@inproceedings{clement2009making, author = {Clement, Allen and Wong, Edmund and Alvisi, Lorenzo and Dahlin, Mike and Marchetti, Mirco}, title = {Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults}, booktitle = {Proceedings of the 6th USENIX Symposium on Networked Systems Design and Implementation}, series = {NSDI'09}, year = {2009}, location = {Boston, Massachusetts}, pages = {153--168}, numpages = {16}, url = {http://dl.acm.org/citation.cfm?id=1558977.1558988}, acmid = {1558988}, publisher = {USENIX Association}, address = {Berkeley, CA, USA}, } @article{fischer1985impossibility, title={Impossibility of distributed consensus with one faulty process}, author={Fischer, Michael J and Lynch, Nancy A and Paterson, Michael S}, journal={Journal of the ACM (JACM)}, volume={32}, number={2}, pages={374--382}, year={1985}, publisher={ACM} } @Misc{cosmos, author = {Jae Kwon and Ethan Buchman}, title = {Cosmos: A Network of Distributed Ledgers}, howpublished = {\url{https://cosmos.network/whitepaper}}, year = {2016}, note = {Accessed 22 Feb 2017}, } @InProceedings{gns2014wachs, author = {Wachs, Matthias and Schanzenbach, Martin and Grothoff, Christian}, title = {A Censorship-Resistant, Privacy-Enhancing and Fully Decentralized Name System}, booktitle = {Proceedings of the 13th International Conference on Cryptology and Network Security - Volume 8813}, year = {2014}, isbn = {978-3-319-12279-3}, pages = {127--142}, numpages = {16}, url = {http://dx.doi.org/10.1007/978-3-319-12280-9_9}, doi = {10.1007/978-3-319-12280-9_9}, acmid = {2769431}, publisher = {Springer-Verlag New York, Inc.}, address = {New York, NY, USA}, } @Misc{gnunet-www, label = "GNUNET", title = "{The GNUnet Project}", howpublished = {\url{https://gnunet.org/}}, note = {Accessed 28 Feb 2017}, } @Misc{gnunet-git, title = "{The GNUnet Project Git Repository}", howpublished = {\url{git://gnunet.org/git/gnunet}}, note = {Accessed 28 Feb 2017}, } @article{ben2010simple, title={Simple gradecast based algorithms}, author={Ben-Or, Michael and Dolev, Danny and Hoch, Ezra N}, journal={arXiv preprint arXiv:1007.1049}, year={2010} } @incollection{ben2010brief, title={Brief announcement: simple gradecast based algorithms}, author={Ben-Or, Michael and Dolev, Danny and Hoch, Ezra N}, booktitle={Distributed Computing}, pages={194--197}, year={2010}, publisher={Springer} } @phdthesis{feldman1988optimalphd, title={Optimal algorithms for Byzantine agreement}, author={Feldman, Paul Neil}, year={1988}, school={Massachusetts Institute of Technology} } @inproceedings{feldman1988optimal, author = {Feldman, Paul and Micali, Silvio}, title = {Optimal Algorithms for Byzantine Agreement}, booktitle = {Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing}, series = {STOC '88}, year = {1988}, isbn = {0-89791-264-0}, location = {Chicago, Illinois, USA}, pages = {148--161}, numpages = {14}, url = {http://doi.acm.org/10.1145/62212.62225}, doi = {10.1145/62212.62225}, acmid = {62225}, publisher = {ACM}, address = {New York, NY, USA}, } @article{eppstein2011difference, author = {Eppstein, David and Goodrich, Michael T. and Uyeda, Frank and Varghese, George}, title = {What's the Difference?: Efficient Set Reconciliation Without Prior Context}, journal = {SIGCOMM Comput. Commun. Rev.}, issue_date = {August 2011}, volume = {41}, number = {4}, month = {8}, year = {2011}, issn = {0146-4833}, pages = {218--229}, numpages = {12}, url = {http://doi.acm.org/10.1145/2043164.2018462}, doi = {10.1145/2043164.2018462}, acmid = {2018462}, publisher = {ACM}, address = {New York, NY, USA}, keywords = {difference digest, invertible bloom filter, set difference}, } @article{dwork1988consensus, title={Consensus in the presence of partial synchrony}, author={Dwork, Cynthia and Lynch, Nancy and Stockmeyer, Larry}, journal={Journal of the ACM (JACM)}, volume={35}, number={2}, pages={288--323}, year={1988}, publisher={ACM} } @inproceedings{fitzi2006optimally, author = {Fitzi, Matthias and Hirt, Martin}, title = {Optimally Efficient Multi-valued Byzantine Agreement}, booktitle = {Proceedings of the Twenty-fifth Annual ACM Symposium on Principles of Distributed Computing}, series = {PODC '06}, year = {2006}, isbn = {1-59593-384-0}, location = {Denver, Colorado, USA}, pages = {163--168}, numpages = {6}, url = {http://doi.acm.org/10.1145/1146381.1146407}, doi = {10.1145/1146381.1146407}, acmid = {1146407}, publisher = {ACM}, address = {New York, NY, USA}, keywords = {byzantine agreement, communication complexity, cryptographic security, information-theoretic security}, } % Problem: Really, really complex and not that efficient. @inproceedings{abraham2008almost, title={An almost-surely terminating polynomial protocol for asynchronous byzantine agreement with optimal resilience}, author={Abraham, Ittai and Dolev, Danny and Halpern, Joseph Y}, booktitle={Proceedings of the twenty-seventh ACM symposium on Principles of distributed computing}, pages={405--414}, year={2008}, organization={ACM} } % Followup tp abraham2008almost % Problem: Requires some nasty hardware trusted % computing stuff? @incollection{abraham2010fast, title={Fast asynchronous consensus with optimal resilience}, author={Abraham, Ittai and Aguilera, Marcos K and Malkhi, Dahlia}, booktitle={Distributed Computing}, pages={4--19}, year={2010}, publisher={Springer} } % Really nice summary of complexity bounds % and approaches to asynchrony @techreport{dutta2005best, title={Best-case complexity of asynchronous Byzantine consensus}, author={Dutta, Partha and Guerraoui, Rachid and Vukolic, Marko}, year={2005}, institution={Technical Report EPFL/IC/200499, EPFL} } @inproceedings{castro1999practical, author = {Miguel Castro and Barbara Liskov}, title = {Practical Byzantine Fault Tolerance}, booktitle = {Third Symposium on Operating Systems Design and Implementation (OSDI)}, publisher = {USENIX Association, Co-sponsored by IEEE TCOS and ACM SIGOPS}, address = {New Orleans, Louisiana}, month = {2}, volume={99}, pages={173--186}, year = {1999} } @article{cramer1997secure, title={A secure and optimally efficient multi-authority election scheme}, author={Cramer, Ronald and Gennaro, Rosario and Schoenmakers, Berry}, journal={European transactions on Telecommunications}, volume={8}, number={5}, pages={481--490}, year={1997}, publisher={Wiley Online Library} } @article{castro2002practical, title={Practical Byzantine fault tolerance and proactive recovery}, author={Castro, Miguel and Liskov, Barbara}, journal={ACM Transactions on Computer Systems (TOCS)}, volume={20}, number={4}, pages={398--461}, year={2002}, publisher={ACM} } @article{lamport1982byzantine, title={The Byzantine generals problem}, author={Lamport, Leslie and Shostak, Robert and Pease, Marshall}, journal={ACM Transactions on Programming Languages and Systems (TOPLAS)}, volume={4}, number={3}, pages={382--401}, year={1982}, publisher={ACM} } @article{schneider1990implementing, title={Implementing fault-tolerant services using the state machine approach: A tutorial}, author={Schneider, Fred B}, journal={ACM Computing Surveys (CSUR)}, volume={22}, number={4}, pages={299--319}, year={1990}, publisher={ACM} } @inproceedings{ongaro2014search, title={In search of an understandable consensus algorithm}, author={Ongaro, Diego and Ousterhout, John}, booktitle={Proc. USENIX Annual Technical Conference}, pages={305--320}, year={2014} } % Very important, highlights the % consensus part of Paxos/PBFT @incollection{lampson1996build, title={How to build a highly available system using consensus}, author={Lampson, Butler W}, booktitle={Distributed Algorithms}, pages={1--17}, year={1996}, publisher={Springer} } @article{van2014vive, title={Vive la diff{\'e}rence: Paxos vs. Viewstamped Replication vs. Zab}, author={Van Renesse, Robbert and Schiper, Nicolas and Schneider, Fred B}, year={2014}, publisher={IEEE} } % Problem: Very complex assumptions % Cachin seems much more practical, even if he uses signatures. @article{kapron2010fast, author = {Kapron, Bruce M. and Kempe, David and King, Valerie and Saia, Jared and Sanwalani, Vishal}, title = {Fast Asynchronous Byzantine Agreement and Leader Election with Full Information}, journal = {ACM Trans. Algorithms}, issue_date = {August 2010}, volume = {6}, number = {4}, month = {9}, year = {2010}, issn = {1549-6325}, pages = {68:1--68:28}, articleno = {68}, numpages = {28}, url = {http://doi.acm.org/10.1145/1824777.1824788}, doi = {10.1145/1824777.1824788}, acmid = {1824788}, publisher = {ACM}, address = {New York, NY, USA}, keywords = {Byzantine agreement, Monte Carlo algorithms, asynchronous communication, distributed algorithms, probabilistic method}, } % Nice for future work section, % could be applied to consensus @article{mitzenmacher2013simple, title={Simple Multi-Party Set Reconciliation}, author={Mitzenmacher, Michael and Pagh, Rasmus}, journal={arXiv preprint arXiv:1311.2037}, year={2013} } % Has great arguments for (against!) the complexity % of the state machine approach. @article{aublin2015next, author = {Aublin, Pierre-Louis and Guerraoui, Rachid and Kne\v{z}evi\'{c}, Nikola and Qu{\'e}ma, Vivien and Vukoli\'{c}, Marko}, title = {The Next 700 BFT Protocols}, journal = {ACM Trans. Comput. Syst.}, issue_date = {January 2015}, volume = {32}, number = {4}, month = {1}, year = {2015}, issn = {0734-2071}, pages = {12:1--12:45}, articleno = {12}, numpages = {45}, url = {http://doi.acm.org/10.1145/2658994}, doi = {10.1145/2658994}, acmid = {2658994}, publisher = {ACM}, address = {New York, NY, USA}, keywords = {Abstract, Byzantine, composability, fault tolerance, optimization, robustness}, } % Good complexity comparison % for async case @inproceedings{mostefaoui2014signature, author = {Mostefaoui, Achour and Moumen, Hamouma and Raynal, Michel}, title = {Signature-free Asynchronous Byzantine Consensus with {$t < n/3$} and {$O(n^2)$} Messages}, booktitle = {Proceedings of the 2014 ACM Symposium on Principles of Distributed Computing}, series = {PODC '14}, year = {2014}, isbn = {978-1-4503-2944-6}, location = {Paris, France}, pages = {2--9}, numpages = {8}, url = {http://doi.acm.org/10.1145/2611462.2611468}, doi = {10.1145/2611462.2611468}, acmid = {2611468}, publisher = {ACM}, address = {New York, NY, USA}, keywords = {abstraction, asynchronous message-passing system, broadcast abstraction, byzantine process, common coin, consensus, distributed algorithm, optimal resilience, randomized algorithm, signature-free algorithm, simplicity}, } % Failure detectors, overview @inbook{guerraoui2000consensus, author="Guerraoui, Rachid and Hurfinn, Michel and Mostefaoui, Achour and Oliveira, Riucarlos and Raynal, Michel and Schiper, Andre", editor="Krakowiak, Sacha and Shrivastava, Santosh", title="Consensus in Asynchronous Distributed Systems: A Concise Guided Tour", bookTitle="Advances in Distributed Systems: Advanced Distributed Computing: From Algorithms to Systems", year="2000", publisher="Springer Berlin Heidelberg", address="Berlin, Heidelberg", pages="33--47", abstract="It is now recognized that the Consensus problem is a fundamental problem when one has to design and implement reliable asynchronous distributed systems. This chapter is on the Consensus problem. It studies Consensus in two failure models, namely, the Crash/no Recovery model and the Crash/Recovery