[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-marketing] branch master updated: crypto backup slides
From: |
gnunet |
Subject: |
[taler-marketing] branch master updated: crypto backup slides |
Date: |
Sat, 27 Mar 2021 13:36:39 +0100 |
This is an automated email from the git hooks/post-receive script.
dold pushed a commit to branch master
in repository marketing.
The following commit(s) were added to refs/heads/master by this push:
new 1f11cb0 crypto backup slides
1f11cb0 is described below
commit 1f11cb043adeb663fbb960cc435774d13a8181ff
Author: Florian Dold <florian@dold.me>
AuthorDate: Sat Mar 27 13:35:53 2021 +0100
crypto backup slides
---
presentations/2021-crypto-barons/.gitignore | 10 +
presentations/2021-crypto-barons/blinded.pdf | Bin 0 -> 77688 bytes
presentations/2021-crypto-barons/cart.pdf | Bin 0 -> 1196 bytes
presentations/2021-crypto-barons/coin.pdf | Bin 0 -> 26179 bytes
presentations/2021-crypto-barons/coin_sign.pdf | Bin 0 -> 33693 bytes
presentations/2021-crypto-barons/contract.pdf | Bin 0 -> 45999 bytes
presentations/2021-crypto-barons/ct.pdf | Bin 0 -> 4899 bytes
presentations/2021-crypto-barons/decentralise.pdf | Bin 0 -> 47400 bytes
presentations/2021-crypto-barons/dh.pdf | Bin 0 -> 4904 bytes
presentations/2021-crypto-barons/dice.pdf | Bin 0 -> 21665 bytes
presentations/2021-crypto-barons/figs/Makefile | 15 +
presentations/2021-crypto-barons/figs/bank0a.png | Bin 0 -> 26902 bytes
presentations/2021-crypto-barons/figs/bank1.png | Bin 0 -> 53014 bytes
presentations/2021-crypto-barons/figs/bank1a.png | Bin 0 -> 56350 bytes
presentations/2021-crypto-barons/figs/bank1b.png | Bin 0 -> 34100 bytes
presentations/2021-crypto-barons/figs/bank2.png | Bin 0 -> 47896 bytes
presentations/2021-crypto-barons/figs/bank2a.png | Bin 0 -> 48220 bytes
presentations/2021-crypto-barons/figs/bank2b.png | Bin 0 -> 28513 bytes
presentations/2021-crypto-barons/figs/bank3.png | Bin 0 -> 45646 bytes
presentations/2021-crypto-barons/figs/bank3a.png | Bin 0 -> 59024 bytes
presentations/2021-crypto-barons/figs/bank3b.png | Bin 0 -> 40907 bytes
presentations/2021-crypto-barons/figs/bank4.png | Bin 0 -> 62697 bytes
presentations/2021-crypto-barons/figs/bank4a.png | Bin 0 -> 67867 bytes
presentations/2021-crypto-barons/figs/bank4b.png | Bin 0 -> 39949 bytes
presentations/2021-crypto-barons/figs/bitcoin.pdf | Bin 0 -> 28482 bytes
presentations/2021-crypto-barons/figs/bitcoin.pml | 37 +
presentations/2021-crypto-barons/figs/bitcoin.svg | 1 +
presentations/2021-crypto-barons/figs/cart.png | Bin 0 -> 116687 bytes
presentations/2021-crypto-barons/figs/cc3ds.pdf | Bin 0 -> 384189 bytes
presentations/2021-crypto-barons/figs/cc3ds.pml | 95 ++
presentations/2021-crypto-barons/figs/cc3ds.svg | 1 +
presentations/2021-crypto-barons/figs/contract.pdf | Bin 0 -> 36618 bytes
presentations/2021-crypto-barons/figs/contract.pml | 31 +
.../2021-crypto-barons/figs/fulfillment.png | Bin 0 -> 118355 bytes
presentations/2021-crypto-barons/figs/pay.png | Bin 0 -> 48973 bytes
presentations/2021-crypto-barons/figs/paypal.pdf | Bin 0 -> 182405 bytes
presentations/2021-crypto-barons/figs/paypal.pml | 64 ++
presentations/2021-crypto-barons/figs/paypal.svg | 1 +
.../2021-crypto-barons/figs/taler-402.html | 10 +
.../2021-crypto-barons/figs/taler-contract.html | 6 +
.../2021-crypto-barons/figs/taler-contract.json | 20 +
.../2021-crypto-barons/figs/taler-pay.pdf | Bin 0 -> 172900 bytes
.../2021-crypto-barons/figs/taler-pay.pml | 47 +
.../2021-crypto-barons/figs/taler-pay.svg | 1 +
.../2021-crypto-barons/figs/taler-presence-js.html | 9 +
.../2021-crypto-barons/figs/taler-withdraw.pdf | Bin 0 -> 126620 bytes
.../2021-crypto-barons/figs/taler-withdraw.pml | 37 +
.../2021-crypto-barons/figs/taler-withdraw.png | Bin 0 -> 36010 bytes
.../2021-crypto-barons/figs/taler-withdraw.svg | 1 +
presentations/2021-crypto-barons/gnu.pdf | Bin 0 -> 1744520 bytes
presentations/2021-crypto-barons/hammer.pdf | Bin 0 -> 9617 bytes
presentations/2021-crypto-barons/merchant-sign.pdf | Bin 0 -> 17994 bytes
.../2021-crypto-barons/merchant_propose.pdf | Bin 0 -> 19898 bytes
presentations/2021-crypto-barons/of.pdf | Bin 0 -> 1187608 bytes
presentations/2021-crypto-barons/planchet-sign.pdf | Bin 0 -> 31310 bytes
presentations/2021-crypto-barons/planchet.pdf | Bin 0 -> 16795 bytes
presentations/2021-crypto-barons/seal.pdf | Bin 0 -> 7368 bytes
presentations/2021-crypto-barons/shop.pdf | Bin 0 -> 9385 bytes
presentations/2021-crypto-barons/sign.pdf | Bin 0 -> 83153 bytes
presentations/2021-crypto-barons/slides.tex | 1063 +++++++++++++-------
.../2021-crypto-barons/taler-logo-2018.pdf | Bin 0 -> 7580 bytes
presentations/2021-crypto-barons/wcef.pdf | Bin 0 -> 5004107 bytes
62 files changed, 1076 insertions(+), 373 deletions(-)
diff --git a/presentations/2021-crypto-barons/.gitignore
b/presentations/2021-crypto-barons/.gitignore
new file mode 100644
index 0000000..fe7e33a
--- /dev/null
+++ b/presentations/2021-crypto-barons/.gitignore
@@ -0,0 +1,10 @@
+slides.aux
+slides.fdb_latexmk
+slides.log
+slides.nav
+slides.out
+slides.pdf
+slides.snm
+slides.toc
+slides.vrb
+slides.fls
diff --git a/presentations/2021-crypto-barons/blinded.pdf
b/presentations/2021-crypto-barons/blinded.pdf
new file mode 100644
index 0000000..86e0254
Binary files /dev/null and b/presentations/2021-crypto-barons/blinded.pdf differ
diff --git a/presentations/2021-crypto-barons/cart.pdf
b/presentations/2021-crypto-barons/cart.pdf
new file mode 100644
index 0000000..9443efe
Binary files /dev/null and b/presentations/2021-crypto-barons/cart.pdf differ
diff --git a/presentations/2021-crypto-barons/coin.pdf
b/presentations/2021-crypto-barons/coin.pdf
new file mode 100644
index 0000000..733e9e5
Binary files /dev/null and b/presentations/2021-crypto-barons/coin.pdf differ
diff --git a/presentations/2021-crypto-barons/coin_sign.pdf
b/presentations/2021-crypto-barons/coin_sign.pdf
new file mode 100644
index 0000000..1a0b9ae
Binary files /dev/null and b/presentations/2021-crypto-barons/coin_sign.pdf
differ
diff --git a/presentations/2021-crypto-barons/contract.pdf
b/presentations/2021-crypto-barons/contract.pdf
new file mode 100644
index 0000000..5bf2208
Binary files /dev/null and b/presentations/2021-crypto-barons/contract.pdf
differ
diff --git a/presentations/2021-crypto-barons/ct.pdf
b/presentations/2021-crypto-barons/ct.pdf
new file mode 100644
index 0000000..8899c0e
Binary files /dev/null and b/presentations/2021-crypto-barons/ct.pdf differ
diff --git a/presentations/2021-crypto-barons/decentralise.pdf
b/presentations/2021-crypto-barons/decentralise.pdf
new file mode 100644
index 0000000..021777a
Binary files /dev/null and b/presentations/2021-crypto-barons/decentralise.pdf
differ
diff --git a/presentations/2021-crypto-barons/dh.pdf
b/presentations/2021-crypto-barons/dh.pdf
new file mode 100644
index 0000000..578d207
Binary files /dev/null and b/presentations/2021-crypto-barons/dh.pdf differ
diff --git a/presentations/2021-crypto-barons/dice.pdf
b/presentations/2021-crypto-barons/dice.pdf
new file mode 100644
index 0000000..1907307
Binary files /dev/null and b/presentations/2021-crypto-barons/dice.pdf differ
diff --git a/presentations/2021-crypto-barons/figs/Makefile
b/presentations/2021-crypto-barons/figs/Makefile
new file mode 100644
index 0000000..bf5ac52
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/Makefile
@@ -0,0 +1,15 @@
+
+plantuml = plantuml
+
+%.svg : %.pml
+ $(plantuml) -tsvg $<
+
+%.pdf : %.pml
+ $(plantuml) -tpdf $<
+
+files = taler-pay.pml taler-withdraw.pml \
+cc3ds.pml contract.pml paypal.pml \
+bitcoin.pml
+
+all : $(files:.pml=.pdf) $(files:.pml=.svg)
+
diff --git a/presentations/2021-crypto-barons/figs/bank0a.png
b/presentations/2021-crypto-barons/figs/bank0a.png
new file mode 100644
index 0000000..b679304
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/bank0a.png
differ
diff --git a/presentations/2021-crypto-barons/figs/bank1.png
b/presentations/2021-crypto-barons/figs/bank1.png
new file mode 100644
index 0000000..84bc7a1
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/bank1.png
differ
diff --git a/presentations/2021-crypto-barons/figs/bank1a.png
b/presentations/2021-crypto-barons/figs/bank1a.png
new file mode 100644
index 0000000..b91adff
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/bank1a.png
differ
diff --git a/presentations/2021-crypto-barons/figs/bank1b.png
b/presentations/2021-crypto-barons/figs/bank1b.png
new file mode 100644
index 0000000..a3adfe4
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/bank1b.png
differ
diff --git a/presentations/2021-crypto-barons/figs/bank2.png
b/presentations/2021-crypto-barons/figs/bank2.png
new file mode 100644
index 0000000..126c9a0
