An efficient linkable group signature for payer tracing in anonymous cryptocurrencies
Cryptocurrencies, led by bitcoin launched in 2009, have obtained wide attention in recent years. Anonymous cryptocurrencies are highly essential since users need to preserve their privacy when conducting transactions. However, some users might misbehave with the cover of anonymity such as rampant trafficking or extortion. Thus, it is important to balance anonymity and accountability of anonymous cryptocurrencies. In this paper, we address this issue by proposing a linkable group signature for signing cryptocurrency transactions, which can be used to trace a payer's identity in consortium blockchain based anonymous cryptocurrencies, in case a payer misbehaves in the system. The anonymity can be retained if a user behaves honestly. We prove that the proposed scheme achieves full-anonymity, full-traceability and linkability in the random oracle model. Implementation of the proposed linkable group signature scheme demonstrates its high efficiency and thus, can be adopted in anonymous cryptocurrencies in reality.