model. The assumptions related to the detection of failures that are required to solve Consensus in a given model are particularly emphasized.", isbn="978-3-540-46475-4", doi="10.1007/3-540-46475-1_2", url="https://doi.org/10.1007/3-540-46475-1_2" } % Good future work to implement this? @article{bouzidminimal, title={Minimal Synchrony for Asynchronous Byzantine Consensus}, year={2015}, author={Bouzid, Zohir and Mostefaoui, Achour and Raynal, Michel}, publisher={Collection des Publications Internes de l'Irisa} } @incollection{lamport2011brief, title={Brief announcement: leaderless byzantine paxos}, author={Lamport, Leslie}, booktitle={Distributed Computing}, pages={141--142}, year={2011}, publisher={Springer} } % Mention that we don't need early % stopping in voting (because of of fairness? property) @article{dolev1990early, author = {Dolev, Danny and Reischuk, Ruediger and Strong, H. Raymond}, title = {Early Stopping in Byzantine Agreement}, journal = {J. ACM}, issue_date = {Oct. 1990}, volume = {37}, number = {4}, month = {10}, year = {1990}, issn = {0004-5411}, pages = {720--741}, numpages = {22}, url = {http://doi.acm.org/10.1145/96559.96565}, doi = {10.1145/96559.96565}, acmid = {96565}, publisher = {ACM}, address = {New York, NY, USA}, } % seminal @article{lamport1998part, title={The part-time parliament}, author={Lamport, Leslie}, journal={ACM Transactions on Computer Systems (TOCS)}, volume={16}, number={2}, pages={133--169}, year={1998}, publisher={ACM} } % follow-up to seminal paper @article{lamport2001paxos, title={Paxos made simple}, author={Lamport, Leslie}, journal={ACM Sigact News}, volume={32}, number={4}, pages={18--25}, year={2001} } % Important since it mentions other approaches % to the bulletin board stuff. @mastersthesis{peters2005secure, type={Master's Thesis}, title={A Secure Bulletin Board}, author={Peters, RA}, school={Technische Universiteit Eindhoven}, year={2005} } @Mastersthesis{dold2014crypto, author={Dold, Florian}, school={Technische Universit\"at M\"unchen}, type={Bachelor's Thesis}, title={Cryptographically Secure, Distributed Electronic Voting}, year={2014} } @inproceedings{pedersen1991threshold, title={A threshold cryptosystem without a trusted party}, author={Pedersen, Torben Pryds}, booktitle={Advances in Cryptology—EUROCRYPT’91}, pages={522--526}, year={1991}, organization={Springer} } @Inbook{fouque2001one, author="Fouque, Pierre-Alain and Stern, Jacques", editor="Kim, Kwangjo", title="One Round Threshold Discrete-Log Key Generation without Private Channels", bookTitle="Public Key Cryptography: 4th International Workshop on Practice and Theory in Public Key Cryptosystems, PKC 2001 Cheju Island, Korea, February 13--15, 2001 Proceedings", year="2001", publisher="Springer Berlin Heidelberg", address="Berlin, Heidelberg", pages="300--316", abstract="Pedersen designed the first scheme for generating Discrete- Log keys without any trusted dealer in 1991. As this protocol is simple and efficient, it appeared to be very attractive. For a long time, this robust algorithm has been trusted as being secure. However, in 1999, Gennaro et al. proved that one of the requirements is not guaranteed : more precisely, the property that the key is uniformly distributed in the key space. Their main objective was to repair the security flaw without sacrificing on efficiency. As a result, the protocol became secure but somehow unpractical. In particular, the ``complaint phase'', in which cheaters are thrown out, makes the scheme overly complex and difficult to deal with in practical situations. In order to avoid this phase and other drawbacks such as the initialization phase where private channels have to be created, we present a one round scheme which generates a discrete-log key with public channels only. Finally, we show how to improve the efficiency of our algorithm when the number of servers increases.", isbn="978-3-540-44586-9", doi="10.1007/3-540-44586-2_22", url="https://doi.org/10.1007/3-540-44586-2_22" } @incollection{aguilera2010stumbling, author = {Aguilera, Marcos K.}, chapter = {Stumbling over Consensus Research: Misunderstandings and Issues}, title = {Replication}, editor = {Charron-Bost, Bernadette and Pedone, Fernando and Schiper, Andr{\'e}}, year = {2010}, %isbn = {3-642-11293-5, 978-3-642-11293-5}, pages = {59--72}, numpages = {14}, url = {http://dl.acm.org/citation.cfm?id=2172338.2172342}, acmid = {2172342}, publisher = {Springer-Verlag}, address = {Berlin, Heidelberg}, } % Good overview of (some) complexity results @article{coan1992modular, title={Modular construction of a Byzantine agreement protocol with optimal message bit complexity}, author={Coan, Brian A and Welch, Jennifer L}, journal={Information and Computation}, volume={97}, number={1}, pages={61--85}, year={1992}, publisher={Elsevier} } % good intro and thoughts on paxos / pbft @article{martin2006fast, title={Fast byzantine consensus}, author={Martin, Jean-Philippe and Alvisi, Lorenzo}, journal={Dependable and Secure Computing, IEEE Transactions on}, volume={3}, number={3}, pages={202--215}, year={2006}, publisher={IEEE} } % Important, since it introduced it, according to ben2006byzantine @article{pease1980reaching, title={Reaching agreement in the presence of faults}, author={Pease, Marshall and Shostak, Robert and Lamport, Leslie}, journal={Journal of the ACM (JACM)}, volume={27}, number={2}, pages={228--234}, year={1980}, publisher={ACM} } @inproceedings{ben2006byzantine, title={Byzantine agreement in the full-information model in O (log n) rounds}, author={Ben-Or, Michael and Pavlov, Elan and Vaikuntanathan, Vinod}, booktitle={Proceedings of the thirty-eighth annual ACM symposium on Theory of computing}, pages={179--186}, year={2006}, organization={ACM} } % Seems like then best contender for % real async consensus @article{cachin2005random, title={Random oracles in Constantinople: Practical asynchronous Byzantine agreement using cryptography}, author={Cachin, Christian and Kursawe, Klaus and Shoup, Victor}, journal={Journal of Cryptology}, volume={18}, number={3}, pages={219--246}, year={2005}, publisher={Springer} } % Seems like THE citation for SMC @article{goldreich1998secure, title={Secure multi-party computation}, author={Goldreich, Oded}, journal={Manuscript. Preliminary version}, year={1998}, publisher={Citeseer} } @book{waldo1997note, title={A note on distributed computing}, author={Waldo, Jim and Wyant, Geoff and Wollrath, Ann and Kendall, Sam}, year={1997}, publisher={Springer} } % one synchronous link is enough ... % also has some nice reductions .... @INPROCEEDINGS{aguilera2004communication, author = {Marcos K. Aguilera and Carole Delporte-gallet and Hugues Fauconnier and Sam Toueg}, title = {Communication-efficient leader election and consensus with limited link synchrony}, booktitle = {In PODC}, year = {2004}, pages = {328--337}, publisher = {ACM Press} } @article{dolev1987minimal, title={On the minimal synchronism needed for distributed consensus}, author={Dolev, Danny and Dwork, Cynthia and Stockmeyer, Larry}, journal={Journal of the ACM (JACM)}, volume={34}, number={1}, pages={77--97}, year={1987}, publisher={ACM} } @inproceedings{reiter1995rampart, author = {Reiter, Michael K.}, title = {The Rampart Toolkit for Building High-Integrity Services}, booktitle = {Selected Papers from the International Workshop on Theory and Practice in Distributed Systems}, year = {1995}, isbn = {3-540-60042-6}, pages = {99--110}, numpages = {12}, url = {http://dl.acm.org/citation.cfm?id=647369.723763}, acmid = {723763}, publisher = {Springer-Verlag}, address = {London, UK, UK}, } @inproceedings{kihlstrom1998securering, author = {Kihlstrom, Kim Potter and Moser, L. E. and Melliar-Smith, P. M.}, title = {The SecureRing Protocols for Securing Group Communication}, booktitle = {Proceedings of the Thirty-First Annual Hawaii International Conference on System Sciences - Volume 3}, series = {HICSS '98}, year = {1998}, isbn = {0-8186-8239-6}, pages = {317--}, url = {http://dx.doi.org/10.1109/HICSS.1998.656294}, doi = {10.1109/HICSS.1998.656294}, acmid = {798823}, publisher = {IEEE Computer Society}, address = {Washington, DC, USA}, } @article{minsky2003set, title={Set reconciliation with nearly optimal communication complexity}, author={Minsky, Yaron and Trachtenberg, Ari and Zippel, Richard}, journal={Information Theory, IEEE Transactions on}, volume={49}, number={9}, pages={2213--2218}, year={2003}, publisher={IEEE} } @article{bloom1970space, title={Space/time trade-offs in hash coding with allowable errors}, author={Bloom, Burton H}, journal={Communications of the ACM}, volume={13}, number={7}, pages={422--426}, year={1970}, publisher={ACM} } @article{hadzilacos1994modular, title={A modular approach to fault-tolerant broadcasts and related problems}, author={Hadzilacos, Vassos and Toueg, Sam}, year={1994}, publisher={Cornell University, Department of Computer Science} } % problem: shared memory required @article{aspnes1998lower, title={Lower bounds for distributed coin-flipping and randomized consensus}, author={Aspnes, James}, journal={Journal of the ACM (JACM)}, volume={45}, number={3}, pages={415--450}, year={1998}, publisher={ACM} } % strong connection between SMC and consensus @Inbook{saia2015recent, author="Saia, Jared and Zamani, Mahdi", editor="Italiano, Giuseppe F. and Margaria-Steffen, Tiziana and Pokorn{\'y}, Jaroslav and Quisquater, Jean-Jacques and Wattenhofer, Roger", title="Recent Results in Scalable Multi-Party Computation", bookTitle="SOFSEM 2015: Theory and Practice of Computer Science: 41st International Conference on Current Trends in Theory and Practice of Computer Science, Pec pod Sn{\v{e}}{\v{z}}kou, Czech Republic, January 24-29, 2015. Proceedings", year="2015", publisher="Springer Berlin Heidelberg", address="Berlin, Heidelberg", pages="24--44", abstract="Secure multi-party computation (MPC) allows multiple parties to compute a known function over inputs held by each party, without any party having to reveal its private input. Unfortunately, traditional MPC algorithms do not scale well to large numbers of parties. In this paper, we describe several recent MPC algorithms that are designed to handle large networks. All of these algorithms rely on recent techniques from the Byzantine agreement literature on forming and using quorums. Informally, a quorum is a small set of parties, most of which are trustworthy. We describe the advantages and disadvantages of these scalable algorithms, and we propose new ideas for improving practicality of current techniques. Finally, we conduct simulations to measure bandwidth cost for several current MPC algorithms.", isbn="978-3-662-46078-8", doi="10.1007/978-3-662-46078-8_3", url="https://doi.org/10.1007/978-3-662-46078-8_3" } % argues that SMC does not need consensus. % some of the definitions (abort) look suspiciously % close to gradecasts @article{goldwasser2005secure, title={Secure multi-party computation without agreement}, author={Goldwasser, Shafi and Lindell, Yehuda}, journal={Journal of Cryptology}, volume={18}, number={3}, pages={247--287}, year={2005}, publisher={Springer} } % This one got a Dijkstra award in 2015, so I should cite it. @inproceedings{ben1983another, title={Another advantage of free choice (extended abstract): Completely