taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

expand security discussion in paper

Browse Source
This commit is contained in:
Christian Grothoff 2015-09-24 12:22:20 +02:00
parent a8816b7770
commit 43ff6d447a
2 changed files with 78 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
doc/paper/taler.bib
View File

@ -36,6 +36,47 @@
year = {2015}, year = {2015},
} }
@Misc{fatf1997,
title = {FATF-IX report on money laundering typologies},
howpublished = {\url{http://www.fatf-gafi.org/media/fatf/documents/reports/1996%201997%20ENG.pdf}},
month = {feb},
year = {1998},
}
@TechReport{,
author = {},
title = {},
institution = {},
year = {},
OPTkey = {},
OPTtype = {},
OPTnumber = {},
OPTaddress = {},
OPTmonth = {},
OPTnote = {},
OPTannote = {}
}
@InProceedings{sander1999escrow,
author = {Tomas Sander and Amnon Ta-Shma},
title = {On Anonymous Electronic Cash and Crime},
booktitle = {ISW'99},
year = {1999},
series = {LNCS 1729},
pages = {202--206},
}
@Article{solms1992perfect,
author = {Sebastiaan H. von Solms and David Naccache},
title = {On blind signatures and perfect crimes},
journal = {Computers \& Security},
year = {1992},
volume = {11},
number = {6},
pages = {581--583},
}
@inproceedings{chaum1990untraceable, @inproceedings{chaum1990untraceable,
title={Untraceable electronic cash}, title={Untraceable electronic cash},
author={Chaum, David and Fiat, Amos and Naor, Moni}, author={Chaum, David and Fiat, Amos and Naor, Moni},

55
doc/paper/taler.tex
View File

@ -923,6 +923,31 @@ that is unlinkable to the refunded transaction.
\section{Discussion} \section{Discussion}
Taler's security is largely equivalent to that of Chaum's original
design without online checks (and without the cut-and-choose
revelation of double-spending customers for offline spending). We
specifically note that the digital equivalent of the ``Columbian Black
Market Exchange''~\cite{fatf1997} is a theoretical problem for both
Chaum and Taler, as individuals with a strong mutual trust foundation
can simply copy electronic coins and thereby establish a limited form
of black transfers. However, unlike the situation with physical
checks with blank recipients in the Columbian black market, the
transitivity is limited as each participant can deposit the electronic
coins and thereby cheat any other participant, while in the Columbian
black market each participant only needs to trust the issuer of the
check and not also all previous owners of the physical check.
As with any unconditionally anonymous payment system, the ``Perfect
Crime'' attack~\cite{solms1992perfect} where blackmail is used to
force the mint to issue anonymous coins also continues to apply in
principle. However, as mentioned Taler does faciliate limits on
withdrawals, which we believe is a better trade-off than the
problematic escrow systems where the necessary intransparency
actually facilitates voluntary cooperation between the mint and
criminals~\cite{sander1999escrow} and where state can selectively
deanonymize activists to support the deep state's quest for absolute
security.
\subsection{Offline Payments} \subsection{Offline Payments}
Chaum's original proposals for anonymous digital cash avoided the need Chaum's original proposals for anonymous digital cash avoided the need
@ -952,28 +977,22 @@ currency. A tax auditor can then request the merchant to reveal
(meaningful) details about the business transaction ($\mathcal{D}$, (meaningful) details about the business transaction ($\mathcal{D}$,
$a$, $p$, $r$), including proof that applicable taxes were paid. $a$, $p$, $r$), including proof that applicable taxes were paid.
If a merchant is not able to provide theses values, he can be punished If a merchant is not able to provide theses values, he can be
in relation to the amount transferred by the traditional currency subjected to financial penalties by the state in relation to the
transfer. amount transferred by the traditional currency transfer.
\section{Future Work} \subsection{System Performance}
%The legal status of the system needs to be investigated in the various
%legal systems of the world. However, given that the system enables
%taxation and is able to impose withdrawal limits and thus is not
%suitable for money laundering, we are optimistic that states will find
%the design desirable.
We performed some initial performance measurements for the various We performed some initial performance measurements for the various
operations. The main conclusion was that the computational and operations on our mint implementation. The main conclusion was that
bandwidth cost for transactions described in this paper is smaller the computational and bandwidth cost for transactions described in
than $10^{-3}$ cent/transaction, and thus dwarfed by the other this paper is smaller than $10^{-3}$ cent/transaction, and thus
business costs for the mint. However, this figure excludes the cost dwarfed by the other business costs for the mint. However, this
of currency transfers using traditional banking, which a mint operator figure excludes the cost of currency transfers using traditional
would ultimately have to interact with. Here, mint operators should banking, which a mint operator would ultimately have to interact with.
be able to reduce their expenses by aggregating multiple transfers to Here, mint operators should be able to reduce their expenses by
the same merchant. aggregating multiple transfers to the same merchant.
\section{Conclusion} \section{Conclusion}