You are viewing a single comment's thread from:

RE: Transparency in Bitcoin & Monero

in #crypto-news8 years ago (edited)

Monero is quite the antithesis of complex. Yes, parts of the cryptography are more complex than Bitcoin's, but as a counterpoint Bitcoin's scripting system is orders of magnitude more complex than what Monero allows. This, too, is fraught with "complexity", "tingling spider senses", claims of new functions being "untested", and worries about "implementation issues".

In fact, the problems you raise with Monero's cryptography are far more trivially answered than problems arising from a custom, previously unknown and untested scripting language. That's because much of Monero's core cryptography is bog standard, and relies on a known-good implementation in SUPERCOP (from which libsodium / TweetNaCL et. al. are derived).

As to the concerns about key images, they are neither complex nor are they unproven. The paper in which this scheme is described is the 2006 paper by Eiichiro Fujisaki and Koutarou Suzuki on Traceable Ring Signatures. It has a decade of review, and scores of citations in other papers, so unless you have some novel attack to demonstrate we can safely assume it presents no more risk than Bitcoin's use of SHA-256, which was introduced just a few years before.

More importantly, Fujisaki's traceable ring signatures were an extension of linkable ring signatures, which are established and improved in the following papers (links not provided, use Google) -

  • J. K. Liu, V. K. Wei, and D. S. Wong. Linkable spontaneous anonymous group signature for ad hoc groups (extended abstract). In ACISP 2004, volume 3108 of Lecture Notes in Computer Science, pages 325–335, 2004.

  • P. P. Tsang, V. K. Wei, T. K. Chan, M. H. Au, J. K. Liu, and D. S. Wong. Separable linkable threshold ring signatures. In INDCRYPT 2004, volume 3348 of Lecture Notes in Computer Science, pages 389–398, 2004.

  • J. K. Liu and D. S. Wong. Linkable ring signatures: Security models and new schemes. In ICCSA 2005, volume 3481 of Lecture Notes in Computer Science, pages 614–623, 2005.

  • P. P. Tsang and V. K. Wei. Short linkable ring signatures for e-voting, e-cash and attestation. In IPSEC 2005, 2005.

  • M. H. Au, S. S. M. Chow, W. Susilo, and P. P. Tsang. Short linkable ring signatures revisited. In EUROPKI 2006, volume 4043 of Lecture Notes in Computer Science, pages 101–115, 2006.

If you want to learn more about how Monero's cryptography works, which I strongly advise before writing another article, then I'd recommend the Monero Research Lab primer, "Monero is Not That Mysterious".

tl;dr it is silly to claim that it's not possible to independently verify the Monero blockchain, that's like claiming it's impossible to verify the Bitcoin blockchain because anyone could have brute-forced a Bitcoin private key, or found a hash collision.

8 years ago in #crypto-news by
$0.00
    6 votes
    Reply 0
    Sort:  
  • Trending