asynchronous agreement protocols}, author={Ben-Or, Michael}, booktitle={Proceedings of the second annual ACM symposium on Principles of distributed computing}, pages={27--30}, year={1983}, organization={ACM} } % Another Dijkstra price, should be cited as % the main thing for failure detectors % Oh, but: Only crash-faults ... @article{chandra1996unreliable, title={Unreliable failure detectors for reliable distributed systems}, author={Chandra, Tushar Deepak and Toueg, Sam}, journal={Journal of the ACM (JACM)}, volume={43}, number={2}, pages={225--267}, year={1996}, publisher={ACM} } @incollection{bonomi2006improved, title={An improved construction for counting bloom filters}, author={Bonomi, Flavio and Mitzenmacher, Michael and Panigrahy, Rina and Singh, Sushil and Varghese, George}, booktitle={Algorithms--ESA 2006}, pages={684--695}, year={2006}, publisher={Springer} } % Very good overview of bloom filters and advanced % stuff you can do with them. @article{tarkoma2012theory, title={Theory and practice of bloom filters for distributed systems}, author={Tarkoma, Sasu and Rothenberg, Christian Esteve and Lagerspetz, Eemil}, journal={Communications Surveys \& Tutorials, IEEE}, volume={14}, number={1}, pages={131--155}, year={2012}, publisher={IEEE} } @article{neiger1994distributed, title={Distributed consensus revisited}, author={Neiger, Gil}, journal={Information Processing Letters}, volume={49}, number={4}, pages={195--201}, year={1994}, publisher={Elsevier} } @techreport{miller2014anonymous, title={Anonymous byzantine consensus from moderately-hard puzzles: A model for bitcoin}, author={Miller, Andrew and LaViola Jr, Joseph J}, number={CS-TR-14-01}, year={2014}, month={4}, institution={University of Central Florida} } @inbook{garay2015bitcoin, author="Garay, Juan and Kiayias, Aggelos and Leonardos, Nikos", editor="Oswald, Elisabeth and Fischlin, Marc", title="The Bitcoin Backbone Protocol: Analysis and Applications", bookTitle="Advances in Cryptology - EUROCRYPT 2015: 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26-30, 2015, Proceedings, Part II", year="2015", publisher="Springer Berlin Heidelberg", address="Berlin, Heidelberg", pages="281--310", abstract="Bitcoin is the first and most popular decentralized cryptocurrency to date. In this work, we extract and analyze the core of the Bitcoin protocol, which we term the Bitcoin backbone, and prove two of its fundamental properties which we call common prefix and chain quality in the static setting where the number of players remains fixed. Our proofs hinge on appropriate and novel assumptions on the ``hashing power'' of the adversary relative to network synchronicity; we show our results to be tight under high synchronization.", isbn="978-3-662-46803-6", doi="10.1007/978-3-662-46803-6_10", url="https://doi.org/10.1007/978-3-662-46803-6_10" } @article{schwartz2014ripple, title={The Ripple protocol consensus algorithm}, author={Schwartz, David and Youngs, Noah and Britto, Arthur}, journal={Ripple Labs Inc White Paper}, year={2014} } @mastersthesis {totakura2013large, title = {Large Scale Distributed Evaluation of Peer-to-Peer Protocols}, volume = {Master of Science}, year = {2013}, month = {6}, pages = {76}, school = {Technische Universit\"at M\"unchen}, type = {Master's Thesis}, address = {Garching bei M\"unchen}, keywords = {emulation, GNUnet, large scale testing, protocol evaluation, testbed}, author = {Totakura, Sree Harsha} } @book{okasaki1999purely, author = {Okasaki, Chris}, title = {Purely Functional Data Structures}, year = {1998}, isbn = {0-521-63124-6}, publisher = {Cambridge University Press}, address = {New York, NY, USA}, } @inproceedings{attiya1984asynchronous, author = {Attiya, Chagit and Dolev, Danny and Gil, Joseph}, title = {Asynchronous Byzantine Consensus}, booktitle = {Proceedings of the Third Annual ACM Symposium on Principles of Distributed Computing}, series = {PODC '84}, year = {1984}, isbn = {0-89791-143-1}, location = {Vancouver, British Columbia, Canada}, pages = {119--133}, numpages = {15}, url = {http://doi.acm.org/10.1145/800222.806740}, doi = {10.1145/800222.806740}, acmid = {806740}, publisher = {ACM}, address = {New York, NY, USA}, } @article{deutsch1996gzip, title={GZIP file format specification version 4.3}, author={Deutsch, L Peter}, year={1996} } @inproceedings{polot2014cadet, author={B. Polot and C. Grothoff}, booktitle={2014 13th Annual Mediterranean Ad Hoc Networking Workshop (MED-HOC-NET)}, title={CADET: Confidential ad-hoc decentralized end-to-end transport}, year={2014}, pages={71-78}, keywords={Internet;ad hoc networks;computer network performance evaluation;computer network security;telecommunication network routing;telecommunication network topology;transport protocols;CADET;Internet-usage;ad-hoc wireless networks;authenticated data transfer;confidential ad-hoc decentralized end-to-end transport;confidential data transfer;decentralized networks;friend-to-friend networks;high-speed low-latency networks;network topologies;performance evaluation;restricted-route scenarios;transport protocol;Ad hoc networks;IP networks;Network topology;Peer-to-peer computing;Protocols;Routing;Topology}, doi={10.1109/MedHocNet.2014.6849107}, month={6}, } @book{benaloh1987verifiable, title={Verifiable secret-ballot elections}, author={Benaloh, Josh Daniel Cohen}, year={1987}, publisher={Yale University. Department of Computer Science} } @inproceedings{bessani2014state, title={State machine replication for the masses with BFT-SMaRt}, author={Bessani, Alysson and Sousa, Jo{\~a}o and Alchieri, Eduardo EP}, booktitle={Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on}, pages={355--362}, year={2014}, organization={IEEE} } @techreport{fischer1981lower, title={A lower bound for the time to assure interactive consistency}, author={Fischer, Michael J and Lynch, Nancy A}, year={1981}, institution={DTIC Document} } @article{de2001k, title={On k-set consensus problems in asynchronous systems}, author={De Prisco, Roberto and Malkhi, Dahlia and Reiter, Michael}, journal={Parallel and Distributed Systems, IEEE Transactions on}, volume={12}, number={1}, pages={7--21}, year={2001}, publisher={IEEE} } @inproceedings{malpani2000leader, author = {Malpani, Navneet and Welch, Jennifer L. and Vaidya, Nitin}, title = {Leader Election Algorithms for Mobile Ad Hoc Networks}, booktitle = {Proceedings of the 4th International Workshop on Discrete Algorithms and Methods for Mobile Computing and Communications}, series = {DIALM '00}, year = {2000}, isbn = {1-58113-301-4}, location = {Boston, Massachusetts, USA}, pages = {96--103}, numpages = {8}, url = {http://doi.acm.org/10.1145/345848.345871}, doi = {10.1145/345848.345871}, acmid = {345871}, publisher = {ACM}, address = {New York, NY, USA}, } @article{fischer1986easy, title={Easy impossibility proofs for distributed consensus problems}, author={Fischer, Michael J and Lynch, Nancy A and Merritt, Michael}, journal={Distributed Computing}, volume={1}, number={1}, pages={26--39}, year={1986}, publisher={Springer} } @inproceedings{Miller:2016:HBB:2976749.2978399, author = {Miller, Andrew and Xia, Yu and Croman, Kyle and Shi, Elaine and Song, Dawn}, title = {The Honey Badger of BFT Protocols}, booktitle = {Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security}, series = {CCS '16}, year = {2016}, isbn = {978-1-4503-4139-4}, location = {Vienna, Austria}, pages = {31--42}, numpages = {12}, url = {http://doi.acm.org/10.1145/2976749.2978399}, doi = {10.1145/2976749.2978399}, acmid = {2978399}, publisher = {ACM}, address = {New York, NY, USA}, keywords = {BFT, asynchronous, atomic broadcast, blockchain}, } @misc{cryptoeprint:2016:199, author = {Andrew Miller and Yu Xia and Kyle Croman and Elaine Shi and Dawn Song}, title = {The Honey Badger of BFT Protocols}, howpublished = {Cryptology ePrint Archive, Report 2016/199}, year = {2016}, note = {\url{http://eprint.iacr.org/2016/199}}, } @misc{cryptoeprint:2016:1067, author = {Ewa Syta and Philipp Jovanovic and Eleftherios Kokoris Kogias and Nicolas Gailly and Linus Gasser and Ismail Khoffi and Michael J. Fischer and Bryan Ford}, title = {Scalable Bias-Resistant Distributed Randomness}, howpublished = {Cryptology ePrint Archive, Report 2016/1067}, year = {2016}, note = {\url{http://eprint.iacr.org/2016/1067}, Accessed 22 Feb 2017}, } @article{abd2005fault, title={Fault-scalable Byzantine fault-tolerant services}, author={Abd-El-Malek, Michael and Ganger, Gregory R and Goodson, Garth R and Reiter, Michael K and Wylie, Jay J}, journal={ACM SIGOPS Operating Systems Review}, volume={39}, number={5}, pages={59--74}, year={2005}, publisher={ACM} } @inproceedings{kotla2007zyzzyva, author = {Kotla, Ramakrishna and Alvisi, Lorenzo and Dahlin, Mike and Clement, Allen and Wong, Edmund}, title = {Zyzzyva: Speculative Byzantine Fault Tolerance}, booktitle = {Proceedings of Twenty-first ACM SIGOPS Symposium on Operating Systems Principles}, series = {SOSP '07}, year = {2007}, isbn = {978-1-59593-591-5}, location = {Stevenson, Washington, USA}, pages = {45--58}, numpages = {14}, url = {http://doi.acm.org/10.1145/1294261.1294267}, doi = {10.1145/1294261.1294267}, acmid = {1294267}, publisher = {ACM}, address = {New York, NY, USA}, keywords = {byzantine fault tolerance, output commit, replication, speculative execution}, } @article{nakamoto2008bitcoin, title={Bitcoin: A peer-to-peer electronic cash system}, author={Nakamoto, Satoshi}, journal={Consulted}, volume={1}, number={2012}, pages={28}, year={2008} } @incollection{rink2013mixed, year={2013}, isbn={978-3-642-35842-5}, booktitle={SOFSEM 2013: Theory and Practice of Computer Science}, volume={7741}, series={Lecture Notes in Computer Science}, editor={van Emde Boas, Peter and Groen, FransC.A. and Italiano, GiuseppeF. and Nawrocki, Jerzy and Sack, Harald}, doi={10.1007/978-3-642-35843-2_31}, title={Mixed Hypergraphs for Linear-Time Construction of Denser Hashing-Based Data Structures}, url={http://dx.doi.org/10.1007/978-3-642-35843-2_31}, publisher={Springer Berlin Heidelberg}, author={Rink, Michael}, pages={356-368}, language={English} } @inproceedings{goodrich2011invertible, title={Invertible bloom lookup tables}, author={Goodrich, Michael T and Mitzenmacher, Michael}, booktitle={Communication, Control, and Computing (Allerton), 2011 49th Annual Allerton Conference on}, pages={792--799}, year={2011}, organization={IEEE} } @article{li2011theory, title={Theory and applications of b-bit minwise hashing}, author={Li, Ping and K{\"o}nig, Arnd Christian}, journal={Communications of the ACM}, volume={54}, number={8}, pages={101--109}, year={2011}, publisher={ACM} } @inproceedings{adida2008helios, author = {Adida, Ben}, title = {Helios: Web-based Open-audit Voting}, booktitle = {Proceedings of the 17th Conference on Security Symposium}, series = {SS'08}, year = {2008}, location = {San Jose, CA}, pages = {335--348}, numpages = {14}, url = {http://dl.acm.org/citation.cfm?id=1496711.1496734}, acmid = {1496734}, publisher = {USENIX Association}, address = {Berkeley, CA, USA}, } @article{desmedt1994threshold, title={Threshold cryptography}, author={Desmedt, Yvo G}, journal={European Transactions on Telecommunications}, volume={5}, number={4}, pages={449--458}, year={1994}, publisher={Wiley Online Library} } @article{shamir1979share, title={How