Wallet Databases with Observers
Previously there have been essentially only two models for computers that people can use to handle ordinary consumer transactions: (1) the tamper-proof module, such as a smart card, that the person cannot modify or probe; and (2) the personal workstation whose inner working is totally under control of the individual. The first part of this article argues that a particular combination of these two kinds of mechanism can overcome the limitations of each alone, providing both security and correctness for organizations as well as privacy and even anonymity for individuals.
Then it is shown how this combined device, called a wallet, can carry a database containing personal information. The construction presented ensures that no single part of the device (i.e. neither the tamper-proof part nor the workstation) can learn the contents of the database — this information can only be recovered by the two parts together.
- [Cha84]D. Chaum. Blind signature systems. In Advances in Cryptology — proceedings of CRYPTO 83, 1984.Google Scholar
- [FS87]A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In Advances in Cryptology — proceedings of EUROCRYPT 86, Lecture Notes in Computer Science, pages 186–194. Springer-Verlag, 1987.Google Scholar
- [FS90]U. Feige and A. Shamir. Witness indistinguishable and witness hiding protocols. In Proceedings of the 22nd Annual ACM Symposium on the Theory of Computing, pages 416–426, 1990.Google Scholar