese technische Abhandlung verallgemeinert das Konzept von ausgegebenen Outputs unter Zuhilfenahme grundlegender Mengenlehre. Die Beschreibung vereint eine Vielzahl vorheriger Arbeiten, die sich mit der Analyse solcher ausgegebenen Outputs beschäftigen. Wir quantifizieren die Effekte solcher Analysen der Monero-Blockchain und geben eine Übersicht der Gegenmaßnahmen.
......@@ -478,6 +478,8 @@ research-lab:
mrl9_abstract: Wir präsentieren Multigrenzwertringsignaturen (Thringsignaturen) zur kollaborativen Berechnung von Ringsignaturen, zeigen eine Demo zur grundlegenden Erstellung von Thringsignaturen und diskutieren die Anwendungen von Thringsignaturen in digitalen Währungen, die währungsübergreifende Atomic Swaps mit unbekannten Sendern für geheime Beträge ohne die Notwendigkeit des Vertrauens in eine dritte Partei ermöglichen. Wir präsentieren eine Einbindung von Thringsignaturen, die wir spontan verknüpfbare, anonyme Grenzwertgruppensignaturen nennen und beweisen, dass die Implementierung grundlegend fälschungssicher ist.
mrl10: Gruppenübergreifende diskret logarithmische Gleichheit (Discrete Logarithm Equality Across Groups)
mrl10_abstract: Diese technische Abhandlung beschreibt einen Algorithmus, der verwendet wird, um die Kenntnis desselben diskreten Logarithmus über verschiedene Gruppen hinweg zu beweisen. Diese Methode beschreibt einen gemeinsamen Wert als eine skalare Repräsentation von Bits und nutzt diese als eine Menge von Ringsignaturen um zu beweisen, dass jedes Bit ein gültiger Wert ist, der der gleiche (bis zu einem bestimmen Äquivalent) über beide Skalargruppen ist.
mrl11: Compact linkable ring signatures and applications
mrl11_abstract: We describe an efficient linkable ring signature scheme, compact linkable spontaneous anonymous group (CLSAG) signatures, for use in confidential transactions. Compared to the existing signature scheme used in Monero, CLSAG signatures are both smaller and more efficient to generate and verify for ring sizes of interest. We generalize the construction and show how it can be used to produce signatures with coins of different type in the same transaction.
cryptonote: CryptoNote-Whitepapers
cryptonote-whitepaper: CryptoNote-Whitepaper
cryptonote-whitepaper_para: Dies ist die originale Abhandlung über CryptoNote, welche vom CryptoNote-Team geschrieben wurde. Eine Lektüre hiervon wird eine grundlegende Einsicht in die Funktionsweise des CryptoNote-Algorithmus geben.
......
......@@ -468,7 +468,7 @@ research-lab:
mrl4_abstract: We identify several blockchain analysis attacks available to degrade the untraceability of the CryptoNote 2.0 protocol. We analyze possible solutions, discuss the relative merits and drawbacks to those solutions, and recommend improvements to the Monero protocol that will hopefully provide long-term resistance of the cryptocurrency against blockchain analysis. Our recommended improvements to Monero include a protocol-level network-wide minimum mix-in policy of n = 2 foreign outputs per ring signature, a protocol-level increase of this value to n = 4 after two years, and a wallet-level default value of n = 4 in the interim. We also recommend a torrent-style method of sending Monero output. We also discuss a non-uniform, age-dependent mix-in selection method to mitigate the other forms of blockchain analysis identified herein, but we make no formal recommendations on implementation for a variety of reasons. The ramifications following these improvements are also discussed in some detail. This research bulletin has not undergone peer review, and reflects only the results of internal investigation.
mrl5: Ring Signature Confidential Transactions
mrl5_abstract: This article introduces a method of hiding transaction amounts in the strongly decentralized anonymous cryptocurrency Monero. Similar to Bitcoin, Monero is a cryptocurrency which is distributed through a proof of work “mining” process. The original Monero protocol was based on CryptoNote, which uses ring signatures and one-time keys to hide the destination and origin of transactions. Recently the technique of using a commitment scheme to hide the amount of a transaction has been discussed and implemented by Bitcoin Core Developer Gregory Maxwell. In this article, a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature is described which allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation. Some extensions of the protocol are provided, such as Aggregate Schnorr Range Proofs, and Ring Multisignature. The author would like to note that early drafts of this were publicized in the Monero Community and on the bitcoin research irc channel. Blockchain hashed drafts are available in [14] showing that this work was started in Summer 2015, and completed in early October 2015. An eprint is also available at http://eprint.iacr.org/2015/1098.
