**diff options**

author | Jeffrey Burdges <burdges@gnunet.org> | 2017-08-21 17:21:29 +0200 |
---|---|---|

committer | Jeffrey Burdges <burdges@gnunet.org> | 2017-08-21 17:21:29 +0200 |

commit | f3ec5a77510b5f74d97e7b36f41ec1dd36a10adb (patch) | |

tree | f50191954766da767781858df405c9ab7375a472 /comparison | |

parent | b53d98f545684c8102718c3cda6bbbb9b2a44d08 (diff) | |

download | papers-f3ec5a77510b5f74d97e7b36f41ec1dd36a10adb.tar.gz papers-f3ec5a77510b5f74d97e7b36f41ec1dd36a10adb.tar.bz2 papers-f3ec5a77510b5f74d97e7b36f41ec1dd36a10adb.zip |

Descriptions

Diffstat (limited to 'comparison')

-rw-r--r-- | comparison/comparison.tex | 50 |

1 files changed, 27 insertions, 23 deletions

diff --git a/comparison/comparison.tex b/comparison/comparison.tex index ac8875f..e1e650e 100644 --- a/comparison/comparison.tex +++ b/comparison/comparison.tex @@ -34,9 +34,10 @@ \newcommand\Y{\ding{51}} % {\checkmark} \newcommand\N{\ding{55}} -\begin{tabular}{r|ccccHHcccccc} +\begin{tabular}{r|cccccHHcccccc} & \rot{Year} & +\rot{Implementation} & % \rot{Instant enforcement} & \rot{Robust anonymity} & @@ -55,7 +56,7 @@ \rot{Receipts \& Refunds} \\ \hline Digicash \cite{chaum1983,schoenmakers1997security} -& 1983 +& 1983 & P & \Y & \Y & \Y & \N & S & \N % & $\log n$ & $\log n$ @@ -63,7 +64,7 @@ Digicash \cite{chaum1983,schoenmakers1997security} & \N & \N \\ Offline Chaum \cite{chaum1990} -& 1990 +& 1990 & ? & \N & \N & %? & \N & S & \N % & $\log n$ & $\log n$ @@ -71,7 +72,7 @@ Offline Chaum \cite{chaum1990} & \N & \N \\ Tracz \cite{tracz2001} % HINDE -& 2001 +& 2001 & E & \Y & \Y & %? & \N & S & \N % & $\log n$ & $\log n$ @@ -79,7 +80,7 @@ Tracz \cite{tracz2001} % HINDE & ON & \N \\ Compact \cite{camenisch2005} -& 2005 +& 2005 & \N & \N & \N & %? & \N & S & \N % & $\log n$ & $\log n$ @@ -87,7 +88,7 @@ Compact \cite{camenisch2005} & OFF & \N % \\ % Martens \cite{maertens2015} -% & 2015 +% & 2015 & \N % & \N & \N & %? % & \N & S & \N % % & $\log n$ & $\log n$ @@ -95,7 +96,7 @@ Compact \cite{camenisch2005} % & OFF & \N \\ Divisible \cite{pointcheval2017} -& 2017 +& 2017 & \N & \N & \N & %? & \N & S & \N % & $\log n$ & $\log n$ @@ -103,21 +104,21 @@ Divisible \cite{pointcheval2017} & OFF & \N \\ Taler -& 2017 +& 2017 & FS & \Y & \Y & \Y & \N & S & \Y % & $\log n$ & $\log n$ & \Y & \Y & \N & ON & \Y % \\ -% Compact Taler +% Compact Taler & \N % & \Y & \Y & \Y % & \N & S & \Y % % & $\log n$ & $\log n$ % & \Y & \Y & W % & ON & \Y % \\ -% Divisible Taler +% Divisible Taler & \N % & \Y & \Y & \Y % & \N & S & \Y % % & $\log n$ & $\log n$ @@ -129,26 +130,28 @@ Taler \section{Criteria} \begin{itemize} + \item \textbf{Implementation.} + Is there an implementation? Is it proprietary (P), experimental (E), or Free Software (FS). \item \textbf{Instant enforcement.} + Is double spending detected immediately during spending? In the past, payment schemes needed to function even when neither - party had connectivity, which makes double spending unavoidable. + party had connectivity, which complicates double spending detection. To address this, anonymous payment schemes were designed to deanonymize the customer who double spent, but this approach makes anonymity extremely brittle and requires expensive debt collection - operations. + operations. Such schemes are only of academic interest today. \item \textbf{Robust anonymity.} - Anonymity is not trivially compromised by wallet spending errors, - including restoring from backups and certain targeted attacks. - Required for good operational security. + Is anonymity preserved preserved in the presence of interrupted + operations or restoration from backups? + % Required for good operational security. Inherently conflicts with offline double spending detection. % Exculpability under ... \item \textbf{Key expiration.} - How/when do keys expire. - How do users exchange old coins for new coins? + Can the exchange rotate key material without disrupting the operation + of customers' wallets? \item \textbf{Taxability.} - Is income transparent to the exchange? Do reliable transfers - among distrusting parties require that the exchange record the - transaction. + Is income transparent to the exchange? Do transfers among + distrusting parties require that the exchange record the transaction? % TODO: Expand definition and cite the successor papers to Zerocash/BOLT % that handle regulation? \item \textbf{Trustless anonymity.} @@ -164,16 +167,17 @@ Taler denominations or else the exchange's storage requirements would become unrealistic, but doing so \item \textbf{Cryptographic batching.} - Compact ECash schemes provide withdrawal operations that extract + Compact e-cash schemes provide withdrawal operations that extract many coins with one single withdrawal, reducing overall bandwidth for fixed denomination values, but not computation. %% VERIFY - Divisible ECash schemes batch both withdrawal and deposit operations, + Divisible e-cash schemes batch both withdrawal and deposit operations, providing greater bandwith reduction, and possibly computation reduction. These savings are limited however by the exchange's storage requirements, and divisible schemes depend upon trusted setup for their anonymity properties. \item \textbf{Change/Divisibility.} - Which mechanism is used for divisibility? (None/OFFline/ONline). + Is there partial spending? If so, is it handled by giving change + online (ON) or by divisible coins that support offline operation (OFF)? \item \textbf{Receipts \& Refunds.} The customer either can prove that they payed for a contract, or they can get their (unlinkable) money back, |