Interesting People mailing list archives
Anonymous Credit Card on the Internet [ an interesting activity .. djf]
From: David Farber <farber () central cis upenn edu>
Date: Sat, 26 Feb 1994 07:24:51 -0500
Date: Thu, 24 Feb 94 17:46:00 EST From: dmk () allegra att com (Dave Kristol) The anonymous credit card (ACC) protocol (paper available at research.att.com/dist/anoncc/anoncc.ps.Z and collude.ps.Z) is meant to be used the way a conventional credit card is - at the Point-of-Sale. (Awhile back) Gingery correctly pointed out that it can be extended to make an anonymous mercantile protocol on the Internet. We have made such an extension that can be used on the Internet to perform two functions: anonymous funds transfer from a customer to a seller, and anonymous delivery in the reversed direction. The delivery can be made either over the Internet, e.g. files, or otherwise, e.g. books, CDs. The following gives an overview of the protocol; a more detailed description of the protocol, including motivations for anonymity, can be found in a working paper available at research.att.com:/dist/anoncc/accinet.ps.Z. Overview of Protocol --------------------- A customer can purchase multiple files in a single session. How the customer chooses files of interest is outside the scope of our protocol. A session proceeds in three phases. In phase 1, a customer transfers funds anonymously from his/her bank account to the seller's bank account. The customer obtains a receipt from the seller's bank certifying the deposit, which he/she presents to the seller to open a session account at the seller. In phase 2, the customer makes possibly multiple requests of files from the seller. The seller deducts the purchase prices from the session account and delivers the files without knowing the identity or address of the customer. Phase 3 is entered when the customer finishes all desired purchases (or when the session account runs out of money). Any balance in the session account is refunded anonymously to the customer's account. Information separation and cryptographic techniques are applied to hide from each party the information the party does not need to perform its function. After a protocol session, 1) the customer's bank only knows that money has been withdrawn from (and deposited to) the customer's account, but knows neither the purpose nor the source (and destination) of the transfer(s); 2) the situation at the seller's bank is similar; 3) the seller only knows that it is paid for the purchase of certain files, but not the identity or the address of the customer. Differences from Gingery's Scheme --------------------------------- Although Gingery's scheme and ours have much in common, there are also several differences between them. For instance, in Gingery's scheme, the customer communicates directly with the seller, whereas in ours, they can communicate through an intermediary that hides one's identity from the other if the customer desires a higher degree of anonymity. In our scheme, the customer initiates a funds transfer by sending a message directly to his/her own bank; in Gingery's, the request (in encryption) is instead passed to the seller, and then forwarded to the seller's bank, and finally forwarded to the customer's bank. Hence, our scheme requires less communication (and the communication can be further reduced if anonymity requirement is relaxed to the same degree as in Gingery's scheme). Finally, unlike Gingery's scheme, the seller is provided with a key and an encrypted address by the customer so that the seller can encrypt and deliver the purchased files without knowing who the customer is. The encryption not only guarantees secrecy to the customer, but also protects the seller's interest since otherwise any eavesdropper can obtain the information for free. Dave Kristol
Current thread:
- Anonymous Credit Card on the Internet [ an interesting activity .. djf] David Farber (Feb 26)