summaryrefslogtreecommitdiff
path: root/games/lit.bib
blob: e275e36f495e54a6c77214fd8a2476abd89deb00 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
@Inbook{izabachene2013divisible,
  author="Izabach{\`e}ne, Malika
  and Libert, Beno{\^i}t",
  editor="Abdalla, Michel
  and Lange, Tanja",
  title="Divisible E-Cash in the Standard Model",
  bookTitle="Pairing-Based Cryptography -- Pairing 2012: 5th International Conference, Cologne, Germany, May 16-18, 2012, Revised Selected Papers",
  year="2013",
  publisher="Springer Berlin Heidelberg",
  address="Berlin, Heidelberg",
  pages="314--332",
  abstract="Off-line e-cash systems are the digital analogue of regular cash. One of the main desirable properties is anonymity: spending a coin should not reveal the identity of the spender and, at the same time, users should not be able to double-spend coins without being detected. Compact e-cash systems make it possible to store a wallet of O(2                  L                ) coins using O(L{\thinspace}+{\thinspace}$\lambda$) bits, where $\lambda$ is the security parameter. They are called divisible whenever the user has the flexibility of spending an amount of 2ℓ, for some ℓ{\thinspace}≤{\thinspace}L, more efficiently than by repeatedly spending individual coins. This paper presents the first construction of divisible e-cash in the standard model (i.e., without the random oracle heuristic). The scheme allows a user to obtain a wallet of 2                  L                 coins by running a withdrawal protocol with the bank. Our construction is built on the traditional binary tree approach, where the wallet is organized in such a way that the monetary value of a coin depends on how deep the coin is in the tree.",
  isbn="978-3-642-36334-4",
  doi="10.1007/978-3-642-36334-4_20",
  url="https://doi.org/10.1007/978-3-642-36334-4_20"
}


@Inbook{pointcheval1996provably,
author="Pointcheval, David
and Stern, Jacques",
editor="Kim, Kwangjo
and Matsumoto, Tsutomu",
title="Provably secure blind signature schemes",
bookTitle="Advances in Cryptology --- ASIACRYPT '96: International Conference on the Theory and Applications of Cryptology and Information Security Kyongju, Korea, November 3--7, 1996 Proceedings",
year="1996",
publisher="Springer Berlin Heidelberg",
address="Berlin, Heidelberg",
pages="252--265",
abstract="In this paper, we give a provably secure design for blind signatures, the most important ingredient for anonymity in off-line electronic cash systems. Previous examples of blind signature schemes were constructed from traditional signature schemes with only the additional proof of blindness. The design of some of the underlying signature schemes can be validated by a proof in the so-called random oracle model, but the security of the original signature scheme does not, by itself, imply the security of the blind version. In this paper, we first propose a definition of security for blind signatures, with application to electronic cash. Next, we focus on a specific example which can be successfully transformed in a provably secure blind signature scheme.",
isbn="978-3-540-70707-3",
doi="10.1007/BFb0034852",
url="https://doi.org/10.1007/BFb0034852"
}


@Article{bellare2003onemore,
author="Bellare
and Namprempre
and Pointcheval
and Semanko",
title="The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme ",
journal="Journal of Cryptology",
year="2003",
month="Jun",
day="01",
volume="16",
number="3",
pages="185--215",
abstract="We introduce a new class of computational problems which we call the ``one-more-RSA-inversion'' problems. Our main result is that two problems in this class, which we call the chosen-target and known-target inversion problems, respectively, have polynomially equivalent computational complexity. We show how this leads to a proof of security for Chaum's RSA-based blind signature scheme in the random oracle model based on the assumed hardness of either of these problems. We define and prove analogous results for ``one-more-discrete-logarithm'' problems. Since the appearence of the preliminary version of this paper, the new problems we have introduced have found other uses as well.",
issn="1432-1378",
doi="10.1007/s00145-002-0120-1",
url="https://doi.org/10.1007/s00145-002-0120-1"
}

@inproceedings{camenisch2007endorsed,
  title={Endorsed e-cash},
  author={Camenisch, Jan and Lysyanskaya, Anna and Meyerovich, Mira},
  booktitle={Security and Privacy, 2007. SP'07. IEEE Symposium on},
  pages={101--115},
  year={2007},
  organization={IEEE}
}