aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2015-09-24 12:22:20 +0200
committerChristian Grothoff <christian@grothoff.org>2015-09-24 12:22:20 +0200
commit43ff6d447a62b74e17c7370e7d9cfc0f5b2e5b59 (patch)
tree7e1fbc67f549abec045a61f1646e5e601a9f2fa8
parenta8816b77702876bf89f0c0c5f98261d1e63da79a (diff)
expand security discussion in paper
-rw-r--r--doc/paper/taler.bib41
-rw-r--r--doc/paper/taler.tex55
2 files changed, 78 insertions, 18 deletions
diff --git a/doc/paper/taler.bib b/doc/paper/taler.bib
index a7d6f6816..a9bf95d48 100644
--- a/doc/paper/taler.bib
+++ b/doc/paper/taler.bib
@@ -36,6 +36,47 @@
year = {2015},
}
+
+@Misc{fatf1997,
+ title = {FATF-IX report on money laundering typologies},
+ howpublished = {\url{http://www.fatf-gafi.org/media/fatf/documents/reports/1996%201997%20ENG.pdf}},
+ month = {feb},
+ year = {1998},
+}
+
+@TechReport{,
+ author = {},
+ title = {},
+ institution = {},
+ year = {},
+ OPTkey = {},
+ OPTtype = {},
+ OPTnumber = {},
+ OPTaddress = {},
+ OPTmonth = {},
+ OPTnote = {},
+ OPTannote = {}
+}
+
+@InProceedings{sander1999escrow,
+ author = {Tomas Sander and Amnon Ta-Shma},
+ title = {On Anonymous Electronic Cash and Crime},
+ booktitle = {ISW'99},
+ year = {1999},
+ series = {LNCS 1729},
+ pages = {202--206},
+}
+
+@Article{solms1992perfect,
+ author = {Sebastiaan H. von Solms and David Naccache},
+ title = {On blind signatures and perfect crimes},
+ journal = {Computers \& Security},
+ year = {1992},
+ volume = {11},
+ number = {6},
+ pages = {581--583},
+}
+
@inproceedings{chaum1990untraceable,
title={Untraceable electronic cash},
author={Chaum, David and Fiat, Amos and Naor, Moni},
diff --git a/doc/paper/taler.tex b/doc/paper/taler.tex
index 199de85e4..c504e843f 100644
--- a/doc/paper/taler.tex
+++ b/doc/paper/taler.tex
@@ -923,6 +923,31 @@ that is unlinkable to the refunded transaction.
\section{Discussion}
+Taler's security is largely equivalent to that of Chaum's original
+design without online checks (and without the cut-and-choose
+revelation of double-spending customers for offline spending). We
+specifically note that the digital equivalent of the ``Columbian Black
+Market Exchange''~\cite{fatf1997} is a theoretical problem for both
+Chaum and Taler, as individuals with a strong mutual trust foundation
+can simply copy electronic coins and thereby establish a limited form
+of black transfers. However, unlike the situation with physical
+checks with blank recipients in the Columbian black market, the
+transitivity is limited as each participant can deposit the electronic
+coins and thereby cheat any other participant, while in the Columbian
+black market each participant only needs to trust the issuer of the
+check and not also all previous owners of the physical check.
+
+As with any unconditionally anonymous payment system, the ``Perfect
+Crime'' attack~\cite{solms1992perfect} where blackmail is used to
+force the mint to issue anonymous coins also continues to apply in
+principle. However, as mentioned Taler does faciliate limits on
+withdrawals, which we believe is a better trade-off than the
+problematic escrow systems where the necessary intransparency
+actually facilitates voluntary cooperation between the mint and
+criminals~\cite{sander1999escrow} and where state can selectively
+deanonymize activists to support the deep state's quest for absolute
+security.
+
\subsection{Offline Payments}
Chaum's original proposals for anonymous digital cash avoided the need
@@ -952,28 +977,22 @@ currency. A tax auditor can then request the merchant to reveal
(meaningful) details about the business transaction ($\mathcal{D}$,
$a$, $p$, $r$), including proof that applicable taxes were paid.
-If a merchant is not able to provide theses values, he can be punished
-in relation to the amount transferred by the traditional currency
-transfer.
-
+If a merchant is not able to provide theses values, he can be
+subjected to financial penalties by the state in relation to the
+amount transferred by the traditional currency transfer.
-\section{Future Work}
-%The legal status of the system needs to be investigated in the various
-%legal systems of the world. However, given that the system enables
-%taxation and is able to impose withdrawal limits and thus is not
-%suitable for money laundering, we are optimistic that states will find
-%the design desirable.
+\subsection{System Performance}
We performed some initial performance measurements for the various
-operations. The main conclusion was that the computational and
-bandwidth cost for transactions described in this paper is smaller
-than $10^{-3}$ cent/transaction, and thus dwarfed by the other
-business costs for the mint. However, this figure excludes the cost
-of currency transfers using traditional banking, which a mint operator
-would ultimately have to interact with. Here, mint operators should
-be able to reduce their expenses by aggregating multiple transfers to
-the same merchant.
+operations on our mint implementation. The main conclusion was that
+the computational and bandwidth cost for transactions described in
+this paper is smaller than $10^{-3}$ cent/transaction, and thus
+dwarfed by the other business costs for the mint. However, this
+figure excludes the cost of currency transfers using traditional
+banking, which a mint operator would ultimately have to interact with.
+Here, mint operators should be able to reduce their expenses by
+aggregating multiple transfers to the same merchant.
\section{Conclusion}