mrl6: An Efficient Implementation of Monero Subadresses
mrl6: An Efficient Implementation of Monero Subaddresses
mrl6_abstract: Users of the Monero cryptocurrency who wish to reuse wallet addresses in an unlinkable way must maintain separate wallets, which necessitates scanning incoming transactions for each one. We document a new address scheme that allows a user to maintain a single master wallet address and generate an arbitary number of unlinkable subaddresses. Each transaction needs to be scanned only once to determine if it is destinated for any of the user’s subaddresses. The scheme additionally supports multiple outputs to other subaddresses, and is as efficient as traditional wallet transactions.
mrl7: Sets of Spent Outputs
mrl7_abstract: This technical note generalizes the concept of spend outputs using basic set theory. The definition captures a variety of earlier work on identifying such outputs. We quantify the effects of this analysis on the Monero blockchain and give a brief overview of mitigations.
......@@ -478,6 +478,8 @@ research-lab:
mrl9_abstract: We present threshold ring multi-signatures (thring signatures) for collaborative computation of ring signatures, present a game of existential forgery for thring signatures, and discuss uses of thring signatures in digital currencies that include spender-ambiguous cross-chain atomic swaps for confidential amounts without a trusted setup. We present an implementation of thring signatures that we call linkable spontaneous threshold anonymous group signatures, and prove the implementation existentially unforgeable.
mrl10: Discrete Logarithm Equality Across Groups
mrl10_abstract: This technical note describes an algorithm used to prove knowledge of the same discrete logarithm across different groups. The scheme expresses the common value as a scalar representation of bits, and uses a set of ring signatures to prove each bit is a valid value that is the same (up to an equivalence) across both scalar groups.
mrl11: Compact linkable ring signatures and applications
mrl11_abstract: We describe an efficient linkable ring signature scheme, compact linkable spontaneous anonymous group (CLSAG) signatures, for use in confidential transactions. Compared to the existing signature scheme used in Monero, CLSAG signatures are both smaller and more efficient to generate and verify for ring sizes of interest. We generalize the construction and show how it can be used to produce signatures with coins of different type in the same transaction.
cryptonote: Cryptonote Whitepapers
cryptonote-whitepaper: Cryptonote Whitepaper
cryptonote-whitepaper_para: This is the original cryptonote paper written by the cryptonote team. Reading it will give an understanding about how the cryptonote algorithm works in general.
......
langs:
langs:
en: English
es: Español
it: Italiano
......@@ -478,6 +478,8 @@ research-lab:
mrl9_abstract: Presentamos el límite de las firmas múltiples de círculo (\textit{thring signatures}) para el cálculo colaborativo de firmas de círculo, presentamos un juego de falsificación para las firmas thring y discutimos los usos de las firmas thring en monedas digitales que incluyen cruces de cadena atómicos de gasto-ambiguo para cantidades confidenciales sin un sistema de confianza. Presentamos una implementación de las firmas de thring que nombramos enlaces de firmas grupales espontáneos de límites anónimos y probamos la implementación existencial no falsable.
mrl10: Igualdad de logaritmo discreto a través de grupos
mrl10_abstract: Esta nota técnica describe un algoritmo usado para demostrar conocimiento del mismo logaritmo discreto a través de diferentes grupos. El esquema expresa el valor común cómo una representación escalado de bits y usa una serie de firmas de círculo que demuestra que cada bit es un valor legítimo, que es el mismo (hasta una equivalencia), a través de los grupos escalados.
mrl11: Compact linkable ring signatures and applications
mrl11_abstract: We describe an efficient linkable ring signature scheme, compact linkable spontaneous anonymous group (CLSAG) signatures, for use in confidential transactions. Compared to the existing signature scheme used in Monero, CLSAG signatures are both smaller and more efficient to generate and verify for ring sizes of interest. We generalize the construction and show how it can be used to produce signatures with coins of different type in the same transaction.
cryptonote: Libros Blancos de Cryptonote
cryptonote-whitepaper: Libro Blanco de Cryptonote
cryptonote-whitepaper_para: Este es el libro blanco original de CryptoNote escrito por el equipo de CryptoNote. Leerlo dará un entendimiento acerca de cómo funciona el algoritmo CryptoNote en general.
