Q: As we move our economy out of coins and bills and onto the Internet in the form of e-money such as Bitcoin, what privacy concerns lie ahead, and how might we address them?
A: Matthew Green, assistant research professor at the Johns Hopkins University Information Security Institute (JHUISI).
From debit cards to online banking, cash has become as old-fashioned as a rotary dial telephone. It’s not unusual for some of us to go weeks without touching real greenbacks, as those little plastic cards pay for everything we need.
But because these cards are not real money, they’re only good for transfers from one bank or institution to another. This means that the transactions you make with them are trackable—and hackable. If you’ve ever gotten a letter from your credit card company saying your info has been compromised, you know what I mean.
That’s why Bitcoin is so interesting.
The only digital currency in wide use worldwide today, Bitcoin is not associated with any bank, government, or central authority. Bitcoins are like diamonds: They have value because they are scarce and because people value them. They are not backed up by gold or other currency.
People create Bitcoins using a computer app, which “mines” them using lots of electricity, time, and computational power. Then they use them to buy goods and services. (Search the Internet, and you’ll find hundreds of merchants who accept Bitcoins for everything from office supplies to pizza!)
One of Bitcoin’s biggest appeals is the promise of user anonymity. People pay out and receive Bitcoins through a computer-generated “address” or key not associated with their names. However, each time a Bitcoin changes virtual hands, that transaction is recorded digitally on something called a “block chain,” which is a public ledger of all Bitcoin transactions.
I believe, in fact, that the block chain is Bitcoin’s privacy Achilles’ heel. Because that block chain ledger is public, it’s not difficult to data mine to find patterns in use, and to figure out who users are and how much they have.
My team and I believe we have an answer to this weakness. It’s called “Zerocoin.” Developed by my two PhD students, Ian Miers and Christina Garman, along with colleague Avi Rubin and me, Zerocoin adds anonymitytechnology into the Bitcoin network.
In a nutshell, people swap their Bitcoins for anonymous tokens we call Zerocoins, which are spent the same way as Bitcoins are. But because the currency is in Zerocoins, it’s not recorded on the block chain until the end, when the user swaps his Zerocoins for Bitcoins. Even then, our team has designed Zerocoins so that an observer cannot identify that the Zerocoin being traded in is the same one that was substituted for the Bitcoin originally.
Zerocoin is like the world’s biggest laundry—one that can handle millions of users, has no trusted party, and can’t be compromised. It’s been a lot of work—and we are still working
on it—but we think privacy is important.