expand security discussion in paper
This commit is contained in:
Christian Grothoff
parent
a8816b7770
commit
43ff6d447a
@ -36,6 +36,47 @@
|
||||
year = {2015},
|
||||
}
|
||||
|
||||
|
||||
@Misc{fatf1997,
|
||||
title = {FATF-IX report on money laundering typologies},
|
||||
howpublished = {\url{http://www.fatf-gafi.org/media/fatf/documents/reports/1996%201997%20ENG.pdf}},
|
||||
month = {feb},
|
||||
year = {1998},
|
||||
}
|
||||
|
||||
@TechReport{,
|
||||
author = {},
|
||||
title = {},
|
||||
institution = {},
|
||||
year = {},
|
||||
OPTkey = {},
|
||||
OPTtype = {},
|
||||
OPTnumber = {},
|
||||
OPTaddress = {},
|
||||
OPTmonth = {},
|
||||
OPTnote = {},
|
||||
OPTannote = {}
|
||||
}
|
||||
|
||||
@InProceedings{sander1999escrow,
|
||||
author = {Tomas Sander and Amnon Ta-Shma},
|
||||
title = {On Anonymous Electronic Cash and Crime},
|
||||
booktitle = {ISW'99},
|
||||
year = {1999},
|
||||
series = {LNCS 1729},
|
||||
pages = {202--206},
|
||||
}
|
||||
|
||||
@Article{solms1992perfect,
|
||||
author = {Sebastiaan H. von Solms and David Naccache},
|
||||
title = {On blind signatures and perfect crimes},
|
||||
journal = {Computers \& Security},
|
||||
year = {1992},
|
||||
volume = {11},
|
||||
number = {6},
|
||||
pages = {581--583},
|
||||
}
|
||||
|
||||
@inproceedings{chaum1990untraceable,
|
||||
title={Untraceable electronic cash},
|
||||
author={Chaum, David and Fiat, Amos and Naor, Moni},
|
||||
|
||||
@ -923,6 +923,31 @@ that is unlinkable to the refunded transaction.
|
||||
|
||||
\section{Discussion}
|
||||
|
||||
Taler's security is largely equivalent to that of Chaum's original
|
||||
design without online checks (and without the cut-and-choose
|
||||
revelation of double-spending customers for offline spending). We
|
||||
specifically note that the digital equivalent of the ``Columbian Black
|
||||
Market Exchange''~\cite{fatf1997} is a theoretical problem for both
|
||||
Chaum and Taler, as individuals with a strong mutual trust foundation
|
||||
can simply copy electronic coins and thereby establish a limited form
|
||||
of black transfers. However, unlike the situation with physical
|
||||
checks with blank recipients in the Columbian black market, the
|
||||
transitivity is limited as each participant can deposit the electronic
|
||||
coins and thereby cheat any other participant, while in the Columbian
|
||||
black market each participant only needs to trust the issuer of the
|
||||
check and not also all previous owners of the physical check.
|
||||
|
||||
As with any unconditionally anonymous payment system, the ``Perfect
|
||||
Crime'' attack~\cite{solms1992perfect} where blackmail is used to
|
||||
force the mint to issue anonymous coins also continues to apply in
|
||||
principle. However, as mentioned Taler does faciliate limits on
|
||||
withdrawals, which we believe is a better trade-off than the
|
||||
problematic escrow systems where the necessary intransparency
|
||||
actually facilitates voluntary cooperation between the mint and
|
||||
criminals~\cite{sander1999escrow} and where state can selectively
|
||||
deanonymize activists to support the deep state's quest for absolute
|
||||
security.
|
||||
|
||||
\subsection{Offline Payments}
|
||||
|
||||
Chaum's original proposals for anonymous digital cash avoided the need
|
||||
@ -952,28 +977,22 @@ currency. A tax auditor can then request the merchant to reveal
|
||||
(meaningful) details about the business transaction ($\mathcal{D}$,
|
||||
$a$, $p$, $r$), including proof that applicable taxes were paid.
|
||||
|
||||
If a merchant is not able to provide theses values, he can be punished
|
||||
in relation to the amount transferred by the traditional currency
|
||||
transfer.
|
||||
If a merchant is not able to provide theses values, he can be
|
||||
subjected to financial penalties by the state in relation to the
|
||||
amount transferred by the traditional currency transfer.
|
||||
|
||||
|
||||
\section{Future Work}
|
||||
|
||||
%The legal status of the system needs to be investigated in the various
|
||||
%legal systems of the world. However, given that the system enables
|
||||
%taxation and is able to impose withdrawal limits and thus is not
|
||||
%suitable for money laundering, we are optimistic that states will find
|
||||
%the design desirable.
|
||||
\subsection{System Performance}
|
||||
|
||||
We performed some initial performance measurements for the various
|
||||
operations. The main conclusion was that the computational and
|
||||
bandwidth cost for transactions described in this paper is smaller
|
||||
than $10^{-3}$ cent/transaction, and thus dwarfed by the other
|
||||
business costs for the mint. However, this figure excludes the cost
|
||||
of currency transfers using traditional banking, which a mint operator
|
||||
would ultimately have to interact with. Here, mint operators should
|
||||
be able to reduce their expenses by aggregating multiple transfers to
|
||||
the same merchant.
|
||||
operations on our mint implementation. The main conclusion was that
|
||||
the computational and bandwidth cost for transactions described in
|
||||
this paper is smaller than $10^{-3}$ cent/transaction, and thus
|
||||
dwarfed by the other business costs for the mint. However, this
|
||||
figure excludes the cost of currency transfers using traditional
|
||||
banking, which a mint operator would ultimately have to interact with.
|
||||
Here, mint operators should be able to reduce their expenses by
|
||||
aggregating multiple transfers to the same merchant.
|
||||
|
||||
|
||||
\section{Conclusion}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user