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/bank2.png
differ
diff --git a/presentations/2021-crypto-barons/figs/bank2a.png
b/presentations/2021-crypto-barons/figs/bank2a.png
new file mode 100644
index 0000000..087cef9
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/bank2a.png
differ
diff --git a/presentations/2021-crypto-barons/figs/bank2b.png
b/presentations/2021-crypto-barons/figs/bank2b.png
new file mode 100644
index 0000000..eaa4ba4
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/bank2b.png
differ
diff --git a/presentations/2021-crypto-barons/figs/bank3.png
b/presentations/2021-crypto-barons/figs/bank3.png
new file mode 100644
index 0000000..3b79c04
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/bank3.png
differ
diff --git a/presentations/2021-crypto-barons/figs/bank3a.png
b/presentations/2021-crypto-barons/figs/bank3a.png
new file mode 100644
index 0000000..2d321a2
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/bank3a.png
differ
diff --git a/presentations/2021-crypto-barons/figs/bank3b.png
b/presentations/2021-crypto-barons/figs/bank3b.png
new file mode 100644
index 0000000..78e7637
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/bank3b.png
differ
diff --git a/presentations/2021-crypto-barons/figs/bank4.png
b/presentations/2021-crypto-barons/figs/bank4.png
new file mode 100644
index 0000000..56c32e1
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/bank4.png
differ
diff --git a/presentations/2021-crypto-barons/figs/bank4a.png
b/presentations/2021-crypto-barons/figs/bank4a.png
new file mode 100644
index 0000000..65f1868
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/bank4a.png
differ
diff --git a/presentations/2021-crypto-barons/figs/bank4b.png
b/presentations/2021-crypto-barons/figs/bank4b.png
new file mode 100644
index 0000000..fde59ab
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/bank4b.png
differ
diff --git a/presentations/2021-crypto-barons/figs/bitcoin.pdf
b/presentations/2021-crypto-barons/figs/bitcoin.pdf
new file mode 100644
index 0000000..c1c9b9c
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/bitcoin.pdf
differ
diff --git a/presentations/2021-crypto-barons/figs/bitcoin.pml
b/presentations/2021-crypto-barons/figs/bitcoin.pml
new file mode 100644
index 0000000..88707cd
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/bitcoin.pml
@@ -0,0 +1,37 @@
+# FROM: https://github.com/w3c/webpayments/tree/gh-pages/PaymentFlows
+
+@startuml
+!includeurl
https://raw.githubusercontent.com/w3c/webpayments/gh-pages/PaymentFlows/skin.ipml
+
+Database "Invoice Database" as DB
+Participant "Payee Website" as Website
+Database "Bitcoin Network" as Bitcoin
+Participant "Payer Wallet" as Wallet
+Actor "Payer (Browser)" as Payer
+
+title Bitcoin Payment Protocol (BIP70)
+
+Payer->Website: Request checkout with Bitcoin
+Website->Website: Generate Bitcoin address
+Website->DB: Store invoice details
+Website->Payer: Basket Page with bitcoin: pay link
+Payer->Payer: Click bitcoin: link
+Payer->Wallet: Wallet handles bitcoin: URL and extracts invoice URL
+Wallet->Website: Request invoice
+Website->DB: Get invoice details
+Website->Website: Create PaymentDetails (Amount, Memo, Ref#, Pay URL)
+Website->Website: Create PaymentRequest (Signed PaymentDetails)
+Website->Wallet: PaymentRequest containing PaymentDetails
+Wallet->Payer: Confirm payment details?
+Payer->Wallet: Accept payment
+Wallet->Wallet: Generate and sign payment
+Wallet->Website: Signed payment
+Website->Bitcoin: Submit payment
+Website->Wallet: Payment ACK
+Wallet->Payer: Confirm payment is complete
+loop until payment is confirmed
+ Bitcoin->Website: Latest confirmed transactions
+end
+
+
+@enduml
\ No newline at end of file
diff --git a/presentations/2021-crypto-barons/figs/bitcoin.svg
b/presentations/2021-crypto-barons/figs/bitcoin.svg
new file mode 100644
index 0000000..3f908b3
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/bitcoin.svg
@@ -0,0 +1 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?><svg
xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"
height="858px" style="width:1232px;height:858px;" version="1.1" viewBox="0 0
1232 858" width="1232px"><defs/><g><text fill="#000000" font-family="Lucida
Sans" font-size="14" font-weight="bold" lengthAdjust="spacingAndGlyphs"
textLength="258" x="491.75" y="22.9951">Bitcoin Payment Protocol
(BIP70)</text><rect fill="#FFFFFF" height="46.2656" style="strok [...]
\ No newline at end of file
diff --git a/presentations/2021-crypto-barons/figs/cart.png
b/presentations/2021-crypto-barons/figs/cart.png
new file mode 100644
index 0000000..58beb3b
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/cart.png
differ
diff --git a/presentations/2021-crypto-barons/figs/cc3ds.pdf
b/presentations/2021-crypto-barons/figs/cc3ds.pdf
new file mode 100644
index 0000000..ffca046
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/cc3ds.pdf
differ
diff --git a/presentations/2021-crypto-barons/figs/cc3ds.pml
b/presentations/2021-crypto-barons/figs/cc3ds.pml
new file mode 100644
index 0000000..2a2ba3c
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/cc3ds.pml
@@ -0,0 +1,95 @@
+# FROM: https://github.com/w3c/webpayments/tree/gh-pages/PaymentFlows
+
+@startuml
+
+Participant "Payee (Merchant) PSP [Acquirer]" as MPSP
+Participant "Payee (Merchant) [Acceptor] Site " as Payee
+Actor "Payer (Shopper) [Cardholder] Browser" as Payer
+participant "Browser Form Filler" as UA
+participant "Card Scheme Directory" as CSD
+participant "Issuing Bank [Issuer] Website" as CPSPW
+participant "Issuing Bank [Issuer]" as CPSP
+
+note over Payee, Payer: HTTPS
+
+title
+<b>Legacy Merchant Hosted Card Payment with Acquirer Supported 3DS
(Current)</b>
+
+<i>3DS is used to add confidence that the payer is who they say they are and
importantly in the event of a dispute liability shift to the Issuer.</i>
+end title
+
+== Establish Payment Obligation ==
+
+Payee->Payer: Present Check-out page with Pay Button
+Payer->Payer: Select Card Payment Method
+
+alt
+ UA->Payer: Form Fill
+' Note right: fields are PAN & Expiry Date with optional CVV, & Address,
Also Card Valid Date and Issue Number are required for some Schemes
+else
+ Payer->Payer: User Fills Form
+End
+
+== Card Payment Initiation ==
+
+Payer->Payee: Payment Initiation
+' Note right: Custom code on merchant webpage can encrypt payload to reduce
PCI burden from SAQ D to SAQ A-EP
+
+opt
+ Payee->Payee: Store Card
+' note right: Merchant can store card details apart from CVV (even if
encrypted) for future use (a.k.a. Card on File)
+end
+
+Payee-\MPSP: Authorise
+
+
+== 3DS part of flow ==
+
+' Note over MPSP, Payee: At this point, the Merchant or Merchant's PSP can
decide if it wishes to invoke 3DS. This might be based on transaction value
(i.e. low value -> low risk) or other factors, e.g. if the Shopper is a repeat
purchaser.
+
+ MPSP –> CSD: BIN to URL lookup (VAReq message)
+ CSD -> CSD: Lookup URL from BIN
+ CSD –> CPSPW : “PING”
+ 'note right: verify URL validity
+ CPSPW –> CSD: “PING” response
+ CSD –> MPSP: URL
+
+ MPSP-/Payee: 3DS redirect (PAReq message)
+ Payee->Payer: 3DS redirect (PAReq message)
+ Payer->CPSPW: 3DS invoke
+ CPSPW-\Payer: 3DS challenge
+ Payer-/CPSPW: 3DS response (PARes message)
+ CPSPW->Payer: 3DS response (PARes message)
+ Payer->Payee: 3DS response (PARes message)
+ Payee-\MPSP: 3DS response (PARes message)
+
+ MPSP->MPSP: Verification of PARes signature
+
+== End of 3DS ==
+
+
+MPSP-\CPSP: Authorisation Request
+CPSP-/MPSP: Authorisation Response
+
+MPSP-/Payee: Authorisation Response
+
+== Notification ==
+
+Payee->Payer: Result Page
+
+== Request for Settlement process (could be immediate, batch (e.g. daily) or
after some days) ==
+
+Alt
+ Payee -> MPSP : Capture
+'note right: Later Capture may be called, for example after good shipped or
tickets pickedup
+Else
+ MPSP -> MPSP : Auto Capture in batch processing at end-of-day
+End
+
+MPSP->CPSP: Capture
+
+== Fulfilment ==
+
+Payee->Payer: Provide products or services
+
+@enduml
diff --git a/presentations/2021-crypto-barons/figs/cc3ds.svg
b/presentations/2021-crypto-barons/figs/cc3ds.svg
new file mode 100644
index 0000000..31b11e0
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/cc3ds.svg
@@ -0,0 +1 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?><svg
xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"
height="1614px" style="width:1635px;height:1614px;" version="1.1" viewBox="0 0
1635 1614" width="1635px"><defs><filter height="300%" id="f1" width="300%"
x="-1" y="-1"><feGaussianBlur result="blurOut"
stdDeviation="2.0"/><feColorMatrix in="blurOut" result="blurOut2" type="matrix"
values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 .4 0"/><feOffset dx="4.0" dy= [...]
