summaryrefslogtreecommitdiff
path: root/taler-fc19/ref.bib
blob: 4fda028742163ae78872856c502c609b490479c4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
@inproceedings{clement2009making,
 author = {Clement, Allen and Wong, Edmund and Alvisi, Lorenzo and Dahlin, Mike and Marchetti, Mirco},
 title = {Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults},
 booktitle = {Proceedings of the 6th USENIX Symposium on Networked Systems Design and Implementation},
 series = {NSDI'09},
 year = {2009},
 location = {Boston, Massachusetts},
 pages = {153--168},
 numpages = {16},
 url = {http://dl.acm.org/citation.cfm?id=1558977.1558988},
 acmid = {1558988},
 publisher = {USENIX Association},
 address = {Berkeley, CA, USA},
} 

@article{fischer1985impossibility,
  title={Impossibility of distributed consensus with one faulty process},
  author={Fischer, Michael J and Lynch, Nancy A and Paterson, Michael S},
  journal={Journal of the ACM (JACM)},
  volume={32},
  number={2},
  pages={374--382},
  year={1985},
  publisher={ACM}
}

@Misc{cosmos,
  author =    {Jae Kwon and Ethan Buchman},
  title =     {Cosmos: A Network of Distributed Ledgers},
  howpublished = {\url{https://cosmos.network/whitepaper}},
  year =      {2016},
  note =    {Accessed 22 Feb 2017},
}

@InProceedings{gns2014wachs,
 author = {Wachs, Matthias and Schanzenbach, Martin and Grothoff, Christian},
 title = {A Censorship-Resistant, Privacy-Enhancing and Fully Decentralized Name System},
 booktitle = {Proceedings of the 13th International Conference on Cryptology and Network Security - Volume 8813},
 year = {2014},
 isbn = {978-3-319-12279-3},
 pages = {127--142},
 numpages = {16},
 acmid = {2769431},
 publisher = {Springer-Verlag New York, Inc.},
 address = {New York, NY, USA},
}


@Misc{gnunet-www,
  title =     "{The GNUnet Project}",
  howpublished = {\url{https://gnunet.org/}},
  note =    {Accessed 28 Feb 2017},
}

@Misc{gnunet-git,
  title =     "{The GNUnet Project Git Repository}",
  howpublished = {\url{git://gnunet.org/git/gnunet}},
  note =    {Accessed 28 Feb 2017},
}

@article{ben2010simple,
  title={Simple gradecast based algorithms},
  author={Ben-Or, Michael and Dolev, Danny and Hoch, Ezra N},
  journal={arXiv preprint arXiv:1007.1049},
  year={2010}
}


@incollection{ben2010brief,
  title={Brief announcement: simple gradecast based algorithms},
  author={Ben-Or, Michael and Dolev, Danny and Hoch, Ezra N},
  booktitle={Distributed Computing},
  pages={194--197},
  year={2010},
  publisher={Springer}
}


@phdthesis{feldman1988optimalphd,
  title={Optimal algorithms for Byzantine agreement},
  author={Feldman, Paul Neil},
  year={1988},
  school={Massachusetts Institute of Technology}
}

@inproceedings{feldman1988optimal,
 author = {Feldman, Paul and Micali, Silvio},
 title = {Optimal Algorithms for Byzantine Agreement},
 booktitle = {Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing},
 series = {STOC '88},
 year = {1988},
 isbn = {0-89791-264-0},
 location = {Chicago, Illinois, USA},
 pages = {148--161},
 numpages = {14},
 url = {http://doi.acm.org/10.1145/62212.62225},
 doi = {10.1145/62212.62225},
 acmid = {62225},
 publisher = {ACM},
 address = {New York, NY, USA},
} 


@article{eppstein2011difference,
 author = {Eppstein, David and Goodrich, Michael T. and Uyeda, Frank and Varghese, George},
 title = {What's the Difference?: Efficient Set Reconciliation Without Prior Context},
 journal = {SIGCOMM Comput. Commun. Rev.},
 issue_date = {August 2011},
 volume = {41},
 number = {4},
 month = {8},
 year = {2011},
 issn = {0146-4833},
 pages = {218--229},
 numpages = {12},
 url = {http://doi.acm.org/10.1145/2043164.2018462},
 doi = {10.1145/2043164.2018462},
 acmid = {2018462},
 publisher = {ACM},
 address = {New York, NY, USA},
 keywords = {difference digest, invertible bloom filter, set difference},
} 


@article{dwork1988consensus,
  title={Consensus in the presence of partial synchrony},
  author={Dwork, Cynthia and Lynch, Nancy and Stockmeyer, Larry},
  journal={Journal of the ACM (JACM)},
  volume={35},
  number={2},
  pages={288--323},
  year={1988},
  publisher={ACM}
}


