An Identity-Based Blind Signature and Its Application for Privacy Preservation in Bitcoin

The privacy preservation in Bitcoin is increasingly important, partly due to its huge market capitalization and potential applications in distributed architectures. To protect the privacy of users in Bitcoin, a number of mechanisms have been proposed, where mixing service is a simple and frequently-used mechanism. The work, named Blindcoin, believes that an unlinkable blind signature scheme can help to guarantee the anonymity of users at the mixer side. Recently, Sarde and Banerjee presented an identity-based blind signature scheme. However, we found their scheme is vulnerable to a linkability attack. In this paper, we improve their scheme on this weakness and construct two unlinkable identity-based blind signature schemes, where one is in the standard setting and the other is in the proxy setting. Our approaches delinearize the two blinding factors so that malicious signer or proxy signer cannot find any helpful information from what she knows. The security, including unlinkability, of our schemes relies on the computational Diffie-Hellman assumption in the random oracle model as analyzed in this paper. We typically show that this is of great important to hide the relationship between message-signature pairs for the privacy-protecting in Bitcoin.