Abstract
At Eurocrypt’ 94, Stefano D’Amiano and Giovanni Di Crescenzo presented a proto- col for untraceable electronic cash based on non-interactive zero-knowledge proofs of knowl- edge with preprocessing. It was supposed to be provably secure given this and a few other general cryptographic tools.
We show that this protocol nevertheless does not provide any untraceability and has some further weaknesses. We also break another “provably secure” system proposed by Di Crescenzo at CIAC 94.
This is the second case of problems with “provably secure” payment systems. Moreover, yet another system with this name tacitly solves a much weaker problem than the seminal paper by Chaum, Fiat, and Naor and most other “practical” papers in thisfield (de Santis and Persiano, STACS 92). We therefore identify some principal problems with definitions and proofs of such schemes, and sketch better ways to handle them.
on leave to IBM Zurich Research Laboratory, Rüschlikon.
Chapter PDF
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
94 Stefano D’Amiano, Giovanni Di Crescenzo: Methodology for Digital-Money Based on General Cryptographic Tools; Pre-proceeding of Eurocrypt’ 94, May 9–12, 1994, University of Perugia, Italy 151–162.
90 Hans van Antwerpen: Electronic Cash; Centre for Mathematics and Computer Science (CWI), Amsterdam, October 11, 1990.
91 Donald Beaver: Secure Multiparty Protocols and Zero Knowledge Proof Systems Tolerating a Faulty Minority; Journal of Cryptology 4/2 (1991) 75–122.
94 Stefan Brands: Electronic Cash Systems Based on The Representation Problem In Groups Of Prime Order, Crypto’ 93, LNCS 773, Springer-Verlag, Berlin 1994, 302–318.
83 David Chaum: Blind Signature System; Crypto’ 83, Plenum Press, New York 1984, 153.
85 David Chaum: Security without Identification: Transaction Systems to make Big Brother Obsolete; Communications of the ACM 28/10 (1985) 1030–1044.
89 David Chaum: Privacy Protected Payments — Unconditional Payer and/or Payee Untraceability; SMART CARD 2000: The Future of IC Cards, Proceedings of the IFIP WG 11.6 International Conference; Laxenburg (Austria), 19.–20. 10. 1987, North-Holland, Amsterdam 1989, 69–93.
90 David Chaum, Amos Fiat, Moni Naor: Untraceable Electronic Cash; Crypto’ 88, LNCS 403, Springer-Verlag, Berlin 1990, 319–327.
93 David Chaum, Torben P. Pedersen: Transferred Cash Grows in Size; Eurocrypt’ 92, LNCS 658, Springer-Verlag, Berlin 1993, 390–407.
94 Giovanni Di Crescenzo: A Non-Interactive Electronic Cash System; Proc. Italian Conference on Algorithms and Complexity, CIAC 94, LNCS 778, Springer-Verlag, Heidelberg 1994, 109–124.
90 Ivan Bjerre Damgård: Payment Systems and Credential Mechanisms with Provable Security Against Abuse by Individuals; Crypto’ 88, LNCS 403, Springer-Verlag, Berlin 1990, 328–335.
83 Shimon Even, Oded Goldreich, Yacov Yacobi: Electronic wallet; Crypto’ 83, Plenum Press, New York 1984, 383–386.
94 Niels Ferguson: Single Term Off-Line Coins; Eurocrypt’ 93, LNCS 765, Springer-Verlag, Berlin 1994, 318–328.
93 Matthew Franklin, Moti Yung: Secure and Efficient Off-Line Digital Money; 20th International Colloquium on Automata, Languages and Programming (ICALP), LNCS 700, Springer-Verlag, Heidelberg 1993, 265–276.
91 Silvio Micali, Phillip Rogaway: Secure Computation (Chapters 1–3); Laboratory for Computer Science, MIT, Cambridge, MA 02139, USA; distributed at Crypto’ 91.
91 Moni Naor: Bit Commitment Using Pseudorandomness; Journal of Cryptology 4/2 (1991) 151–158.
91 Tatsuaki Okamoto, Kazuo Ohta: How to Utilize the Randomness of Zero-Knowledge Proofs; Crypto’ 90, LNCS 537, Springer-Verlag, Berlin 1991, 465–475.
92 Tatsuaki Okamoto, Kazuo Ohta: Universal Electronic Cash; Crypto’ 91, LNCS 576, Springer Verlag, Berlin 1992, 324–337.
93 Birgit Pfitzmann: Sorting Out Signature Schemes; 1st ACM Conference on Computer and Communications Security, 3.–5.11.1993, Fairfax, acm press 1993, 74–85.
92 Birgit Pfitzmann, Michael Waidner: How to Break and Repair a “Provably Secure” Untraceable Payment System; Crypto’ 91, LNCS 576, Springer Verlag, Berlin 1992, 338–350.
92 Alfredo de Santis, Guiseppe Persiano: Communication Efficient Zero-Knowledge Proofs of Knowledge (With Applications to Electronic Cash); STACS 92, 9th Annual Symposium on Theoretical Aspects of Computer Science, LNCS 577, Springer-Verlag, Heidelberg 1992, 449–460.
82 Andrew C. Yao: Protocols for Secure Computations; 23rd Symposium on Foundations of Computer Science (FOCS) 1982, IEEE Computer Society, 1982, 160–164.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1995 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pfitzmann, B., Schunter, M., Waidner, M. (1995). How to Break Another “Provably Secure” Payment System. In: Guillou, L.C., Quisquater, JJ. (eds) Advances in Cryptology — EUROCRYPT ’95. EUROCRYPT 1995. Lecture Notes in Computer Science, vol 921. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-49264-X_10
Download citation
DOI: https://doi.org/10.1007/3-540-49264-X_10
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-59409-3
Online ISBN: 978-3-540-49264-1
eBook Packages: Springer Book Archive