End the War on Freedom

Jon Matonis at The Monetary Future - an introduction and list of papers on electronic money. I repeated the paper links below. Once I find a system I like, and can understand, I'll add it to Trubanc. I want off-line trades to be a possibility, and for verification and reminting to be possible without an account, using a simple RESTful interface. Of course, you'll also be able to deposit and withdraw digital cash to and from your account, if you have one. If you have your favorite system, especially if you know where to find code for it, please comment or email (address at bottom of page).

David Chaum's home page

David Chaum, Amos Fiat, Moni Naor, "Untraceable Electronic Cash," Advances in Cryptology - CRYPTO '88, LNCS 403, pp. 319-327, 1990).

Cryptographer's World

Shaghayegh Bakhtiari, Ahmad Baraani, Mohammad-Reza Khayyambashi, "MobiCash: A New Anonymous Mobile Payment System Implemented by Elliptic Curve Cryptography," csie, vol. 3, pp.286-290, 2009 WRI World Congress on Computer Science and Information Engineering, 2009

Aline Gouget, "Recent Advances in Electronic Cash Design," CARDIS 2008, LNCS 5189, pp. 290-293, Smart Card Research and Advanced Applications 8th International Federation for Information Processing Conference, London, UK, September 8-11, 2008

Shangping Wang, Zhiqiang Chen, Xiaofeng Wang, "A New Certificateless Electronic Cash Scheme with Multiple Banks Based on Group Signatures," isecs, pp.362-366, 2008 International Symposium on Electronic Commerce and Security, 2008

Man Ho Au, Willy Susilo, Yi Mu, "Practical Anonymous Divisible E-Cash from Bounded Accumulators," FC 2008, LNCS 5143, pp. 287-301, Financial Cryptography and Data Security 12th International Conference, Cozumel, Mexico, January 28-31, 2008

Sebastien Canard, Aline Gouget, Jacques Traore, "Improvement of Efficiency in (Unconditional) Anonymous Transferable E-Cash," FC 2008, LNCS 5143, pp. 202-214, Financial Cryptography and Data Security 12th International Conference, Cozumel, Mexico, January 28-31, 2008

Debasish Jena, Sanjay Kumar Jena, Banshidhar Majhi, "A Novel Blind Signature Scheme Based on Nyberg-Rueppel Signature Scheme and Applying in Off-Line Digital Cash," icit, pp.19-22, 10th International Conference on Information Technology (ICIT 2007), 2007

Ling Zhang, Jian ping Yin, Yu bin Zhan, "An Anonymous Digital Cash and Fair Payment Protocol Utilizing Smart Card in Mobile Environments," gccw, pp.335-340, Fifth International Conference on Grid and Cooperative Computing Workshops, 2006

Chun-I Fan, Yu-Kuang Liang, Bo-Wei Lin, "Fair Transaction Protocols Based on Electronic Cash," pdcat, pp.383-388, Seventh International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT'06), 2006

Yoshikazu Hanatani, Yuichi Komano, Kazuo Ohta, Noboru Kunihiro, "Provably Secure Electronic Cash Based on Blind Multisignature Schemes," FC 2006, LNCS 4107, pp. 236-250, Financial Cryptography and Data Security 10th International Conference, Anguilla, British West Indies, February 27-March 2, 2006

Hyun Ju Lee, Mun Suk Choi, Chung Sei Rhee, "Traceability of Double Spending in Secure Electronic Cash System," iccnmc, pp.330, 2003 International Conference on Computer Networks and Mobile Computing (ICCNMC'03), 2003

L. Jean Camp, "An Atomicity-Generating Protocol for Anonymous Currencies," IEEE Transactions on Software Engineering, vol. 27, no. 3, pp. 272-278, Mar. 2001

Moses Liskov, Silvio Micali, "Amortized E-Cash," FC 2001, LNCS 2339, pp. 1-20, Financial Cryptography and Data Security 5th International Conference, Grand Cayman, British West Indies, February 19-22, 2001

H. Wang, Y. Zhang, "Untraceable Off-Line Electronic Cash Flow in E-Commerce," acsc, pp.191, Australasian Computer Science Conference (ACSC '01), 2001

Hua Wang, Yanchun Zhang, "A Protocol for Untraceable Electronic Cash," WAIM 2000, LNCS 1846, pp. 189-197, Web-Age Information Management First International Conference, Shanghai, China, June 21-23, 2000

Tomas Sander, Amnon Ta-Shma, "On Anonymous Electronic Cash and Crime," ISW'99, LNCS 1729, pp. 202-206, Second International Workshop, ISW’99, Kuala Lumpur, Malaysia, November 6-7, 1999

