Abstract
On Crypto’ 88, an untraceable payment system with provable security against abuse by individuals was presented by Damgård. We show how to break the untraceability of that system completely.
Next, an improved version of the system is presented. We also augment the system by security for the individuals against loss of money, and we introduce the possibility of receipts for payments. Finally, whereas all this concerned an on-line system, we present a similar construction for untraceable electronic cash.
Chapter PDF
References
88 Mihir Bellare, Silvio Micali: How to sign given any trapdoor function; 20th Symposium on Theory of Computing (STOC) 1988, ACM, New York 1988, 32–42.
91 Gerrit Bleumer, Birgit Pfitzmann, Michael Waidner: A Remark on a Signature Scheme where Forgery can be Proved; Eurocrypt’ 90, LNCS 473, Springer-Verlag, Berlin 1991, 441–445.
89 Holger Bürk, Andreas Pfitzmann: Digital Payment Systems Enabling Security and Unobservability; Computers & Security 8/5 (1989) 399–416.
90 David Chaum, Bert den Boer, Eugène van Heijst, Stig Mjølsnes, Adri Steenbeek: Efficient offline electronic checks; Eurocrypt’ 89, LNCS 434, Springer-Verlag, Berlin 1990, 294–301.
81 David Chaum: Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms; Communications of the ACM 24/2 (1981) 84–88.
83 David Chaum: Blind Signatures for untraceable payments; Crypto’ 82, Plenum Press, New York 1983, 199–203.
85 David Chaum: Security without Identification: Transaction Systems to make Big Brother Obsolete; Communications of the ACM 28/10 (1985) 1030–1044.
88 David Chaum: The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability; Journal of Cryptology 1/1 (1988) 65–75.
89 David Chaum: Privacy Protected Payments — Unconditional Payer and/or Payee Untraceability; SMART CARD 2000: The Future of IC Cards, Proc. of the IFIP WG 11.6 International Conference; North-Holland, Amsterdam 1989, 69–93.
90 David Chaum: Showing credentials without identification: Transferring signatures between unconditionally unlinkable pseudonyms; Auscrypt’ 90, LNCS 453, Springer-Verlag, Berlin 1990, 246–264.
90 David Chaum: Online cash checks; Eurocrypt’ 89, LNCS 434, Springer-Verlag, Berlin 1990, 288–293.
88 David Chaum, Ivan Bjerre Damgård, Jeroen van de Graaf: Multiparty Computations ensuring privacy of each party’s input and correctness of the result; Crypto’ 87, LNCS 293, Springer-Verlag, Berlin 1988, 87–119.
87 David Chaum, Jan-Hendrik Evertse: A secure and privacy-protecting protocol for transmitting personal information between organizations; Crypto’ 86, LNCS 263, Springer-Verlag, Berlin 1987, 118–167.
90 David Chaum, Amos Fiat, Moni Naor: Untraceable Electronic Cash; Crypto’ 88, LNCS 403, Springer-Verlag, Berlin 1990, 319–327.
90 David Chaum, Sandra Roijakkers: Unconditionally Secure Digital Signatures; Crypto’ 90, 11–15 August 1990, Abstracts, 209–217.
90 Ivan Bjerre Damgård: Payment Systems and Credential Mechanisms with Provable Security Against Abuse by Individuals; Crypto’ 88, LNCS 403, Springer-Verlag, Berlin 1990, 328–335.
91 Ivan Bjerre Damgård: Private communication, Brighton, April 10th 1991.
87 Oded Goldreich: Two Remarks Concerning the Goldwasser-Micali-Rivest Signature Scheme; Crypto’ 86, LNCS 263, Springer-Verlag, Berlin 1987, 104–110.
88 Shafi Goldwasser, Silvio Micali, Ronald L. Rivest: A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks; SIAM J. Comput. 17/2 (1988) 281–308.
89 Moni Naor, Moti Yung: Universal One-way Hash Functions and their Cryptographic Applications; 21st STOC, ACM, New York 1989, 33–43.
90 Tatsuaki Okamoto, Kazuo Ohta: Divertible zero-knowledge interactive proofs and commutative random self-reducibility; Eurocrypt’ 89, LNCS 434, Springer-Verlag, Berlin 1990, 134–149.
90 Tatsuaki Okamoto, Kazuo Ohta: Disposable zero-knowledege authentications and their applications to untraceable electronic cash; Crypto’ 89, LNCS 435, Springer-Verlag, Heidelberg 1990, 481–496.
91 Tatsuaki Okamoto, Kazuo Ohta: Universal Electronic Cash; Crypto’ 91, Santa Barbara, CA, 11.–15. August 1991, Abstracts, 8.7–8.13.
91 Birgit Pfitzmann, Michael Waidner: Fail-stop Signatures and their Application; Securicom 91, Paris 1991, 145–160.
87 Birgit Pfitzmann, Michael Waidner, Andreas Pfitzmann: Rechtssicherheit trotz Anonymität in offenen digitalen Systemen; Computer und Recht 3/10,11,12 (1987) 712–717, 796–803, 898–904; Revision: DuD 14/5–6 (1990) 243–253, 305–315.
85 Michael Waidner, Andreas Pfitzmann: Betrugssicherheit trotz Anonymität. Abrechnung und Geldtransfer in Netzen; Proc. Datenschutz und Datensicherung im Wandel der Informationstechnologien, IFB 113, Springer-Verlag, Berlin 1985, 128–141; Revision: DuD/1 (1986) 16–22.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1992 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pfitzmann, B., Waidner, M. (1992). How to Break and Repair a “Provably Secure” Untraceable Payment System. In: Feigenbaum, J. (eds) Advances in Cryptology — CRYPTO ’91. CRYPTO 1991. Lecture Notes in Computer Science, vol 576. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46766-1_28
Download citation
DOI: https://doi.org/10.1007/3-540-46766-1_28
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-55188-1
Online ISBN: 978-3-540-46766-3
eBook Packages: Springer Book Archive