to share a secret}, author={Shamir, Adi}, journal={Communications of the ACM}, volume={22}, number={11}, pages={612--613}, year={1979}, publisher={ACM} } % Cite some of the voting stuff % what else is there about set reconciliation? % Just another SMC protocol that requires agreement % on potentially large sets. @incollection{bogetoft2009secure, author = {Bogetoft, Peter and Christensen, Dan Lund and Damg{\aa}rd, Ivan and Geisler, Martin and Jakobsen, Thomas and Kr{\o}igaard, Mikkel and Nielsen, Janus Dam and Nielsen, Jesper Buus and Nielsen, Kurt and Pagter, Jakob and Schwartzbach, Michael and Toft, Tomas}, chapter = {Secure Multiparty Computation Goes Live}, title = {Financial Cryptography and Data Security}, editor = {Dingledine, Roger and Golle, Philippe}, year = {2009}, isbn = {978-3-642-03548-7}, pages = {325--343}, numpages = {19}, url = {http://dx.doi.org/10.1007/978-3-642-03549-4_20}, doi = {10.1007/978-3-642-03549-4_20}, acmid = {1602018}, publisher = {Springer-Verlag}, address = {Berlin, Heidelberg}, } @inproceedings{evans2012efficient, title={Efficient and secure decentralized network size estimation}, author={Evans, Nathan and Polot, Bartlomiej and Grothoff, Christian}, booktitle={Proceedings of the 11th international IFIP TC 6 conference on Networking-Volume Part I}, pages={304--317}, year={2012}, organization={Springer-Verlag} } @misc{green2016bolt, author = {Matthew Green and Ian Miers}, title = {Bolt: Anonymous Payment Channels for Decentralized Currencies}, howpublished = {Cryptology ePrint Archive, Report 2016/701}, year = {2016}, note = {\url{http://eprint.iacr.org/2016/701}}, } @inproceedings{3DSsucks, author = {Murdoch, Steven J. and Anderson, Ross}, title = {Verified by Visa and Mastercard Securecode: Or, How Not to Design Authentication}, booktitle = {Proceedings of the 14th International Conference on Financial Cryptography and Data Security}, series = {FC'10}, year = {2010}, %isbn = {3-642-14576-0, 978-3-642-14576-6}, location = {Tenerife, Spain}, pages = {336--342}, numpages = {7}, doi_url = {http://dx.doi.org/10.1007/978-3-642-14577-3_27}, doi = {10.1007/978-3-642-14577-3_27}, acmid = {2163598}, publisher = {Springer-Verlag}, address = {Berlin, Heidelberg}, url = {https://www.cl.cam.ac.uk/~rja14/Papers/fc10vbvsecurecode.pdf} } @Inbook{izabachene2013divisible, author="Izabach{\`e}ne, Malika and Libert, Beno{\^i}t", editor="Abdalla, Michel and Lange, Tanja", title="Divisible E-Cash in the Standard Model", bookTitle="Pairing-Based Cryptography -- Pairing 2012: 5th International Conference, Cologne, Germany, May 16-18, 2012, Revised Selected Papers", year="2013", publisher="Springer Berlin Heidelberg", address="Berlin, Heidelberg", pages="314--332", abstract="Off-line e-cash systems are the digital analogue of regular cash. One of the main desirable properties is anonymity: spending a coin should not reveal the identity of the spender and, at the same time, users should not be able to double-spend coins without being detected. Compact e-cash systems make it possible to store a wallet of O(2 L ) coins using O(L{\thinspace}+{\thinspace}$\lambda$) bits, where $\lambda$ is the security parameter. They are called divisible whenever the user has the flexibility of spending an amount of 2ℓ, for some ℓ{\thinspace}≤{\thinspace}L, more efficiently than by repeatedly spending individual coins. This paper presents the first construction of divisible e-cash in the standard model (i.e., without the random oracle heuristic). The scheme allows a user to obtain a wallet of 2 L coins by running a withdrawal protocol with the bank. Our construction is built on the traditional binary tree approach, where the wallet is organized in such a way that the monetary value of a coin depends on how deep the coin is in the tree.", isbn="978-3-642-36334-4", doi="10.1007/978-3-642-36334-4_20", url="https://doi.org/10.1007/978-3-642-36334-4_20" } @Inbook{pointcheval1996provably, author="Pointcheval, David and Stern, Jacques", editor="Kim, Kwangjo and Matsumoto, Tsutomu", title="Provably secure blind signature schemes", bookTitle="Advances in Cryptology --- ASIACRYPT '96: International Conference on the Theory and Applications of Cryptology and Information Security Kyongju, Korea, November 3--7, 1996 Proceedings", year="1996", publisher="Springer Berlin Heidelberg", address="Berlin, Heidelberg", pages="252--265", abstract="In this paper, we give a provably secure design for blind signatures, the most important ingredient for anonymity in off-line electronic cash systems. Previous examples of blind signature schemes were constructed from traditional signature schemes with only the additional proof of blindness. The design of some of the underlying signature schemes can be validated by a proof in the so-called random oracle model, but the security of the original signature scheme does not, by itself, imply the security of the blind version. In this paper, we first propose a definition of security for blind signatures, with application to electronic cash. Next, we focus on a specific example which can be successfully transformed in a provably secure blind signature scheme.", isbn="978-3-540-70707-3", doi="10.1007/BFb0034852", url="https://doi.org/10.1007/BFb0034852" } @Article{bellare2003onemore, author="Bellare and Namprempre and Pointcheval and Semanko", title="The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme ", journal="Journal of Cryptology", year="2003", month={6}, day="01", volume="16", number="3", pages="185--215", abstract="We introduce a new class of computational problems which we call the ``one-more-RSA-inversion'' problems. Our main result is that two problems in this class, which we call the chosen-target and known-target inversion problems, respectively, have polynomially equivalent computational complexity. We show how this leads to a proof of security for Chaum's RSA-based blind signature scheme in the random oracle model based on the assumed hardness of either of these problems. We define and prove analogous results for ``one-more-discrete-logarithm'' problems. Since the appearence of the preliminary version of this paper, the new problems we have introduced have found other uses as well.", issn="1432-1378", doi="10.1007/s00145-002-0120-1", url="https://doi.org/10.1007/s00145-002-0120-1" } @InProceedings{fc2014murdoch, author = {Stephen Murdoch and Ross Anderson}, title = {Security Protocols and Evidence: Where Many Payment Systems Fail}, booktitle = {Financial Cryptography and Data Security}, year = {2014}, } @Inbook{pointcheval2017cut, author="Pointcheval, David and Sanders, Olivier and Traor{\'e}, Jacques", editor="Fehr, Serge", title="Cut Down the Tree to Achieve Constant Complexity in Divisible E-cash", bookTitle="Public-Key Cryptography -- PKC 2017: 20th IACR International Conference on Practice and Theory in Public-Key Cryptography, Amsterdam, The Netherlands, March 28-31, 2017, Proceedings, Part I", year="2017", publisher="Springer Berlin Heidelberg", address="Berlin, Heidelberg", pages="61--90", abstract="Divisible e-cash, proposed in 1991 by Okamoto and Ohta, addresses a practical concern of electronic money, the problem of paying the exact amount. Users of such systems can indeed withdraw coins of a large value N and then divide it into many pieces of any desired values {\$}{\$}V{\backslash}le N{\$}{\$} . Such a primitive therefore allows to avoid the use of several denominations or change issues. Since its introduction, many constructions have been proposed but all of them make use of the same framework: they associate each coin with a binary tree, which implies, at least, a logarithmic complexity for the spendings.", isbn="978-3-662-54365-8", doi="10.1007/978-3-662-54365-8_4", url="https://doi.org/10.1007/978-3-662-54365-8_4" } @Inbook{canard2015divisible, author="Canard, S{\'e}bastien and Pointcheval, David and Sanders, Olivier and Traor{\'e}, Jacques", editor="Katz, Jonathan", title="Divisible E-Cash Made Practical", bookTitle="Public-Key Cryptography -- PKC 2015: 18th IACR International Conference on Practice and Theory in Public-Key Cryptography, Gaithersburg, MD, USA, March 30 -- April 1, 2015, Proceedings", year="2015", publisher="Springer Berlin Heidelberg", address="Berlin, Heidelberg", pages="77--100", abstract="Divisible E-cash systems allow users to withdraw a unique coin of value {\$}{\$}2^n{\$}{\$} from a bank, but then to spend it in several times to distinct merchants. In such a system, whereas users want anonymity of their transactions, the bank wants to prevent, or at least detect, double-spending, and trace the defrauders. While this primitive was introduced two decades ago, quite a few (really) anonymous constructions have been introduced. In addition, all but one were just proven secure in the random oracle model, but still with either weak security models or quite complex settings and thus costly constructions. The unique proposal, secure in the standard model, appeared recently and is unpractical. As evidence, the authors left the construction of an efficient scheme secure in this model as an open problem.", isbn="978-3-662-46447-2", doi="10.1007/978-3-662-46447-2_4", url="https://doi.org/10.1007/978-3-662-46447-2_4" } @Inbook{camenisch2005compact, author="Camenisch, Jan and Hohenberger, Susan and Lysyanskaya, Anna", editor="Cramer, Ronald", title="Compact E-Cash", bookTitle="Advances in Cryptology -- EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005. Proceedings", year="2005", publisher="Springer Berlin Heidelberg", address="Berlin, Heidelberg", pages="302--321", isbn="978-3-540-32055-5", doi="10.1007/11426639_18", url="https://doi.org/10.1007/11426639_18" } @misc{maertens2015practical, author = {Patrick Märtens}, title = {Practical Compact E-Cash with Arbitrary Wallet Size}, howpublished = {Cryptology ePrint Archive, Report 2015/086}, year = {2015}, note = {\url{http://eprint.iacr.org/2015/086}}, } @Inbook{canard2015scalable, author="Canard, S{\'e}bastien and Pointcheval, David and Sanders, Olivier and Traor{\'e}, Jacques", editor="Malkin, Tal and Kolesnikov, Vladimir and Lewko, Allison Bishop and Polychronakis, Michalis", title="Scalable Divisible E-cash", bookTitle="Applied Cryptography and Network Security: 13th International Conference, ACNS 2015, New York, NY, USA, June 2-5, 2015, Revised Selected Papers", year="2015", publisher="Springer International Publishing", address="Cham", pages="287--306", abstract="Divisible E-cash has been introduced twenty years ago but no construction is both fully secure in the standard model and efficiently scalable. In this paper, we fill this gap by providing an anonymous divisible E-cash construction with constant-time withdrawal and spending protocols. Moreover, the deposit protocol is constant-time for the merchant, whatever the spent value is. It just has to compute and store {\$}{\$}2^l{\$}{\$} serial numbers when a value {\$}{\$}2^l{\$}{\$} is deposited, compared to {\$}{\$}2^n{\$}{\$} serial numbers whatever the spent amount (where {\$}{\$}2^n{\$}{\$} is the global value of the coin) in the recent state-of-the-art paper. This makes a very huge difference when coins are spent in several times.", isbn="978-3-319-28166-7", doi="10.1007/978-3-319-28166-7_14", url="https://doi.org/10.1007/978-3-319-28166-7_14" } @Inbook{okamoto1995efficient, author="Okamoto, Tatsuaki", editor="Coppersmith, Don", title="An Efficient Divisible Electronic Cash Scheme", bookTitle="Advances in Cryptology --- CRYPT0' 95: 15th Annual International Cryptology Conference Santa Barbara, California, USA, August 27--31, 1995 Proceedings", year="1995", publisher="Springer Berlin Heidelberg", address="Berlin, Heidelberg", pages="438--451", abstract="Recently, several ``divisible'' untraceable off-line electronic cash schemes have been presented [8, 11, 19, 20]. This paper presents the first practical ``divisible'' untraceable1 off-line cash scheme that is ``single-term''2 in which every procedure can be executed in the order of log N, where N is the precision of divisibility, i.e., N = (the total coin value)/(minimum divisible unit value). Therefore, our ``divisible'' off-line cash scheme is more efficient and practical than the previous schemes. For example, when N = 217 (e.g., the total value is about {\$} 1000, and the minimum divisible unit is 1 cent), our scheme requires only about 1 Kbyte of data be transfered from a customer to a shop for one payment and about 20 modular exponentiations for one payment, while all previous divisible cash schemes require more than several Kbytes of transfered data and more than 200 modular exponentiations for one payment.", isbn="978-3-540-44750-4", doi="10.1007/3-540-44750-4_35", url="https://doi.org/10.1007/3-540-44750-4_35" } @techreport{brands1993efficient, author = {Brands, Stefan A.