1994-02-28 - Anonymous Credit Cards

Header Data

From: geoffw@nexsys.net (Geoff White)
To: cypherpunks@toad.com
Message Hash: bb7d91a4410e2742bb5b8c25111861575507a94a9f895df92abd1cdfb1e5126f
Message ID: <199402280313.TAA16719@nexsys.nexsys.net>
Reply To: N/A
UTC Datetime: 1994-02-28 03:14:34 UTC
Raw Date: Sun, 27 Feb 94 19:14:34 PST

Raw message

From: geoffw@nexsys.net (Geoff White)
Date: Sun, 27 Feb 94 19:14:34 PST
To: cypherpunks@toad.com
Subject: Anonymous Credit Cards
Message-ID: <199402280313.TAA16719@nexsys.nexsys.net>
MIME-Version: 1.0
Content-Type: text/plain


Anybody know anything about this?...



----- Begin Included Message -----

Path: internex.net!thumper.bellcore.com!owner-imp-interest
From: dmk@allegra.att.com (Dave Kristol)
Newsgroups: mlist.imp-interest
Subject: Anonymous Credit Card on the Internet
Date: 24 Feb 1994 14:57:19 -0800
Organization: InterNex Information Services, Inc.
Lines: 71
Sender: daemon@internex.net
Message-ID: <199402242247.RAA25510@thumper.bellcore.com>
NNTP-Posting-Host: gaia.internex.net

The anonymous credit card (ACC) protocol (paper available at
research.att.com/dist/anoncc/anoncc.ps.Z and collude.ps.Z) is meant to
be used the way a conventional credit card is - at the Point-of-Sale.
(Awhile back) Gingery correctly pointed out that it can be extended to
make an anonymous mercantile protocol on the Internet.

We have made such an extension that can be used on the Internet to
perform two functions: anonymous funds transfer from a customer to a
seller, and anonymous delivery in the reversed direction.   The
delivery can be made either over the Internet, e.g. files, or
otherwise, e.g. books, CDs.

The following gives an overview of the protocol; a more detailed
description of the protocol, including motivations for anonymity, can
be found in a working paper available at
	research.att.com:/dist/anoncc/accinet.ps.Z.

Overview of Protocol
---------------------

A customer can purchase multiple files in a single session.  How the
customer chooses files of interest is outside the scope of our
protocol.  A session proceeds in three phases.   In phase 1, a customer
transfers funds anonymously from his/her bank account to the seller's
bank account.  The customer obtains a receipt from the seller's bank
certifying the deposit, which he/she presents to the seller to open a
session account at the seller.

In phase 2, the customer makes possibly multiple requests of files from
the seller.   The seller deducts the purchase prices from the session
account and delivers the files without knowing the identity or address
of the customer.

Phase 3 is entered when the customer finishes all desired purchases (or
when the session account runs out of money). Any balance in the session
account is refunded anonymously to the customer's account.

Information separation and cryptographic techniques are applied to hide
from each party the information the party does not need to perform its
function.  After a protocol session,
1) the customer's bank only knows that money has been withdrawn from
   (and deposited to) the customer's account, but knows neither the
   purpose nor the source (and destination) of the transfer(s);
2) the situation at the seller's bank is similar;
3) the seller only knows that it is paid for the purchase of certain
   files, but not the identity or the address of the customer.



Differences from Gingery's Scheme
---------------------------------

Although Gingery's scheme and ours have much in common, there are also
several differences between them.  For instance, in Gingery's scheme,
the customer communicates directly with the seller, whereas in ours,
they can communicate through an intermediary that hides one's identity
from the other if the customer desires a higher degree of anonymity.
In our scheme, the customer initiates a funds transfer by sending a
message directly to his/her own bank;  in Gingery's, the request (in
encryption) is instead passed to the seller, and then forwarded to the
seller's bank, and finally forwarded to the customer's bank.   Hence,
our scheme requires less communication (and the communication can be
further reduced if anonymity requirement is relaxed to the same degree
as in Gingery's scheme).  Finally, unlike Gingery's scheme, the seller
is provided with a key and an encrypted address by the customer so that
the seller can encrypt and deliver the purchased files without knowing
who the customer is.   The encryption not only guarantees secrecy to
the customer, but also protects the seller's interest since otherwise
any eavesdropper can obtain the information for free.

Dave Kristol


----- End Included Message -----






Thread