Advertisement

Anonymity control in E-cash systems

  • George Davida
  • Yair Frankel
  • Yiannis Tsiounis
  • Moti Yung
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1318)

Abstract

Electronic cash, and other cryptographic payment systems, offer a level of user anonymity during a purchase, in order to emulate electronically the properties of physical cash exchange. However, it has been noted that there are crime-prevention situations where anonymity of notes is undesirable; in addition there may be regulatory and legal constraints limiting anonymous transfer of funds. Thus pure anonymity of users may be, in certain settings, unacceptable and thus a hurdle to the progress of electronic commerce.

The conceptual contribution of this work is based on the claim that given the legal, social, technical and efficiency constraints that are imposed, anonymity should be treated as a Control Parameter facilitating flexibility of the level of privacy of note holders (determined by the dynamic conditions and constraints).

In light of this parameterization, we review recently developed technical tools for tracing and anonymity revocation (e.g., owner tracing and coin tracing). We elaborate on the differences in the various technologies with respect to security assumptions and we discuss practical considerations of computational, bandwidth and storage requirements for user, shop, bank and trustees as well as whether the trustees must be on-line or off-line. We also claim that while anonymity revocation can potentially reduce crime it can also produce instances where the severity of the crime is increased as criminals try to social engineer around tracing revocation. To prevent this we suggest the notion of “distress cash.” the technical side, we provide efficiency improvements to a protocol for coin tracing and point at a technical solution for distress cash.