Tim Ebringer, Peter Thorne, "Engineering an eCash System," ISW'99, LNCS 1729, pp. 32-36, Second International Workshop, ISW’99, Kuala Lumpur, Malaysia, November 6-7, 1999

Shingo Miyazaki, Kouichi Sakurai, "A More Efficient Untraceable E-Cash System with Partially Blind Signatures Based on the Discrete Logarithm Problem," FC 1998, LNCS 1465, pp. 296-308, Financial Cryptography and Data Security Second International Conference, Anguilla, British West Indies, February 23-25, 1998

Markus Jakobsson, Ari Juels, "X-Cash: Executable Digital Cash," FC 1998, LNCS 1465, pp. 16-27, Financial Cryptography and Data Security Second International Conference, Anguilla, British West Indies, February 23-25, 1998

Khanh Quoc Nguyen, Yi Mu, Vijay Varadharajan, "A New Digital Cash Scheme Based on Blind Nyberg-Rueppel Digital Signature," ISW'97, LNCS 1396, pp. 313-320, Information Security First International Workshop, Tatsunokuchi, Ishikawa, Japan, September 17-19, 1997

Stig F. Mjølsnes, Rolf Michelsen, "Open Transnational System for Digital Currency Payments," hicss, vol. 5, pp.198, 30th Hawaii International Conference on System Sciences (HICSS) Volume 5: Advanced Technology Track, 1997

Osamu Watanabe, Osamu Yamashita, "An Improvement of the Digital Cash Protocol of Okamoto and Ohta," Algorithms and Computation, 7th International Symposium, ISAAC '96 Osaka, Japan, December 16-18, 1996

Daniel R. Simon, "Anonymous Communication and Anonymous Cash," CRYPTO ’96, LNCS 1109, pp. 61-73, Advances in Cryptology — CRYPTO ’96 16th Annual International Cryptology Conference, Santa Barbara, California, USA, August 18-22, 1996

Hua Yu, Zhongtao Wang, "Final Report on Anonymous Digital Cash," 1995

Tatsuaki Okamoto, "An Efficient Divisible Electronic Cash Scheme," CRYPTO ’95, LNCS 963, pp. 438-451, Advances in Cryptology — CRYPT0 ’95 15th Annual International Cryptology Conference, Santa Barbara, California, USA, August 27-31, 1995

Ernie Brickell, Peter Gemmell, David Kravitz, "Trustee-Based Tracing Extensions to Anonymous Cash and the Making of Anonymous Change," Proceedings of the Sixth Annual ACM-SIAM Symposium on Discrete Algorithms, 1995

Stefan Brands, "Electronic Cash on the Internet," sndss, pp.64, 1995 Symposium on Network and Distributed System Security (SNDSS'95), 1995

Yacov Yacobi, "Efficient Electronic Money," ASIACRYPT'94, LNCS 917, pp. 151-163, Advances in Cryptology — ASIACRYPT'94 4th International Conferences on the Theory and Applications of Cryptology, Wollongong, Australia, November 28 - December 1, 1994

Tony Eng, Tatsuaki Okamoto, "Single-Term Divisible Electronic Coins," EUROCRYPT ’94, LNCS 950, pp. 306-319, Advances in Cryptology — EUROCRYPT '94 Workshop on the Theory and Application of Cryptographic Techniques Perugia, Italy, May 9-12, 1994

Stefan Brands, "Untraceable Off-line Cash in Wallet with Observers," CRYPTO ’93, LNCS 773, pp. 302-318, Advances in Cryptology — CRYPTO ’93 13th Annual International Cryptology Conference, Santa Barbara, California, USA, August 22-26, 1993

Tatsuaki Okamoto, Kazuo Ohta, "Universal Electronic Cash," Advances in Cryptology — CRYPTO ’91, LNCS 576, pp. 324-337, 1991

Barry Hayes, "Anonymous One-Time Signatures and Flexible Untraceable Electronic Cash," AUSCRYPT '90, LNCS 453, pp. 294-305, Advances in Cryptology — AUSCRYPT '90 International Conference on Cryptology, Sydney, Australia, January 8-11, 1990

Community Currency Magazine is a new, free, internet publication, edited by Mark Herpel, the editor of Digital Gold Currency Magazine. The March 2009, premier issue of Community Currency Magazine is available now, for download as zipped PDF, or as a beautiful 3D Issue. 19 articles on 34 pages.

eCache provides anonymous digital bearer certificates, currently denominated in gold grams. They are available through Tor directly, at ffij33ewbnoeqnup.onion, and using the proxy at https://ffij33ewbnoeqnup.onion.meshmx.com/ (for which you'll have to tell your browser to accept the SSL certificate). It's pretty small at present. They've got 310 grams of metal in storage (13 ounces). Cool.

