International Association for Cryptologic Research

International Association
for Cryptologic Research


A Universally Composable Non-Interactive Aggregate Cash System

Yanxue Jia , Shanghai Jiao Tong University
Shi-Feng Sun , Shanghai Jiao Tong University
Hong-Sheng Zhou , Virginia Commonwealth University
Dawu Gu , Shanghai Jiao Tong University
Search ePrint
Search Google
Presentation: Slides
Conference: ASIACRYPT 2022
Abstract: Mimblewimble is a privacy-preserving cryptocurrency, providing the functionality of transaction aggregation. Once certain coins have been spent in Mimblewimble, they can be deleted from the UTXO set. This is desirable: now storage can be saved and computation cost can be reduced. Fuchsbauer et al. (EUROCRYPT 2019) abstracted Mimblewimble as an Aggregate Cash System (ACS) and provided security analysis via game-based definitions. In this paper, we revisit the ACS, and focus on {\em Non-interactive} ACS, denoted as NiACS. We for the first time propose a simulation-based security definition and formalize an ideal functionality for NiACS. Then, we construct a NiACS protocol in a hybrid model which can securely realize the ideal NiACS functionality in the Universal Composition (UC) framework. In addition, we propose a building block, which is a variant of the ElGamal encryption scheme that may be of independent interest. Finally, we show how to instantiate our protocol, and obtain the first NiACS system with UC security.
Video from ASIACRYPT 2022
  title={A Universally Composable Non-Interactive Aggregate Cash System},
  author={Yanxue Jia and Shi-Feng Sun and Hong-Sheng Zhou and Dawu Gu},