Keywords

Money Laundering Random Oracle Blind Signature User Anonymity Payment Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [ABAT96]
    Information Security Committee of the Section on Science American Bar Association and Technology. Draft digital signature guidelines, January 1996. Available online at http://www.state.ut.us/ccii/digsig/dsut-gl.htm The guidelines are currently being revised.Google Scholar
  2. [BGK95]
    E. F. Brickell, P. Gemmell, and D. Kravitz. Trustee-based tracing extensions to anonymous cash and the making of anonymous change. In Symposium on Distributed Algorithms (SODA), Albuquerque, NM, 1995. Available at http://www.cs.sandia.gov/dsur-psgemme/.Google Scholar
  3. [Bra93]
    S. Brands. Untraceable off-line cash in wallets with observers. In Advances in Cryptology-Crypto '93, Proceedings (Lecture Notes in Computer Science 773), pages 302–318. Springer-Verlag, 1993. Available at http://www.cwi.nl/ftp/brands/crypto93.ps.Z.Google Scholar
  4. [CFMT96]
    A. Chan, Y. Frankel, P. MacKenzie, and Y. Tsiounis. Mis-representation of identities in e-cash schemes and how to prevent it. In Advances in Cryptology-Proceedings of Asiacrypt '96 (Lecture Notes in Computer Science 1163), pages 276–285, Kyongju, South Korea, November 3–7 1996. Springer-Verlag. Available at http://www.ccs.neu.edu/home/yiannis/pubs.html.Google Scholar
  5. [CFN90]
    D. Chaum, Amos Fiat, and Moni Naor. Untraceable electronic cash. In Advances in Cryptology-Crypto '88 (Lecture Notes in Computer Science), pages 319–327. Springer-Verlag, 1990.Google Scholar
  6. [Cha83]
    D. Chaum. Blind signatures for untraceable payments.In D. Chaum, R.L. Rivest, and A. T. Sherman, editors, Advances in Cryptology. Proc. Crypto'82, pages 199–203, Santa Barbara, 1983. Plenum Press N. Y.Google Scholar
  7. [CMS96]
    J. Camenisch, U. Maurer, and M. Stadler. Digital payment systems with passive anonymity-revoking trustees. In Esorics '96, Italy, 1996. To appear. Available at http://www.inf.ethz.ch/personal/camenisc/publications.html.Google Scholar
  8. [CP93a]
    D. Chaum and T.P. Pedersen. Transferred cash grows in size. In Advances in Cryptology-Eurocrypt '92, Proceedings (Lecture Notes in Computer Science 658), pages 390–407. Springer-Verlag, 1993.Google Scholar
  9. [CP93b]
    D. Chaum and T.P. Pedersen. Wallet databases with observers.In E. Brickell, editor, Advances in Cryptology-Crypto '92, Proceedings (Lecture Notes in Computer Science), pages 90–106. Springer-Verlag, New York, 1993. Santa Barbara, California.Google Scholar
  10. [CP93c]
    R. Cramer and T. Pedersen. Improved privacy in wallets with observers. In Advances in Cryptology: Eurocrypt '93, Proceedings (Lecture Notes in Computer Science 765), pages 329–343. Springer-Verlag, 1993. [CPS96] J. Camenisch, J. M. Piveteau, and M. Stadler. An efficient fair payment system. ACM-CCS, March 1996.Google Scholar
  11. [DC94]
    S. D'amingo and G. Di Crescenzo. Methodology for digital money based on general cryptographic tools. In Advances in Cryptology, Proc. of Eurocrypt '94, pages 157–170. Springer-Verlag, 1994. Italy, 1994.Google Scholar
  12. [EO94]
    T. Eng and T. Okamoto. Single-term divisible electronic coins. In Advances in Cryptology-Eurocrypt '94, Proceedings, pages 306–319, New York, 1994. Springer-Verlag.Google Scholar
  13. [Fer93]
    N. Ferguson. Single term off-line coins. Technical Report CS-119318, CWI (Centre for Mathematics and Computer Science), Amsterdam, 1993. Anonymous ftp: ftp.cwi.nl:/pub/CWlreports/AA/CS-R9318.ps.Z.Google Scholar
  14. [Fro96a]
    A. M. Froomkin. The essential role of trusted third parties in electronic commerce, October 14 1996. Available on-line at http://www.law.cornell.edu/jol/froomkin.html.Google Scholar
  15. [Fro96b]
    A. M. Froomkin.Flood control on the information ocean: living with anonymity, digital cash, and distributed databases, 1996. Available on-line at http://www.law.cornell.edu/jol/froomkin.html.Google Scholar
  16. [FTY96]
    Y. Frankel, Y. Tsiounis, and M. Yung. Indirect discourse proofs: achieving fair off-line e-cash. In Advances in Cryptology, Proc. of Asiacrypt '96 (Lecture Notes in Computer Science 1163), pages 286–300, Kyongju, South Korea, November 3–7 1996. Springer-Verlag. International patent pending. Available at http://www.ccs.neu.edu/home/yiaimis/pubs.html.Google Scholar
  17. [FY93]
