-----BEGIN PGP SIGNED MESSAGE----- I have two reports on new ideas for digital cash which I retrieved from Amsterdam. Both are in PostScript format. I have a hardcopy of the larger one kindly supplied by mail by the author, Stephen Brands. If there is any interest, I will bring both soft and hard-copies to the next Physical Meeting, which I presume will take place on the 2nd Sat of August, 8/8, noon, at Cygnus in Mtn. View. (I didn't see any announcement/agenda for the July meeting, but I understand it occurred anyway). Here are summaries of the reports: [Newsgroup sci.crypt] Post: 1070 of 1149 From: brands@cwi.nl (Stefan Brands) Newsgroups: sci.crypt Subject: * REPORT ON PRIVACY-PROTECTING OFF-LINE CASH AVAILABLE * Date: 19 Apr 93 14:37:17 GMT Organization: CWI, Amsterdam Lines: 60 I recently published a new privacy-protecting off-line electronic cash system as a technical report at CWI. Being a PhD-student at David Chaum's cryptography-group, our group has a long history in research in the field of privacy-protecting cash systems. The report is called CS-R9323.ps.Z, contains 77 pages, and can be retrieved from ftp.cwi.nl (192.16.184.180) from the directory pub/CWIreports/AA. The postscript-file is suitable for 300dpi laserprinters. ==================================================================== ABSTRACT (from coverpage): We present a new off-line electronic cash system based on a problem, called the representation problem, of which little use has been made in literature thus far. Our system is the first to be based entirely on discrete logarithms. Using the representation problem as a basic concept, some techniques are introduced that enable us to construct protocols for withdrawal and payment that do not use the cut and choose methodology of earlier systems. As a consequence, our cash system is much more efficient in both computation and communication complexity than any such system proposed previously. Another important aspect of our system concerns its provability. Contrary to previously proposed systems, its correctness can be mathematically proven to a very great extent. Specifically, if we make one plausible assumption concerning a single hash-function, the ability to break the system seems to imply that one can break the Diffie-Hellman problem. Our system offers a number of extensions that are hard to achieve in previously known systems. In our opinion the most interesting of these is that the entire cash system (including all the extensions) can be incorporated in a setting based on wallets with observers, which has the important advantage that double-spending can be prevented in the first place, rather than detecting the identity of a double-spender after the fact. In particular, it can be incorporated even under the most stringent requirements conceivable about the privacy of the user, which seems to be impossible to do with previously proposed systems. Another benefit of our system is that framing attempts by a bank have negligible probability of success (independent of computing power) by a simple mechanism from within the system, which is something that previous solutions lack entirely. Furthermore, the basic cash system can be extended to checks, multi-show cash and divisibility, while retaining its computational efficiency. ==================================================================== Cryptographers are challenged to try to break this system! I made a particular effort to keep the report as self-contained as possible. Nevertheless, if you have any questions, please e-mail to me and I will try to reply as good as I can. Any comments are also welcome! Stefan Brands, - -------------------------------------------------------- CWI, Kruislaan 413, 1098 SJ Amsterdam, The Netherlands Tel: +31 20 5924103, e-mail: brands@cwi.nl [Newsgroup alt.privacy] Post: 452 of 458 From: Niels Ferguson <Niels.Ferguson@cwi.nl> Newsgroups: alt.privacy,comp.society.privacy,alt.security,comp.security.announce,comp.security.misc,sci.crypt Subject: new Electronic Cash scheme: technical report available Date: 25 Jun 93 13:48:26 GMT Organization: Computer Privacy Digest Lines: 58 Approved: comp-privacy@pica.army.mil X-Submissions-To: comp-privacy@pica.army.mil X-Administrivia-To: comp-privacy-request@pica.army.mil X-Computer-Privacy-Digest: Volume 2, Issue 054, Message 4 of 4 New electronic cash system: report available by FTP. --------------------------------------------------- Electronic cash is the equivalent of paper cash in an electronic form. It has all the same basic properties as ordinary cash: It carries value, can be used to pay other people without contacting any central organization and is completely anonymous. Recent work at the CWI has resulted in significantly improved protocols for electronic cash. The following CWI technical report is now available by FTP: Title: Single Term Off-Line Coins Author: Niels Ferguson Report: CS-R9318 Site: ftp.cwi.nl directory:/pub/CWIreports/AA file: CS-R9318.ps.Z (compressed PostScript file) Abstract -------- We present a new construction for off-line electronic coins that is both far more efficient and much simpler than previous systems. Instead of using many terms, each for a single bit of the challenge, our system uses a single term for a large number of possible challenges. The withdrawal protocol does not use a cut-and-choose methodology as with earlier systems, but uses a direct construction. This report is slightly more extensive than the version that appeared in the pre-proceedings of EuroCrypt '93. If you are interested in this report, you might also be interested in a report by my colleague Stefan Brands entitled "An Efficient Off-line Electronic Cash System based on the Representation Problem". It can be found under the name "CS-R9323.ps.Z" in the same directory. Note: Followup set to sci.crypt Niels -------------------------------------------------#include<stddisclaimer>------ ... of shoes and ships and sealing-wax, of | Niels Ferguson cabbages and kings, and why the sea is boiling | CWI, Amsterdam, Netherlands hot, and whether pigs have wings ... | e-mail: niels@cwi.nl -----BEGIN PGP SIGNATURE----- Version: 2.3.2/EWS iQCVAgUBLEW2Wd4nNf3ah8DHAQFQIAP/eCwkHJzjINs+0GHpW/USH0mI/CZGbtlx wSCPZOHBfgboEOrttam/vz5SApghRHwraVcXYnCR+6cZaCkmdISkcZ8ISj6V/77w L5q992BR5SZ7vVV31lLjEgTTw8Va2n9y2ry6ubZCMF0j5nTZy44OOYIU5gLQDHhR fT0u8iwQY2s= =4CNQ -----END PGP SIGNATURE----- -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Cupertino, Ca