\ No newline at end of file
diff --git a/presentations/2021-crypto-barons/figs/contract.pdf
b/presentations/2021-crypto-barons/figs/contract.pdf
new file mode 100644
index 0000000..e831621
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/contract.pdf
differ
diff --git a/presentations/2021-crypto-barons/figs/contract.pml
b/presentations/2021-crypto-barons/figs/contract.pml
new file mode 100644
index 0000000..74bf23d
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/contract.pml
@@ -0,0 +1,31 @@
+
+@startuml
+
+hide footbox
+
+box "User"
+ Participant "Wallet" as W
+ Participant "Browser" as U
+end box
+
+box "Merchant"
+ Participant "Storefront" as S
+ Participant "Backend" as B
+end box
+
+autonumber
+
+S -> B : proposed contract
+B -> S : signed contract
+
+S -> U : custom (HTTP(S))
+
+U -> W : signed contract
+W -> U : signed coins
+
+U -> S : custom (HTTP(S))
+
+S -> B : signed coins (HTTP(S))
+B -> S : confirmation (HTTP(S))
+
+@enduml
diff --git a/presentations/2021-crypto-barons/figs/fulfillment.png
b/presentations/2021-crypto-barons/figs/fulfillment.png
new file mode 100644
index 0000000..5ac0588
Binary files /dev/null and
b/presentations/2021-crypto-barons/figs/fulfillment.png differ
diff --git a/presentations/2021-crypto-barons/figs/pay.png
b/presentations/2021-crypto-barons/figs/pay.png
new file mode 100644
index 0000000..1efdf96
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/pay.png
differ
diff --git a/presentations/2021-crypto-barons/figs/paypal.pdf
b/presentations/2021-crypto-barons/figs/paypal.pdf
new file mode 100644
index 0000000..d1ee292
Binary files /dev/null and b/presentations/2021-crypto-barons/figs/paypal.pdf
differ
diff --git a/presentations/2021-crypto-barons/figs/paypal.pml
b/presentations/2021-crypto-barons/figs/paypal.pml
new file mode 100644
index 0000000..2820f27
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/paypal.pml
@@ -0,0 +1,64 @@
+# FROM: https://github.com/w3c/webpayments/tree/gh-pages/PaymentFlows
+
+@startuml
+autonumber
+
+Participant "Payee (Merchant) Site" as Payee
+Actor "Payer (Shopper) Browser" as Payer
+participant "Payer (Shopper) PSP (PayPal)" as CPSP
+
+note over MPSP, CPSP: HTTPS
+
+title PayPal Payment (REST API) (Current)
+
+Payee->Payer: Present Checkout Page with Pay Button
+
+Payer->Payer: Select PayPal Payment Method
+
+Payer-\Payee: Payment Page Request
+
+Payee<->CPSP: Create Payment
+
+Payee-/Payer: HTTP Redirect
+
+Note right: HTTP Direct now send the shopper to the PayPal site
+
+Payer-\CPSP: Payment Initiation
+
+CPSP-/Payer: Authentication Page
+
+Payer-\CPSP: Authenticate
+note right: Typically a username & password
+
+CPSP-/Payer: Payment Page
+
+opt
+ Payer<->CPSP: Instrument Choice
+ note right: Payer can change from default payment instrument
+end
+
+Payer->Payer: Approval
+
+Payer-\CPSP: Payment Approval
+
+CPSP-/Payer: Payment Response Redirect
+
+Payer-\Payee: Payment Response
+
+Payee<->CPSP: Execute Payment
+
+Payee-/Payer: Result Page
+
+
+... asynchronous notification ...
+
+CPSP->Payer: Payment Notification (email)
+
+Opt
+ Payee->Payer: Payment Notification (email)
+End
+
+Note right: Provides out of band confirmation to protect against
failure/modification at browser
+
+
+@enduml
diff --git a/presentations/2021-crypto-barons/figs/paypal.svg
b/presentations/2021-crypto-barons/figs/paypal.svg
new file mode 100644
index 0000000..656ccc3
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/paypal.svg
@@ -0,0 +1 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?><svg
xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"
height="915px" style="width:990px;height:915px;" version="1.1" viewBox="0 0 990
915" width="990px"><defs/><g><text fill="#000000" font-family="Lucida Sans"
font-size="14" font-weight="bold" lengthAdjust="spacingAndGlyphs"
textLength="288" x="357.25" y="22.9951">PayPal Payment (REST API)
(Current)</text><rect fill="#FFFFFF" height="52.2656" style="strok [...]
\ No newline at end of file
diff --git a/presentations/2021-crypto-barons/figs/taler-402.html
b/presentations/2021-crypto-barons/figs/taler-402.html
new file mode 100644
index 0000000..2a4ab8f
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/taler-402.html
@@ -0,0 +1,10 @@
+HTTP/1.1 402 Payment Required
+Content-Type: text/html; charset=UTF-8
+X-Taler-Contract-Url: https://shop/generate-contract/42
+
+<!DOCTYPE html>
+<html>
+ <!-- fallback for browsers without the Taler extension -->
+ You do not seem to have Taler installed, here are other
+ payment options ...
+</html>
diff --git a/presentations/2021-crypto-barons/figs/taler-contract.html
b/presentations/2021-crypto-barons/figs/taler-contract.html
new file mode 100644
index 0000000..affdbe9
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/taler-contract.html
@@ -0,0 +1,6 @@
+<script src="taler-wallet-lib.js"></script>
+<script>
+ taler.offerContractFrom("https://shop/generate-contract/42", (err) => {
+ alert("Error while offering contract");
+ });
+</script>
diff --git a/presentations/2021-crypto-barons/figs/taler-contract.json
b/presentations/2021-crypto-barons/figs/taler-contract.json
new file mode 100644
index 0000000..e12b0f1
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/taler-contract.json
@@ -0,0 +1,20 @@
+{
+ "H_wire":"YTH0C4QBCQ10VDNTJN0DCTTV2Z6JHT5NF43F0RQHZ8JYB5NG4W4G...",
+ "amount":{"currency":"EUR","fraction":0,"value":1},
+ "max_fee":{"currency":"EUR","fraction":100000,"value":0},
+ "auditors":[{"auditor_pub":"42V6TH91Q83FB846DK1GW3JQ5E8DS273W4..."}],
+ "exchanges":[{"master_pub":"1T5FA8VQHMMKBHDMYPRZA2ZFK2S63AKF0Y...",
+ "url":"https://exchange/"}],
+ "fulfillment_url": "https://shop/article/42?tid=249&time=14714744",
+ "merchant":{"address":"Mailbox 4242","jurisdiction":"Jersey",
+ "name":"Shop Inc."},
+ "merchant_pub":"Y1ZAR5346J3ZTEXJCHQY9NJN78EZ2HSKZK8M0MYTNRJG5N...",
+ "products":[{
+ "description":"Essay: The GNU Project",
+ "price":{"currency":"EUR","fraction":0,"value":1},
+ "product_id":42,"quantity":1}],
+ "pay_deadline":"/Date(1480119270)/",
+ "refund_deadline":"/Date(1471522470)/",
+ "timestamp":"/Date(1471479270)/",
+ "transaction_id":249960194066269
+}
diff --git a/presentations/2021-crypto-barons/figs/taler-pay.pdf
b/presentations/2021-crypto-barons/figs/taler-pay.pdf
new file mode 100644
index 0000000..0856fa8
Binary files /dev/null and
b/presentations/2021-crypto-barons/figs/taler-pay.pdf differ
diff --git a/presentations/2021-crypto-barons/figs/taler-pay.pml
b/presentations/2021-crypto-barons/figs/taler-pay.pml
new file mode 100644
index 0000000..93b21f8
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/taler-pay.pml
@@ -0,0 +1,47 @@
+@startuml
+autonumber
+
+Actor "Payer (Shopper) Browser" as Payer
+Participant "Payee (Merchant) Site" as Payee
+Participant "Taler Exchange" as Exchange
+
+note over Payer, Payee: Tor/HTTPS
+note over Payee, Exchange: HTTP/HTTPS
+
+title Taler (Payment)
+
+== Request Offer ==
+
+Payer->Payee: Choose goods by navigating to offer URL
+
+Payee->Payer: Send signed digital contract proposal
+
+opt
+Payer->Payer: Select Taler payment method (skippable with auto-detection)
+end
+
+== Execute Payment ==
+
+opt
+Payer->Payer: Affirm contract
+end
+
+Payer->Payee: Navigate to fulfillment URL
+
+Payee->Payer: Send hash of digital contract and payment information
+
+Payer->Payee: Send payment
+
+Payee->Exchange: Forward payment
+
+Exchange->Payee: Confirm payment
+
+Payee->Payer: Confirm payment
+
+== Fulfilment ==
+
+Payer->Payee: Reload fulfillment URL for delivery
+
+Payee->Payer: Provide product resource
+
+@enduml
diff --git a/presentations/2021-crypto-barons/figs/taler-pay.svg
b/presentations/2021-crypto-barons/figs/taler-pay.svg
new file mode 100644
index 0000000..95d83e4
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/taler-pay.svg
@@ -0,0 +1 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?><svg
xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"
height="866px" style="width:753px;height:866px;" version="1.1" viewBox="0 0 753
866" width="753px"><defs><filter height="300%" id="f1" width="300%" x="-1"
y="-1"><feGaussianBlur result="blurOut" stdDeviation="2.0"/><feColorMatrix
in="blurOut" result="blurOut2" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 .4 0"/><feOffset dx="4.0" dy="4.0" [...]
\ No newline at end of file
diff --git a/presentations/2021-crypto-barons/figs/taler-presence-js.html
b/presentations/2021-crypto-barons/figs/taler-presence-js.html
new file mode 100644
index 0000000..9770815
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/taler-presence-js.html
@@ -0,0 +1,9 @@
+<script src="taler-wallet-lib.js"></script>
+<script>
+ taler.onPresent(() => {
+ alert("Taler wallet is installed");
+ });
+ taler.onAbsent(() => {
+ alert("Taler wallet is not installed");
+ });
+</script>
diff --git a/presentations/2021-crypto-barons/figs/taler-withdraw.pdf
b/presentations/2021-crypto-barons/figs/taler-withdraw.pdf
new file mode 100644
index 0000000..d1cd720
Binary files /dev/null and
b/presentations/2021-crypto-barons/figs/taler-withdraw.pdf differ
diff --git a/presentations/2021-crypto-barons/figs/taler-withdraw.pml
b/presentations/2021-crypto-barons/figs/taler-withdraw.pml
new file mode 100644
index 0000000..33f5dac
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/taler-withdraw.pml
@@ -0,0 +1,37 @@
+@startuml
+autonumber
+
+Actor "Customer Browser" as Customer
+Participant "Bank Site" as Bank
+Participant "Taler Exchange" as Exchange
+
+note over Customer, Bank: HTTPS
+note over Customer, Exchange: HTTPS
+note over Bank, Exchange: wire transfer
+
+title Taler (Withdraw coins)
+
+Customer->Bank: user authentication
+Bank->Customer: send account portal
+
+Customer->Customer: initiate withdrawal (specify amount and exchange)
+
+Customer->Exchange: request coin denomination keys and wire transfer data
+Exchange->Customer: send coin denomination keys and wire transfer data
+
+Customer->Bank: execute withdrawal
+
+opt
+Bank->Customer: request transaction authorization
+Customer->Bank: transaction authorization
+end
+
+Bank->Customer: withdrawal confirmation
+Bank->Exchange: execute wire transfer
+
+
+Customer->Exchange: withdraw request
+Customer<-Exchange: signed blinded coins
+Customer->Customer: unblind coins
+
+@enduml
diff --git a/presentations/2021-crypto-barons/figs/taler-withdraw.png
b/presentations/2021-crypto-barons/figs/taler-withdraw.png
new file mode 100644
index 0000000..04a4d8d
Binary files /dev/null and
b/presentations/2021-crypto-barons/figs/taler-withdraw.png differ
diff --git a/presentations/2021-crypto-barons/figs/taler-withdraw.svg
b/presentations/2021-crypto-barons/figs/taler-withdraw.svg
new file mode 100644
index 0000000..3618d92
--- /dev/null
+++ b/presentations/2021-crypto-barons/figs/taler-withdraw.svg
@@ -0,0 +1 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?><svg
xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"
height="774px" style="width:652px;height:774px;" version="1.1" viewBox="0 0 652
774" width="652px"><defs><filter height="300%" id="f1" width="300%" x="-1"
y="-1"><feGaussianBlur result="blurOut" stdDeviation="2.0"/><feColorMatrix
in="blurOut" result="blurOut2" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 .4 0"/><feOffset dx="4.0" dy="4.0" [...]