......
......@@ -480,6 +480,8 @@ research-lab:
mrl9_abstract: Nous présentons des multi-signatures de cercle à seuil (signatures Thring) pour le calcul collaboratif des signatures de cercle, nous présentons un jspécimen de falsification fondamentale pour les signatures Thring, et nous parlons des utilisations des signatures Thring pour les monnaies numériques qui incluent des échanges atomiques entre chaînes à dépenses ambiguës pour des montants confidentiels, sans avoir besoin de paramétrage de confiance. Nous présentons une implémentation des signatures thring que nous appelons signatures de groupe anonymes à seuil spontané associable, et prouvons que l'implémentation est fondamentalement infalsifiable.
mrl10: Égalité logarithmique discrète entre groupes
mrl10_abstract: Cette note technique décrit un algorithme utilisé pour prouver la connaissance du même logarithme discret dans différents groupes. Le schéma exprime la valeur commune sous la forme d'une représentation scalaire des bits et utilise un ensemble de signatures de cercle pour prouver que chaque bit est une valeur valide et identique (jusqu'à une équivalence) entres les deux groupes scalaires.
mrl11: Compact linkable ring signatures and applications
mrl11_abstract: We describe an efficient linkable ring signature scheme, compact linkable spontaneous anonymous group (CLSAG) signatures, for use in confidential transactions. Compared to the existing signature scheme used in Monero, CLSAG signatures are both smaller and more efficient to generate and verify for ring sizes of interest. We generalize the construction and show how it can be used to produce signatures with coins of different type in the same transaction.
cryptonote: Livres Blancs CryptoNote
cryptonote-whitepaper: Livre Blanc Cryptonote
cryptonote-whitepaper_para: Voici le document originel de CryptoNote écrit par l'équipe CryptoNote. En le lisant, vous comprendrez comment l'algorithme CryptoNote fonctionne d'une manière générale.
......
......@@ -469,7 +469,7 @@ research-lab:
mrl4_abstract: "We beschrijven verschillende aanvallen met blockchain-analyse waarmee de onvolgbaarheid van het protocol CryptoNote 2.0 zou kunnen worden aangetast. We analyseren mogelijke oplossingen, bespreken de voor- en nadelen van deze oplossingen en we raden verbeteringen van het Monero-protocol aan waarmee deze cryptovaluta op de lange termijn hopelijk beter bestand zal zijn tegen blockchain-analyse. Onze aanbevolen verbeteringen van Monero zijn onder meer: een minimale mixin van n = 2 externe outputs per ring-handtekening op protocolniveau voor het hele netwerk, een verhoging van deze waarde tot n = 4 op protocolniveau na twee jaar, en voorlopig een standaardwaarde van n = 4 op het niveau van de portemonnee. We raden ook aan om Monero-uitvoer te verzenden in de vorm van een torrent. Verder bespreken we een niet-uniforme, leeftijdsafhankelijke methode om mixins te selecteren, waarmee de andere vormen van blockchain-analyse die hier zijn vermeld, kunnen worden vermeden, maar om verschillende redenen doen we geen formele aanbevelingen over het implementeren hiervan. De consequenties van deze verbeteringen worden ook uitgelegd. Dit onderzoeksbulletin is niet onderworpen aan peer review en geeft alleen de resultaten van intern onderzoek weer."
