Achieving Anonymous and Covert Reporting on Public Blockchain Networks
- This paper proposes the architecture of a blockchain-based anonymous reporting system that supports the hiding of reporting behaviors. This paper considers the scenario of using smart contracts to collect data in smart city management. Through smart contracts, users can upload normal data and whistleblowers can report secretly, which ensures that reporting behaviors are hidden throughout the whole process.
- Based on the above architecture, this paper designs an anonymous and covert reporting scheme based on blockchain. More specifically, the ring signature is used to realize the anonymity of the whistleblower during the reporting process, the information hiding mechanism is used to hide reporting information, and the derived address is used to realize the anonymity of the whistleblower during the rewarding process and the unlinkability between the blockchain addresses owned by the whistleblower.
- Through theoretical analysis, it is proved that the proposed scheme has covertness, anonymity, and unforgeability properties that satisfy the security goals. This paper also uses several experiments to prove that the scheme has a covertness and acceptable efficiency that meet the actual scenario.
2. Related Works
2.2. Blockchain-Based Anonymous Reporting System
2.3. Covert Communication Mechanism
3. Problem Formalization
3.1. System Model
- User: The user sends data to the smart contract. Generally, users will send data to the smart contract following official regulations and the requirements of the contract. When a user wants to report some illegal or criminal behaviors, the user will embed the reporting information in the sent data. At this time, the user expects to be able to report a known criminal behavior without revealing his identity and be able to receive corresponding rewards.
- Authority: In order to collect user data and fight against illegal and criminal acts, the authority deploys the smart contract in the blockchain network to collect user data, and the reporting information can also be transmitted covertly by using the contract. The authority checks whether it contains covert information while checking data. In addition, the authority will reward valuable information (including normal information or reporting information).
- Blockchain network: The blockchain network is the platform used by this scheme. Users upload data and obtain rewards by calling contracts and receiving transactions in the blockchain network.
- : Initialization. Given the security parameter , the algorithm outputs the parameters used in the scheme, including the public key W and private key w of the authority, the public parameter , and the users’ public-key group and private key , where n represents the number of users.
- : Data upload. Given the users’ public-key group, the user’s private key , the public parameter , a piece of information , and the to be transmitted, the algorithm outputs a set of data for sending to the smart contract, including a ring signature and two public keys . When the user carries out the normal data upload process, the information is empty, but if the user wants to make a report, the is the user’s report material.
- : Signature verification. Given the data in the smart contract, the authority performs signature verification. If the signature verification passes, the algorithm outputs 1, otherwise it outputs 0.
- : Decryption. The algorithm attempts to extract the ring signature with the authority private key w to obtain the report material .
- : Send rewards. Given two public keys and the public parameter of the blockchain, if the data or the reporting information are valuable, the algorithm calculates a derived address P based on this data and sends a transaction to this address as a reward for reporting.
- : Receive rewards. The user queries the blocks on the blockchain, uses his private random numbers to calculate the private key X and the corresponding address , and tries to receive rewards. Thereafter, the user can use the new derived address to send transactions or transmit data.
3.2. Security Model
- Anonymity. The whistleblower should remain anonymous during the entire reporting process, and no adversary can distinguish between the whistleblower and normal users in the reporting process. In the rewarding process, the identity of the whistleblower remains anonymous, and no one can infer the identity of the whistleblower from the rewarding information.
- Covertness. The reporting data and reporting behavior should be indistinguishable from the normal uploaded data and the normal data uploading behavior of the system. Anyone other than the authority cannot confirm whether any user has made a report.
- Unforgeability. The report information sent by the whistleblower cannot be deleted, modified, or overwritten by anyone. No one can pretend to be a real whistleblower to receive rewards.
- outputs public parameters, generates a set of and .
- Randomly select a bit , calculate and , and send the obtained and to .
- outputs a bit .
- If , the experiment outputs 1, otherwise it outputs 0.
4. The Proposed Anonymous and Covert Reporting Scheme
4.2. Data Upload
- Fill random characters after the reporting material string to obtain an with a 64-byte length. Then, calculate .
- Generate a random number and calculate
- Calculate and ( and are 64-byte strings) and split each into two 32-byte dataLet the other be the random numbers in the finite field . In the end, there is .
4.3. Signature Verification
4.5. Send Reward
4.6. Receive Reward
5. Security Analysis and Experiments
5.1. Security Analysis
- CPU: Intel Core i7-10875H @ 2.30 Ghz;
- OS: Windows 10 20H2;
- Memory: 16.0 GB.