\ No newline at end of file
diff --git a/presentations/2021-crypto-barons/gnu.pdf
b/presentations/2021-crypto-barons/gnu.pdf
new file mode 100644
index 0000000..05adc5a
Binary files /dev/null and b/presentations/2021-crypto-barons/gnu.pdf differ
diff --git a/presentations/2021-crypto-barons/hammer.pdf
b/presentations/2021-crypto-barons/hammer.pdf
new file mode 100644
index 0000000..3524634
Binary files /dev/null and b/presentations/2021-crypto-barons/hammer.pdf differ
diff --git a/presentations/2021-crypto-barons/merchant-sign.pdf
b/presentations/2021-crypto-barons/merchant-sign.pdf
new file mode 100644
index 0000000..74c2cc3
Binary files /dev/null and b/presentations/2021-crypto-barons/merchant-sign.pdf
differ
diff --git a/presentations/2021-crypto-barons/merchant_propose.pdf
b/presentations/2021-crypto-barons/merchant_propose.pdf
new file mode 100644
index 0000000..fd2575d
Binary files /dev/null and
b/presentations/2021-crypto-barons/merchant_propose.pdf differ
diff --git a/presentations/2021-crypto-barons/of.pdf
b/presentations/2021-crypto-barons/of.pdf
new file mode 100644
index 0000000..046e6e3
Binary files /dev/null and b/presentations/2021-crypto-barons/of.pdf differ
diff --git a/presentations/2021-crypto-barons/planchet-sign.pdf
b/presentations/2021-crypto-barons/planchet-sign.pdf
new file mode 100644
index 0000000..5a73362
Binary files /dev/null and b/presentations/2021-crypto-barons/planchet-sign.pdf
differ
diff --git a/presentations/2021-crypto-barons/planchet.pdf
b/presentations/2021-crypto-barons/planchet.pdf
new file mode 100644
index 0000000..7175bff
Binary files /dev/null and b/presentations/2021-crypto-barons/planchet.pdf
differ
diff --git a/presentations/2021-crypto-barons/seal.pdf
b/presentations/2021-crypto-barons/seal.pdf
new file mode 100644
index 0000000..88946c8
Binary files /dev/null and b/presentations/2021-crypto-barons/seal.pdf differ
diff --git a/presentations/2021-crypto-barons/shop.pdf
b/presentations/2021-crypto-barons/shop.pdf
new file mode 100644
index 0000000..43d4ff2
Binary files /dev/null and b/presentations/2021-crypto-barons/shop.pdf differ
diff --git a/presentations/2021-crypto-barons/sign.pdf
b/presentations/2021-crypto-barons/sign.pdf
new file mode 100644
index 0000000..e71ffb8
Binary files /dev/null and b/presentations/2021-crypto-barons/sign.pdf differ
diff --git a/presentations/2021-crypto-barons/slides.tex
b/presentations/2021-crypto-barons/slides.tex
index cfcd6a9..dd6f007 100644
--- a/presentations/2021-crypto-barons/slides.tex
+++ b/presentations/2021-crypto-barons/slides.tex
@@ -205,7 +205,7 @@ GNU Taler must ...
\item Main innovation: Refresh protocol that allows efficient
transactions while preserving income-transparency of merchants.
\item Based on proven constructions and primitives (SHA512, X25519,
- Ed25519, RSA blind signatures)
+ Ed25519, cut-and-choose, RSA blind signatures)
\item Future: RSA blind signatures can be replaced by elliptic curve blind
signatures (Clause Blind Schnorr Signatures)
\item Other niceties like forgettable fields in digital contract between
@@ -741,385 +741,702 @@ General notions:
\end{frame}
+\begin{frame}{Exchange setup: Create a denomination key (RSA)}
+ \begin{minipage}{6cm}
+ \begin{enumerate}
+ \item Pick random primes $p,q$.
+ \item Compute $n := pq$, $\phi(n) = (p-1)(q-1)$
+ \item Pick small $e < \phi(n)$ such that
+ $d := e^{-1} \mod \phi(n)$ exists.
+ \item Publish public key $(e,n)$.
+ \end{enumerate}
+ \end{minipage}
+ \begin{minipage}{6cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance=1em and 1em, inner sep=0em, outer sep=.3em];
+ \node (origin) at (0,0) {\includegraphics[width=0.2\textwidth]{dice.pdf}};
+ \node (primes) [draw=none, below = of origin] at (0,0) {$(p, q)$};
+ \node (seal) [def, draw=none, below left=of
primes]{\includegraphics[width=0.15\textwidth]{seal.pdf}};
+ \node (hammer) [def, draw=none, below right=of
primes]{\includegraphics[width=0.15\textwidth]{hammer.pdf}};
+
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (primes) -- (origin) node [midway, above, sloped] (TextNode)
{};
+ \draw [<-, C] (seal) -- (primes) node [midway, above, sloped] (TextNode)
{};
+ \draw [<-, C] (hammer) -- (primes) node [midway, above, sloped] (TextNode)
{};
+ \end{tikzpicture}
+% \includegraphics[width=0.4\textwidth]{seal.pdf}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Merchant: Create a signing key (EdDSA)}
+ \begin{minipage}{6cm}
+ \begin{itemize}
+ \item pick random $m \mod o$ as private key
+ \item $M = mG$ public key
+ \end{itemize}
+ \end{minipage}
+ \begin{minipage}{6cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 1em and 1em, inner sep=0em, outer
sep=.3em];
+ \node (origin) at (0,0) {\includegraphics[width=0.2\textwidth]{dice.pdf}};
+ \node (m) [draw=none, below = of origin] at (0,0) {$m$};
+ \node (seal) [draw=none, below=of m]{M};
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (m) -- (origin) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (seal) -- (primes) node [midway, above, sloped] (TextNode)
{};
+ \end{tikzpicture}
+ \end{minipage}
+ \parbox[t]{3cm}{{\bf Capability:} $m \Rightarrow$ }
+
\raisebox{\dimexpr-\height+\baselineskip}{\includegraphics[width=0.1\textwidth]{merchant-sign.pdf}}
+\end{frame}
+
+
+\begin{frame}{Customer: Create a planchet (EdDSA)}
+ \begin{minipage}{8cm}
+ \begin{itemize}
+ \item Pick random $c \mod o$ private key
+ \item $C = cG$ public key
+ \end{itemize}
+ \end{minipage}
+ \begin{minipage}{4cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 1em and 1em, inner sep=0em, outer
sep=.3em];
+ \node (origin) at (0,0) {\includegraphics[width=0.2\textwidth]{dice.pdf}};
+ \node (c) [draw=none, below = of origin] at (0,0) {$c$};
+ \node (planchet) [draw=none, below=of
c]{\includegraphics[width=0.4\textwidth]{planchet.pdf}};
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (c) -- (origin) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (planchet) -- (c) node [midway, above, sloped] (TextNode) {};
+ \end{tikzpicture}
+ \end{minipage}
+ \parbox[t]{3cm}{{\bf Capability:} $c \Rightarrow$ }
+
\raisebox{\dimexpr-\height+\baselineskip}{\includegraphics[width=0.1\textwidth]{planchet-sign.pdf}}
+\end{frame}
+
+
+\begin{frame}{Customer: Blind planchet (RSA)}
+ \begin{minipage}{6cm}
+ \begin{enumerate}
+ \item Obtain public key $(e,n)$
+ \item Compute $f := FDH(C)$, $f < n$.
+ \item Pick blinding factor $b \in \mathbb Z_n$
+ \item Transmit $f' := f b^e \mod n$
+ \end{enumerate}
+ \end{minipage}
+ \begin{minipage}{6cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 2em and 0.5em, inner sep=0em, outer
sep=.3em];
+ \node (origin) at (0,0) {\includegraphics[width=0.2\textwidth]{dice.pdf}};
+ \node (b) [def, draw=none, below = of origin] at (0,-0.2) {$b$};
+ \node (blinded) [def, draw=none, below right=of
b]{\includegraphics[width=0.2\textwidth]{blinded.pdf}};
+ \node (planchet) [def, draw=none, above right=of
blinded]{\includegraphics[width=0.15\textwidth]{planchet.pdf}};
+ \node (exchange) [node distance=4em and 0.5em, draw, below =of
blinded]{Exchange};
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (b) -- (origin) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (blinded) -- (planchet) node [midway, above, sloped]
(TextNode) {};
+ \draw [<-, C] (blinded) -- (b) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (exchange) -- (blinded) node [midway, above, sloped]
(TextNode) {{\small transmit}};
+ \end{tikzpicture}
+ \end{minipage}
+\end{frame}
+\begin{frame}{Exchange: Blind sign (RSA)}
+ \begin{minipage}{6cm}
+ \begin{enumerate}
+ \item Receive $f'$.
+ \item Compute $s' := f'^d \mod n$.
+ \item Send signature $s'$.
+ \end{enumerate}
+ \end{minipage}
+ \begin{minipage}{6cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 2em and 0.5em, inner sep=0em, outer
sep=.3em];
+ \node (hammer) [def, draw=none] at (0,0)
{\includegraphics[width=0.15\textwidth]{hammer.pdf}};
+ \node (signed) [def, draw=none, below left=of
hammer]{\includegraphics[width=0.2\textwidth]{sign.pdf}};
+ \node (blinded) [def, draw=none, above left=of
signed]{\includegraphics[width=0.15\textwidth]{blinded.pdf}};
+ \node (customer) [node distance=4em and 0.5em, draw, below =of
signed]{Customer};
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (signed) -- (hammer) node [midway, above, sloped] (TextNode)
{};
+ \draw [<-, C] (signed) -- (blinded) node [midway, above, sloped]
(TextNode) {};
+ \draw [<-, C] (customer) -- (signed) node [midway, above, sloped]
(TextNode) {{\small transmit}};
+ \end{tikzpicture}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Customer: Unblind coin (RSA)}
+ \begin{minipage}{6cm}
+ \begin{enumerate}
+ \item Receive $s'$.