mrl5: Ring Signature Confidential Transactions
mrl5_abstract: "In dit artikel wordt een methode geïntroduceerd voor het verbergen van transactiebedragen in de sterk gedecentraliseerde anonieme cryptovaluta Monero. Net als Bitcoin is Monero een cryptovaluta die wordt verspreid via een proces van *mining* voor *proof of work*. Het oorspronkelijke Monero-protocol was gebaseerd op CryptoNote, waarin ring-handtekeningen en eenmalige sleutels worden gebruikt om de herkomst en bestemming van transacties te verbergen. Onlangs heeft Bitcoin Core-ontwikkelaar Gregory Maxwell een methode besproken en geïmplementeerd om het bedrag van een transactie te verbergen met een *commitment scheme* (verbintenis). In dit artikel wordt een nieuw type ring-handtekening beschreven: een *Multi-layered Linkable Spontaneous Anonymous Group*. Hiermee kunnen bedragen, afzenders en ontvangers worden verborgen met redelijke efficiëntie, terwijl de hoeveelheid gegenereerde coins kan worden gecontroleerd zonder dat je iemand hoeft te vertrouwen. Er worden een aantal uitbreidingen van het protocol voorgesteld, namelijk *Aggregate Schnorr Range Proofs* en *Ring Multisignature*. De auteur wil hierbij aantekenen dat vroege schetsen van dit artikel zijn gepubliceerd binnen de Monero-community en op het IRC-kanaal bitcoin-research. Hashes op de blockchain van schetsen zijn beschikbaar in [14], waaruit blijkt dat dit werk is begonnen in de zomer van 2015 en voltooid in het begin van oktober 2015. Er is ook een e-print beschikbaar op http://eprint.iacr.org/2015/1098."
mrl6: An Efficient Implementation of Monero Subadresses
mrl6: An Efficient Implementation of Monero Subaddresses
mrl6_abstract: Gebruikers van de cryptovaluta Monero die adressen willen hergebruiken zonder dat ze aan elkaar kunnen worden gekoppeld, moeten afzonderlijke portemonnees gebruiken. Daarvoor moeten ze binnenkomende transacties voor elke portemonnee opzoeken. We documenteren een nieuw systeem van adressen waarbij een gebruiker één hoofdadres voor een portemonnee heeft en een onbeperkt aantal subadressen die niet aan elkaar gekoppeld kunnen worden. Elke transactie hoeft maar één keer gescand te worden om te bepalen of deze bestemd is voor een van de subadressen van de gebruiker. Dit systeem ondersteunt ook meerdere outputs naar andere subadressen en is net zo efficiënt als traditionele transacties.
mrl7: Sets of Spent Outputs
mrl7_abstract: In deze technische notitie wordt het begrip 'uitgegeven outputs' gegeneraliseerd volgens de elementaire verzamelingenleer. We vatten allerlei eerder onderzoek naar het aanwijzen van dergelijke outputs samen. We kwantificeren de gevolgen van deze analyse op de Monero-blockchain en geven een kort overzicht van tegenmaatregelen.
......@@ -479,6 +479,8 @@ research-lab:
mrl9_abstract: We presenteren ring multi-signatures met een drempel (thring signatures) voor gezamenlijke berekening van ring-handtekeningen, we presenteren een spel met existentiële vervalsing voor thring signatures en we bespreken toepassingen van thring signatures in digitale valuta met atomic swaps tussen blockchains waarbij de afzender ambigu is voor vertrouwelijke bedragen zonder trusted setup. We presenteren een implementatie van thring signatures onder de naam 'linkable spontaneous threshold anonymous group signatures', en we bewijzen dat deze implementatie niet existentieel vervalst kan worden.
mrl10: Discrete Logarithm Equality Across Groups
mrl10_abstract: Deze technische notitie beschrijft een algoritme waarmee kennis van hetzelfde discrete logaritme tussen verschillende groepen kan worden bewezen. Hierin wordt de gedeelde waarde uitgedrukt als een scalaire weergave van bits, en wordt een verzameling ring-handtekeningen gebruikt om te bewijzen dat alle bits een geldige waarde hebben die hetzelfde is (tot een bepaalde equivalentie) in beide scalaire groepen.
mrl11: Compact linkable ring signatures and applications
mrl11_abstract: We describe an efficient linkable ring signature scheme, compact linkable spontaneous anonymous group (CLSAG) signatures, for use in confidential transactions. Compared to the existing signature scheme used in Monero, CLSAG signatures are both smaller and more efficient to generate and verify for ring sizes of interest. We generalize the construction and show how it can be used to produce signatures with coins of different type in the same transaction.
cryptonote: Cryptonote-whitepapers
cryptonote-whitepaper: Cryptonote Whitepaper
cryptonote-whitepaper_para: Dit is het oorspronkelijke Cryptonote-paper, geschreven door het Cryptonote-team. Het geeft een indruk van hoe het Cryptonote-algoritme in het algemeen werkt.
......
