A paper at the Financial Cryptography 2012 conference explained that Bitcoin is a system which “uses no fancy cryptography, and is by no means perfect”. Cryptography can do much better than that.
Now what kind of bitcoin cryptographers are going to build?
Most current proposals are about making anonymous unlinkable untraceable etc etc currency. This is a bit disappointing. Research seems to focus exclusively on questions which interest libertarians, people obsessed with privacy and also well, criminals, drug dealers, terrorists etc.
In contrast mundane questions of speed and building a better payment network for ordinary people are not so popular among cryptographers. Not complicated enough I guess. Security questions on how to maybe break bitcoin are also less popular.
Arguably all these advanced super anonymous crypto-currencies designed by cryptographers will NEVER be able to challenge bitcoin in terms of popularity.
Ordinary people will simply use bitcoin, because they do not care that much about privacy.
Cryptographers will be cryptographers. For sure building advanced anonymous payment systems remains a big intellectual and practical challenge.
We list some major developments in this space. We focus on practical proposals which are likely to be used in practice by a lot of people:
- Zerocash: anonymous provably secure, transactions are less than 1 kB and take under 6 ms to verify. It is claimed competitive with plain Bitcoin. Zerocoin is a very substantial improvement over an earlier Zerocoin system from 2013.
- CryptoNote is another major system proposed in 2013 by Nicolas van Saberhagen.
We can remark that:
- In contrast to the dodgy sub-standard elliptic curve in bitcoin they use a super efficient Ed25519 signature scheme which is similar but NOT the same as using Curve25519 in Stellar/TOR, but it is a variant (both curves are isomorphic and equally secure).
- Specialists point out that CryptoNote is not strictly speaking Zero-Knowledge and therefore in theory it is NOT expected to be as secure and as advanced as Zerocash.
- Overall the system has a very positive opinions of fellow cryptographers: the reviewer is highly supportive and writes “CryptoNote protocol is absolutely spectacular” and he claims that “The protocol looks secure and tight.”
There are serious ethical problems with highly anonymous crypto currencies. They are pretty scary and it is very hard to know what could be the legal and practical consequences of releasing such systems into the public domain.
- Zerocash currency has not been released yet. Previous version was rejected by bitcoin community and was not permitted to operate on the top of bitcoin.
- CryptoNote has been implemented in full but serves only as a demo: genesis block is re-created every two months and they strongly recommend all users to abstain from any serious use of their CryptoNoteCoin.
Paul Krugman, Nobel price in economics have once said that bitcoin was the “ anti-social network” and later he has also said that “bitcoin is evil”. Nothing is less true. The really problematic crypto currencies are yet to come.
ADDED in 2015: Actually possibly advanced cryptography can reconcile privacy and policing of organized crime and terrorism.