}, title = {An Efficient Off-line Electronic Cash System Based On The Representation Problem.}, year = {1993}, source = {http://www.ncstrl.org:8900/ncstrl/servlet/search?formname=detail\&id=oai%3Ancstrlh%3Aercim_cwi%3Aercim.cwi%2F%2FCS-R9323}, publisher = {CWI (Centre for Mathematics and Computer Science)}, address = {Amsterdam, The Netherlands, The Netherlands}, } @inproceedings{tracz2001fair, author = {Tracz, Robert and Wrona, Konrad}, title = {Fair Electronic Cash Withdrawal and Change Return for Wireless Networks}, booktitle = {Proceedings of the 1st International Workshop on Mobile Commerce}, series = {WMC '01}, year = {2001}, isbn = {1-58113-376-6}, location = {Rome, Italy}, pages = {14--19}, numpages = {6}, url = {http://doi.acm.org/10.1145/381461.381464}, doi = {10.1145/381461.381464}, acmid = {381464}, publisher = {ACM}, address = {New York, NY, USA}, keywords = {electronic commerce, payment systems, wireless applications}, } @inproceedings{schoenmakers1997security, author = {Schoenmakers, Berry}, title = {Security Aspects of the Ecash(TM) Payment System}, booktitle = {State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography - Revised Lectures}, year = {1998}, isbn = {3-540-65474-7}, location = {Leuven, Belgium}, pages = {338--352}, numpages = {15}, url = {http://dl.acm.org/citation.cfm?id=647443.726912}, acmid = {726912}, publisher = {Springer-Verlag}, address = {London, UK, UK}, } @Inbook{chaum1983blind, author="Chaum, David", editor="Chaum, David and Rivest, Ronald L. and Sherman, Alan T.", title="Blind Signatures for Untraceable Payments", bookTitle="Advances in Cryptology: Proceedings of Crypto 82", year="1983", publisher="Springer US", address="Boston, MA", pages="199--203", abstract="Automation of the way we pay for goods and services is already underway, as can be seen by the variety and growth of electronic banking services available to consumers. The ultimate structure of the new electronic payments system may have a substantial impact on personal privacy as well as on the nature and extent of criminal use of payments. Ideally a new payments system should address both of these seemingly conflicting sets of concerns.", isbn="978-1-4757-0602-4", doi="10.1007/978-1-4757-0602-4_18", url="https://doi.org/10.1007/978-1-4757-0602-4_18" } @Inbook{chaum1990untraceable, author="Chaum, David and Fiat, Amos and Naor, Moni", editor="Goldwasser, Shafi", title="Untraceable Electronic Cash", bookTitle="Advances in Cryptology --- CRYPTO' 88: Proceedings", year="1990", publisher="Springer New York", address="New York, NY", pages="319--327", abstract="The use of credit cards today is an act of faith on the part of all concerned. Each party is vulnerable to fraud by the others, and the cardholder in particular has no protection against surveillance.", isbn="978-0-387-34799-8", doi="10.1007/0-387-34799-2_25", url="https://doi.org/10.1007/0-387-34799-2_25" } @INPROCEEDINGS{camenisch2007endorsed, author={J. Camenisch and A. Lysyanskaya and M. Meyerovich}, booktitle={2007 IEEE Symposium on Security and Privacy (SP '07)}, title={Endorsed E-Cash}, year={2007}, pages={101-115}, keywords={electronic money;protocols;e-cash;electronic cash scheme;fair exchange protocol;lightweight endorsement;onion routing;Authentication;Cryptographic protocols;Cryptography;Digital signatures;Explosions;Information security;Merchandise;Privacy;Routing}, doi={10.1109/SP.2007.15}, ISSN={1081-6011}, month={5}, } @inproceedings{danezis2016rscoin, author = {George Danezis and Sarah Meiklejohn}, title = {Centrally Banked Cryptocurrencies}, booktitle = {23nd Annual Network and Distributed System Security Symposium, {NDSS} 2016, San Diego, California, USA, February 21-24, 2016}, year = {2016}, publisher = {The Internet Society}, } @Misc{fatf1997, title = {FATF-IX report on money laundering typologies}, howpublished = {\url{http://www.fatf-gafi.org/media/fatf/documents/reports/1996\%201997\%20ENG.pdf}}, month = {2}, year = {1998}, } @article{bellare2003one, title={The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme.}, author={Bellare, Mihir and Namprempre, Chanathip and Pointcheval, David and Semanko, Michael}, journal={Journal of Cryptology}, volume={16}, number={3}, year={2003}, publisher={Springer} } @inbook{RSA-FDH-KTIvCTI, author="Bellare, Mihir and Namprempre, Chanathip and Pointcheval, David and Semanko, Michael", editor="Syverson, Paul", chapter="The Power of RSA Inversion Oracles and the Security of Chaum's RSA-Based Blind Signature Scheme", title="Financial Cryptography: 5th International Conference", year="2002", publisher="Springer", address="Berlin, Heidelberg", pages="319--338", isbn="978-3-540-46088-6", doi="10.1007/3-540-46088-8_25", url="https://www.di.ens.fr/~pointche/Documents/Papers/2001_fcA.pdf" } @misc{LightningNetwork, author = {Joseph Poon and Thaddeus Dryja}, title = {The Bitcoin Lightning Network: Scalable Off-Chain Instant Payments}, month = {1}, year = {2016}, note = {\url{https://lightning.network/lightning-network-paper.pdf}}, } @misc{RippleFined:FinCEN, author = {Steve Hudak}, title = {FinCEN Fines Ripple Labs Inc. in First Civil Enforcement Action Against a Virtual Currency Exchanger}, month = {5}, day = {5}, year = {2015}, note = {\url{https://www.fincen.gov/news/news-releases/fincen-fines-ripple-labs-inc-first-civil-enforcement-action-against-virtual}}, } @misc{RippleFined:ArsTechnica, author = {Megan Geuss}, title = {Cryptocurrency maker Ripple Labs fined \$700K for flouting financial regs. Virtual currency Wild West is done, registration as a Money Services Business required.}, month = {5}, day = {5}, year = {2015}, note = {\url{https://arstechnica.com/tech-policy/2015/05/cryptocurrency-maker-ripple-labs-fined-700k-for-flouting-financial-regs/}}, url_coindesk = {http://www.coindesk.com/fincen-fines-ripple-labs-700000-bank-secrecy-act/} } @misc{RippleFined:CoinDesk, author = {Stan Higgins}, title = {FinCEN Fines Ripple Labs for Bank Secrecy Act Violations}, month = {5}, day = {5}, year = {2015}, note = {\url{http://www.coindesk.com/fincen-fines-ripple-labs-700000-bank-secrecy-act/}}, } @misc{rfc6818, author="P. Yee", title="{Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile}", howpublished="RFC 6818 (Proposed Standard)", series="Internet Request for Comments", type="RFC", number="6818", pages="1--8", year=2013, month={1}, issn="2070-1721", publisher="RFC Editor", institution="RFC Editor", organization="RFC Editor", address="Fremont, CA, USA", url="https://www.rfc-editor.org/rfc/rfc6818.txt", key="RFC 6818", abstract={This document updates RFC 5280, the ``Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile''. This document changes the set of acceptable encoding methods for the explicitText field of the user notice policy qualifier and clarifies the rules for converting internationalized domain name labels to ASCII. This document also provides some clarifications on the use of self-signed certificates, trust anchors, and some updated security considerations. [STANDARDS-TRACK]}, keywords="", doi="10.17487/RFC6818", } @inproceedings{rivest2004peppercoin, title={Peppercoin micropayments}, author={Rivest, Ronald L}, booktitle={Financial Cryptography}, pages={2--8}, year={2004}, organization={Springer} } @inproceedings{Camenisch05compacte-cash, author = {Jan Camenisch and Susan Hohenberger and Anna Lysyanskaya}, title = {Compact e-cash}, booktitle = {In EUROCRYPT, volume 3494 of LNCS}, year = {2005}, pages = {302--321}, publisher = {Springer-Verlag}, url = {http://cs.brown.edu/~anna/papers/chl05-full.pdf}, url_citeseerx = {http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.136.4640} } @article{martens2015practical, title={Practical Divisible E-Cash.}, author={M{\"a}rtens, Patrick}, journal={IACR Cryptology ePrint Archive}, volume={2015}, pages={318}, year={2015} } @misc{Martens2015, title = {Practical Compact E-Cash with Arbitrary Wallet Size}, author = {Patrick M{\"a}rtens}, howpublished = {IACR Cryptology ePrint Archive 2015/086}, year = {2015}, note = {\url{http://eprint.iacr.org/2015/086}}, } @inproceedings{bensasson2014zerocash, author = {Eli Ben-Sasson and Alessandro Chiesa and Christina Garman and Matthew Green and Ian Miers and Eran Tromer and Madars Virza}, title = {Zerocash: Decentralized Anonymous Payments from Bitcoin}, booktitle = {IEEE Symposium on Security \& Privacy}, year = {2014}, } @book{molander1998cyberpayments, title={Cyberpayments and money laundering: Problems and promise}, author={Molander, Roger C and Mussington, David A and Mussington, David and Wilson, Peter A}, volume={965}, year={1998}, publisher={Rand Corporation} } @InProceedings{sander1999escrow, author = {Tomas Sander and Amnon Ta-Shma}, title = {On Anonymous Electronic Cash and Crime}, booktitle = {ISW'99}, year = {1999}, series = {LNCS 1729}, pages = {202--206}, } @inproceedings{stadler1995fair, title={Fair blind signatures}, author={Stadler, Markus and Piveteau, Jean-Marc and Camenisch, Jan}, booktitle={International Conference on the Theory and Applications of Cryptographic Techniques}, pages={209--219}, year={1995}, organization={Springer} } @Article{solms1992perfect, author = {Sebastiaan H. von Solms and David Naccache}, title = {On blind signatures and perfect crimes}, journal = {Computers \& Security}, year = {1992}, volume = {11}, number = {6}, pages = {581--583}, } @Misc{guardian2015cap, author = {Rupert Jones}, title = {Cap on card fees could lead to lower prices for consumers}, howpublished = {\url{http://www.theguardian.com/money/2015/jul/27/cap-on-card-fees-retailers}}, month = {7}, year = {2015}, } @Misc{crinkey2011rundle, author = {Guy Rundle}, title = {The humble credit card is now a political tool}, howpublished = {\url{http://www.crikey.com.au/2011/10/25/rundle-humble-credit-card-now-a-political-tool-just-ask-wikileaks/}}, month = {10}, year = {2011}, } @unpublished{cryptonote, author = {van Saberhagen, Nicolas}, month = {10}, posted-at = {2016-09-18 11:44:05}, priority = {2}, title = {{CryptoNote v 2.0}}, url = {https://cryptonote.org/whitepaper.pdf}, year = {2013} } @inproceedings{rupp2013p4r, title={P4R: Privacy-preserving pre-payments with refunds for transportation systems}, author={Rupp, Andy and Hinterw{\"a}lder, Gesine and Baldimtsi, Foteini and Paar, Christof}, booktitle={International Conference on Financial Cryptography and Data Security}, pages={205--212}, year={2013}, organization={Springer} } @inproceedings{dingledine2004tor, title = {Tor: The Second-Generation Onion Router}, author = {Roger Dingledine and Nick Mathewson and Paul Syverson}, booktitle = {Proceedings of the 13th USENIX Security Symposium}, year = {2004}, month = {8}, www_important = {1}, www_tags = {selected}, www_html_url = {https://www.torproject.org/svn/trunk/doc/design-paper/tor-design.html}, www_pdf_url = {https://www.torproject.org/svn/trunk/doc/design-paper/tor-design.pdf}, www_section = {Anonymous communication}, } @Misc{greece2015cash, author = {Reuters}, title = {Greek council recommends 60 euro limit on ATM withdrawals from Tuesday}, howpublished = {\url{http://www.reuters.com/article/2015/06/28/eurozone-greece-limits-idUSA8N0Z302P20150628}}, month = {6}, year = {2015}, } @Misc{france2015cash, author = {Heinz-Peter Bader}, title = {France steps up monitoring of cash payments to fight low-cost terrorism}, howpublished = {\url{http://www.reuters.com/article/2015/03/18/us-france-security-financing-idUSKBN0ME14720150318}}, month = {3}, year = {2015}, } @article{dent2008extensions, title={Extensions to Chaum's Blind Signature Scheme and OpenCoin Requirements}, author={Dent, AW and Paterson, KG and Wild, PR}, year={2008} } @article{dent2008preliminary, title={Preliminary Report on Chaum's Online E-Cash Architecture}, author={Dent, AW and Paterson, KG and Wild, PR}, journal={Royal Holloway, University of London}, year={2008} } @Misc{ibi2014, author = {{ibi research}}, title = {Digitalisierung der Gesellschaft 2014 --- Aktuelle Einsch\"atzungen und Trends}, howpublished = {\url{http://www.ecommerce-leitfaden.de/digitalisierung-der-gesellschaft-2014.html}}, year = {2014}, } @inproceedings{fujisaki-okamoto, title={Secure integration of asymmetric and symmetric encryption schemes}, author={Fujisaki, Eiichiro and Okamoto, Tatsuaki}, booktitle={Annual International Cryptology Conference}, pages={537--554}, year={1999}, organization={Springer} } @article{bernstein2012high, title={High-speed high-security signatures}, author={Bernstein, Daniel J and Duif, Niels and Lange, Tanja and Schwabe, Peter and Yang, Bo-Yin}, journal={Journal of Cryptographic Engineering}, volume={2}, number={2}, pages={77--89}, year={2012}, publisher={Springer} } @inproceedings{bernstein2006curve25519, title={Curve25519: new Diffie-Hellman speed records}, author={Bernstein, Daniel J}, booktitle={International Workshop on Public Key Cryptography}, pages={207--228}, year={2006}, organization={Springer} } @techreport{pagnia1999impossibility, title={On the impossibility of fair exchange without a trusted third party}, author={Pagnia, Henning and G{\"a}rtner, Felix C}, year={1999}, institution={Technical Report TUD-BS-1999-02, Darmstadt University of Technology, Department of Computer Science, Darmstadt, Germany} } @book{katz1996handbook, title={Handbook of applied cryptography}, author={Katz, Jonathan and Menezes, Alfred J and Van Oorschot, Paul C and Vanstone, Scott A}, year={1996}, publisher={CRC press} } % ===== PROVABLE SECURITY ===== % see also https://www.baigneres.net/downloads/2007_provable_security.pdf @article{koblitz2007another, title={Another look at" provable security"}, author={Koblitz, Neal and Menezes, Alfred J}, journal={Journal of Cryptology}, volume={20}, number={1}, pages={3--37}, year={2007}, publisher={Springer} } @incollection{pointcheval2005provable, title={Provable security for public key schemes}, author={Pointcheval, David}, booktitle={Contemporary cryptology}, pages={133--190}, year={2005}, publisher={Springer} } @article{shoup2004sequences, title={Sequences of games: a tool for taming complexity in security proofs.}, author={Shoup, Victor}, journal={IACR Cryptology ePrint Archive}, volume={2004}, pages={332}, year={2004} } @inproceedings{coron2000exact, title={On the exact security of full domain hash}, author={Coron, Jean-S{\'e}bastien}, booktitle={Annual International Cryptology Conference}, pages={229--235}, year={2000}, organization={Springer} } @inproceedings{damgaard2007proof, title={A “proof-reading” of some issues in cryptography}, author={Damg{\aa}rd, Ivan}, booktitle={International Colloquium on Automata, Languages, and Programming}, pages={2--11}, year={2007}, organization={Springer} } @article{koblitz2010brave, title={The brave new world of bodacious assumptions in cryptography}, author={Koblitz, Neal and Menezes, Alfred}, journal={Notices of the American Mathematical Society}, volume={57}, number={3}, pages={357--365}, year={2010} } @inproceedings{bellare1993random, title={Random oracles are practical: A paradigm for designing efficient protocols}, author={Bellare, Mihir and Rogaway, Phillip}, booktitle={Proceedings of the 1st ACM conference on Computer and communications security}, pages={62--73}, year={1993}, organization={ACM} } @article{koblitz2015random, title={The random oracle model: a twenty-year retrospective}, author={Koblitz, Neal and Menezes, Alfred J}, journal={Designs, Codes and Cryptography}, volume={77}, number={2-3}, pages={587--610}, year={2015}, publisher={Springer} } @article{canetti2004random, title={The random oracle methodology, revisited}, author={Canetti, Ran and Goldreich, Oded and Halevi, Shai}, journal={Journal of the ACM (JACM)}, volume={51}, number={4}, pages={557--594}, year={2004}, publisher={ACM} } @inproceedings{dreier2015formal, title={Formal analysis of e-cash protocols}, author={Dreier, Jannik and Kassem, Ali and Lafourcade, Pascal}, booktitle={e-Business and Telecommunications (ICETE), 2015 12th International Joint Conference on}, volume={4}, pages={65--75}, year={2015}, organization={IEEE} } @inproceedings{brickell1995trustee, title={Trustee-based Tracing Extensions to Anonymous Cash and the Making of Anonymous Change.}, author={Brickell, Ernest F and Gemmell, Peter and Kravitz, David W}, booktitle={SODA}, volume={95}, pages={457--466}, year={1995} } % ===== CRYPTO BASICS ===== @inproceedings{boneh1998decision, title={The decision diffie-hellman problem}, author={Boneh, Dan}, booktitle={International Algorithmic Number Theory Symposium}, pages={48--63}, year={1998}, organization={Springer} } @article{goldwasser1988digital, title={A digital signature scheme secure against adaptive chosen-message attacks}, author={Goldwasser, Shafi and Micali, Silvio and Rivest, Ronald L}, journal={SIAM Journal on Computing}, volume={17}, number={2}, pages={281--308}, year={1988}, publisher={SIAM} } @inproceedings{bellare1998relations, title={Relations among notions of security for public-key encryption schemes}, author={Bellare, Mihir and Desai, Anand and Pointcheval, David and Rogaway, Phillip}, booktitle={Annual International Cryptology Conference}, pages={26--45}, year={1998}, organization={Springer} } @inproceedings{blanchet2006automated, title={Automated security proofs with sequences of games}, author={Blanchet, Bruno and Pointcheval, David}, booktitle={Annual International Cryptology Conference}, pages={537--554}, year={2006}, organization={Springer} } @inproceedings{bellare2006code, title={Code-based game-playing proofs and the security of triple encryption}, author={Bellare, Mihir and Rogaway, Phillip}, booktitle={Advances in Cryptology--EUROCRYPT}, volume={4004}, pages={10}, year={2006} } @inproceedings{fischlin2009security, title={Security of blind signatures under aborts}, author={Fischlin, Marc and Schr{\"o}der, Dominique}, booktitle={International Workshop on Public Key Cryptography}, pages={297--316}, year={2009}, organization={Springer} } @incollection{lindell2017simulate, title={How to simulate it--a tutorial on the simulation proof technique}, author={Lindell, Yehuda}, booktitle={Tutorials on the Foundations of Cryptography}, pages={277--346}, year={2017}, publisher={Springer} } @book{guo2018introduction, title={Introduction to Security Reduction}, author={Guo, Fuchun and Susilo, Willy and Mu, Yi}, year={2018}, publisher={Springer} } @book{stallman2002essays, title={Free software, free society: Selected essays of Richard M. Stallman}, author={Stallman, Richard}, year={2002}, publisher={Lulu.com} } @misc{adyen2016global, title={The Global E-Commerce Payments Guide}, author={{Adyen}}, year={2016} } @article{paypers2016ecommerce, title={Ecommerce Payment Methods Report 2016}, author={Lupu, Sebastian and Mual, Melisande and van Stiphout, Mees}, year={2016} } @inproceedings{beikverdi2015trend, title={Trend of centralization in Bitcoin's distributed network}, author={Beikverdi, Alireza and Song, JooSeok}, booktitle={Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD), 2015 16th IEEE/ACIS International Conference on}, pages={1--6}, year={2015}, organization={IEEE} } @article{bohme2015bitcoin, title={Bitcoin: Economics, technology, and governance}, author={B{\"o}hme, Rainer and Christin, Nicolas and Edelman, Benjamin and Moore, Tyler}, journal={Journal of Economic Perspectives}, volume={29}, number={2}, pages={213--38}, year={2015} } @article{provos2007ghost, title={The Ghost in the Browser: Analysis of Web-based Malware.}, author={Provos, Niels and McNamee, Dean and Mavrommatis, Panayiotis and Wang, Ke and Modadugu, Nagendra and others}, journal={HotBots}, volume={7}, pages={4--4}, year={2007} } @misc{riksbank2017riksbank, title={The Riksbank’s e-krona project}, author={Riksbank, Sveriges}, year={2017}, publisher={Report} } @inproceedings{fuchsbauer2009transferable, title={Transferable constant-size fair e-cash}, author={Fuchsbauer, Georg and Pointcheval, David and Vergnaud, Damien}, booktitle={International Conference on Cryptology and Network Security}, pages={226--247}, year={2009}, organization={Springer} } @inproceedings{au2011electronic, title={Electronic cash with anonymous user suspension}, author={Au, Man Ho and Susilo, Willy and Mu, Yi}, booktitle={Australasian Conference on Information Security and Privacy}, pages={172--188}, year={2011}, organization={Springer} } @article{schroder2017security, title={Security of blind signatures revisited}, author={Schr{\"o}der, Dominique and Unruh, Dominique}, journal={Journal of Cryptology}, volume={30}, number={2}, pages={470--494}, year={2017}, publisher={Springer} } @inproceedings{camenisch2004signature, title={Signature schemes and anonymous credentials from bilinear maps}, author={Camenisch, Jan and Lysyanskaya, Anna}, booktitle={Annual International Cryptology Conference}, pages={56--72}, year={2004}, organization={Springer} } @article{paquin2011u, title={U-prove cryptographic specification v1. 