......@@ -469,7 +469,7 @@ research-lab:
mrl4_abstract: Zauważyliśmy, że wiele ataków w formie analizy łańcuchów bloków może zdegradować niewykrywalność protokołu CryptoNote 2.0. Analizujemy możliwe rozwiązania, dyskutujemy względne zalety i wady tych rozwiązań i sugerujemy ulepszenia w protokole Monero, które zapewnią długoterminową odporność kryptowaluty na analizy łańcucha bloków. Nasze zalecane ulepszenia Monero uwzględniają politykę minimalnego miksowania na poziomie protokołu w całej sieci z n=2 obcych wyjść na jeden podpis pierścieniowy, zwiększenie tej ilości do n=4 na poziomie protokołu po dwóch latach oraz tymczasową domyślną ilość n=4 na poziomie portfela. Zalecamy również metodę wysyłania wyjść Monero w stylu torrentów. Dyskutujemy także nad niejednolitą, zależną od wieku metodą wyboru miksowania w celu złagodzenia pozostałych form analizy łańcucha bloków tu opisanych, ale nie czynimy żadnych formalnych zaleceń ich wdrożenia z wielu powodów. Rozgałęzienia następujące w efekcie tych ulepszeń również są opisane w pewnym stopniu. Ten biuletyn badawczy nie uległ rewizji i jedynie odzwierciedla wyniki wewnętrznego dochodzenia.
mrl5: Transakcje z Poufnym Podpisem Pierścieniowym
mrl5_abstract: Ten artykuł wprowadza do metody ukrywania kwot transakcji w silnie zdecentralizowanej, anonimowej kryptowalucie Monero. Podobnie jak Bitcoin, Monero jest kryptowalutą rozprowadzaną za pomocą procesu wydobycia z dowodem pracy. Oryginalny protokół Monero został oparty na CryptoNote, który używa podpisów pierścieniowych oraz jednorazowych kluczy w celu ukrycia nadawcy i odbiorcy płatności. Ostatnio deweloper Centrum Bitcoina, Gregory Maxwell, omawiał oraz wdrożył technikę użycia zobowiązań bitowych, aby ukryć kwotę transakcji. Ten artykuł opisuje nowy rodzaj podpisu pierścieniowego - Wielowarstwowy Łączony Spontaniczny Anonimowy Podpis Grupowy, który umożliwia ukrycie kwot, nadawcy i odbiorcy przelewów z rozsądną wydajnością oraz weryfikowalną produkcją monet bez zaufania. Przytoczono niektóre rozszerzenia protokołu, takie jak Zagregowane Dowody Zasięgu Schnorra oraz Wielopodpisy Pierścieniowe. Autor pragnie zaznaczyć, że wczesne projekty tego artykułu zostały opublikowane w społeczności Monero oraz na kanale IRC dotyczącym badań nad Bitcoinem. Projekty haszowania łańcucha bloków są dostępne w [14] i dowodzą, że praca ta została rozpoczęta w lecie 2015 roku i skończona na początku października 2015 roku. E-print dostępny jest także na stronie http://eprint.iacr.org/2015/1098.
mrl6: An Efficient Implementation of Monero Subadresses
mrl6: An Efficient Implementation of Monero Subaddresses
mrl6_abstract: Users of the Monero cryptocurrency who wish to reuse wallet addresses in an unlinkable way must maintain separate wallets, which necessitates scanning incoming transactions for each one. We document a new address scheme that allows a user to maintain a single master wallet address and generate an arbitary number of unlinkable subaddresses. Each transaction needs to be scanned only once to determine if it is destinated for any of the user’s subaddresses. The scheme additionally supports multiple outputs to other subaddresses, and is as efficient as traditional wallet transactions.
mrl7: Sets of Spent Outputs
mrl7_abstract: This technical note generalizes the concept of spend outputs using basic set theory. The definition captures a variety of earlier work on identifying such outputs. We quantify the effects of this analysis on the Monero blockchain and give a brief overview of mitigations.
