Secure and Efficient Off-Line Digital Money (Extended Abstract)
ICALP '93 Proceedings of the 20th International Colloquium on Automata, Languages and Programming
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Disposable Zero-Knowledge Authentications and Their Applications to Untraceable Electronic Cash
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
An Efficient Divisible Electronic Cash Scheme
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Anonymous Communication and Anonymous Cash
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Efficient Electronic Money (Extended Abstract)
ASIACRYPT '94 Proceedings of the 4th International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
Proceedings of the International Workshop on Security Protocols
Electronic Lottery Tickets as Micropayments
FC '97 Proceedings of the First International Conference on Financial Cryptography
On the Continuum Between On-line and Off-line E-cash Systems - 1
FC '97 Proceedings of the First International Conference on Financial Cryptography
An Efficient Micropayment System Based on Probabilistic Polling
FC '97 Proceedings of the First International Conference on Financial Cryptography
Agora: a minimal distributed protocol for electronic commerce
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Distributed double spending prevention
Proceedings of the 15th international conference on Security protocols
Hi-index | 0.00 |
We analyze "coin-wallet" and "balance-wallet" under partial real-time audit, and compute upper bounds on theft due to the fact that not all the transactions are audited in real time, assuming that everything else is perfect. In particular, we assume that the audit regime holds for innocent players. Let v be the maximum allowed balance in a wallet, 0 ≤ µ ≤ 1 be the fraction of transactions that are audited in real time in an audit round that includes overall n transactions. Assume one unit transactions. We show that for µ ≪ µ-2 the upper bound on expected theft for coin-wallet is v/eµ2v-1 (which if v ≪ µ-2 becomes (eµ2 - 1)-1), while for plausible parameter choice the bound for a balance-wallet is O(exp(v2/n)). This last bound can become huge in some cases, implying that partial audit, while suitable for coin-wallets with low denomination coins, may be too risky for balance-wallet. Some implications to the design of anonymous and non-anonymous systems are discussed.