Below are ten silver rounds, two each of five types, that I managed to get together to photograph. Click on the photo for a bigger version (1024x735 pixels, 267K). billstclair.com/blog/images/five-silver-rounds-2708x1944.jpg is the full-resolution version (1.4 megs).

The layout is as follows:

The Free Lakota Bank "is the world's first non-reserve, non-fractional bank that issues, accepts for deposit, and circulates REAL money...silver and gold. All of our deposits are liquid, meaning they can be withdrawn at any time in minted rounds." You have the option of paying them 0.06% per year (1/20,000 per month) to store your money, or you can loan it to them at 7.24%, for a year at a time. They are currently selling one ounce silver rounds. $14.50 apiece for 500 to 1,000. $40 apiece for 1 to 5. It complies with the American Open Currency Standard (AOCS), so is recognized by merchants who are members. You need only an email address and a password to open an account. They also have a fancy "out-of-band" authentication method that you can choose to use.

From the privacy page:

I wish them good luck and great success.

I received some Silver Eagles yesterday, ordered from Apmex, for a big premium over spot. I photographed one of them last night under my incandescent desk lamp, and another today in the sunlight outside. I posted the photos at billstclair.com/eagle. Here's my favorite, the reverse side under incandescent light.

I talked for an hour last night with Patrick Chkoreff, the creator of loom.cc. We came up with a scheme for doing secure banking and trading, where both the bank and the customer can prove at all times what the customer's balances are and what outstanding spends he has, and to whom. That's all that either party needs to keep track of.

It uses public key signing on every exchanged message.

Users and banks are identified by the 160-bit fingerprint of their public key ID.

I intend to write a longer article, explaining the notation below, but I wanted to post this, so it's not just on my computer.

Create account: (id_a, public_key_a, random): signature_a
(This requires that somebody has pre-funded account id_a with tokens. Token balances need to be worked into the transactions below)

Sequence request: (id_a, "getsequence", random): signature_a
Sequence response: (id_bank, "sequence", sequence1): signature_bank

Spend order: (id_a, "spendto", id_b, sequence1, type, amount, comment1): signature_a
Balance: (id_bank, "balance", id_a, sequence1, type, balance): signature_bank
Confirm balance: (id_a, "confirmbalance", sequence1, type, balance): signature_a
Outstanding spends: (id_bank, "outstandingspends", id_a, sequence1, [sequences...]): signature_bank
Confirm outstanding spends: (id_a, "confirmoutstandingspends" , sequence1, [sequences...]): signature_a

Cancel Spend: (id_a, "cancelspend", id_b, sequence1, type, amount): signature_a
Balance: ... sequence2 ...
Confirm balance: ... sequence2 ...
Outstanding spends: ... sequence2 ...
Confirm outstanding spends: ... sequence2 ...

Get queue entry: (id_b, "getq", random): signature_b
Receipt: (id_bank, "receipt", (id_a, "sellto", id_b, sequence1, type, amount, comment1): signature_a): signature_bank
Confirm receipt: (id_b, "confirmreceipt", id_a, sequence1, type, amount): signature_b
Balance: (id_bank, "balance", id_b, sequence3, type, balance): signature_bank
Confirm balance: (id_b, "confirmbalance", sequence3, type, balance): signature_b

Get queue entry: (id_a, "getq", random): signature_a
Closed spend: (id_bank, "closedspend", ((id_b, "confirmedreceipt", id_a, sequence1, type, amount): signature_b)): signature_bank
Confirm closed spend: (id_a, "confirmclosedspend", id_b, sequence1, type, amount): signature_a
Outstanding spends: ... sequence4 ...
Confirm outstanding spends: ... sequence4 ...

Deny receipt: (id_b, "denyreceipt", id_a, sequence1, type, amount, comment2): signature_b

Get queue entry: id_a ...
Denied spend: (id_bank, "deniedspend", (id_b, "denyreceipt", id_a, sequence1, type, amount, comment2): signature_b): signature_bank
Confirm denied spend: (id_a, "confirmdeniedspend", id_b, sequence1, type, amount): signature_a
Balance: ... sequence5 ...
Confirm Balance: ... sequence5 ...
Outstanding spends: ... sequence5 ...
Confirm outstanding spends: ... sequence5 ...

Get confirmed balance: (id_a, "getconfirmedbalance", type, random): signature_a
Confirmed balance: (id_bank, "confirmedbalance", (id_a, "confirmbalance", sequence1, type, balance): signature_a): signature_bank

Get confirmed outstanding spends: (id_a, "getconfirmedoutstandingspends", random): signature_a
Confirmed outstanding spends: (id_bank, "confirmedoutstandingspends", (id_a, "confirmoutstandingspends" , sequence1, [sequences...]): signature_a): signature_bank