[Taler] reduce attack surface (Case 2)

taler

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Taler] reduce attack surface (Case 2)

From:	Fabian Kirsch
Subject:	[Taler] reduce attack surface (Case 2)
Date:	Sun, 27 Sep 2015 00:23:20 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.7.0

Dear all,

in the refreshing process the link creation relies on the customer toprovide the correct E_\gamma.

This is because only E_i (i \neq \gamma) gets checked.

So the mint could earn some black market money by providing hints ongamma or even predictable gamma selection.The customer can therefore use a foreign Cp(gamma) for which he does notknow Cs(gamma)

Then the customer can provide correct E_i for all i \neq \gamma.
The mint has clean records for the audits.

The customer successfully broke the link and performed a hiddentransaction to the owner of Cs(gamma)

We have to find a source for the selection of gamma which is not in thehands of a possible tax evader.


Greetings
  Fabian

[Prev in Thread]

Current Thread

[Next in Thread]

[Taler] reduce attack surface (Case 2), Fabian Kirsch <=
- Re: [Taler] reduce attack surface (Case 2), Florian Dold, 2015/09/27
  - Message not available
    - [Taler] The illicit use case (A), fabian . kirsch, 2015/09/29

Prev by Date: Re: [Taler] latest draft on the Taler cryptography
Next by Date: Re: [Taler] reduce attack surface (Case 2)
Previous by thread: [Taler] reduce attack surface (Case 1)
Next by thread: Re: [Taler] reduce attack surface (Case 2)
Index(es):
- Date
- Thread