Paper 2022/974
PEReDi: Privacy-Enhanced, Regulated and Distributed Central Bank Digital Currencies
, The University of Edinburgh, IOG, The University of Edinburgh, IOGAbstract
Central Bank Digital Currencies (CBDCs) aspire to offer a digital replacement for physical cash and as such need to tackle two fundamental requirements that are in conflict. On the one hand, it is desired they are private so that a financial “panopticon” is avoided, while on the other, they should be regulation friendly in the sense of facilitating any threshold-limiting, tracing, and counterparty auditing functionality that is necessary to comply with regulations such as Know Your Customer (KYC), Anti Money Laundering (AML) and Combating Financing of Terrorism (CFT) as well as financial stability considerations. In this work, we put forth a new asynchronous model for CBDCs and an efficient construction that, for the first time, fully addresses these issues simultaneously. Moreover, recognizing the importance of avoiding a single point of failure, our construction is distributed so that all its properties can withstand a suitably bounded entities getting corrupted by an adversary. Achieving all the above properties efficiently is technically involved; among others, our construction uses suitable cryptographic tools to thwart man-in-the-middle attacks, it showcases a novel traceability mechanism with significant performance gains compared to previously known techniques and, perhaps surprisingly, shows how to obviate Byzantine agreement or broadcast from the optimistic execution path of a payment, something that results in an essentially optimal communication pattern and communication overhead. We demonstrate the efficiency of our payment system by presenting detailed computation and communication costs. Going beyond “simple” payments, we also discuss how our scheme can facilitate one-off large transfers complying with Know Your Transaction (KYT) disclosure requirements. Our CBDC concept is expressed and realized in the Universal Composition (UC) framework providing in this way a modular and secure way to embed it within a larger financial ecosystem.
Note: In the proceedings version of our paper, we assumed that the total number of maintainers required for the system was D=3t+1, where t represents the maximum number of maintainers that can be corrupted by the adversary. Upon further analysis, we identified a need to revise this assumption. We describe a lower bound on D in the updated version of the paper, arguing that 5t+1 maintainers are necessary to prevent adversary-induced faults in the pessimistic execution path of a payment for any efficient realization of our ideal functionality in the asynchronous setting. In the security proof, we demonstrate that 5t+1 is also sufficient.
Metadata
- Available format(s)
-
PDF
- Category
- Applications
- Publication info
- Published elsewhere. Major revision. The 29th ACM Conference on Computer and Communications Security (CCS) 2022
- Keywords
- PrivacyRegulatory ComplianceCBDCCryptographyKYCAMLCFTUniversal Composition.
- Contact author(s)
-
Amirreza Sarencheh @ ed ac uk
Aggelos Kiayias @ ed ac uk
Markulf Kohlweiss @ ed ac uk - History
- 2024-08-02: last of 2 revisions
- 2022-07-29: received
- See all versions
- Short URL
- https://ia.cr/2022/974
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/974,
author = {Amirreza Sarencheh and Aggelos Kiayias and Markulf Kohlweiss},
title = {{PEReDi}: Privacy-Enhanced, Regulated and Distributed Central Bank Digital Currencies},
howpublished = {Cryptology {ePrint} Archive, Paper 2022/974},
year = {2022},
url = {https://eprint.iacr.org/2022/974}
}