Data Availability Statement
Conflicts of Interest
- Zou, S.; Xi, J.; Wang, S.; Lu, Y.; Xu, G. Reportcoin: A novel blockchain-based incentive anonymous reporting system. IEEE Access 2019, 7, 65544–65559. [Google Scholar] [CrossRef]
- Wang, H.; He, D.; Liu, Z.; Guo, R. Blockchain-based anonymous reporting scheme with anonymous rewarding. IEEE Trans. Eng. Manag. 2019, 67, 1514–1524. [Google Scholar] [CrossRef]
- Zhang, L.; Xu, J. Blockchain-based anonymous authentication for traffic reporting in VANETs. Connect. Sci. 2022, 34, 1038–1065. [Google Scholar] [CrossRef]
- Chen, Z.; Zhu, L.; Jiang, P.; Zhang, C.; Gao, F.; He, J.; Xu, D.; Zhang, Y. Blockchain Meets Covert Communication: A Survey. IEEE Commun. Surv. Tutor. 2022, 24, 2163–2192. [Google Scholar] [CrossRef]
- Cao, H.; Yin, H.; Gao, F.; Zhang, Z.; Khoussainov, B.; Xu, S.; Zhu, L. Chain-based Covert Data Embedding Schemes in Blockchain. IEEE Internet Things J. 2020, 9, 14699–14707. [Google Scholar] [CrossRef]
- Qin, J.; Luo, Y.; Xiang, X.; Tan, Y. A Novel Network Covert Channel Model Based on Blockchain Transaction Parity. In Proceedings of the International Conference on Artificial Intelligence and Security, Dublin, Ireland, 19–23 July 2021; Springer: Berlin/Heidelberg, Germany, 2021; pp. 54–63. [Google Scholar]
- Nakamoto, S. Bitcoin: A peer-to-peer electronic cash system. Decentralized Bus. Rev. 2008, 21260. [Google Scholar]
- Wood, G. Ethereum: A secure decentralised generalised transaction ledger. Ethereum Proj. Yellow Pap. 2014, 151, 1–32. [Google Scholar]
- Harrigan, M.; Fretter, C. The Unreasonable Effectiveness of Address Clustering. In Proceedings of the 2016 Intl IEEE Conferences on Ubiquitous Intelligence Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People, and Smart World Congress (UIC/ATC/ScalCom/CBDCom/IoP/SmartWorld), Toulouse, France, 18–21 July 2016; pp. 368–373. [Google Scholar] [CrossRef][Green Version]
- Kurt, M. Alonso and Jordi Herrera Joancomartí. Monero-Privacy in the Blockchain. Cryptology ePrint Archive, Report 2018/535. 2018. Available online: https://eprint.iacr.org/2018/535 (accessed on 21 March 2023).
- Rivest, R.L.; Shamir, A.; Tauman, Y. How to leak a secret. In Proceedings of the International Conference on the Theory and Application of Cryptology and Information Security, Gold Coast, Australia, 9–13 December 2001; Springer: Berlin/Heidelberg, Germany, 2001; pp. 552–565. [Google Scholar]
- Lu, Y.; Tang, Q.; Wang, G. Zebralancer: Private and anonymous crowdsourcing system atop open blockchain. In Proceedings of the 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS), Vienna, Austria, 2–6 July 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 853–865. [Google Scholar]
- Lu, Z.; Wang, Q.; Qu, G.; Liu, Z. Bars: A blockchain-based anonymous reputation system for trust management in vanets. In Proceedings of the 2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), New York, NY, USA, 1–3 August 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 98–103. [Google Scholar]
- Yao, Y.; Chang, X.; Mišić, J.; Mišić, V.B.; Li, L. BLA: Blockchain-assisted lightweight anonymous authentication for distributed vehicular fog services. IEEE Internet Things J. 2019, 6, 3775–3784. [Google Scholar] [CrossRef]
- Simmons, G.J. The prisoners’ problem and the subliminal channel. In Proceedings of the Advances in Cryptology, Paris, France, 9–11 April 1984; Springer: Berlin/Heidelberg, Germany, 1984; pp. 51–67. [Google Scholar]
- Johnson, N.F.; Jajodia, S. Exploring steganography: Seeing the unseen. Computer 1998, 31, 26–34. [Google Scholar] [CrossRef]
- Bohli, J.M.; Vasco, M.I.G.; Steinwandt, R. A subliminal-free variant of ECDSA. In Proceedings of the International Workshop on Information Hiding, Alexandria, VA, USA, 10–12 July 2006; Springer: Berlin/Heidelberg, Germany, 2006; pp. 375–387. [Google Scholar]