1}, author={Paquin, Christian and Zaverucha, Greg}, journal={Technical Report, Microsoft Corporation}, year={2011} } @misc{next1999digicash, publisher={NEXT Magazine}, year={1999}, title={How DigiCash Blew Everything}, author={{Anonymous}} } @inproceedings{canard2007divisible, title={Divisible e-cash systems can be truly anonymous}, author={Canard, S{\'e}bastien and Gouget, Aline}, booktitle={Annual International Conference on the Theory and Applications of Cryptographic Techniques}, pages={482--497}, year={2007}, organization={Springer} } @inproceedings{canard2006handy, title={A handy multi-coupon system}, author={Canard, S{\'e}bastien and Gouget, Aline and Hufschmitt, Emeline}, booktitle={International Conference on Applied Cryptography and Network Security}, pages={66--81}, year={2006}, organization={Springer} } @Article{batten2018offline, author="Batten, Lynn and Yi, Xun", title="Off-line digital cash schemes providing untraceability, anonymity and change", journal="Electronic Commerce Research", year={2018}, month={1}, day={27}, issn="1572-9362", doi="10.1007/s10660-018-9289-8", url="https://doi.org/10.1007/s10660-018-9289-8" } @inproceedings{chaum1992wallet, title={Wallet databases with observers}, author={Chaum, David and Pedersen, Torben Pryds}, booktitle={Annual International Cryptology Conference}, pages={89--105}, year={1992}, organization={Springer} } @inproceedings{davida1997anonymity, title={Anonymity control in e-cash systems}, author={Davida, George and Frankel, Yair and Tsiounis, Yiannis and Yung, Moti}, booktitle={International Conference on Financial Cryptography}, pages={1--16}, year={1997}, organization={Springer} } @inproceedings{chaum1989efficient, title={Efficient offline electronic checks}, author={Chaum, David and den Boer, Bert and van Heyst, Eug{\`e}ne and Mj{\o}lsnes, Stig and Steenbeek, Adri}, booktitle={Workshop on the theory and application of of cryptographic techniques}, pages={294--301}, year={1989}, organization={Springer} } @article{pointcheval2000security, title={Security arguments for digital signatures and blind signatures}, author={Pointcheval, David and Stern, Jacques}, journal={Journal of cryptology}, volume={13}, number={3}, pages={361--396}, year={2000}, publisher={Springer} } @inproceedings{damgaard1988payment, title={Payment systems and credential mechanisms with provable security against abuse by individuals}, author={Damg{\aa}rd, Ivan Bjerre}, booktitle={Conference on the Theory and Application of Cryptography}, pages={328--335}, year={1988}, organization={Springer} } @inproceedings{haber1990time, title={How to time-stamp a digital document}, author={Haber, Stuart and Stornetta, W Scott}, booktitle={Conference on the Theory and Application of Cryptography}, pages={437--455}, year={1990}, organization={Springer} } @article{wust2017you, title={Do you need a Blockchain?}, author={W{\"u}st, Karl and Gervais, Arthur}, journal={IACR Cryptology ePrint Archive}, volume={2017}, pages={375}, year={2017} } @inproceedings{pedersen1996electronic, title={Electronic payments of small amounts}, author={Pedersen, Torben P}, booktitle={International Workshop on Security Protocols}, pages={59--68}, year={1996}, organization={Springer} } @article{poon2016bitcoin, title={The bitcoin lightning network: Scalable off-chain instant payments}, author={Poon, Joseph and Dryja, Thaddeus}, journal={draft version 0.5}, pages={14}, year={2016} } @misc{poon2017plasma, title={Plasma: Scalable autonomous smart contracts}, author={Poon, Joseph and Buterin, Vitalik}, howpublished={White paper}, year={2017} } @article{eyal2018majority, title={Majority is not enough: Bitcoin mining is vulnerable}, author={Eyal, Ittay and Sirer, Emin G{\"u}n}, journal={Communications of the ACM}, volume={61}, number={7}, pages={95--102}, year={2018}, publisher={ACM} } @inproceedings{vukolic2015quest, title={The quest for scalable blockchain fabric: Proof-of-work vs. BFT replication}, author={Vukoli{\'c}, Marko}, booktitle={International Workshop on Open Problems in Network Security}, pages={112--125}, year={2015}, organization={Springer} } @inproceedings{eyal2016bitcoin, title={Bitcoin-NG: A Scalable Blockchain Protocol.}, author={Eyal, Ittay and Gencer, Adem Efe and Sirer, Emin G{\"u}n and Van Renesse, Robbert}, booktitle={NSDI}, pages={45--59}, year={2016} } @inproceedings{bentov2016cryptocurrencies, title={Cryptocurrencies without proof of work}, author={Bentov, Iddo and Gabizon, Ariel and Mizrahi, Alex}, booktitle={International Conference on Financial Cryptography and Data Security}, pages={142--157}, year={2016}, organization={Springer} } @inproceedings{gilad2017algorand, title={Algorand: Scaling byzantine agreements for cryptocurrencies}, author={Gilad, Yossi and Hemo, Rotem and Micali, Silvio and Vlachos, Georgios and Zeldovich, Nickolai}, booktitle={Proceedings of the 26th Symposium on Operating Systems Principles}, pages={51--68}, year={2017}, organization={ACM} } @misc{kwon2014tendermint, title={Tendermint: Consensus without mining}, author={Kwon, Jae}, note={Draft v. 0.6, fall}, year={2014} } @misc{rocket2018snowflake, title={Snowflake to Avalanche: A Novel Metastable Consensus Protocol Family for Cryptocurrencies}, author={{Team Rocket}}, howpublished={IPFS}, year={2018} } @inproceedings{androulaki2018hyperledger, title={Hyperledger fabric: a distributed operating system for permissioned blockchains}, author={Androulaki, Elli and Barger, Artem and Bortnikov, Vita and Cachin, Christian and Christidis, Konstantinos and De Caro, Angelo and Enyeart, David and Ferris, Christopher and Laventman, Gennady and Manevich, Yacov and others}, booktitle={Proceedings of the Thirteenth EuroSys Conference}, pages={30}, year={2018}, organization={ACM} } @article{wood2014ethereum, title={Ethereum: A secure decentralised generalised transaction ledger}, author={Wood, Gavin}, journal={Ethereum project yellow paper}, volume={151}, pages={1--32}, year={2014} } @article{reijers2016governance, title={Governance in blockchain technologies \& social contract theories}, author={Reijers, Wessel and O'Brolch{\'a}in, Fiachra and Haynes, Paul}, journal={Ledger}, volume={1}, pages={134--151}, year={2016} } @article{levy2017book, title={Book-smart, not street-smart: blockchain-based smart contracts and the social workings of law}, author={Levy, Karen EC}, journal={Engaging Science, Technology, and Society}, volume={3}, pages={1--15}, year={2017} } @incollection{reid2013analysis, title={An analysis of anonymity in the bitcoin system}, author={Reid, Fergal and Harrigan, Martin}, booktitle={Security and privacy in social networks}, pages={197--223}, year={2013}, publisher={Springer} } @inproceedings{bonneau2014mixcoin, title={Mixcoin: Anonymity for Bitcoin with accountable mixes}, author={Bonneau, Joseph and Narayanan, Arvind and Miller, Andrew and Clark, Jeremy and Kroll, Joshua A and Felten, Edward W}, booktitle={International Conference on Financial Cryptography and Data Security}, pages={486--504}, year={2014}, organization={Springer} } @inproceedings{heilman2017tumblebit, title={TumbleBit: An untrusted Bitcoin-compatible anonymous payment hub}, author={Heilman, Ethan and Alshenibr, Leen and Baldimtsi, Foteini and Scafuro, Alessandra and Goldberg, Sharon}, booktitle={Network and Distributed System Security Symposium}, year={2017} } @inproceedings{sun2017ringct, title={RingCT 2.0: a compact accumulator-based (linkable ring signature) protocol for blockchain cryptocurrency monero}, author={Sun, Shi-Feng and Au, Man Ho and Liu, Joseph K and Yuen, Tsz Hon}, booktitle={European Symposium on Research in Computer Security}, pages={456--474}, year={2017}, organization={Springer} } @inproceedings{wahby2018doubly, title={Doubly-efficient zkSNARKs without trusted setup}, author={Wahby, Riad S and Tzialla, Ioanna and Shelat, Abhi and Thaler, Justin and Walfish, Michael}, booktitle={2018 IEEE Symposium on Security and Privacy (SP)}, pages={926--943}, year={2018}, organization={IEEE} } @article{ben2018scalable, title={Scalable, transparent, and post-quantum secure computational integrity}, author={Ben-Sasson, Eli and Bentov, Iddo and Horesh, Yinon and Riabzev, Michael}, journal={Cryptol. ePrint Arch., Tech. Rep}, volume={46}, pages={2018}, year={2018} } @inproceedings{garman2016accountable, title={Accountable privacy for decentralized anonymous payments}, author={Garman, Christina and Green, Matthew and Miers, Ian}, booktitle={International Conference on Financial Cryptography and Data Security}, pages={81--98}, year={2016}, organization={Springer} } @online{crockford_base32, author = {Crockford, Douglas}, title = {Base32 Encoding}, url = {https://www.crockford.com/wrmg/base32.html} } @misc{rfc4634, series = {Request for Comments}, number = 4634, howpublished = {RFC 4634}, publisher = {RFC Editor}, doi = {10.17487/RFC4634}, url = {https://rfc-editor.org/rfc/rfc4634.txt}, author = {Tony Hansen and Donald E. Eastlake 3rd}, title = {{US Secure Hash Algorithms (SHA and HMAC-SHA)}}, pagetotal = 108, year = 2006, month = aug, } @misc{rfc5869, series = {Request for Comments}, number = 5869, howpublished = {RFC 5869}, publisher = {RFC Editor}, doi = {10.17487/RFC5869}, url = {https://rfc-editor.org/rfc/rfc5869.txt}, author = {Dr. Hugo Krawczyk and Pasi Eronen}, title = {{HMAC-based Extract-and-Expand Key Derivation Function (HKDF)}}, pagetotal = 14, year = 2010, month = may, } @inproceedings{boldyreva2003threshold, title={Threshold signatures, multisignatures and blind signatures based on the gap-Diffie-Hellman-group signature scheme}, author={Boldyreva, Alexandra}, booktitle={International Workshop on Public Key Cryptography}, pages={31--46}, year={2003}, organization={Springer} } @article{zhang2018new, title={A New Post-Quantum Blind Signature From Lattice Assumptions}, author={Zhang, Pingyuan and Jiang, Han and Zheng, Zhihua and Hu, Peichu and Xu, Qiuliang}, journal={IEEE Access}, volume={6}, pages={27251--27258}, year={2018}, publisher={IEEE} } @article{brandt2006obtain, title={How to obtain full privacy in auctions}, author={Brandt, Felix}, journal={International Journal of Information Security}, volume={5}, number={4}, pages={201--216}, year={2006}, publisher={Springer} } @inproceedings{blanchet2007cryptoverif, title={CryptoVerif: Computationally sound mechanized prover for cryptographic protocols}, author={Blanchet, Bruno}, booktitle={Dagstuhl seminar “Formal Protocol Verification Applied}, volume={117}, year={2007} } @article{tolia2006quantifying, title={Quantifying interactive user experience on thin clients}, author={Tolia, Niraj and Andersen, David G and Satyanarayanan, Mahadev}, journal={Computer}, number={3}, pages={46--52}, year={2006}, publisher={IEEE} } @inproceedings{abe2000provably, title={Provably secure partially blind signatures}, author={Abe, Masayuki and Okamoto, Tatsuaki}, booktitle={Annual International Cryptology Conference}, pages={271--286}, year={2000}, organization={Springer} } @inproceedings{bellare1996exact, title={The exact security of digital signatures-How to sign with RSA and Rabin}, author={Bellare, Mihir and Rogaway, Phillip}, booktitle={International Conference on the Theory and Applications of Cryptographic Techniques}, pages={399--416}, year={1996}, organization={Springer} } @book{fielding2000architectural, title={Architectural styles and the design of network-based software architectures}, author={Fielding, Roy T and Taylor, Richard N}, volume={7}, year={2000}, publisher={University of California, Irvine Doctoral dissertation} } @article{rfc8259, author = {Tim Bray}, title = {The JavaScript Object Notation {(JSON)} Data Interchange Format}, journal = {{RFC}}, volume = {8259}, pages = {1--16}, year = {2017}, url = {https://doi.org/10.17487/RFC8259}, doi = {10.17487/RFC8259}, } @misc{rfc7049, series = {Request for Comments}, number = 7049, howpublished = {RFC 7049}, publisher = {RFC Editor}, doi = {10.17487/RFC7049}, url = {https://rfc-editor.org/rfc/rfc7049.txt}, author = {Carsten Bormann and Paul E. Hoffman}, title = {{Concise Binary Object Representation (CBOR)}}, pagetotal = 54, year = 2013, month = {10}, abstract = {The Concise Binary Object Representation (CBOR) is a data format whose design goals include the possibility of extremely small code size, fairly small message size, and extensibility without the need for version negotiation. These design goals make it different from earlier binary serializations such as ASN.1 and MessagePack.