This Article 
 Bibliographic References 
 Add to: 
An Atomicity-Generating Protocol for Anonymous Currencies
March 2001 (vol. 27 no. 3)
pp. 272-278

Abstract—Atomicity is necessary for reliable electronic commerce transactions [12], [6], [26]. Anonymity is also an issue of great importance not only to designers of commerce systems, [8], [10], [9], [18], but also to those concerned with the societal effects of information technologies [2], [11], [19], [20], [21], providing atomicity and anonymity is not trivial. Reliable systems, which provide highly atomic transactions, offer limited anonymity [27], [23], [15], [13]. Many anonymous systems [22], [10], [18] do not offer anonymous reliable transactions [28], [26]. Three basic approaches have been used: secure hardware for trusted record-keeping (e.g., [1]), storage of identity information with trustees for conditional anonymity (e.g., [13]), or by providing dispute resolution only with the removal of anonymity [9], [22]. In this work, the problem of anonymous atomic transactions for a generic token currency is solved using distributed trust and with the assumption that any single party may be corrupt. Defined is a transaction to include the provision of information goods or a contract to deliver specified goods, allowing for the highest degree of atomicity. The cryptographic strength of the atomicity guarantee can be made to the user's specification on a per transaction basis. The atomicity-generating protocol includes provision for dispute resolution and anonymous refunds. Also illustrated, is that any electronic token currency can be made reliable with the addition of this atomicity-generating protocol.

[1] S. Brands, "Untraceable Off-line Cash in Wallet with Observers," Lecture Notes in Computer Science 773, 1994, pp. 302-318.
[2] A. Branscomb, Who Owns Information? New York: Harper Collins, 1994.
[3] J.-P. Boly et al., "The ESPRIT Project Café," Proc. European Symp. Research in Computer Security 94, Springer-Verlag, New York, 1994, pp. 217-230.
[4] E. Brickell, P. Gemmell, and D. Kravitz, “Trustee-Based Tracing Extensions to Anonymous Cash and the Making of Anonymous Change,” Proc. Sixth Ann. ACM-SIAM Symp. Discrete Algorithms, pp. 457-466, Jan. 1995.
[5] H. Bürk and A. Pfitzmann, "Digital Payment Systems Enabling Security and Unobservability," Computers&Security, Aug. 1989, pp. 399-416;
[6] L.J. Camp, M. Sirbu, and J.D. Tygar, “Token and Notational Money in Electronic Commerce,” Proc. Usenix Workshop Electronic Commerce, July 1995.
[7] L.J. Camp, M. Harkavy, J.D. Tygar, and B. Yee, “Anonymous Atomic Transactions,” Proc. Second Usenix Workshop Electronic Commerce Proc., pp. 123-134, 1996.
[8] D. Chaum, “Blind Signature for Untraceable Payments,” Advances in Cryptology: Proc. CRYPTO '82, 1983.
[9] D. Chaum, A. Fiat, and M. Naor, "Untraceable Electronic Cash," Advances in Cryptology—Crypto '88 Proc., S. Goldwasser, ed., Lecture Notes in Computer Science 403, pp. 319-327, Springer-Verlag, 1989.
[10] D. Chaum, “Privacy Protected Payments—Unconditional Payer and/or Payee Untraceability,” Smart Card 200, pp. 69-93, 1989.
[11] B.J. Compaine, Issues in New Information Technology. Norwood, N.J.: Ablex Publishing, 1988.
[12] Financial Service Technology Consortium, Electronic Payments Infrastructure: Design Considerations, Nov. 1995, publicepaydes.htm.
[13] S. Low, N.F. Maxemchuk, and S. Paul, “Anonymous Credit Cards,” Proc. First ACM Conf. Computer and Comm. Security, Nov. 1993.
[14] Mastercard, Secure Electronic Payment Protocol Specification Draft Version 1.1, Part 2, Nov. 1995, .
[15] Mastercard, Secure Electronic Transaction Technology, Draft, 1996, http://www.mastercard.comSETT.
[16] J. Mackie-Mason and K. White, ”An Axiomatic Approach to Evaluating&Selecting Digital Payment Mechanisms,” Telecomm. Policy Research Conf., Sept. 1996.
[17] J. Mackie-Mason, “Commercial Protocols, Digital Currencies and Providers,” Telecomm. Information Resources on the Internet, Aug. 1998, .
[18] G. Medvinsky and B.C. Neuman, "NetCash: A design for practical electronic currency on the internet," Proc. 1993 ACM Conf. Computer and Comm. Security, pp. 102-106.
[19] National Research Council, Cryptography's Role in Securing the Information Society, Washington, D.C.: National Academy Press, 1993.
[20] P.G. Neumann, “Risks of Surveillance,” Comm. ACM, vol. 36, no. 8, pp. 122-123, 1993.
[21] I. Pool, Technologies of Freedom, Cambridge Mass.: Harvard Univ. Press, 1983.
[22] R.L. Rivest and A. Shamir, “PayWord and MicroMint: Two Simple Micropayment Schemes,” Proc. 13th Ann. EUROCRYPT Conf. Theory and Applications of Cryptologic Techniques (Eurocrypt `96), 1996.
[23] M. Sirbu and J.D. Tygar, ”NetBill: an Internet Commerce System Optimized for Network Delivered Services,” IEEE ComCon, Mar. 1995.
[24] D.R. Simon, “Anonymous Communication and Anonymous Cash,” Proc. Int'l Conf. Theory and Applications of Cryptologic Techniques (Crypto `96), pp. 61-73, 1996.
[25] S. Smith, “A Theory of Distributed Time,” PhD dissertation, Carnegie Mellon Univ., Available as Technical Report CMU-CS-92-231, Carnegie Mellon Univ., 1992.
[26] J.D. Tygar, “Atomicity and Electronic Commerce,” Proc. Symp. Principles of Distributed Computing, 1996.
[27] Visa, Secure Transaction Technology Specifications Version 1.1, Nov. 1995,
[28] B. Yee, “Using Secure Co-Processors,” PhD dissertation, Carnegie Mellon Univ., Available as Technical Report CMU-CS-94-149, Carnegie Mellon Univ., 1994.

Index Terms:
Reliability, fault tolerance, electronic commerce, transaction security.
L. Jean Camp, "An Atomicity-Generating Protocol for Anonymous Currencies," IEEE Transactions on Software Engineering, vol. 27, no. 3, pp. 272-278, March 2001, doi:10.1109/32.910862
Usage of this product signifies your acceptance of the Terms of Use.