@inproceedings{fitzi2006optimally,
 author = {Fitzi, Matthias and Hirt, Martin},
 title = {Optimally Efficient Multi-valued Byzantine Agreement},
 booktitle = {Proceedings of the Twenty-fifth Annual ACM Symposium on Principles of Distributed Computing},
 series = {PODC '06},
 year = {2006},
 isbn = {1-59593-384-0},
 location = {Denver, Colorado, USA},
 pages = {163--168},
 numpages = {6},
 url = {http://doi.acm.org/10.1145/1146381.1146407},
 doi = {10.1145/1146381.1146407},
 acmid = {1146407},
 publisher = {ACM},
 address = {New York, NY, USA},
 keywords = {byzantine agreement, communication complexity, cryptographic security, information-theoretic security},
}


% Problem:  Really, really complex and not that efficient.
@inproceedings{abraham2008almost,
  title={An almost-surely terminating polynomial protocol for asynchronous byzantine agreement with optimal resilience},
  author={Abraham, Ittai and Dolev, Danny and Halpern, Joseph Y},
  booktitle={Proceedings of the twenty-seventh ACM symposium on Principles of distributed computing},
  pages={405--414},
  year={2008},
  organization={ACM}
}


% Followup tp abraham2008almost
% Problem: Requires some nasty hardware trusted
% computing stuff?
@incollection{abraham2010fast,
  title={Fast asynchronous consensus with optimal resilience},
  author={Abraham, Ittai and Aguilera, Marcos K and Malkhi, Dahlia},
  booktitle={Distributed Computing},
  pages={4--19},
  year={2010},
  publisher={Springer}
}


% Really nice summary of complexity bounds
% and approaches to asynchrony
@techreport{dutta2005best,
  title={Best-case complexity of asynchronous Byzantine consensus},
  author={Dutta, Partha and Guerraoui, Rachid and Vukolic, Marko},
  year={2005},
  institution={Technical Report EPFL/IC/200499, EPFL}
}


@inproceedings{castro1999practical,
  author = {Miguel Castro and Barbara Liskov},
  title = {Practical Byzantine Fault Tolerance},
  booktitle = {Third Symposium on Operating Systems Design and
	Implementation (OSDI)},
  publisher = {USENIX Association, Co-sponsored by IEEE TCOS and ACM SIGOPS},
  address = {New Orleans, Louisiana},
  month = {2},
  volume={99},
  pages={173--186},
  year = {1999}
}


@article{cramer1997secure,
  title={A secure and optimally efficient multi-authority election scheme},
  author={Cramer, Ronald and Gennaro, Rosario and Schoenmakers, Berry},
  journal={European transactions on Telecommunications},
  volume={8},
  number={5},
  pages={481--490},
  year={1997},
  publisher={Wiley Online Library}
}


@article{castro2002practical,
  title={Practical Byzantine fault tolerance and proactive recovery},
  author={Castro, Miguel and Liskov, Barbara},
  journal={ACM Transactions on Computer Systems (TOCS)},
  volume={20},
  number={4},
  pages={398--461},
  year={2002},
  publisher={ACM}
}


@article{lamport1982byzantine,
  title={The Byzantine generals problem},
  author={Lamport, Leslie and Shostak, Robert and Pease, Marshall},
  journal={ACM Transactions on Programming Languages and Systems (TOPLAS)},
  volume={4},
  number={3},
  pages={382--401},
  year={1982},
  publisher={ACM}
}



@article{schneider1990implementing,
  title={Implementing fault-tolerant services using the state machine approach: A tutorial},
  author={Schneider, Fred B},
  journal={ACM Computing Surveys (CSUR)},
  volume={22},
  number={4},
  pages={299--319},
  year={1990},
  publisher={ACM}
}


@inproceedings{ongaro2014search,
  title={In search of an understandable consensus algorithm},
  author={Ongaro, Diego and Ousterhout, John},
  booktitle={Proc. USENIX Annual Technical Conference},
  pages={305--320},
  year={2014}
}



% Very important, highlights the
% consensus part of Paxos/PBFT
@incollection{lampson1996build,
  title={How to build a highly available system using consensus},
  author={Lampson, Butler W},
  booktitle={Distributed Algorithms},
  pages={1--17},
  year={1996},
  publisher={Springer}
}


@article{van2014vive,
  title={Vive la diff{\'e}rence: Paxos vs. Viewstamped Replication vs. Zab},
  author={Van Renesse, Robbert and Schiper, Nicolas and Schneider, Fred B},
  year={2014},
  publisher={IEEE}
}



% Problem:  Very complex assumptions
% Cachin seems much more practical, even if he uses signatures.
@article{kapron2010fast,
 author = {Kapron, Bruce M. and Kempe, David and King, Valerie and Saia, Jared and Sanwalani, Vishal},
 title = {Fast Asynchronous Byzantine Agreement and Leader Election with Full Information},
 journal = {ACM Trans. Algorithms},
 issue_date = {August 2010},
 volume = {6},
 number = {4},
 month = {9},
 year = {2010},
 issn = {1549-6325},
 pages = {68:1--68:28},
 articleno = {68},
 numpages = {28},
 url = {http://doi.acm.org/10.1145/1824777.1824788},
 doi = {10.1145/1824777.1824788},
 acmid = {1824788},
 publisher = {ACM},
 address = {New York, NY, USA},
 keywords = {Byzantine agreement, Monte Carlo algorithms, asynchronous communication, distributed algorithms, probabilistic method},
}