......@@ -479,6 +479,8 @@ research-lab:
mrl9_abstract: We present threshold ring multi-signatures (thring signatures) for collaborative computation of ring signatures, present a game of existential forgery for thring signatures, and discuss uses of thring signatures in digital currencies that include spender-ambiguous cross-chain atomic swaps for confidential amounts without a trusted setup. We present an implementation of thring signatures that we call linkable spontaneous threshold anonymous group signatures, and prove the implementation existentially unforgeable.
mrl10: Discrete Logarithm Equality Across Groups
mrl10_abstract: This technical note describes an algorithm used to prove knowledge of the same discrete logarithm across different groups. The scheme expresses the common value as a scalar representation of bits, and uses a set of ring signatures to prove each bit is a valid value that is the same (up to an equivalence) across both scalar groups.
mrl11: Compact linkable ring signatures and applications
mrl11_abstract: We describe an efficient linkable ring signature scheme, compact linkable spontaneous anonymous group (CLSAG) signatures, for use in confidential transactions. Compared to the existing signature scheme used in Monero, CLSAG signatures are both smaller and more efficient to generate and verify for ring sizes of interest. We generalize the construction and show how it can be used to produce signatures with coins of different type in the same transaction.
cryptonote: Dokumenty oficjalne CryptoNote
cryptonote-whitepaper: Oficjalne dokumenty CryptoNote
cryptonote-whitepaper_para: Oficjalny dokument napisany przez zespół CryptoNote. Pozwala zrozumieć, jak ogólnie działa algorytm CryptoNote.
......
......@@ -468,7 +468,7 @@ research-lab:
mrl4_abstract: We identify several blockchain analysis attacks available to degrade the untraceability of the CryptoNote 2.0 protocol. We analyze possible solutions, discuss the relative merits and drawbacks to those solutions, and recommend improvements to the Monero protocol that will hopefully provide long-term resistance of the cryptocurrency against blockchain analysis. Our recommended improvements to Monero include a protocol-level network-wide minimum mix-in policy of n = 2 foreign outputs per ring signature, a protocol-level increase of this value to n = 4 after two years, and a wallet-level default value of n = 4 in the interim. We also recommend a torrent-style method of sending Monero output. We also discuss a non-uniform, age-dependent mix-in selection method to mitigate the other forms of blockchain analysis identified herein, but we make no formal recommendations on implementation for a variety of reasons. The ramifications following these improvements are also discussed in some detail. This research bulletin has not undergone peer review, and reflects only the results of internal investigation.
mrl5: Ring Signature Confidential Transactions
mrl5_abstract: This article introduces a method of hiding transaction amounts in the strongly decentralized anonymous cryptocurrency Monero. Similar to Bitcoin, Monero is a cryptocurrency which is distributed through a proof of work “mining” process. The original Monero protocol was based on CryptoNote, which uses ring signatures and one-time keys to hide the destination and origin of transactions. Recently the technique of using a commitment scheme to hide the amount of a transaction has been discussed and implemented by Bitcoin Core Developer Gregory Maxwell. In this article, a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature is described which allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation. Some extensions of the protocol are provided, such as Aggregate Schnorr Range Proofs, and Ring Multisignature. The author would like to note that early drafts of this were publicized in the Monero Community and on the bitcoin research irc channel. Blockchain hashed drafts are available in [14] showing that this work was started in Summer 2015, and completed in early October 2015. An eprint is also available at http://eprint.iacr.org/2015/1098.
mrl6: An Efficient Implementation of Monero Subadresses
mrl6: An Efficient Implementation of Monero Subaddresses
mrl6_abstract: Users of the Monero cryptocurrency who wish to reuse wallet addresses in an unlinkable way must maintain separate wallets, which necessitates scanning incoming transactions for each one. We document a new address scheme that allows a user to maintain a single master wallet address and generate an arbitary number of unlinkable subaddresses. Each transaction needs to be scanned only once to determine if it is destinated for any of the user’s subaddresses. The scheme additionally supports multiple outputs to other subaddresses, and is as efficient as traditional wallet transactions.
mrl7: Sets of Spent Outputs
mrl7_abstract: This technical note generalizes the concept of spend outputs using basic set theory. The definition captures a variety of earlier work on identifying such outputs. We quantify the effects of this analysis on the Monero blockchain and give a brief overview of mitigations.