+ \item Compute $s := s' b^{-1} \mod n$ % \\
+ % ($(f')^d = (f b^e)^d = f^d b$).
+ \end{enumerate}
+ \end{minipage}
+ \begin{minipage}{6cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 2em and 0.5em, inner sep=0em, outer
sep=.3em];
+ \node (b) [def, draw=none] at (0,0) {$b$};
+ \node (coin) [def, draw=none, below left=of
b]{\includegraphics[width=0.2\textwidth]{coin.pdf}};
+ \node (signed) [def, draw=none, above left=of
coin]{\includegraphics[width=0.15\textwidth]{sign.pdf}};
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (coin) -- (b) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (coin) -- (signed) node [midway, above, sloped] (TextNode)
{};
+ \end{tikzpicture}
+ \end{minipage}
+\end{frame}
-\begin{frame}{Taler {\tt /withdraw/sign}}
-% Customer withdrawing coins with blind signatures
-% \bigskip
- \begin{figure}[th]
- \begin{minipage}[b]{0.45\linewidth}
- \begin{center}
- \begin{tikzpicture}[scale = 0.4,
- transform shape,
- msglabel/.style = { text = Black, yshift = .3cm,
- sloped, midway },
- okmsg/.style = { ->, color = MidnightBlue, thick,
- >=stealth },
- rstmsg/.style = { ->, color = BrickRed, thick,
- >=stealth }
- ]
- \node[draw = MidnightBlue,
- fill = CornflowerBlue,
- minimum width = .3cm,
- minimum height = 10cm
- ] (h1) at (-4, 0) {};
- \node[draw = MidnightBlue,
- fill = CornflowerBlue,
- minimum width = .3cm,
- minimum height = 10cm
- ] (h2) at (4, 0) {};
- \node[above = 0cm of h1] {Wallet};
- \node[above = 0cm of h2] {Exchange};
-
- \path[->, color = MidnightBlue, very thick, >=stealth]
- (-5, 4.5) edge
- node[rotate=90, text = Black, yshift = .3cm] {Time}
- (-5, -4.5);
- \path[okmsg, dashed]
- ($(h1.east)+(0, 4.0)+(0, -1.0)$) edge
- node[msglabel] {SEPA(RK,A)}
- ($(h2.west)+(0, 3.5)+(0, -1.0)$);
- \path[okmsg]
- ($(h1.east)+(0, -1.0)$) edge
- node[msglabel] {POST {\tt /withdraw/sign} $S_{RK}(DK, B_b(C))$}
- ($(h2.west)+(0, -1.5)$);
- \path[okmsg]
- ($(h2.west)+(0, -2.0)$) edge
- node[msglabel] {200 OK: $S_{DK}(B_b(C))$)}
- ($(h1.east)+(0, -2.5)$);
- \path[rstmsg]
- ($(h2.west)+(0, -3.5)$) edge
- node[msglabel] {402 PAYMENT REQUIRED: $S_{RK}(DK, B_b(C))$)}
- ($(h1.east)+(0, -4)$);
- \node at (5.3, 0) {};
- \end{tikzpicture}
- \end{center}
- Result: $\langle c, S_{DK}(C) \rangle$.
- \end{minipage}
- \hspace{0.5cm}
- \begin{minipage}[b]{0.45\linewidth}
- \tiny
- \begin{description}
- \item[$A$] Some amount, $A \ge A_{DK}$
- \item[$RK$] Reserve key
- \item[$DK$] Denomination key
- \item[$b$] Blinding factor
- \item[$B_b()$] RSA-FDH blinding % DK supressed
- \item[$C$] Coin public key $C := cG$
- \item[$S_{RK}()$] EdDSA signature
- \item[$S_{DK}()$] RSA-FDH signature
- \end{description}
- \end{minipage}
- \end{figure}
-\end{frame}
-
-
-\begin{frame}[t]{Taler {\tt /deposit}}
-Merchant and exchange see only the public coin $\langle C, S_{DK}(C) \rangle$.
-\bigskip
- \begin{figure}[th]
- \begin{minipage}[b]{0.45\linewidth}
- \begin{center}
- \begin{tikzpicture}[scale = 0.4,
- transform shape,
- msglabel/.style = { text = Black, yshift = .3cm,
- sloped, midway },
- okmsg/.style = { ->, color = MidnightBlue, thick,
- >=stealth },
- rstmsg/.style = { ->, color = BrickRed, thick,
- >=stealth }
- ]
- \node[draw = MidnightBlue,
- fill = CornflowerBlue,
- minimum width = .3cm,
- minimum height = 10cm
- ] (h1) at (-4, 0) {};
- \node[draw = MidnightBlue,
- fill = CornflowerBlue,
- minimum width = .3cm,
- minimum height = 10cm
- ] (h2) at (4, 0) {};
- \node[above = 0cm of h1] {Merchant};
- \node[above = 0cm of h2] {Exchange};
-
- \path[->, color = MidnightBlue, very thick, >=stealth]
- (-5, 4.5) edge
- node[rotate=90, text = Black, yshift = .3cm] {Time}
- (-5, -4.5);
- \path[->, color = MidnightBlue, thick, >=stealth]
- ($(h1.east)+(0,3)$) edge
- node[text = Black, yshift = .3cm, sloped] {POST {\tt /deposit}
$S_{DK}(C), S_{c}(D)$}
- ($(h2.west)+(0,2)$);
- \path[->, color = MidnightBlue, thick, >=stealth]
- ($(h2.west)+(0,0.5)$) edge
- node[text = Black, yshift = .3cm, sloped] {200 OK:
$S_{SK}(S_{c}(D))$}
- ($(h1.east)+(0,-0.5)$);
- \path[rstmsg]
- ($(h2.west)+(0, -2.5)$) edge
- node[msglabel] {409 CONFLICT: $S_{c}(D')$}
- ($(h1.east)+(0, -3.5)$);
- \node at (5.3, 0) {};
- \end{tikzpicture}
- \end{center}
- \end{minipage}
- \hspace{0.5cm}
- \begin{minipage}[b]{0.45\linewidth}
- \tiny
- \begin{description}
- \item[$DK$] Denomination key
- \item[$S_{DK}()$] RSA-FDH signature using $DK$
- \item[$c$] Private coin key, $C := cG$.
- \item[$S_{C}()$] EdDSA signature using $c$
- \item[$D$] Deposit details
- \item[$SK$] Exchange's signing key
- \item[$S_{SK}()$] EdDSA signature using $SK$
- \item[$D'$] Conficting deposit details $D' \not= D$
- \end{description}
- \end{minipage}
- \end{figure}
-\end{frame}
-
-
-\begin{frame}{Taler {\tt /refresh/melt}}
- \begin{figure}[th]
- \begin{minipage}[b]{0.45\linewidth}
- \begin{center}
- \begin{tikzpicture}[scale = 0.4,
- transform shape,
- msglabel/.style = { text = Black, yshift = .3cm,
- sloped, midway },
- okmsg/.style = { ->, color = MidnightBlue, thick,
- >=stealth },
- rstmsg/.style = { ->, color = BrickRed, thick,
- >=stealth }
- ]
- \node[draw = MidnightBlue,
- fill = CornflowerBlue,
- minimum width = .3cm,
- minimum height = 10cm
- ] (h1) at (-4, 0) {};
- \node[draw = MidnightBlue,
- fill = CornflowerBlue,
- minimum width = .3cm,
- minimum height = 10cm
- ] (h2) at (4, 0) {};
- \node[above = 0cm of h1] {Customer};
- \node[above = 0cm of h2] {Exchange};
-
- \path[->, color = MidnightBlue, very thick, >=stealth]
- (-5, 4.5) edge
- node[rotate=90, text = Black, yshift = .3cm] {Time}
- (-5, -4.5);
- \path[->, color = MidnightBlue, thick, >=stealth]
- ($(h1.east)+(0,3)$) edge
- node[text = Black, yshift = .3cm, sloped] {POST {\tt /refresh/melt}
$S_{DK}(C), S_c({\cal DK}, {\cal T},{\cal B})$}
- ($(h2.west)+(0,2)$);
- \path[->, color = MidnightBlue, thick, >=stealth]
- ($(h2.west)+(0,0.5)$) edge
- node[text = Black, yshift = .3cm, sloped] {200 OK: $S_{SK}(H({\cal
T}, {\cal B}),\gamma)$}
- ($(h1.east)+(0,-0.5)$);
- \path[rstmsg]
- ($(h2.west)+(0, -2.5)$) edge
- node[msglabel] {409 CONFLICT: $S_{C}(X), \ldots$}
- ($(h1.east)+(0, -3.5)$);
- \node at (5.3, 0) {};
- \end{tikzpicture}
- \end{center}
- \end{minipage}
- \hspace{0.5cm}
- \begin{minipage}[b]{0.45\linewidth}
- \tiny
- \begin{description}
- \item[$\kappa$] System-wide security parameter, usually 3.