% Nice for future work section,
% could be applied to consensus
@article{mitzenmacher2013simple,
  title={Simple Multi-Party Set Reconciliation},
  author={Mitzenmacher, Michael and Pagh, Rasmus},
  journal={arXiv preprint arXiv:1311.2037},
  year={2013}
}


% Has great arguments for (against!) the complexity
% of the state machine approach.
@article{aublin2015next,
 author = {Aublin, Pierre-Louis and Guerraoui, Rachid and Kne\v{z}evi\'{c}, Nikola and Qu{\'e}ma, Vivien and Vukoli\'{c}, Marko},
 title = {The Next 700 BFT Protocols},
 journal = {ACM Trans. Comput. Syst.},
 issue_date = {January 2015},
 volume = {32},
 number = {4},
 month = {1},
 year = {2015},
 issn = {0734-2071},
 pages = {12:1--12:45},
 articleno = {12},
 numpages = {45},
 url = {http://doi.acm.org/10.1145/2658994},
 doi = {10.1145/2658994},
 acmid = {2658994},
 publisher = {ACM},
 address = {New York, NY, USA},
 keywords = {Abstract, Byzantine, composability, fault tolerance, optimization, robustness},
}


% Good complexity comparison
% for async case
@inproceedings{mostefaoui2014signature,
 author = {Mostefaoui, Achour and Moumen, Hamouma and Raynal, Michel},
 title = {Signature-free Asynchronous Byzantine Consensus with T \&\#60; N/3 and O(N2) Messages},
 booktitle = {Proceedings of the 2014 ACM Symposium on Principles of Distributed Computing},
 series = {PODC '14},
 year = {2014},
 isbn = {978-1-4503-2944-6},
 location = {Paris, France},
 pages = {2--9},
 numpages = {8},
 url = {http://doi.acm.org/10.1145/2611462.2611468},
 doi = {10.1145/2611462.2611468},
 acmid = {2611468},
 publisher = {ACM},
 address = {New York, NY, USA},
 keywords = {abstraction, asynchronous message-passing system, broadcast abstraction, byzantine process, common coin, consensus, distributed algorithm, optimal resilience, randomized algorithm, signature-free algorithm, simplicity},
}


% Failure detectors, overview
@inbook{guerraoui2000consensus,
  author="Guerraoui, Rachid
  and Hurfinn, Michel
  and Mostefaoui, Achour
  and Oliveira, Riucarlos
  and Raynal, Michel
  and Schiper, Andre",
  editor="Krakowiak, Sacha
  and Shrivastava, Santosh",
  title="Consensus in Asynchronous Distributed Systems: A Concise Guided Tour",
  bookTitle="Advances in Distributed Systems: Advanced Distributed Computing: From Algorithms to Systems",
  year="2000",
  publisher="Springer Berlin Heidelberg",
  address="Berlin, Heidelberg",
  pages="33--47",
  abstract="It is now recognized that the Consensus problem is a fundamental problem when one has to design and implement reliable asynchronous distributed systems. This chapter is on the Consensus problem. It studies Consensus in two failure models, namely, the Crash/no Recovery model and the Crash/Recovery model. The assumptions related to the detection of failures that are required to solve Consensus in a given model are particularly emphasized.",
  isbn="978-3-540-46475-4",
}


% Good future work to implement this?
@article{bouzidminimal,
  title={Minimal Synchrony for Asynchronous Byzantine Consensus},
  year={2015},
  author={Bouzid, Zohir and Mostefaoui, Achour and Raynal, Michel},
  publisher={Collection des Publications Internes de l'Irisa}
}


@incollection{lamport2011brief,
  title={Brief announcement: leaderless byzantine paxos},
  author={Lamport, Leslie},
  booktitle={Distributed Computing},
  pages={141--142},
  year={2011},
  publisher={Springer}
}





% Mention that we don't need early
% stopping in voting (because of of fairness? property)
@article{dolev1990early,
 author = {Dolev, Danny and Reischuk, Ruediger and Strong, H. Raymond},
 title = {Early Stopping in Byzantine Agreement},
 journal = {J. ACM},
 issue_date = {Oct. 1990},
 volume = {37},
 number = {4},
 month = {10},
 year = {1990},
 issn = {0004-5411},
 pages = {720--741},
 numpages = {22},
 url = {http://doi.acm.org/10.1145/96559.96565},
 doi = {10.1145/96559.96565},
 acmid = {96565},
 publisher = {ACM},
 address = {New York, NY, USA},
}


% seminal
@article{lamport1998part,
  title={The part-time parliament},
  author={Lamport, Leslie},
  journal={ACM Transactions on Computer Systems (TOCS)},
  volume={16},
  number={2},
  pages={133--169},
  year={1998},
  publisher={ACM}
}


% follow-up to seminal paper
@article{lamport2001paxos,
  title={Paxos made simple},
  author={Lamport, Leslie},
  journal={ACM Sigact News},
  volume={32},
  number={4},
  pages={18--25},
  year={2001}
}


% Important since it mentions other approaches
% to the bulletin board stuff.
@mastersthesis{peters2005secure,
  type={Master's Thesis},
  title={A Secure Bulletin Board},
  author={Peters, RA},
  school={Technische Universiteit Eindhoven},
  year={2005}
}

