Wallet Databases with Observers

Extended Abstract
  • David Chaum
  • Torben Pryds Pedersen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 740)


Previously there have been essentially only two models for computers that people can use to handle ordinary consumer transactions: (1) the tamper-proof module, such as a smart card, that the person cannot modify or probe; and (2) the personal workstation whose inner working is totally under control of the individual. The first part of this article argues that a particular combination of these two kinds of mechanism can overcome the limitations of each alone, providing both security and correctness for organizations as well as privacy and even anonymity for individuals.

Then it is shown how this combined device, called a wallet, can carry a database containing personal information. The construction presented ensures that no single part of the device (i.e. neither the tamper-proof part nor the workstation) can learn the contents of the database — this information can only be recovered by the two parts together.


Smart Card Signature Scheme Blind Signature Blind Signature Scheme Probabilistic Encryption 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [CFN90]
    D. Chaum, A. Fiat, and M. Naor. Untraceable electronic cash. In Advances in Cryptology — proceedings of CRYPTO 88, Lecture Notes in Computer Science. pages 319–327. Springer-Verlag, 1990.CrossRefGoogle Scholar
  2. [Cha84]
    D. Chaum. Blind signature systems. In Advances in Cryptology — proceedings of CRYPTO 83, 1984.Google Scholar
  3. [FS87]
    A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In Advances in Cryptology — proceedings of EUROCRYPT 86, Lecture Notes in Computer Science, pages 186–194. Springer-Verlag, 1987.Google Scholar
  4. [FS90]
    U. Feige and A. Shamir. Witness indistinguishable and witness hiding protocols. In Proceedings of the 22nd Annual ACM Symposium on the Theory of Computing, pages 416–426, 1990.Google Scholar
  5. [GMR88]
    S. Goldwasser, S. Micali, and R. L. Rivest. A digital signature scheme secure against adaptive chosen message attack. SIAM Journal on Computing, 17(2):281–308, April 1988.CrossRefzbMATHMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1993

Authors and Affiliations

  • David Chaum
    • 1
  • Torben Pryds Pedersen
    • 2
  1. 1.CWIThe Netherlands
  2. 2.Aarhus UniversityDenmark

Personalised recommendations