- \\ \smallskip
- \item[$\cal DK$] $:= [DK^{(i)}]_i$ \\ List of denomination keys \\
- $D + \sum_i A_{DK^{(i)}} < A_{DK}$
- \item[$t_j$] Random scalar for $j<\kappa$
- \item[${\cal T}$] $:= [T_j]_\kappa$ where $T_j = t_j G$
- \item[$k_j$] $:= c T_j = t_j C$ is an ECDHE
- \item[$b_j^{(i)}$] $:= KDF_b(k_j,i)$ % blinding factor
- \item[$c_j^{(i)}$] $:= KDF_c(k_j,i)$ % coin secret keys
- \item[$C_j^{(i)}$] $: = c_j^{(i)} G$ % new coin publics % keys
- \item[${\cal B}$] $:= [H( \beta_j )]_\kappa$ where \\
- $\beta_j := \left[ B_{b_j^{(i)}}(C_j^{(i)}) \right]_i$
- \\ \smallskip
- \item[$\gamma$] Random value in $[0,\kappa)$
-% \\ \smallskip
-% \item[$X$] Deposit or refresh
- \end{description}
- \end{minipage}
- \end{figure}
-\end{frame}
-
-
-\begin{frame}{Taler {\tt /refresh/reveal}}
- \begin{figure}[th]
- \begin{minipage}[b]{0.45\linewidth}
- \begin{center}
- \begin{tikzpicture}[scale = 0.4,
- transform shape,
- msglabel/.style = { text = Black, yshift = .3cm,
- sloped, midway },
- okmsg/.style = { ->, color = MidnightBlue, thick,
- >=stealth },
- rstmsg/.style = { ->, color = BrickRed, thick,
- >=stealth }
- ]
- \node[draw = MidnightBlue,
- fill = CornflowerBlue,
- minimum width = .3cm,
- minimum height = 10cm
- ] (h1) at (-4, 0) {};
- \node[draw = MidnightBlue,
- fill = CornflowerBlue,
- minimum width = .3cm,
- minimum height = 10cm
- ] (h2) at (4, 0) {};
- \node[above = 0cm of h1] {Customer};
- \node[above = 0cm of h2] {Exchange};
-
- \path[->, color = MidnightBlue, very thick, >=stealth]
- (-5, 4.5) edge
- node[rotate=90, text = Black, yshift = .3cm] {Time}
- (-5, -4.5);
- \path[->, color = MidnightBlue, thick, >=stealth]
- ($(h1.east)+(0,3)$) edge
- node[text = Black, yshift = .3cm, sloped] {POST {\tt
/refresh/reveal} $H({\cal T}, {\cal B}), {\tilde{\cal T}}, \beta_\gamma$}
- ($(h2.west)+(0,2)$);
- \path[->, color = MidnightBlue, thick, >=stealth]
- ($(h2.west)+(0,0.5)$) edge
- node[text = Black, yshift = .3cm, sloped] {200 OK: $\cal S$}
- ($(h1.east)+(0,-0.5)$);
- \path[rstmsg]
- ($(h2.west)+(0, -2.5)$) edge
- node[msglabel] {400 BAD REQUEST: $Z$}
- ($(h1.east)+(0, -3.5)$);
- \node at (5.3, 0) {};
- \end{tikzpicture}
- \end{center}
- \end{minipage}
- \hspace{0.5cm}
- \begin{minipage}[b]{0.45\linewidth}
- \tiny
- \begin{description}
- \item[$\cal DK$] $:= [DK^{(i)}]_i$
- \item[$t_j$] .. \\ \smallskip
-
- \item[$\tilde{\cal T}$] $:= [t_j | j \in \kappa, j \neq \gamma]$ \\
\smallskip
-
- \item[$k_\gamma$] $:= c T_\gamma = t_\gamma C$
- \item[$b_\gamma^{(i)}$] $:= KDF_b(k_\gamma,i)$
- \item[$c_\gamma^{(i)}$] $:= KDF_c(k_\gamma,i)$
- \item[$C_\gamma^{(i)}$] $: = c_\gamma^{(i)} G$
-
- \item[$B_\gamma^{(i)}$] $:= B_{b_\gamma^{(i)}}(C_\gamma^{(i)})$
- \item[$\beta_\gamma$] $:= \big[ B_\gamma^{(i)} \big]_i$
- \item[$\cal S$] $:= \left[ S_{DK^{(i)}}( B_\gamma^{(i)} ) \right]_i$ \\
\smallskip
-
- \item[$Z$] Cut-and-choose missmatch information
- \end{description}
- \end{minipage}
- \end{figure}
-\end{frame}
-
-
-\begin{frame}{Taler {\tt /refresh/link}}
- \begin{figure}[th]
- \begin{minipage}[b]{0.45\linewidth}
- \begin{center}
- \begin{tikzpicture}[scale = 0.4,
- transform shape,
- msglabel/.style = { text = Black, yshift = .3cm,
- sloped, midway },
- okmsg/.style = { ->, color = MidnightBlue, thick,
- >=stealth },
- rstmsg/.style = { ->, color = BrickRed, thick,
- >=stealth }
- ]
- \node[draw = MidnightBlue,
- fill = CornflowerBlue,
- minimum width = .3cm,
- minimum height = 10cm
- ] (h1) at (-4, 0) {};
- \node[draw = MidnightBlue,
- fill = CornflowerBlue,
- minimum width = .3cm,
- minimum height = 10cm
- ] (h2) at (4, 0) {};
- \node[above = 0cm of h1] {Customer};
- \node[above = 0cm of h2] {Exchagne};
-
- \path[->, color = MidnightBlue, very thick, >=stealth]
- (-5, 4.5) edge
- node[rotate=90, text = Black, yshift = .3cm] {Time}
- (-5, -4.5);
- \path[->, color = MidnightBlue, thick, >=stealth]
- ($(h1.east)+(0,3)$) edge
- node[text = Black, yshift = .3cm, sloped] {POST {\tt /refresh/link}
$C$}
- ($(h2.west)+(0,2)$);
- \path[->, color = MidnightBlue, thick, >=stealth]
- ($(h2.west)+(0,0.5)$) edge
- node[text = Black, yshift = .3cm, sloped] {200 OK: $T_\gamma$}
- ($(h1.east)+(0,-0.5)$);
- \path[rstmsg]
- ($(h2.west)+(0, -2.5)$) edge
- node[msglabel] {404 NOT FOUND}
- ($(h1.east)+(0, -3.5)$);
- \node at (5.3, 0) {};
- \end{tikzpicture}
- \end{center}
- \end{minipage}
- \hspace{0.5cm}
- \begin{minipage}[b]{0.45\linewidth}
- \tiny
- \begin{description}
- \item[$C$] Old coind public key \\ \smallskip
- \item[$T_\gamma$] Linkage data $\cal L$ at $\gamma$
- \end{description}
- \end{minipage}
- \end{figure}
-\end{frame}
-
-
-\begin{frame}{Operational security}
+\begin{frame}{Withdrawing coins on the Web}
\begin{center}
- \resizebox{\textwidth}{!}{
-\begin{tikzpicture}[
- font=\sffamily,
- every matrix/.style={ampersand replacement=\&,column sep=2cm,row sep=2cm},
- source/.style={draw,thick,rounded corners,fill=green!20,inner sep=.3cm},
- process/.style={draw,thick,circle,fill=blue!20},
- sink/.style={source,fill=green!20},
- datastore/.style={draw,very thick,shape=datastore,inner sep=.3cm},
- dots/.style={gray,scale=2},
- to/.style={->,>=stealth',shorten
>=1pt,semithick,font=\sffamily\footnotesize},
- every node/.style={align=center}]
-
- % Position the nodes using a matrix layout
- \matrix{
- \node[source] (wallet) {Wallet};
- \& \node[process] (browser) {Browser};
- \& \node[process] (shop) {Web shop};
- \& \node[sink] (backend) {Taler backend}; \\
- };
-
- % Draw the arrows between the nodes and label them.
- \draw[to] (browser) to[bend right=50] node[midway,above] {(4) signed
contract}
- node[midway,below] {(signal)} (wallet);
- \draw[to] (wallet) to[bend right=50] node[midway,above] {(signal)}
- node[midway,below] {(5) signed coins} (browser);
- \draw[<->] (browser) -- node[midway,above] {(3,6) custom}
- node[midway,below] {(HTTPS)} (shop);
- \draw[to] (shop) to[bend right=50] node[midway,above] {(HTTPS)}
- node[midway,below] {(1) proposed contract / (7) signed coins} (backend);
- \draw[to] (backend) to[bend right=50] node[midway,above] {(2) signed
contract / (8) confirmation}
- node[midway,below] {(HTTPS)} (shop);
-\end{tikzpicture}
-}
+ \includegraphics[height=0.9\textheight]{figs/taler-withdraw.pdf}
+ \end{center}
+\end{frame}
+
+
+\begin{frame}{Customer: Build shopping cart}
+ \begin{center}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 1em and 1em, inner sep=0em, outer
sep=.3em];
+ \node (origin) at (0,0) {\includegraphics[width=0.2\textwidth]{shop.pdf}};
+ \node (cart) [draw=none, below=of
m]{\includegraphics[width=0.2\textwidth]{cart.pdf}};
+ \node (merchant) [node distance=4em and 0.5em, draw, below =of
cart]{Merchant};
+ \tikzstyle{C} = [color=black, line width=1pt];
+ \draw [<-, C] (cart) -- (origin) node [midway, above, sloped] (TextNode)
{};
+ \draw [<-, C] (merchant) -- (cart) node [midway, above, sloped] (TextNode)
{{\small transmit}};
+ \end{tikzpicture}
+ \end{center}
+\end{frame}
+
+
+\begin{frame}{Merchant Integration: Wallet Detection}
+ \lstset{language=JavaScript}
+ \lstinputlisting{figs/taler-presence-js.html}
+% \caption{Sample code to detect the Taler wallet. Allowing the
+% Web site to detect the presence of the wallet leaks one bit
+% of information about the user. The above logic also works
+% if the wallet is installed while the page is open.}
+% \label{listing:presence}
+\end{frame}
+
+
+\begin{frame}{Merchant Integration: Payment Request}
+% \begin{figure}[p!]
+ \lstset{language=HTML5}
+ \lstinputlisting{figs/taler-402.html}
+% \caption{Sample HTTP response to prompt the wallet to show an offer.}
+% \label{listing:http-contract}
+% \end{figure}
+
+% \begin{figure*}[p!]
+% \lstset{language=HTML5}
+% \lstinputlisting{figs/taler-contract.html}
+% \caption{Sample JavaScript code to prompt the wallet to show an offer.
+% Here, the contract is fetched on-demand from the server.
+% The {\tt taler\_pay()} function needs to be invoked
+% when the user triggers the checkout.}
+% \label{listing:contract}
+% \end{figure*}
+\end{frame}
+
+
+\begin{frame}{Merchant Integration: Contract}
+ % \begin{figure*}[t!]
+ {\tiny
+ \lstset{language=JavaScript}
+ \lstinputlisting{figs/taler-contract.json}
+% \caption{Minimal Taler contract over a digital article with a value of
\EUR{0.10}. The merchant will pay transaction fees up to \EUR{0.01}. The hash
over the wire transfer information was truncated to make it fit to the page.}
+% \label{listing:json-contract}
+ % \end{figure*}
+ }
+\end{frame}
+
+
+\begin{frame}{Merchant: Propose contract (EdDSA)}
+ \begin{minipage}{6cm}
+ \begin{enumerate}
+ \item Complete proposal $D$.
