Advertisement

Digital payment systems with passive anonymity-revoking trustees

  • Jan Camenisch
  • Ueli Maurer
  • Markus Stadler
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1146)

Abstract

Anonymity of the participants is an important requirement for some applications in electronic commerce, in particular for payment systems. Because anonymity could be in conflict with law enforcement, for instance in cases of blackmailing or money laundering, it has been proposed to design systems in which a trustee or a set of trustees can selectively revoke the anonymity of the participants involved in suspicious transactions. From an operational point of view, it can be an important requirement that such trustees are neither involved in payment transactions nor in the opening of an account, but only in case of a justified suspicion. In this paper we propose the first efficient anonymous digital payment systems satisfying this requirement. The described basic protocol for anonymity revocation can be used in on-line or off-line payment systems.

Keywords

Digital payment systems electronic money cryptography privacy anonymity revocation 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    D. Bleichenbacher and U. Maurer. Directed acyclic graphs, one-way functions and digital signature. In Y. Desmedt, editor, Advances in Cryptology — CRYPTO '94, volume 839 of Lecture Notes in Computer Science, pages 75–82. Springer Verlag Berlin, 1994.Google Scholar
  2. 2.
    S. Brands. An efficient off-line electronic cash system based on the representation problem. Technical Report CS-R9323, CWI, Apr. 1993.Google Scholar
  3. 3.
    S. Brands. Untraceable off-line cash in wallets with observers. In D. R. Stinson, editor, Advances in Cryptology — CRYPTO '93, volume 773 of Lecture Notes in Computer Science, pages 302–318, 1993.Google Scholar
  4. 4.
    E. Brickell, P. Gemmel, and D. Kravitz. Trustee-based tracing extensions to anonymous cash and the making of anonymous change. In Proceedings of the 6th Annual Symposium on Discrete Algorithms, pages pp 457–466, Jan. 1995.Google Scholar
  5. 5.
    J. Camenisch, J.-M. Piveteau, and M. Stadler. Blind signatures based on the discrete logaritm problem. In A. D. Santis, editor, Advances in Cryptology — EUROCRYPT '94, volume 950 of Lecture Notes in Computer Science, pages 428–432. Springer Verlag Berlin, 1994.Google Scholar
  6. 6.
    J. Camenisch, J.-M. Piveteau, and M. Stadler. An efficient payment system protecting privacy. In D. Gollmann, editor, Computer Security — ESORICS 94, volume 875 of Lecture Notes in Computer Science, pages 207–215. Springer Verlag, 1994.Google Scholar
  7. 7.
    J. Camenisch, J.-M. Piveteau, and M. Stadler. Faire Anonyme Zahlungssysteme. In F. Huber-Wäschle, H. Schauer, and P. Widmayer, editors, GISI 95, Informatik aktuell, pages 254–265. Springer Verlag Berlin, Sept. 1995.Google Scholar
  8. 8.
    J. Camenisch, J.-M. Piveteau, and M. Stadler. An efficient fair payment system. In 3rd ACM Conference on Computer and Communicatons Security, pages 88–94, New Delhi, Mar. 1996. acm press.Google Scholar
  9. 9.
    D. Chaum. Blind signature systems. In D. Chaum, editor, Advances in Cryptology — CRYPTO '83, page 153. Plenum, 1983.Google Scholar
  10. 10.
    D. Chaum. Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10):1030–1044, Oct. 1985.Google Scholar
  11. 11.
    D. Chaum, A. Fiat, and M. Naor. Untraceable electronic cash. In S. Goldwasser, editor, Advances in Cryptology — CRYPTO '88, volume 403 of Lecture Notes in Computer Science, pages 319–327. Springer Verlag, 1990.Google Scholar
  12. 12.
    D. Chaum and T. Pedersen. Wallet databases with observers. In E. F. Brickell, editor, Advances in Cryptology — CRYPTO '92, volume 740 of Lecture Notes in Computer Science, pages 89–105. Springer-Verlag, 1993.Google Scholar
  13. 13.
    M. Jakobsson and M. Yung. Revokable and versatile electronic money. In 3rd ACM Conference on Computer and Communicatons Security, pages 76–87, New Delhi, Mar. 1996. acm press.Google Scholar
  14. 14.
    R. Merkle. A certified digital signature. In G. Brassard, editor, Advances in Cryptology — CRYPTO '89, volume 435 of Lecture Notes in Computer Science, pages 218–238. Springer Verlag Berlin, 1990.Google Scholar
  15. 15.
    T. Okamoto. Provable secure and practical identification schemes and corresponding signature schemes. In E. F. Brickell, editor, Advances in Cryptology — CRYPTO '92, volume 740 of Lecture Notes in Computer Science, pages 31–53. Springer-Verlag, 1993.Google Scholar
  16. 16.
    C. P. Schnorr. Efficient signature generation for smart cards. Journal of Cryptology, 4(3):239–252, 1991.Google Scholar
  17. 17.
    M. Stadler. Cryptographic Protocols for Revocable Privacy. PhD Thesis, ETH Zürich, 1996. Diss. ETH No. 11651.Google Scholar
  18. 18.
    M. Stadler, J.-M. Piveteau, and J. Camenisch. Fair blind signatures. In L. C. Guillou and J.-J. Quisquater, editors, Advances in Cryptology — EUROCRYPT '95, volume 921 of Lecture Notes in Computer Science, pages 209–219. Springer Verlag, 1995.Google Scholar
  19. 19.
    S. von Solms and D. Naccache. On blind signatures and perfect crimes. Computer & Security, 11(6):581–583, 1992.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1996

Authors and Affiliations

  • Jan Camenisch
    • 1
  • Ueli Maurer
    • 1
  • Markus Stadler
    • 2
  1. 1.Department of Computer ScienceETH ZurichZurichSwitzerland
  2. 2.UBILABUnion Bank of SwitzerlandZurichSwitzerland

Personalised recommendations