}, } @misc{rfc5246, series = {Request for Comments}, number = 5246, howpublished = {RFC 5246}, publisher = {RFC Editor}, doi = {10.17487/RFC5246}, url = {https://rfc-editor.org/rfc/rfc5246.txt}, author = {Eric Rescorla and Tim Dierks}, title = {{The Transport Layer Security (TLS) Protocol Version 1.2}}, pagetotal = 104, year = 2008, month = {8}, abstract = {This document specifies Version 1.2 of the Transport Layer Security (TLS) protocol. The TLS protocol provides communications security over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. {[}STANDARDS-TRACK{]}}, } @misc{rfc6454, series = {Request for Comments}, number = 6454, howpublished = {RFC 6454}, publisher = {RFC Editor}, doi = {10.17487/RFC6454}, url = {https://rfc-editor.org/rfc/rfc6454.txt}, author = {Adam Barth}, title = {{The Web Origin Concept}}, pagetotal = 20, year = 2011, month = {12}, abstract = {This document defines the concept of an "origin", which is often used as the scope of authority or privilege by user agents. Typically, user agents isolate content retrieved from different origins to prevent malicious web site operators from interfering with the operation of benign web sites. In addition to outlining the principles that underlie the concept of origin, this document details how to determine the origin of a URI and how to serialize an origin into a string. It also defines an HTTP header field, named "Origin", that indicates which origins are associated with an HTTP request. {[}STANDARDS-TRACK{]}}, } @misc{rfc6838, series = {Request for Comments}, number = 6838, howpublished = {RFC 6838}, publisher = {RFC Editor}, doi = {10.17487/RFC6838}, url = {https://rfc-editor.org/rfc/rfc6838.txt}, author = {Ned Freed and Dr. John C. Klensin and Tony Hansen}, title = {{Media Type Specifications and Registration Procedures}}, pagetotal = 32, year = 2013, month = {1}, abstract = {This document defines procedures for the specification and registration of media types for use in HTTP, MIME, and other Internet protocols. This memo documents an Internet Best Current Practice.}, } @misc{rfc7413, series = {Request for Comments}, number = 7413, howpublished = {RFC 7413}, publisher = {RFC Editor}, doi = {10.17487/RFC7413}, url = {https://rfc-editor.org/rfc/rfc7413.txt}, author = {Yuchung Cheng and Jerry Chu and Sivasankar Radhakrishnan and Arvind Jain}, title = {{TCP Fast Open}}, pagetotal = 26, year = 2014, month = {12}, abstract = {This document describes an experimental TCP mechanism called TCP Fast Open (TFO). TFO allows data to be carried in the SYN and SYN-ACK packets and consumed by the receiving end during the initial connection handshake, and saves up to one full round-trip time (RTT) compared to the standard TCP, which requires a three-way handshake (3WHS) to complete before data can be exchanged. However, TFO deviates from the standard TCP semantics, since the data in the SYN could be replayed to an application in some rare circumstances. Applications should not use TFO unless they can tolerate this issue, as detailed in the Applicability section.}, } @inproceedings{goldberg2007improving, title={Improving the robustness of private information retrieval}, author={Goldberg, Ian}, booktitle={Security and Privacy, 2007. SP'07. IEEE Symposium on}, pages={131--148}, year={2007}, organization={IEEE} } @article{persily2017election, title={The 2016 US Election: Can democracy survive the internet?}, author={Persily, Nathaniel}, journal={Journal of democracy}, volume={28}, number={2}, pages={63--76}, year={2017}, publisher={Johns Hopkins University Press} } @article{richet2016extortion, title={Extortion on the internet: the rise of crypto-ransomware}, author={Richet, Jean-Loup}, journal={Harvard}, year={2016} } @article{jawaheri2018small, title={When A Small Leak Sinks A Great Ship: Deanonymizing Tor Hidden Service Users Through Bitcoin Transactions Analysis}, author={Jawaheri, Husam Al and Sabah, Mashael Al and Boshmaf, Yazan and Erbad, Aimen}, journal={arXiv preprint arXiv:1801.07501}, year={2018} } @inproceedings{meiklejohn2013fistful, title={A fistful of bitcoins: characterizing payments among men with no names}, author={Meiklejohn, Sarah and Pomarole, Marjori and Jordan, Grant and Levchenko, Kirill and McCoy, Damon and Voelker, Geoffrey M and Savage, Stefan}, booktitle={Proceedings of the 2013 conference on Internet measurement conference}, pages={127--140}, year={2013}, organization={ACM} } @article{luu2016challenge, title={The challenge of Bitcoin pseudo-anonymity to computer forensics}, author={Luu, Jason and Imwinkelried, Edward J}, journal={Criminal Law Bulletin}, volume={52}, number={1}, year={2016} } @article{shrier2016blockchain, title={Blockchain \& infrastructure (identity, data security)}, author={Shrier, David and Wu, Weige and Pentland, Alex}, journal={Massachusetts Institute of Technology-Connection Science}, volume={1}, number={3}, year={2016} } @article{hsueh1997fault, title={Fault injection techniques and tools}, author={Hsueh, Mei-Chen and Tsai, Timothy K and Iyer, Ravishankar K}, journal={Computer}, volume={30}, number={4}, pages={75--82}, year={1997}, publisher={IEEE} } @incollection{lomne2011side, title={Side channel attacks}, author={Lomne, Victor and Dehaboui, A and Maurine, Philippe and Torres, L and Robert, M}, booktitle={Security trends for FPGAS}, pages={47--72}, year={2011}, publisher={Springer} } @misc{force2015money, title={Money laundering through the physical transportation of cash}, author={Force, Financial Action Task and East, Middle and Force, North Africa Financial Action Task}, year={2015}, publisher={October} } @article{hammer2018billion, title={The Billion-Dollar Bank Job}, author={Hammer, Joshua}, year={2018}, journal={The New York Times Magazine} } @book {mankiw2010macroeconomics, title = {Macroeconomics, 7th Edition}, year = {2010}, publisher = {Worth Publishers}, organization = {Worth Publishers}, author = {N.G. Mankiw} } @article{dold2017byzantine, author="Dold, Florian and Grothoff, Christian", title="Byzantine set-union consensus using efficient set reconciliation", journal="EURASIP Journal on Information Security", year="2017", month={7}, day="27", volume="2017", number="1", pages="14", issn="2510-523X", doi="10.1186/s13635-017-0066-3", url="https://doi.org/10.1186/s13635-017-0066-3" } @article{zandi2013impact, title={The impact of electronic payments on economic growth}, author={Zandi, Mark and Singh, Virendra and Irving, Justin}, journal={Moody’s Analytics: Economic and Consumer Credit Analytics}, volume={217}, year={2013} } @article{dalebrant2016monetary, title={The Monetary Policy Effects of Sweden’s Transition Towards a Cashless Society: An Econometric Analysis}, author={Dalebrant, Ther{\'e}se}, year={2016} } @article{singh2017does, title={Does easy availability of cash affect corruption? Evidence from a panel of countries}, author={Singh, Sunny Kumar and Bhattacharya, Kaushik}, journal={Economic Systems}, volume={41}, number={2}, pages={236--247}, year={2017}, publisher={Elsevier} } @book{voigt2017eu, title={The EU General Data Protection Regulation (GDPR)}, author={Voigt, Paul and Von dem Bussche, Axel}, volume={18}, year={2017}, publisher={Springer} } @inproceedings{garera2007framework, title={A framework for detection and measurement of phishing attacks}, author={Garera, Sujata and Provos, Niels and Chew, Monica and Rubin, Aviel D}, booktitle={Proceedings of the 2007 ACM workshop on Recurring malcode}, pages={1--8}, year={2007}, organization={ACM} } @inproceedings{sahin2010overview, title={An overview of business domains where fraud can take place, and a survey of various fraud detection techniques}, author={Sahin, Y and Duman, E}, booktitle={Proceedings of the 1st international symposium on computing in science and engineering, Aydin, Turkey}, year={2010} } @article{danezis2018blockmania, title={Blockmania: from Block DAGs to Consensus}, author={Danezis, George and Hrycyszyn, David}, journal={arXiv preprint arXiv:1809.01620}, year={2018} } @inproceedings{johnson2013users, title={Users get routed: Traffic correlation on Tor by realistic adversaries}, author={Johnson, Aaron and Wacek, Chris and Jansen, Rob and Sherr, Micah and Syverson, Paul}, booktitle={Proceedings of the 2013 ACM SIGSAC conference on Computer \& communications security}, pages={337--348}, year={2013}, organization={ACM} } @article{arner2018identity, title={The Identity Challenge in Finance: From Analogue Identity to Digitized Identification to Digital KYC Utilities}, author={Arner, Douglas W and Zetzsche, Dirk A and Buckley, Ross P and Barberis, Janos Nathan}, journal={European Banking Institute}, year={2018} } @inproceedings{zakai2011emscripten, title={Emscripten: an LLVM-to-JavaScript compiler}, author={Zakai, Alon}, booktitle={Proceedings of the ACM international conference companion on Object oriented programming systems languages and applications companion}, pages={301--312}, year={2011}, organization={ACM} } @inproceedings{mulazzani2013fast, title={Fast and reliable browser identification with javascript engine fingerprinting}, author={Mulazzani, Martin and Reschl, Philipp and Huber, Markus and Leithner, Manuel and Schrittwieser, Sebastian and Weippl, Edgar and Wien, FC}, booktitle={Web 2.0 Workshop on Security and Privacy (W2SP)}, volume={5}, year={2013}, organization={Citeseer} } @misc{sheets1998level, label={CSS}, title={{Cascading Style Sheets Level 2 Revision 1 (CSS 2.1) Specification}}, publisher={W3C}, year={2011}, editor={Bos, Bert} } @article{walch2019deconstructing, title={Deconstructing'Decentralization': Exploring the Core Claim of Crypto Systems}, author={Walch, Angela}, journal={Crypto Assets: Legal and Monetary Perspectives (OUP, forthcoming 2019)}, year={2019} } @inproceedings{goldwasser1982probabilistic, title={Probabilistic encryption \& how to play mental poker keeping secret all partial information}, author={Goldwasser, Shafi and Micali, Silvio}, booktitle={Proceedings of the fourteenth annual ACM symposium on Theory of computing}, pages={365--377}, year={1982}, organization={ACM} } @article{goldwasser1989knowledge, title={The knowledge complexity of interactive proof systems}, author={Goldwasser, Shafi and Micali, Silvio and Rackoff, Charles}, journal={SIAM Journal on computing}, volume={18}, number={1}, pages={186--208}, year={1989}, publisher={SIAM} }