+ \item Send $D$, $EdDSA_m(D)$
+ \end{enumerate}
+ \end{minipage}
+ \begin{minipage}{6cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance=2em and 0.5em, inner sep=0em, outer
sep=.3em];
+ \node (cart) [def, draw=none] at (0,0)
{\includegraphics[width=0.15\textwidth]{cart.pdf}};
+ \node (proposal) [def, draw=none, below right=of
cart]{\includegraphics[width=0.5\textwidth]{merchant_propose.pdf}};
+ \node (customer) [node distance=4em and 0.5em, draw, below =of
proposal]{Customer};
+ \tikzstyle{C} = [color=black, line width=1pt];
+ \node (sign) [def, draw=none, above right=of proposal] {$m$};
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (proposal) -- (sign) node [midway, above, sloped] (TextNode)
{};
+ \draw [<-, C] (proposal) -- (cart) node [midway, above, sloped] (TextNode)
{};
+ \draw [<-, C] (customer) -- (proposal) node [midway, above, sloped]
(TextNode) {{\small transmit}};
+ \end{tikzpicture}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Customer: Spend coin (EdDSA)}
+ \begin{minipage}{6cm}
+ \begin{enumerate}
+ \item Receive proposal $D$, $EdDSA_m(D)$.
+ \item Send $s$, $C$, $EdDSA_c(D)$
+ \end{enumerate}
+ \end{minipage}
+ \begin{minipage}{6cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance=2em and 0.4em, inner sep=0em, outer
sep=.3em];
+ \node (proposal) [def, draw=none] at (0,0)
{\includegraphics[width=0.15\textwidth]{merchant_propose.pdf}};
+ \node (contract) [def, draw=none, below right=of
cart]{\includegraphics[width=0.3\textwidth]{contract.pdf}};
+ \node (c) [def, draw=none, above=of contract] {$c$};
+ \node (merchant) [node distance=4em and 0.5em, draw, below=of
contract]{Merchant};
+ \node (coin) [def, draw=none, right=of
contract]{\includegraphics[width=0.2\textwidth]{coin.pdf}};
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (contract) -- (c) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (contract) -- (proposal) node [midway, above, sloped]
(TextNode) {};
+ \draw [<-, C] (merchant) -- (contract) node [midway, above, sloped]
(TextNode) {{\small transmit}};
+ \draw [<-, C] (merchant) -- (coin) node [midway, below, sloped] (TextNode)
{{\small transmit}};
+ \end{tikzpicture}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Merchant and Exchange: Verify coin (RSA)}
+ \begin{minipage}{6cm}
+ \begin{equation*}
+ s^e \stackrel{?}{\equiv} FDH(C) \mod n
+ \end{equation*}
+ \end{minipage}
+ \begin{minipage}{6cm}
+ \begin{minipage}{0.2\textwidth}
+ \includegraphics[width=\textwidth]{coin.pdf}
+ \end{minipage}
+ $\stackrel{?}{\Leftrightarrow}$
+ \begin{minipage}{0.2\textwidth}
+ \includegraphics[width=\textwidth]{seal.pdf}
+ \end{minipage}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Payment processing with Taler}
+ \begin{center}
+ \includegraphics[height=0.9\textheight]{figs/taler-pay.pdf}
+ \end{center}
+\end{frame}
+
+
+\begin{frame}{Giving change}
+ It would be inefficient to pay EUR 100 with 1 cent coins!
+ \begin{itemize}
+ \item Denomination key represents value of a coin.
+ \item Exchange may offer various denominations for coins.
+ \item Wallet may not have exact change!
+ \item Usability requires ability to pay given sufficient total funds.
+ \end{itemize}\pause
+ Key goals:
+ \begin{itemize}
+ \item maintain unlinkability
+ \item maintain taxability of transactions
+ \end{itemize}\pause
+ Method:
+ \begin{itemize}
+ \item Contract can specify to only pay {\em partial value} of a coin.
+ \item Exchange allows wallet to obtain {\em unlinkable change}
+ for remaining coin value.
+ \end{itemize}
+\end{frame}
+
+
+\begin{frame}{Diffie-Hellman (ECDH)}
+ \begin{minipage}{8cm}
+ \begin{enumerate}
+ \item Create private keys $c,t \mod o$
+ \item Define $C = cG$
+ \item Define $T = tG$
+ \item Compute DH \\ $cT = c(tG) = t(cG) = tC$
+ \end{enumerate}
+ \end{minipage}
+ \begin{minipage}{6cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 2em and 0.5em, inner sep=0em, outer
sep=.3em];
+ \node (t) [def, draw=none] at (0,0) {$t$};
+ \node (ct) [def, draw=none, below left=of
b]{\includegraphics[width=0.2\textwidth]{dh.pdf}};
+ \node (c) [def, draw=none, above left= of ct] {$c$};
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (ct) -- (c) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (ct) -- (t) node [midway, above, sloped] (TextNode) {};
+ \end{tikzpicture}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Strawman solution}
+ \begin{minipage}{8cm}
+ Given partially spent private coin key $c_{old}$:
+ \begin{enumerate}
+% \item Let $C_{old} := c_{old}G$ (as before)
+ \item Pick random $c_{new} \mod o$ private key
+ \item $C_{new} = c_{new}G$ public key
+ \item Pick random $b_{new}$
+ \item Compute $f_{new} := FDH(C_{new})$, $m < n$.
+ \item Transmit $f'_{new} := f_{new} b_{new}^e \mod n$
+ \end{enumerate}
+ ... and sign request for change with $c_{old}$.
+ \end{minipage}
+ \begin{minipage}{4cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer
sep=.3em];
+ \node (blinded) [def,
draw=none]{\includegraphics[width=0.15\textwidth]{blinded.pdf}};
+ \node (planchet) [def, draw=none, above left= of blinded]
{\includegraphics[width=0.15\textwidth]{planchet.pdf}};
+ \node (cnew) [def, draw=none, above= of planchet] {$c_{new}$};
+ \node (bnew) [def, draw=none, above right= of blinded] {$b_{new}$};
+ \node (dice1) [def, draw=none, above = of
cnew]{\includegraphics[width=0.2\textwidth]{dice.pdf}};
+ \node (dice2) [def, draw=none, above = of
bnew]{\includegraphics[width=0.2\textwidth]{dice.pdf}};
+ \node (exchange) [node distance=4em and 0.5em, draw, below =of
blinded]{Exchange};
+
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (cnew) -- (dice1) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (planchet) -- (cnew) node [midway, above, sloped] (TextNode)
{};
+ \draw [<-, C] (bnew) -- (dice2) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (blinded) -- (planchet) node [midway, above, sloped]
(TextNode) {};
+ \draw [<-, C] (blinded) -- (bnew) node [midway, above, sloped] (TextNode)
{};
+ \draw [<-, C] (exchange) -- (blinded) node [midway, above, sloped]
(TextNode) {{\small transmit}};
+ \end{tikzpicture}
+ \end{minipage}
+ \pause
+ \vfill
+ {\bf Problem: Owner of $c_{new}$ may differ from owner of $c_{old}$!}
+\end{frame}
+
+
+\begin{frame}{Customer: Transfer key setup (ECDH)}
+ \begin{minipage}{8cm}
+ Given partially spent private coin key $c_{old}$:
+ \begin{enumerate}
+ \item Let $C_{old} := c_{old}G$ (as before)
+ \item Create random private transfer key $t \mod o$
+ \item Compute $T := tG$
+ \item Compute $X := c_{old}(tG) = t(c_{old}G) = tC_{old}$
+ \item Derive $c_{new}$ and $b_{new}$ from $X$
+ \item Compute $C_{new} := c_{new}G$
+ \item Compute $f_{new} := FDH(C_{new})$
+ \item Transmit $f_{new}' := f_{new} b_{new}^e$
+ \end{enumerate}
+ \end{minipage}
+ \begin{minipage}{4cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer
sep=.3em];
+ \node (t) [def, draw=none] at (0,0) {$t$};
+ \node (dice) [def, draw=none, above = of
t]{\includegraphics[width=0.2\textwidth]{dice.pdf}};
+ \node (dh) [def, draw=none, below left=of
b]{\includegraphics[width=0.2\textwidth]{ct.pdf}};
+ \node (d) [def, draw=none, above left= of dh] {$c_{old}$};
+ \node (cp) [def, draw=none, below left= of dh] {$c_{new}$};
+ \node (bp) [def, draw=none, below right= of dh] {$b_{new}$};
+ \node (blinded) [def, draw=none, below right=of
cp]{\includegraphics[width=0.15\textwidth]{blinded.pdf}};
+ \node (exchange) [node distance=4em and 0.5em, draw, below =of
blinded]{Exchange};
+
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (dh) -- (d) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (dh) -- (t) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (t) -- (dice) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (cp) -- (dh) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (bp) -- (dh) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (blinded) -- (cp) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (blinded) -- (bp) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (exchange) -- (blinded) node [midway, above, sloped]
(TextNode) {{\small transmit}};
+ \end{tikzpicture}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Cut-and-Choose}
+ \begin{minipage}{4cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer
sep=.3em];
+ \node (t) [def, draw=none] at (0,0) {$t_1$};
+ \node (dice) [def, draw=none, above = of
t]{\includegraphics[width=0.2\textwidth]{dice.pdf}};
+ \node (dh) [def, draw=none, below left=of
b]{\includegraphics[width=0.2\textwidth]{ct.pdf}};
+ \node (d) [def, draw=none, above left= of dh] {$c_{old}$};
+ \node (cp) [def, draw=none, below left= of dh] {$c_{new,1}$};
+ \node (bp) [def, draw=none, below right= of dh] {$b_{new,1}$};
+ \node (blinded) [def, draw=none, below right=of
cp]{\includegraphics[width=0.15\textwidth]{blinded.pdf}};
+ \node (exchange) [node distance=4em and 0.5em, draw, below =of
blinded]{Exchange};
+
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (t) -- (dice) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (dh) -- (d) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (dh) -- (t) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (cp) -- (dh) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (bp) -- (dh) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (blinded) -- (cp) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (blinded) -- (bp) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (exchange) -- (blinded) node [midway, above, sloped]
(TextNode) {{\small transmit}};
+ \end{tikzpicture}
+ \end{minipage}
+ \begin{minipage}{4cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer
sep=.3em];
+ \node (t) [def, draw=none] at (0,0) {$t_2$};
+ \node (dice) [def, draw=none, above = of
t]{\includegraphics[width=0.2\textwidth]{dice.pdf}};
+ \node (dh) [def, draw=none, below left=of
b]{\includegraphics[width=0.2\textwidth]{ct.pdf}};
+ \node (d) [def, draw=none, above left= of dh] {$c_{old}$};
+ \node (cp) [def, draw=none, below left= of dh] {$c_{new,2}$};
+ \node (bp) [def, draw=none, below right= of dh] {$b_{new,2}$};
+ \node (blinded) [def, draw=none, below right=of
cp]{\includegraphics[width=0.15\textwidth]{blinded.pdf}};
+ \node (exchange) [node distance=4em and 0.5em, draw, below =of
blinded]{Exchange};
+
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (t) -- (dice) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (dh) -- (d) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (dh) -- (t) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (cp) -- (dh) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (bp) -- (dh) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (blinded) -- (cp) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (blinded) -- (bp) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (exchange) -- (blinded) node [midway, above, sloped]
(TextNode) {{\small transmit}};
+ \end{tikzpicture}
+ \end{minipage}
+ \begin{minipage}{4cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer
sep=.3em];
+ \node (t) [def, draw=none] at (0,0) {$t_3$};
+ \node (dice) [def, draw=none, above = of
t]{\includegraphics[width=0.2\textwidth]{dice.pdf}};
+ \node (dh) [def, draw=none, below left=of
b]{\includegraphics[width=0.2\textwidth]{ct.pdf}};
+ \node (d) [def, draw=none, above left= of dh] {$c_{old}$};
+ \node (cp) [def, draw=none, below left= of dh] {$c_{new,3}$};
+ \node (bp) [def, draw=none, below right= of dh] {$b_{new,3}$};
+ \node (blinded) [def, draw=none, below right=of
cp]{\includegraphics[width=0.15\textwidth]{blinded.pdf}};
+ \node (exchange) [node distance=4em and 0.5em, draw, below =of
blinded]{Exchange};
+
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (t) -- (dice) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (dh) -- (d) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (dh) -- (t) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (cp) -- (dh) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (bp) -- (dh) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (blinded) -- (cp) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (blinded) -- (bp) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (exchange) -- (blinded) node [midway, above, sloped]
(TextNode) {{\small transmit}};
+ \end{tikzpicture}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Exchange: Choose!}
+ \begin{center}
+ \item Exchange sends back random $\gamma \in \{ 1, 2, 3 \}$ to the
customer.