@Mastersthesis{dold2014crypto,
  author={Dold, Florian},
  school={Technische Universit\"at M\"unchen},
  type={Bachelor's Thesis},
  title={Cryptographically Secure, Distributed Electronic Voting},
  year={2014}
}



@inproceedings{pedersen1991threshold,
  title={A threshold cryptosystem without a trusted party},
  author={Pedersen, Torben Pryds},
  booktitle={Advances in Cryptology—EUROCRYPT’91},
  pages={522--526},
  year={1991},
  organization={Springer}
}



@Inbook{fouque2001one,
  author="Fouque, Pierre-Alain
  and Stern, Jacques",
  editor="Kim, Kwangjo",
  title="One Round Threshold Discrete-Log Key Generation without Private Channels",
  bookTitle="Public Key Cryptography: 4th International Workshop on Practice and Theory in Public Key Cryptosystems, PKC 2001 Cheju Island, Korea, February 13--15, 2001 Proceedings",
  year="2001",
  publisher="Springer Berlin Heidelberg",
  address="Berlin, Heidelberg",
  pages="300--316",
  abstract="Pedersen designed the first scheme for generating Discrete- Log keys without any trusted dealer in 1991. As this protocol is simple and efficient, it appeared to be very attractive. For a long time, this robust algorithm has been trusted as being secure. However, in 1999, Gennaro et al. proved that one of the requirements is not guaranteed : more precisely, the property that the key is uniformly distributed in the key space. Their main objective was to repair the security flaw without sacrificing on efficiency. As a result, the protocol became secure but somehow unpractical. In particular, the ``complaint phase'', in which cheaters are thrown out, makes the scheme overly complex and difficult to deal with in practical situations. In order to avoid this phase and other drawbacks such as the initialization phase where private channels have to be created, we present a one round scheme which generates a discrete-log key with public channels only. Finally, we show how to improve the efficiency of our algorithm when the number of servers increases.",
  isbn="978-3-540-44586-9",
}


@incollection{aguilera2010stumbling,
 author = {Aguilera, Marcos K.},
 chapter = {Stumbling over Consensus Research: Misunderstandings and Issues},
 title = {Replication},
 editor = {Charron-Bost, Bernadette and Pedone, Fernando and Schiper, Andr{\'e}},
 year = {2010},
 isbn = {3-642-11293-5, 978-3-642-11293-5},
 pages = {59--72},
 numpages = {14},
 url = {http://dl.acm.org/citation.cfm?id=2172338.2172342},
 acmid = {2172342},
 publisher = {Springer-Verlag},
 address = {Berlin, Heidelberg},
}


% Good overview of (some) complexity results
@article{coan1992modular,
  title={Modular construction of a Byzantine agreement protocol with optimal message bit complexity},
  author={Coan, Brian A and Welch, Jennifer L},
  journal={Information and Computation},
  volume={97},
  number={1},
  pages={61--85},
  year={1992},
  publisher={Elsevier}
}



% good intro and thoughts on paxos / pbft
@article{martin2006fast,
  title={Fast byzantine consensus},
  author={Martin, Jean-Philippe and Alvisi, Lorenzo},
  journal={Dependable and Secure Computing, IEEE Transactions on},
  volume={3},
  number={3},
  pages={202--215},
  year={2006},
  publisher={IEEE}
}



% Important, since it introduced it, according to ben2006byzantine
@article{pease1980reaching,
  title={Reaching agreement in the presence of faults},
  author={Pease, Marshall and Shostak, Robert and Lamport, Leslie},
  journal={Journal of the ACM (JACM)},
  volume={27},
  number={2},
  pages={228--234},
  year={1980},
  publisher={ACM}
}


@inproceedings{ben2006byzantine,
  title={Byzantine agreement in the full-information model in O (log n) rounds},
  author={Ben-Or, Michael and Pavlov, Elan and Vaikuntanathan, Vinod},
  booktitle={Proceedings of the thirty-eighth annual ACM symposium on Theory of computing},
  pages={179--186},
  year={2006},
  organization={ACM}
}



% Seems like then best contender for
% real async consensus
@article{cachin2005random,
  title={Random oracles in Constantinople: Practical asynchronous Byzantine agreement using cryptography},
  author={Cachin, Christian and Kursawe, Klaus and Shoup, Victor},
  journal={Journal of Cryptology},
  volume={18},
  number={3},
  pages={219--246},
  year={2005},
  publisher={Springer}
}



% Seems like THE citation for SMC
@article{goldreich1998secure,
  title={Secure multi-party computation},
  author={Goldreich, Oded},
  journal={Manuscript. Preliminary version},
  year={1998},
  publisher={Citeseer}
}



@book{waldo1997note,
  title={A note on distributed computing},
  author={Waldo, Jim and Wyant, Geoff and Wollrath, Ann and Kendall, Sam},
  year={1997},
  publisher={Springer}
}


% one synchronous link is enough ...
% also has some nice reductions ....
@INPROCEEDINGS{aguilera2004communication,
    author = {Marcos K. Aguilera and Carole Delporte-gallet and Hugues Fauconnier and Sam Toueg},
    title = {Communication-efficient leader election and consensus with limited link synchrony},
    booktitle = {In PODC},
    year = {2004},
    pages = {328--337},
    publisher = {ACM Press}
}


@article{dolev1987minimal,
  title={On the minimal synchronism needed for distributed consensus},
  author={Dolev, Danny and Dwork, Cynthia and Stockmeyer, Larry},
  journal={Journal of the ACM (JACM)},
  volume={34},
  number={1},
  pages={77--97},
  year={1987},
  publisher={ACM}
}


@inproceedings{reiter1995rampart,
 author = {Reiter, Michael K.},
 title = {The Rampart Toolkit for Building High-Integrity Services},
 booktitle = {Selected Papers from the International Workshop on Theory and Practice in Distributed Systems},
 year = {1995},
 isbn = {3-540-60042-6},
 pages = {99--110},
 numpages = {12},
 url = {http://dl.acm.org/citation.cfm?id=647369.723763},
 acmid = {723763},
 publisher = {Springer-Verlag},
 address = {London, UK, UK},
}


@inproceedings{kihlstrom1998securering,
 author = {Kihlstrom, Kim Potter and Moser, L. E. and Melliar-Smith, P. M.},
 title = {The SecureRing Protocols for Securing Group Communication},
 booktitle = {Proceedings of the Thirty-First Annual Hawaii International Conference on System Sciences - Volume 3},
 series = {HICSS '98},
 year = {1998},
 isbn = {0-8186-8239-6},
 pages = {317--},
 url = {http://dx.doi.org/10.1109/HICSS.1998.656294},
 doi = {10.1109/HICSS.1998.656294},
 acmid = {798823},
 publisher = {IEEE Computer Society},
 address = {Washington, DC, USA},
}





@article{minsky2003set,
  title={Set reconciliation with nearly optimal communication complexity},
  author={Minsky, Yaron and Trachtenberg, Ari and Zippel, Richard},
  journal={Information Theory, IEEE Transactions on},
  volume={49},
  number={9},
  pages={2213--2218},
  year={2003},
  publisher={IEEE}
}



@article{bloom1970space,
  title={Space/time trade-offs in hash coding with allowable errors},
  author={Bloom, Burton H},
  journal={Communications of the ACM},
  volume={13},
  number={7},
  pages={422--426},
  year={1970},
  publisher={ACM}
}


@article{hadzilacos1994modular,
  title={A modular approach to fault-tolerant broadcasts and related problems},
  author={Hadzilacos, Vassos and Toueg, Sam},
  year={1994},
  publisher={Cornell University, Department of Computer Science}
}



% problem: shared memory required
@article{aspnes1998lower,
  title={Lower bounds for distributed coin-flipping and randomized consensus},
  author={Aspnes, James},
  journal={Journal of the ACM (JACM)},
  volume={45},
  number={3},
  pages={415--450},
  year={1998},
  publisher={ACM}
}


% strong connection between SMC and consensus
@Inbook{saia2015recent,
  author="Saia, Jared
  and Zamani, Mahdi",
  editor="Italiano, Giuseppe F.
  and Margaria-Steffen, Tiziana
  and Pokorn{\'y}, Jaroslav
  and Quisquater, Jean-Jacques
  and Wattenhofer, Roger",
  title="Recent Results in Scalable Multi-Party Computation",
  bookTitle="SOFSEM 2015: Theory and Practice of Computer Science: 41st International Conference on Current Trends in Theory and Practice of Computer Science, Pec pod Sn{\v{e}}{\v{z}}kou, Czech Republic, January 24-29, 2015. Proceedings",
  year="2015",
  publisher="Springer Berlin Heidelberg",
  address="Berlin, Heidelberg",
  pages="24--44",
  abstract="Secure multi-party computation (MPC) allows multiple parties to compute a known function over inputs held by each party, without any party having to reveal its private input. Unfortunately, traditional MPC algorithms do not scale well to large numbers of parties. In this paper, we describe several recent MPC algorithms that are designed to handle large networks. All of these algorithms rely on recent techniques from the Byzantine agreement literature on forming and using quorums. Informally, a quorum is a small set of parties, most of which are trustworthy. We describe the advantages and disadvantages of these scalable algorithms, and we propose new ideas for improving practicality of current techniques. Finally, we conduct simulations to measure bandwidth cost for several current MPC algorithms.",
  isbn="978-3-662-46078-8",
}


% argues that SMC does not need consensus.
% some of the definitions (abort) look suspiciously
% close to gradecasts
@article{goldwasser2005secure,
  title={Secure multi-party computation without agreement},
  author={Goldwasser, Shafi and Lindell, Yehuda},
  journal={Journal of Cryptology},
  volume={18},
  number={3},
  pages={247--287},
  year={2005},
  publisher={Springer}
}


% This one got a Dijkstra award in 2015, so I should cite it.
@inproceedings{ben1983another,
  title={Another advantage of free choice (extended abstract): Completely asynchronous agreement protocols},
  author={Ben-Or, Michael},
  booktitle={Proceedings of the second annual ACM symposium on Principles of distributed computing},
  pages={27--30},
  year={1983},
  organization={ACM}
}



% Another Dijkstra price, should be cited as
% the main thing for failure detectors
% Oh, but:  Only crash-faults ...
@article{chandra1996unreliable,
  title={Unreliable failure detectors for reliable distributed systems},
  author={Chandra, Tushar Deepak and Toueg, Sam},
  journal={Journal of the ACM (JACM)},
  volume={43},
  number={2},
  pages={225--267},
  year={1996},
  publisher={ACM}
}


@incollection{bonomi2006improved,
  title={An improved construction for counting bloom filters},
  author={Bonomi, Flavio and Mitzenmacher, Michael and Panigrahy, Rina and Singh, Sushil and Varghese, George},
  booktitle={Algorithms--ESA 2006},
  pages={684--695},
  year={2006},
  publisher={Springer}
}



% Very good overview of bloom filters and advanced
% stuff you can do with them.
@article{tarkoma2012theory,
  title={Theory and practice of bloom filters for distributed systems},
  author={Tarkoma, Sasu and Rothenberg, Christian Esteve and Lagerspetz, Eemil},
  journal={Communications Surveys \& Tutorials, IEEE},
  volume={14},
  number={1},
  pages={131--155},
  year={2012},
  publisher={IEEE}
}


@article{neiger1994distributed,
  title={Distributed consensus revisited},
  author={Neiger, Gil},
  journal={Information Processing Letters},
  volume={49},
  number={4},
  pages={195--201},
  year={1994},
  publisher={Elsevier}
}



@techreport{miller2014anonymous,
  title={Anonymous byzantine consensus from moderately-hard puzzles: A model for bitcoin},
  author={Miller, Andrew and LaViola Jr, Joseph J},
  number={CS-TR-14-01},
  year={2014},
  month={4},
  institution={University of Central Florida}
}


@inbook{garay2015bitcoin,
  author="Garay, Juan
  and Kiayias, Aggelos
  and Leonardos, Nikos",
  editor="Oswald, Elisabeth
  and Fischlin, Marc",
  title="The Bitcoin Backbone Protocol: Analysis and Applications",
  bookTitle="Advances in Cryptology - EUROCRYPT 2015: 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26-30, 2015, Proceedings, Part II",
  year="2015",
  publisher="Springer Berlin Heidelberg",
  address="Berlin, Heidelberg",
  pages="281--310",
  abstract="Bitcoin is the first and most popular decentralized cryptocurrency to date. In this work, we extract and analyze the core of the Bitcoin protocol, which we term the Bitcoin backbone, and prove two of its fundamental properties which we call common prefix and chain quality in the static setting where the number of players remains fixed. Our proofs hinge on appropriate and novel assumptions on the ``hashing power'' of the adversary relative to network synchronicity; we show our results to be tight under high synchronization.",
  isbn="978-3-662-46803-6",
}


@article{schwartz2014ripple,
  title={The Ripple protocol consensus algorithm},
  author={Schwartz, David and Youngs, Noah and Britto, Arthur},
  journal={Ripple Labs Inc White Paper},
  year={2014}
}


@mastersthesis {totakura2013large,
  title = {Large Scale Distributed Evaluation of Peer-to-Peer Protocols},
  volume = {Master of Science},
  year = {2013},
  month = {6},
  pages = {76},
  school = {Technische Universit\"at M\"unchen},
  type = {Master's Thesis},
  address = {Garching bei M\"unchen},
  keywords = {emulation, GNUnet, large scale testing, protocol evaluation, testbed},
  author = {Totakura, Sree Harsha}
}


@book{okasaki1999purely,
 author = {Okasaki, Chris},
 title = {Purely Functional Data Structures},
 year = {1998},
 isbn = {0-521-63124-6},
 publisher = {Cambridge University Press},
 address = {New York, NY, USA},
}


@inproceedings{attiya1984asynchronous,
 author = {Attiya, Chagit and Dolev, Danny and Gil, Joseph},
 title = {Asynchronous Byzantine Consensus},
 booktitle = {Proceedings of the Third Annual ACM Symposium on Principles of Distributed Computing},
 series = {PODC '84},
 year = {1984},
 isbn = {0-89791-143-1},
 location = {Vancouver, British Columbia, Canada},
 pages = {119--133},
 numpages = {15},
 url = {http://doi.acm.org/10.1145/800222.806740},
 doi = {10.1145/800222.806740},
 acmid = {806740},
 publisher = {ACM},
 address = {New York, NY, USA},
}



@article{deutsch1996gzip,
  title={GZIP file format specification version 4.3},
  author={Deutsch, L Peter},
  year={1996}
}


@inproceedings{polot2014cadet,
  author={B. Polot and C. Grothoff}, 
  booktitle={2014 13th Annual Mediterranean Ad Hoc Networking Workshop (MED-HOC-NET)}, 
  title={CADET: Confidential ad-hoc decentralized end-to-end transport}, 
  year={2014}, 
  pages={71-78}, 
  keywords={Internet;ad hoc networks;computer network performance evaluation;computer network security;telecommunication network routing;telecommunication network topology;transport protocols;CADET;Internet-usage;ad-hoc wireless networks;authenticated data transfer;confidential ad-hoc decentralized end-to-end transport;confidential data transfer;decentralized networks;friend-to-friend networks;high-speed low-latency networks;network topologies;performance evaluation;restricted-route scenarios;transport protocol;Ad hoc networks;IP networks;Network topology;Peer-to-peer computing;Protocols;Routing;Topology}, 
  doi={10.1109/MedHocNet.2014.6849107}, 
  month={6},
}



@book{benaloh1987verifiable,
  title={Verifiable secret-ballot elections},
  author={Benaloh, Josh Daniel Cohen},
  year={1987},
  publisher={Yale University. Department of Computer Science}
}


@inproceedings{bessani2014state,
  title={State machine replication for the masses with BFT-SMaRt},
  author={Bessani, Alysson and Sousa, Jo{\~a}o and Alchieri, Eduardo EP},
  booktitle={Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on},
  pages={355--362},
  year={2014},
  organization={IEEE}
}


@techreport{fischer1981lower,
  title={A lower bound for the time to assure interactive consistency},
  author={Fischer, Michael J and Lynch, Nancy A},
  year={1981},
  institution={DTIC Document}
}

@article{de2001k,
  title={On k-set consensus problems in asynchronous systems},
  author={De Prisco, Roberto and Malkhi, Dahlia and Reiter, Michael},
  journal={Parallel and Distributed Systems, IEEE Transactions on},
  volume={12},
  number={1},
  pages={7--21},
  year={2001},
  publisher={IEEE}
}


@inproceedings{malpani2000leader,
 author = {Malpani, Navneet and Welch, Jennifer L. and Vaidya, Nitin},
 title = {Leader Election Algorithms for Mobile Ad Hoc Networks},
 booktitle = {Proceedings of the 4th International Workshop on Discrete  Algorithms and Methods for Mobile Computing and Communications},
 series = {DIALM '00},
 year = {2000},
 isbn = {1-58113-301-4},
 location = {Boston, Massachusetts, USA},
 pages = {96--103},
 numpages = {8},
 url = {http://doi.acm.org/10.1145/345848.345871},
 doi = {10.1145/345848.345871},
 acmid = {345871},
 publisher = {ACM},
 address = {New York, NY, USA},
}


@article{fischer1986easy,
  title={Easy impossibility proofs for distributed consensus problems},
  author={Fischer, Michael J and Lynch, Nancy A and Merritt, Michael},
  journal={Distributed Computing},
  volume={1},
  number={1},
  pages={26--39},
  year={1986},
  publisher={Springer}
}

@inproceedings{Miller:2016:HBB:2976749.2978399,
 author = {Miller, Andrew and Xia, Yu and Croman, Kyle and Shi, Elaine and Song, Dawn},
 title = {The Honey Badger of BFT Protocols},
 booktitle = {Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security},
 series = {CCS '16},
 year = {2016},
 isbn = {978-1-4503-4139-4},
 location = {Vienna, Austria},
 pages = {31--42},
 numpages = {12},
 url = {http://doi.acm.org/10.1145/2976749.2978399},
 doi = {10.1145/2976749.2978399},
 acmid = {2978399},
 publisher = {ACM},
 address = {New York, NY, USA},
 keywords = {BFT, asynchronous, atomic broadcast, blockchain},
}


@misc{cryptoeprint:2016:199,
    author = {Andrew Miller and Yu Xia and Kyle Croman and Elaine Shi and Dawn Song},
    title = {The Honey Badger of BFT Protocols},
    howpublished = {Cryptology ePrint Archive, Report 2016/199},
    year = {2016},
    note = {\url{http://eprint.iacr.org/2016/199}},
}

@misc{cryptoeprint:2016:1067,
    author = {Ewa Syta and Philipp Jovanovic and Eleftherios Kokoris Kogias and Nicolas Gailly and Linus Gasser and Ismail Khoffi and Michael J. Fischer and Bryan Ford},
    title = {Scalable Bias-Resistant Distributed Randomness},
    howpublished = {Cryptology ePrint Archive, Report 2016/1067},
    year = {2016},
    note = {\url{http://eprint.iacr.org/2016/1067}, Accessed 22 Feb 2017},
}

@article{abd2005fault,
  title={Fault-scalable Byzantine fault-tolerant services},
  author={Abd-El-Malek, Michael and Ganger, Gregory R and Goodson, Garth R and Reiter, Michael K and Wylie, Jay J},
  journal={ACM SIGOPS Operating Systems Review},
  volume={39},
  number={5},
  pages={59--74},
  year={2005},
  publisher={ACM}
}


@inproceedings{kotla2007zyzzyva,
 author = {Kotla, Ramakrishna and Alvisi, Lorenzo and Dahlin, Mike and Clement, Allen and Wong, Edmund},
 title = {Zyzzyva: Speculative Byzantine Fault Tolerance},
 booktitle = {Proceedings of Twenty-first ACM SIGOPS Symposium on Operating Systems Principles},
 series = {SOSP '07},
 year = {2007},
 isbn = {978-1-59593-591-5},
 location = {Stevenson, Washington, USA},
 pages = {45--58},
 numpages = {14},
 url = {http://doi.acm.org/10.1145/1294261.1294267},
 doi = {10.1145/1294261.1294267},
 acmid = {1294267},
 publisher = {ACM},
 address = {New York, NY, USA},
 keywords = {byzantine fault tolerance, output commit, replication, speculative execution},
}