......@@ -478,6 +478,8 @@ research-lab:
mrl9_abstract: We present threshold ring multi-signatures (thring signatures) for collaborative computation of ring signatures, present a game of existential forgery for thring signatures, and discuss uses of thring signatures in digital currencies that include spender-ambiguous cross-chain atomic swaps for confidential amounts without a trusted setup. We present an implementation of thring signatures that we call linkable spontaneous threshold anonymous group signatures, and prove the implementation existentially unforgeable.
mrl10: Discrete Logarithm Equality Across Groups
mrl10_abstract: This technical note describes an algorithm used to prove knowledge of the same discrete logarithm across different groups. The scheme expresses the common value as a scalar representation of bits, and uses a set of ring signatures to prove each bit is a valid value that is the same (up to an equivalence) across both scalar groups.
mrl11: Compact linkable ring signatures and applications
mrl11_abstract: We describe an efficient linkable ring signature scheme, compact linkable spontaneous anonymous group (CLSAG) signatures, for use in confidential transactions. Compared to the existing signature scheme used in Monero, CLSAG signatures are both smaller and more efficient to generate and verify for ring sizes of interest. We generalize the construction and show how it can be used to produce signatures with coins of different type in the same transaction.
cryptonote: Livros Brancos do CryptoNote
cryptonote-whitepaper: Livro Branco do CryptoNote
cryptonote-whitepaper_para: Este é o artigo original escrito pela equipe do CryptoNote. Sua leitura dá um entendimento básico sobre como funciona o algoritmo do CryptoNote.
......
......@@ -470,6 +470,8 @@ research-lab:
mrl9_abstract: В этой работе нами предлагаются пороговые кольцевые подписи (thring-подписи) для совместного вычисления кольцевых подписей, а также рассматривается возможность и осуществимость подделки thring-подписей и их применение в цифровых валютах, в частности, атомные свопы между блокчейнами с сокрытием лица, осуществляющего трату, с обеспечением конфиденциальности сумм без доверенных настроек. Также в работе нами представлен вариант реализации thring-подписей, называемый нами связываемыми спонтанными пороговыми анонимными групповыми подписями, а также приводится доказательство того, что такие подписи экзистенциально невозможно подделать.
mrl10: Равенство дискретного логарифма в различных группах
mrl10_abstract: В данной технической записке содержится описание алгоритма, обеспечивающего доказательство знания дискретного логарифма в различных группах. Схема выражает общее значение в виде скалярного представления битов и использует набор кольцевых подписей для доказательства того, что значение каждого бита действительно и одинаково (вплоть до полной эквивалентности) в обеих скалярных группах.​
mrl11: Compact linkable ring signatures and applications
mrl11_abstract: We describe an efficient linkable ring signature scheme, compact linkable spontaneous anonymous group (CLSAG) signatures, for use in confidential transactions. Compared to the existing signature scheme used in Monero, CLSAG signatures are both smaller and more efficient to generate and verify for ring sizes of interest. We generalize the construction and show how it can be used to produce signatures with coins of different type in the same transaction.
cryptonote: Официальные документы Cryptonote
cryptonote-whitepaper: Whitepaper (Белая книга) Cryptonote
cryptonote-whitepaper_para: Это оригинальный документ по Cryptonote, написанный командой Cryptonote. Благодаря ему читатель может понять, как в целом работает алгоритм Cryptonote.
......
......@@ -267,7 +267,7 @@ contributing:
mine_para2: burada görüntüleyebilirsiniz.
ffs: Forum Fonlama Sistemini Görüntüleyin
ffs_para1: Monero projelerin gelişim için önerildiği ve topluluk tarafından fonlandığı bir
ffs_para2: forum fonlama sistemi
ffs_para2: forum fonlama sistemi
ffs_para3: kullanır. Fonlama emanette tutulur ve programlama kilometre taşları başarıya ulaştıkça geliştiricilere karşılık olarak verilir. Herkes yeni öneriler üretebilir veya mevcut olanları fonlayabilir.
donate: Bağışla
donate_para1: Mevcut gelişimi destekleme araçları bağışlar ve
......@@ -473,11 +473,13 @@ research-lab:
mrl7: Harcanmış Çıktıların Kümeleri
mrl7_abstract: Bu teknik not temel küme kuramını kullanarak harcama çıktıları kavramını genelleştirir. Tanım böyle çıktıları tanımla üzerindeki önceden yapılan çeşitli işleri kapsar. Bu analizin Monero blokzinciri üzerinde etkileri nitelendiriyor ve azaltımlarına kısa bir genel bakış veriyoruz.
