Skip to main content
banner image
venafi logo

How Private Is Cryptocurrency? [It Depends]

How Private Is Cryptocurrency? [It Depends]

cryptocurrency and privacy
April 30, 2018 | Guest Blogger: Kim Crawley

To many people, one of the most attractive aspects of cryptocurrency is how using it can keep your identity and transactions private.

In my opinion, the ultimate private currency is cash. Yes, theoretically your DNA can be taken from it and analyzed in a lab. But think of how many different hands a $20 bill goes through over the course of a typical year. Someone who works in forensic genetic testing would tell you that DNA found on cash isn’t like DNA found on a gun—too many people touch it to make it feasible to single out an individual.

But cash has two downsides. The first is that paper money (which is actually now made of plastic here in Canada) physically wears out over the years. You’ll seldom see paper money that’s older than thirty years unless it was taken out of circulation and preserved by a collector. The second problem with cash is that more and more purchases are being made online. US retail ecommerce shot up from $42 billion USD in 2002 to $291.8 billion USD in 2016. The American trends reflect a worldwide growth in purchases being made online. Online retailers don’t typically accept cash as a method of payment because sending it through the mail is way too risky and impractical.

Most online payments are either made with credit cards or with proprietary payment technologies that can be connected to your bank account, such as PayPal or Apple Pay. But banks keep records of all of those transactions, records which can be used to trace the transactions to specific individuals. Those banks will cooperate with law enforcement and government agencies if they request information access within certain legal frameworks. Whereas cryptocurrency keeps you anonymous, right?

Some cryptocurrencies are more private than others

Bitcoin is by far the most well-known cryptocurrency. It might also be the least private of the popular cryptocurrencies. Bitcoin transactions are recorded and linked through a public blockchain ledger. Amounts of transactions are recorded, as are their corresponding alphanumeric IDs. Wallet addresses may keep you anonymous, but not if someone discovers your wallet address and can link it to your known identity.

Dash has similar issues to Bitcoin. Both use systems developed to help anonymize transactions by “mixing” them. A non-technical explanation of how transaction mixing works is “when you want to make a payment, find someone else who also wants to make a payment and make a joint payment together.” Dash transactions are anonymized using a similar mixing system that CoinJoin deploys for Bitcoin. The problem is that “masternodes” are required to expediate Dash’s anonymization mechanics. As explained on Master the Crypto:

“There is a real potential for an attacker with great means (e.g. a government, or group of hackers) to consolidate masternodes for nefarious purposes. Furthermore, there is nothing preventing these masternodes from logging the user’s output destinations, and there is no way to audit whether or not a masternode is logging anything at all. This threat is further exacerbated by the fact that most masternodes are hosted on a limited range of Visual Private Servers (VPS) providers – which presents the possible, unknowable vulnerability of the VPS providers being able to log information without the masternode owner’s consent or awareness. Moreover, from a practical standpoint, the mixing process is liable to take up to several hours or days to complete, depending on the amount of rounds the coins are chosen to mix through.”

Verge also has a transparent blockchain, just like Bitcoin’s. Some degree of privacy is offered by routing transactions through I2P and Tor proxy servers. But the wallet addresses themselves aren’t encrypted. Verge’s blockchain ledger can be looked at, and the wallet addresses involved for each transaction are available in plaintext. Aside from Verge’s technical similarities with Bitcoin, Verge is used a lot less frequently than Bitcoin so there’s less data overload if you want to locate a particular transaction.

Zcash is one of the cryptocurrencies with the best privacy implementation. The currency has its own zkSNARKs (zero-knowledge Succinct Non-Interactive Argument of Knowledge)encryption technology. Christian Reitwießner explains the technicalities of zkSNARKs in a paper on GitHub:

“As a very short summary, zkSNARKs as currently implemented, have 4 main ingredients:

  1. Encoding as a polynomial problem. The program that is to be checked is compiled into a quadratic equation of polynomials: t(x)h(x) = w(x)v(x), where the equality holds if and only if the program is computed correctly. The prover wants to convince the verifier that this equality holds.
  2. Succinctness by random sampling.The verifier chooses a secret evaluation points to reduce the problem from multiplying polynomials and verifying polynomial function equality to simple multiplication and equality check on numbers: t(s)h(s) = w(s)v(s) This reduces both the proof size and the verification time tremendously.
  3. Homomorphic encoding / encryption.An encoding/encryption function E is used that has some homomorphic properties (but is not fully homomorphic, something that is not yet practical). This allows the prover to compute E(t(s)), E(h(s)), E(w(s)), E(v(s)) without knowing s, she only knows E(s) and some other helpful encrypted values.
  4. Zero Knowledge.The prover obfuscates the values E(t(s)), E(h(s)), E(w(s)), E(v(s)) by multiplying with a number so that the verifier can still check their correct structure without knowing the actual encoded values. 1 The very rough idea is that checking t(s)h(s) = w(s)v(s) is identical to checking t(s)h(s)k = w(s)v(s)k for a random secret number k (which is not zero), with the difference that if you are sent only the numbers (t(s)h(s)k) and (w(s)v(s)k), it is impossible to derive t(s)h(s) or w(s)v(s).”

Hopefully that explanation is simple enough to understand!

Reitwießner explains how zkSNARKscan be implemented with Ethereum’s Ether, another popular cryptocurrency:

“There are multiple ways to enable zkSNARKs for Ethereum. All of them reduce the actual costs for the pairing functions and elliptic curve operations (the other required operations are already cheap enough) and thus allows also the gas costs to be reduced for these operations.”

In a nutshell, the transactional backbone of cryptocurrencies is either a public blockchain ledger like Bitcoin’s, mixed transactions through a public blockchain ledger like Dash’s, or a system with more thorough encryption and anonymization like Zcash’s. If you are looking for the greatest privacy, systems like zkSNARKs offer the most.

Related blogs

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

Intelligent robot looking into the future

Blockchain May Be Leading Us Toward More Secure Human Authentication. But What About Machines?

Infographic of big data stream, 3D model of multiple graphs and data points on a dark blue background

New Quantum Cryptography Research Gives Governments an Edge Against Nation State Attacks

picture of the statue of liberty from the bottom, holding a lit torch

Is Cryptography Really a Threat to Liberty? [Labor Day Musings]

About the author

Guest Blogger: Kim Crawley
Guest Blogger: Kim Crawley

Kim Crawley writes about all areas of cybersecurity, with a particular interest in malware and social engineering. In addition to Venafi, she also contributes to Tripwire, AlienVault, and Cylance’s blogs. She has previously worked for Sophos and Infosecurity Magazine.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat