There is another link that I think is even more interesting, this one hosted at:
http://groups.csail.mit.edu/mac/classes/6.805/articles/money/nsamint/nsamint.htmThe link goes to:
Anonymous: Fried, Frank got NSA's permission to make this report available. They have offered to make copies available by contacting them at <21stcen ffhsj.com=""> or (202) 639-7200. See: http://www.ffhsj.com/bancmail/21starch/961017.htm 21stcen>
Received October 31, 1996
With the Compliments of Thomas P. Vartanian
Fried, Frank, Harris, Schriver & Jacobson
1001 Pennsylvania Avenue, N.W.
Washington, D.C. 20004-2505
Telephone: (202) 639-7200
HOW TO MAKE A MINT: THE CRYPTOGRAPHY OF ANONYMOUS ELECTRONIC CASHLaurie Law, Susan Sabett, Jerry Solinas
National Security Agency Office of Information Security Research and Technology
18 June 1996
1. WHAT IS ELECTRONIC CASH?
1.1 Electronic Payment
1.2 Security of Electronic Payments
1.3 Electronic Cash
1.4 Multiple Spending
2. A CRYPTOGRAPHIC DESCRIPTION
2.1 Public-Key Cryptographic Tools
2.2 A Simplified Electronic Cash Protocol
2.3 Untraceable Electronic Payments
2.4 A Basic Electronic Cash Protocol
3. PROPOSED OFF-LINE IMPLEMENTATIONS
3.1 Including Identifying Information
3.2 Authentication and Signature Techniques
3.3 Summary of Proposed Implementations
4. OPTIONAL FEATURES OF OFF-LINE CASH
4. 1 Transferability
5. SECURITY ISSUES
5.1 Multiple Spending Prevention
5.2 Wallet Observers
5.3 Security Failures
5.4 Restoring Traceability
Electronic payment systems come in many forms including digital checks, debit cards, credit cards, and stored value cards. The usual security features for such systems are privacy (protection from eavesdropping), authenticity (provides user identification and message integrity), and nonrepudiation (prevention of later denying having performed a transaction) .
The type of electronic payment system focused on in this paper is electronic cash. As the name implies, electronic cash is an attempt to construct an electronic payment system modelled after our paper cash system. Paper cash has such features as being: portable (easily carried), recognizable (as legal tender) hence readily acceptable, transferable (without involvement of the financial network), untraceable (no record of where money is spent), anonymous (no record of who spent the money) and has the ability to make "change." The designers of electronic cash focused on preserving the features of untraceability and anonymity. Thus, electronic cash is defined to be an electronic payment system that provides, in addition to the above security features, the properties of user anonymity and payment untraceability..
In general, electronic cash schemes achieve these security goals via digital signatures. They can be considered the digital analog to a handwritten signature. Digital signatures are based on public key cryptography. In such a cryptosystem, each user has a secret key and a public key. The secret key is used to create a digital signature and the public key is needed to verify the digital signature. To tell who has signed the information (also called the message), one must be certain one knows who owns a given public key. This is the problem of key management, and its solution requires some kind of authentication infrastructure. In addition, the system must have adequate network and physical security to safeguard the secrecy of the secret keys.
This report has surveyed the academic literature for cryptographic techniques for implementing secure electronic cash systems. Several innovative payment schemes providing user anonymity and payment untraceability have been found. Although no particular payment system has been thoroughly analyzed, the cryptography itself appears to be sound and to deliver the promised anonymity.
These schemes are far less satisfactory, however, from a law enforcement point of view. In particular, the dangers of money laundering and counterfeiting are potentially far more serious than with paper cash. These problems exist in any electronic payment system, but they are made much worse by the presence of anonymity. Indeed, the widespread use of electronic cash would increase the vulnerability of the national financial system to Information Warfare attacks. We discuss measures to manage these risks; these steps, however, would have the effect of limiting the users' anonymity.
This report is organized in the following manner. Chapter 1 defines the basic concepts surrounding electronic payment systems and electronic cash. Chapter 2 provides the reader with a high level cryptographic description of electronic cash protocols in terms of basic authentication mechanisms. Chapter 3 technically describes specific implementations that have been proposed in the academic literature. In Chapter 4, the optional features of transferability and divisibility for off-line electronic cash are presented. Finally, in Chapter 5 the security issues associated with electronic cash are discussed.
The authors of this paper wish to acknowledge the following people for their contribution to this research effort through numerous discussions and review of this paper: Kevin Igoe, John Petro, Steve Neal, and Mel Currie.
...MUCH, MUCH MORE