- Hartl, A.; Annessi, R.; Zseby, T. A subliminal channel in EdDSA: Information leakage with high-speed signatures. In Proceedings of the 2017 International Workshop on Managing Insider Security Threats, Dallas, TX, USA, 30 October–3 November 2017; pp. 67–78. [Google Scholar]
- Dong, Q.; Li, X.; Liu, Y. Two extensions of the ring signature scheme of Rivest–Shamir–Taumann. Inf. Sci. 2012, 188, 338–345. [Google Scholar] [CrossRef]
- Ahsan, K.; Kundur, D. Practical data hiding in TCP/IP. In Proceedings of the Workshop on Multimedia Security at ACM Multimedia, French Riviera, France, 6 December 2002; Volume 2, pp. 1–8. [Google Scholar]
- Lucena, N.B.; Lewandowski, G.; Chapin, S.J. Covert channels in IPv6. In Proceedings of the International Workshop on Privacy Enhancing Technologies, Cavtat, Croatia, 30 May–1 June 2005; Springer: Berlin/Heidelberg, Germany, 2005; pp. 147–166. [Google Scholar]
- Perkins, M.C. Hiding Out in Plaintext: Covert Messaging with Bitwise Summations. Master’s Thesis, Iowa State University, Ames, IA, USA, 2005. [Google Scholar] [CrossRef]
- Partala, J. Provably secure covert communication on blockchain. Cryptography 2018, 2, 18. [Google Scholar] [CrossRef][Green Version]
- Yanfeng, L.; Liping, D.; Jingzheng, W.; Qiang, C.; Xuehua, L.; Bei, G. Research on a new network covert channel model in blockchain environment. J. Commun. 2019, 40, 67. [Google Scholar]
- Gao, F.; Zhu, L.; Gai, K.; Zhang, C.; Liu, S. Achieving a covert channel over an open blockchain network. IEEE Netw. 2020, 34, 6–13. [Google Scholar] [CrossRef]
- Zhang, P.; Cheng, Q.; Zhang, M.; Luo, X. A Group Covert Communication Method of Digital Currency Based on Blockchain Technology. IEEE Trans. Netw. Sci. Eng. 2022, 9, 4266–4276. [Google Scholar] [CrossRef]
- She, W.; Huo, L.J.; Liu, W.; Zhang, Z.H.; Song, X.; Tian, Z. A Blockchain-Based Covert Communication Model for Hiding Sensitive Documents And Sender Identity. Acta Electonica Sin. 2022, 50, 1002. [Google Scholar]
- Monaco, J.V. Identifying bitcoin users by transaction behavior. In Proceedings of the Biometric and Surveillance Technology for Human and Activity Identification XII. International Society for Optics and Photonics, Baltimore, MD, USA, 22 April 2015; Volume 9457, p. 945704. [Google Scholar]
- Zheng, B.; Zhu, L.; Shen, M.; Du, X.; Guizani, M. Identifying the vulnerabilities of bitcoin anonymous mechanism based on address clustering. Sci. China Inf. Sci. 2020, 63, 1–15. [Google Scholar] [CrossRef][Green Version]
- Koblitz, N. Elliptic curve cryptosystems. Math. Comput. 1987, 48, 203–209. [Google Scholar] [CrossRef]
|Elliptic curve over the finite field of order q|
|G||The generator of E|
|The security parameter|
|W, w||The public and private key of the authority|
|Users’ public key group|
|n||Number of elements in|
|The user whose public key is the j-th element of|
|,||The public and private key that belongs to|
|Private random numbers corresponding to|
|Data uploaded to the smart contract|
|Information that requires covert transmission|
|The public parameter of the blockchain|
|The proposed scheme||√||√||√|
|Embedding message||71.94 ms||79.31 ms||67.05 ms||2.00 ms|
|Not embedding message||67.76 ms||74.99 ms||67.06 ms||1.93 ms|
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.
© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Zhu, L.; Zhang, J.; Zhang, C.; Gao, F.; Chen, Z.; Li, Z. Achieving Anonymous and Covert Reporting on Public Blockchain Networks. Mathematics 2023, 11, 1621. https://doi.org/10.3390/math11071621
Zhu L, Zhang J, Zhang C, Gao F, Chen Z, Li Z. Achieving Anonymous and Covert Reporting on Public Blockchain Networks. Mathematics. 2023; 11(7):1621. https://doi.org/10.3390/math11071621Chicago/Turabian Style
Zhu, Liehuang, Jiaqi Zhang, Can Zhang, Feng Gao, Zhuo Chen, and Zhen Li. 2023. "Achieving Anonymous and Covert Reporting on Public Blockchain Networks" Mathematics 11, no. 7: 1621. https://doi.org/10.3390/math11071621