The Zcash anonymous cryptocurrency: or zero-knowledge succinct non-interactive arguments of knowledge for laypeople

Presented at 33C3 (2016), Dec. 29, 2016, 11:30 p.m. (30 minutes)

Zcash is the third iteration of an extension to the Bitcoin protocol that provides true untraceability, i.e. fully anonymous transactions. It is arguably the first serious attempt to establish this extension, in the form of its own blockchain, beyond the form of an academic proposal. The talk provides an introduction to the magic that makes it work. Despite everything, the Bitcoin cryptocurrency has not imploded or destroyed itself; it might be here to stay after all. That would presently include, however, its biggest flaw: The utter lack of anonymity. In fact, the famed Bitcoin blockchain is the world's most robust, transparent, and <em>public</em> financial accounting system ever. The above means that Bitcoin's potential widespread adoption is nothing short of a privacy horror scenario straight out of Orwell. Every toilet paper purchase publicly recorded, verified, stamped, and approved. This should not be news to anyone. In 2013, a few reputable cryptographers came up with some mathematical magic that would, if integrated into Bitcoin, enable anonymous transactions. This proposal has been described in an academic paper under the name Zerocoin and a year later improved in another paper under the name Zerocash. The plan had then shifted to establishing the system as an anonymous <em>altcoin</em> rather than to push for integration into Bitcoin itself. Zcash is the name of a company formed by the authors of Zerocash to develop and launch this altcoin; launch occured as planned on 28 October 2016. This talk will introduce the audience to the mathematical and technical background of Zcash, and report on the state of the currency two months after its launch. A degree in mathematics is not required. Note: The presenter is not affiliated with the Zcash company.

Presenters:

• pesco
  A coder by passion, a mathematician by training, lately an applied scientist of insecurity by profession. Cryptographer by night. Closet cypherpunk. When I'm not playing video games or haunting karaoke bars, I spend my time on programming projects. I used to do a lot of Haskell but recently my life has turned into a downward spiral of functional programming in C. Yes, you read that right. I swear it's not as weird as it... yeah okay, it's weird. I spent a good chunk of my lifetime enrolled as a student of mathematics. My thesis was about the particulars of one particular set of quantum-computer-resistant cryptographic algorithms (Lyubashevsky's identification scheme, if you must know). I finally managed to finish and am now employed at TUHH ("Hamburg University of Technology!") for a doctorate in IT security. I do SCADA-related parsing things there and call it LangSec. My biggest claims to fame are probably my substantial contributions to the Hammer parser combinator library and the undisputed king of secure instant messaging, the bitlbee OTR plugin.

Links:

• https://fahrplan.events.ccc.de/congress/2016/Fahrplan/events/8330.html

Similar Presentations:

• Kiwicon V: It Goes b00m (2011) / Follow the money: bling-bling real compton city g bitcoin forensic accounting
• The Eleventh HOPE (2016) / De-Anonymizing Bitcoin One Transaction at a Time
• DEF CON 19 (2011) / Hacking the Global Economy with GPUs or How I Learned to Stop Worrying and Love Bitcoin