+ \end{center}
+\end{frame}
+
+
+\begin{frame}{Customer: Reveal}
+ \begin{enumerate}
+ \item If $\gamma = 1$, send $t_2$, $t_3$ to exchange
+ \item If $\gamma = 2$, send $t_1$, $t_3$ to exchange
+ \item If $\gamma = 3$, send $t_1$, $t_2$ to exchange
+ \end{enumerate}
+\end{frame}
+
+
+\begin{frame}{Exchange: Verify ($\gamma = 2$)}
+ \begin{minipage}{4cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer
sep=.3em];
+ \node (h) [def, draw=none] at (0,0) {$t_1$};
+ \node (dh) [def, draw=none, below left=of
b]{\includegraphics[width=0.2\textwidth]{ct.pdf}};
+ \node (d) [def, draw=none, above left= of dh] {$C_{old}$};
+ \node (cp) [def, draw=none, below left= of dh] {$c_{new,1}$};
+ \node (bp) [def, draw=none, below right= of dh] {$b_{new,1}$};
+ \node (blinded) [def, draw=none, below right=of
cp]{\includegraphics[width=0.15\textwidth]{blinded.pdf}};
+
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (dh) -- (d) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (dh) -- (h) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (cp) -- (dh) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (bp) -- (dh) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (blinded) -- (cp) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (blinded) -- (bp) node [midway, above, sloped] (TextNode) {};
+ \end{tikzpicture}
+ \end{minipage}
+ \begin{minipage}{4cm}
+ \
+ \end{minipage}
+ \begin{minipage}{4cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer
sep=.3em];
+ \node (h) [def, draw=none] at (0,0) {$t_3$};
+ \node (dh) [def, draw=none, below left=of
b]{\includegraphics[width=0.2\textwidth]{ct.pdf}};
+ \node (d) [def, draw=none, above left= of dh] {$C_{old}$};
+ \node (cp) [def, draw=none, below left= of dh] {$c_{new,3}$};
+ \node (bp) [def, draw=none, below right= of dh] {$b_{new,3}$};
+ \node (blinded) [def, draw=none, below right=of
cp]{\includegraphics[width=0.15\textwidth]{blinded.pdf}};
+
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (dh) -- (d) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (dh) -- (h) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (cp) -- (dh) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (bp) -- (dh) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (blinded) -- (cp) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (blinded) -- (bp) node [midway, above, sloped] (TextNode) {};
+ \end{tikzpicture}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Exchange: Blind sign change (RSA)}
+ \begin{minipage}{6cm}
+ \begin{enumerate}
+ \item Take $f_{new,\gamma}'$.
+ \item Compute $s' := f_{new,\gamma}'^d \mod n$.
+ \item Send signature $s'$.
+ \end{enumerate}
+ \end{minipage}
+ \begin{minipage}{6cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 2em and 0.5em, inner sep=0em, outer
sep=.3em];
+ \node (hammer) [def, draw=none] at (0,0)
{\includegraphics[width=0.15\textwidth]{hammer.pdf}};
+ \node (signed) [def, draw=none, below left=of
hammer]{\includegraphics[width=0.2\textwidth]{sign.pdf}};
+ \node (blinded) [def, draw=none, above left=of
signed]{\includegraphics[width=0.15\textwidth]{blinded.pdf}};
+ \node (customer) [node distance=4em and 0.5em, draw, below =of
signed]{Customer};
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (signed) -- (hammer) node [midway, above, sloped] (TextNode)
{};
+ \draw [<-, C] (signed) -- (blinded) node [midway, above, sloped]
(TextNode) {};
+ \draw [<-, C] (customer) -- (signed) node [midway, above, sloped]
(TextNode) {{\small transmit}};
+ \end{tikzpicture}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Customer: Unblind change (RSA)}
+ \begin{minipage}{6cm}
+ \begin{enumerate}
+ \item Receive $s'$.
+ \item Compute $s := s' b_{new,\gamma}^{-1} \mod n$.
+ \end{enumerate}
+ \end{minipage}
+ \begin{minipage}{6cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 2em and 0.5em, inner sep=0em, outer
sep=.3em];
+ \node (b) [def, draw=none] at (0,0) {$b_{new,\gamma}$};
+ \node (coin) [def, draw=none, below left=of
b]{\includegraphics[width=0.2\textwidth]{coin.pdf}};
+ \node (signed) [def, draw=none, above left=of
coin]{\includegraphics[width=0.15\textwidth]{sign.pdf}};
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (coin) -- (b) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (coin) -- (signed) node [midway, above, sloped] (TextNode)
{};
+ \end{tikzpicture}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Exchange: Allow linking change}
+ \begin{minipage}{7cm}
+ \begin{center}
+ Given $C_{old}$
+
+ \vspace{1cm}
+
+ return $T_\gamma$, $s := s' b_{new,\gamma}^{-1} \mod n$.
+ \end{center}
+ \end{minipage}
+ \begin{minipage}{5cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 3em and 0.5em, inner sep=0.5em, outer
sep=.3em];
+ \node (co) [def, draw=none] at (0,0) {$C_{old}$};
+ \node (T) [def, draw=none, below left=of co]{$T_\gamma$};
+ \node (sign) [def, draw=none, below right=of
co]{\includegraphics[width=0.15\textwidth]{sign.pdf}};
+ \node (customer) [def, draw, below right=of T] {Customer};
+
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (T) -- (co) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (sign) -- (co) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (customer) -- (T) node [midway, above, sloped] (TextNode)
{link};
+ \draw [<-, C] (customer) -- (sign) node [midway, above, sloped] (TextNode)
{link};
+ \end{tikzpicture}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Customer: Link (threat!)}
+ \begin{minipage}{6.3cm}
+ \begin{enumerate}
+ \item Have $c_{old}$.
+ \item Obtain $T_\gamma$, $s$ from exchange
+ \item Compute $X_\gamma = c_{old}T_\gamma$
+ \item Derive $c_{new,\gamma}$ and $b_{new,\gamma}$ from $X_\gamma$
+ \item Unblind $s := s' b_{new,\gamma}^{-1} \mod n$
+ \end{enumerate}
+
+ \end{minipage}
+ \begin{minipage}{5.7cm}
+ \begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer
sep=.3em];
+ \node (T) [def, draw=none] at (0,0) {$T_\gamma$};
+ \node (exchange) [def, inner sep=0.5em, draw, above left=of T] {Exchange};
+ \node (signed) [def, draw=none, below left=of
T]{\includegraphics[width=0.15\textwidth]{sign.pdf}};
+ \node (dh) [def, draw=none, below right=of
T]{\includegraphics[width=0.2\textwidth]{ct.pdf}};
+ \node (bp) [def, draw=none, below left= of dh] {$b_{new,\gamma}$};
+ \node (co) [def, draw=none, above right= of dh] {$c_{old}$};
+ \node (cp) [def, draw=none, below= of dh] {$c_{new,\gamma}$};
+ \node (coin) [def, draw=none, below left = of
bp]{\includegraphics[width=0.2\textwidth]{coin.pdf}};
+ \node (psign) [def, node distance=2.5em and 0em, draw=none, below = of
cp]{\includegraphics[width=0.2\textwidth]{planchet-sign.pdf}};
+
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (dh) -- (co) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (dh) -- (T) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (cp) -- (dh) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (bp) -- (dh) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (coin) -- (signed) node [midway, above, sloped] (TextNode)
{};
+ \draw [<-, C] (coin) -- (bp) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (T) -- (exchange) node [midway, above, sloped] (TextNode)
{link};
+ \draw [<-, C] (signed) -- (exchange) node [midway, below, sloped]
(TextNode) {link};
+ \draw [<-, C, double] (psign) -- (cp) node [midway, below, sloped]
(TextNode) {};
+ \end{tikzpicture}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Refresh protocol summary}
+ \begin{itemize}
+ \item Customer asks exchange to convert old coin to new coin
+ \item Protocol ensures new coins can be recovered from old coin
+ \item[$\Rightarrow$] New coins are owned by the same entity!
+ \end{itemize}
+ Thus, the refresh protocol allows:
+ \begin{itemize}
+ \item To give unlinkable change.
+ \item To give refunds to an anonymous customer.
+ \item To expire old keys and migrate coins to new ones.
+ \item To handle protocol aborts.
+ \end{itemize}
+ \noindent
+ \begin{center}
+ \bf
+ Transactions via refresh are equivalent to {\em sharing} a wallet.
\end{center}
\end{frame}
+
\end{document}
diff --git a/presentations/2021-crypto-barons/taler-logo-2018.pdf
b/presentations/2021-crypto-barons/taler-logo-2018.pdf
new file mode 100644
index 0000000..89c0969
Binary files /dev/null and
b/presentations/2021-crypto-barons/taler-logo-2018.pdf differ
diff --git a/presentations/2021-crypto-barons/wcef.pdf
b/presentations/2021-crypto-barons/wcef.pdf
new file mode 100644
index 0000000..6abe2ae
Binary files /dev/null and b/presentations/2021-crypto-barons/wcef.pdf differ
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-marketing] branch master updated: crypto backup slides,
gnunet <=