mrl8: Çifte Bağlanabilir Halka İmzalar
mrl8_abstract: Bu bülten halka üyesi olarak çifte anahtar çıktıları izin veren Monero'nun bağlanabilir halka imza şemasına bir değişikliği betimler. Anahtar imgeler bir çift olarak çıktı tek kullanımlık açık anahtarlara bağlanarak bu işlemdeki iki anahtarın ayrı şekilde harcanmasını engeller. Bu yöntemin etkileşimsiz geri ödeme işlemlerinde uygulamaları vardır. Şemanın güvenlik çıkarımlarını tartışıyoruz.
mrl8_abstract: Bu bülten halka üyesi olarak çifte anahtar çıktıları izin veren Monero'nun bağlanabilir halka imza şemasına bir değişikliği betimler. Anahtar imgeler bir çift olarak çıktı tek kullanımlık açık anahtarlara bağlanarak bu işlemdeki iki anahtarın ayrı şekilde harcanmasını engeller. Bu yöntemin etkileşimsiz geri ödeme işlemlerinde uygulamaları vardır. Şemanın güvenlik çıkarımlarını tartışıyoruz.
mrl9: Eşhalka İmzaları ve Harcayıcı-Belirsiz Dijital Paralara Uygulamaları
mrl9_abstract: Halka imzaların işbirlikçi bilgi-sayımı için eşik halka çoklu imzaları (eşhalka imzalar) sunuyor, eşhalka imzaları için varoluşsal bir tahrifat oyunu sunuyor ve güvenilir bir kurulum olmadan gizli miktarların harcayıcı-belirsiz çapraz-zincir atomik değişimlerini içeren dijital paralarda eşhalka imzaların kullanımını tartışıyoruz. Eşhalka imzaların bağlanabilir spontane eşit anonim grup imzaları dediğimiz bir uygulamasını sunuyor ve uygulamanın varoluşsal açıdan tahrif edilemeyeceğini kanıtlıyoruz.
mrl10: Gruplar Arası Ayrık Logaritma Denkliği
mrl10_abstract: Bu teknik not farklı gruplar arasında aynı ayrık logaritmanın bilgisini kanıtlamakta kullanılan bir algoritmayı betimler. Şema bitlerin skalar bir temsilini ortak değer olarak ifade eder ve bir halka imzalar kümesini her bitin iki skalar grup arasında (bir denkliğe kadar) aynı olan geçerli bir değer olduğunu kanıtlamak için kullanır.
mrl11: Compact linkable ring signatures and applications
mrl11_abstract: We describe an efficient linkable ring signature scheme, compact linkable spontaneous anonymous group (CLSAG) signatures, for use in confidential transactions. Compared to the existing signature scheme used in Monero, CLSAG signatures are both smaller and more efficient to generate and verify for ring sizes of interest. We generalize the construction and show how it can be used to produce signatures with coins of different type in the same transaction.
cryptonote: Cryptonote Beyaz Bültenleri
cryptonote-whitepaper: Cryptonote Beyaz Bülteni
cryptonote-whitepaper_para: Bu, Cryptonote ekibi tarafından yazılan orijinal cryptonote makalesidir. Okumak size cryptonote algoritmasının genelde nasıl çalıştığı anlayışını verecektir.
......
......@@ -15,6 +15,16 @@ permalink: /resources/research-lab/index.html
<div class="row center-xs">
<div class="col"><h2>{% t research-lab.mrl_papers %}</h2></div>
</div>
<div class="tab">
<input id="tab-11" type="checkbox" name="tabs" class="accordion">
<label for="tab-11" class="accordion">MRL-0011: {% t research-lab.mrl11 %}</label>
<div class="tab-content">
<p><strong>{% t research-lab.abstract %}:</strong> {% t research-lab.mrl11_abstract %}
<br>
<a target="_blank" rel="noreferrer noopener" href="{{site.baseurl}}/resources/research-lab/pubs/MRL-0011.pdf">{% t research-lab.read-paper %}</a>
</p>
</div>
</div>
<div class="tab">
<input id="tab-10" type="checkbox" name="tabs" class="accordion">
<label for="tab-10" class="accordion">MRL-0010: {% t research-lab.mrl10 %}</label>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment