DCASH: Two Digital Cash Reports Available
-----BEGIN PGP SIGNED MESSAGE-----
I have two reports on new ideas for digital cash which I retrieved
from Amsterdam. Both are in PostScript format. I have a hardcopy of
the larger one kindly supplied by mail by the author, Stephen Brands.
If there is any interest, I will bring both soft and hard-copies
to the next Physical Meeting, which I presume will take place
on the 2nd Sat of August, 8/8, noon, at Cygnus in Mtn. View.
(I didn't see any announcement/agenda for the July meeting, but
I understand it occurred anyway).
Here are summaries of the reports:
[Newsgroup sci.crypt]
Post: 1070 of 1149
From: brands@cwi.nl (Stefan Brands)
Newsgroups: sci.crypt
Subject: * REPORT ON PRIVACY-PROTECTING OFF-LINE CASH AVAILABLE *
Date: 19 Apr 93 14:37:17 GMT
Organization: CWI, Amsterdam
Lines: 60
I recently published a new privacy-protecting off-line electronic cash
system as a technical report at CWI. Being a PhD-student at David
Chaum's cryptography-group, our group has a long history in research
in the field of privacy-protecting cash systems.
The report is called CS-R9323.ps.Z, contains 77 pages, and can be
retrieved from
ftp.cwi.nl (192.16.184.180)
from the directory pub/CWIreports/AA.
The postscript-file is suitable for 300dpi laserprinters.
====================================================================
ABSTRACT (from coverpage): We present a new off-line electronic cash
system based on a problem, called the representation problem, of which
little use has been made in literature thus far. Our system is the
first to be based entirely on discrete logarithms. Using the
representation problem as a basic concept, some techniques are
introduced that enable us to construct protocols for withdrawal and
payment that do not use the cut and choose methodology of earlier
systems. As a consequence, our cash system is much more efficient in
both computation and communication complexity than any such system
proposed previously.
Another important aspect of our system concerns its provability.
Contrary to previously proposed systems, its correctness can be
mathematically proven to a very great extent. Specifically, if we
make one plausible assumption concerning a single hash-function, the
ability to break the system seems to imply that one can break the
Diffie-Hellman problem.
Our system offers a number of extensions that are hard to achieve in
previously known systems. In our opinion the most interesting of these
is that the entire cash system (including all the extensions) can be
incorporated in a setting based on wallets with observers, which has
the important advantage that double-spending can be prevented in the
first place, rather than detecting the identity of a double-spender
after the fact. In particular, it can be incorporated even under the
most stringent requirements conceivable about the privacy of the user,
which seems to be impossible to do with previously proposed systems.
Another benefit of our system is that framing attempts by a bank have
negligible probability of success (independent of computing power) by
a simple mechanism from within the system, which is something that
previous solutions lack entirely. Furthermore, the basic cash system
can be extended to checks, multi-show cash and divisibility, while
retaining its computational efficiency.
====================================================================
Cryptographers are challenged to try to break this system!
I made a particular effort to keep the report as self-contained as
possible. Nevertheless, if you have any questions, please e-mail to
me and I will try to reply as good as I can. Any comments are also
welcome!
Stefan Brands,
- --------------------------------------------------------
CWI, Kruislaan 413, 1098 SJ Amsterdam, The Netherlands
Tel: +31 20 5924103, e-mail: brands@cwi.nl
[Newsgroup alt.privacy]
Post: 452 of 458
From: Niels Ferguson
On Thu, 15 Jul 93 13:10:20 PDT, edgar@spectrx.Saigon.COM (Edgar W. Swank) said: edgar> If there is any interest, I will bring both soft and hard-copies edgar> to the next Physical Meeting, which I presume will take place edgar> on the 2nd Sat of August, 8/8, noon, at Cygnus in Mtn. View. edgar> (I didn't see any announcement/agenda for the July meeting, but edgar> I understand it occurred anyway).
8/8 is a Sunday, what's the deal? I'm a newbie on this the cypherpunks list and would be very interested in attending. Could someone post details? Thanks.
participants (2)
-
Ciamac Moallemi
-
edgar@spectrx.Saigon.COM