Payment systems and credential mechanisms with provable security against abuse by individuals

Abstract

Payment systems and credential mechanisms are protocols allowing individuals to conduct a wide range of financial and social activities whde preventing even infinitely powerful and cooperating organizations from monitoring these activities. These concepts were invented and first studied by David Chaum. Clearly, such systems must also be secure against abuse by individuals (prevent them from showing credentials that have not been issued to them, etc.). In this work, we present constructions for which we can prove, that no individual can cheat successfully, unless he possesses an algorithm that contradicts a single plausible intractability assumption. This can be done while maintaining the unconditional security against abuse by organizations. Our construction will work using any general two-party computation protocol with unconditiond privacy for one party, and any signature scheme secure against adaptive chosen message attacks (these concepts are explained in more detail later). From the signature scheme by Bellare and Micali PeMi] and the multiparty computation protocol by Chaum, DamgArd and van de Grad [ChDaGr], it wlll be clear that both requirements can be met if pairs of claw free functions and trapdoor one-way permutations exist. This, in turn, is satisfied, for example if factoring Blum integers is a hard problem. For credential mechanisms, we obtain an additional advantage over one earlier proposals [ChEv], where a center trusted by the organizations (but not by individuals) was needed. This center possessed a '‘master’' secret allowing it to issue all types of credentials supported by the system. Moreover, the center had to be on-line permanently. In our construction, only an off-line center is needed, which only has to be trusted as far as validating the identity of each individual is concerned. Only organizations authorized to issue a given type of credential have the ability to compute them.