    M. Franklin and M. Yung. Secure and efficient off-line digital money. In Proceedings of the twentieth International Colloquium on Automata, Languages and Programming (ICALP 1993), (Lecture Notes in Computer Sci ence 700), pages 265–276. Springer-Verlag, 1993. Lund, Sweden, July 1993.Google Scholar
  18. [FY94]
    M. Franklin and M. Yung. Blind weak signature and its applications: Putting non-cryptographic computation to work. In Advances in Cryptology, Proc. of Eurocrypt 94, (Lecture Notes in Computer Science), Springer-Verlag, pages 71–83, Perugia, Italy, May 9–12, 1994.Google Scholar
  19. [JY96]
    M. Jakobson and M. Yung. Revokable and versatile e-money. In Proceedings of the third annual ACM Symp. on Computer and Communication Security, March 1996.Google Scholar
  20. [JY97]
    M. Jakobson and M. Yung. Distributed “magic ink” signatures. In Proceedings of Eurocrypt 97 (Lecture Notes in Computer Science), Springer-Verlag May 1997.Google Scholar
  21. [LSS96]
    L. Law, S. Sabett, and J. Solinas. How to make a mint: the cryptography of anonymous electronic cash. No. 96-10-17, National Security Agency, Office of Information Security Research and Technology, Cryptology Division, June 18 1996. For a copy e-mail to 21stCen@ffhsj.com or call at (202) 639-7200. See also the 21st Century Banking Alert page at URL: http://www.ffhsj.com/bancmail/bancpage.html.Google Scholar
  22. [M'R96]
    D. M'Raihi. Cost-effective payment schemes with privacy regulation. In Advances in Cryptology. Proc. of Asiacrypt '96 (Lecture Notes in Computer Science 1163), Kyongju, South Korea, November 3–7 1996. Springer-Verlag.Google Scholar
  23. [Oka95]
    T. Okamoto. An efficient divisible electronic cash scheme. In Don Coppersmith, editor, Advances in Cryptology, Proc. of Crypto '95 (Lecture Notes in Computer Science 963), pages 438–451. Springer-Verlag, 1995. Santa Barbara, California, U.S.A., August 27–31.Google Scholar
  24. [OO92]
    T. Okamoto and K. Ohta. Universal electronic cash. In Advances in Cryptology-Crypto '91 (Lecture Notes in Computer Science), pages 324–337. Springer-Verlag, 1992.Google Scholar
  25. [Pai93]
    J. C. Pailles. New protocols for electronic money. In Proceedings of Ausicrypt '92, pages 263–274, 1993.Google Scholar
  26. [PW92]
    B. Pfitzmann and M. Waidner. How to break and repair a ‘provably secure’ untraceable payment system. In J. Feigenbaum, editor, Advances in Cryptology, Proc. of Crypto '91 (Lecture Notes in Computer Science 576), pages 338–350. Springer-Verlag, 1992.Google Scholar
  27. [Sch91]
    C. P. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology, 4(3):161–174, 1991.CrossRefGoogle Scholar
  28. [Sim84]
    G. J. Simmons. The prisoners' problem and the subliminal channel. In D. Chaum, editor, Advances in Cryptology. Proc. of Crypto 83, pages 51–67. Plenum Press N.Y., 1984. Santa Barbara, California, August 1983.Google Scholar
  29. [Sim96]
    D. Simon. Anonymous communication and anonymous cash. In Neal Koblitz, editor, Advances in Cryptology, Proc. of Crypto '96 (Lecture Notes in Computer Science 1109), pages 61–73, Santa Barbara, California, August 1996. Springer-Verlag.Google Scholar
  30. [SPC95]
    M. Stadler, J. M. Piveteau, and J. Camenisch. Fair blind signatures. In Advances in Cryptology, Proc. of Eurocrypt '95, pages 209–219. Springer-Verlag, 1995.Google Scholar
  31. [Sta95]
    Utah State. Digital signature act. Utah code ann. tit. 46, ch. 3, 1995. Amended in 1996. Digital Signature Act Amendments, 52nd Leg., Gen. Sess., 1996 Utah Laws 188 (to be codified at Utah Code Ann. tit. 46, ch. 3). History and Current Status are available online at http://www.state.ut.us/ccjj/digsig/dsut-int.htm.Google Scholar
  32. [Sta96]
    M. Stadler. Publicly verifiable secret sharing. In Advances in Cryptology, Proc. of Eurocrypt '96, pages 190–199. Springer-Verlag, 1996.Google Scholar
  33. [Tsi97]
    Y. Tsiounis. Efficient Electronic Cash: New Notions and Techniques. PhD thesis, College of Computer Science, Northeastern University, Boston, MA, 1997. See http://www.ccs.neu.edu/home/yiannis for information on availability.Google Scholar
  34. [vSN92]
    B. von Solms and D. Naccache. On blind signatures and perfect crimes. Computers and Security, 11(6):581–583, October 1992.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1997

Authors and Affiliations

  • George Davida
    • 1
  • Yair Frankel
    • 2
  • Yiannis Tsiounis
    • 3
  • Moti Yung
    • 2
  1. 1.University of Wisconsin-MilwaukeeUSA
  2. 2.CertCo LLCUSA
  3. 3.GTE Laboratories IncorporatedUSA

Personalised recommendations