@article{nakamoto2008bitcoin,
  title={Bitcoin: A peer-to-peer electronic cash system},
  author={Nakamoto, Satoshi},
  journal={Consulted},
  volume={1},
  number={2012},
  pages={28},
  year={2008}
}


@incollection{rink2013mixed,
  year={2013},
  isbn={978-3-642-35842-5},
  booktitle={SOFSEM 2013: Theory and Practice of Computer Science},
  volume={7741},
  series={Lecture Notes in Computer Science},
  editor={van Emde Boas, Peter and Groen, FransC.A. and Italiano, GiuseppeF. and Nawrocki, Jerzy and Sack, Harald},
  title={Mixed Hypergraphs for Linear-Time Construction of Denser Hashing-Based Data Structures},
  publisher={Springer Berlin Heidelberg},
  author={Rink, Michael},
  pages={356-368},
  language={English}
}


@inproceedings{goodrich2011invertible,
  title={Invertible bloom lookup tables},
  author={Goodrich, Michael T and Mitzenmacher, Michael},
  booktitle={Communication, Control, and Computing (Allerton), 2011 49th Annual Allerton Conference on},
  pages={792--799},
  year={2011},
  organization={IEEE}
}


@article{li2011theory,
  title={Theory and applications of b-bit minwise hashing},
  author={Li, Ping and K{\"o}nig, Arnd Christian},
  journal={Communications of the ACM},
  volume={54},
  number={8},
  pages={101--109},
  year={2011},
  publisher={ACM}
}

@inproceedings{adida2008helios,
 author = {Adida, Ben},
 title = {Helios: Web-based Open-audit Voting},
 booktitle = {Proceedings of the 17th Conference on Security Symposium},
 series = {SS'08},
 year = {2008},
 location = {San Jose, CA},
 pages = {335--348},
 numpages = {14},
 url = {http://dl.acm.org/citation.cfm?id=1496711.1496734},
 acmid = {1496734},
 publisher = {USENIX Association},
 address = {Berkeley, CA, USA},
} 


@article{desmedt1994threshold,
  title={Threshold cryptography},
  author={Desmedt, Yvo G},
  journal={European Transactions on Telecommunications},
  volume={5},
  number={4},
  pages={449--458},
  year={1994},
  publisher={Wiley Online Library}
}


@article{shamir1979share,
  title={How to share a secret},
  author={Shamir, Adi},
  journal={Communications of the ACM},
  volume={22},
  number={11},
  pages={612--613},
  year={1979},
  publisher={ACM}
}

% Cite some of the voting stuff
% what else is there about set reconciliation?



% Just another SMC protocol that requires agreement
% on potentially large sets.
@incollection{bogetoft2009secure,
 author = {Bogetoft, Peter and Christensen, Dan Lund and Damg{\aa}rd, Ivan and Geisler, Martin and Jakobsen, Thomas and Kr{\o}igaard, Mikkel and Nielsen, Janus Dam and Nielsen, Jesper Buus and Nielsen, Kurt and Pagter, Jakob and Schwartzbach, Michael and Toft, Tomas},
 chapter = {Secure Multiparty Computation Goes Live},
 title = {Financial Cryptography and Data Security},
 editor = {Dingledine, Roger and Golle, Philippe},
 year = {2009},
 isbn = {978-3-642-03548-7},
 pages = {325--343},
 numpages = {19},
 acmid = {1602018},
 publisher = {Springer-Verlag},
 address = {Berlin, Heidelberg},
}


@inproceedings{evans2012efficient,
  title={Efficient and secure decentralized network size estimation},
  author={Evans, Nathan and Polot, Bartlomiej and Grothoff, Christian},
  booktitle={Proceedings of the 11th international IFIP TC 6 conference on Networking-Volume Part I},
  pages={304--317},
  year={2012},
  organization={Springer-Verlag}
}


@misc{green2016bolt,
    author = {Matthew Green and Ian Miers},
    title = {Bolt: Anonymous Payment Channels for Decentralized Currencies},
    howpublished = {Cryptology ePrint Archive, Report 2016/701},
    year = {2016},
    note = {\url{http://eprint.iacr.org/2016/701}},
}



@inproceedings{3DSsucks,
 author = {Murdoch, Steven J. and Anderson, Ross},
 title = {Verified by Visa and Mastercard Securecode: Or, How Not to Design Authentication},
 booktitle = {Proceedings of the 14th International Conference on Financial Cryptography and Data Security},
 series = {FC'10},
 year = {2010},
 isbn = {3-642-14576-0, 978-3-642-14576-6},
 location = {Tenerife, Spain},
 pages = {336--342},
 numpages = {7},
 acmid = {2163598},
 publisher = {Springer-Verlag},
 address = {Berlin, Heidelberg},
 url = {https://www.cl.cam.ac.uk/~rja14/Papers/fc10vbvsecurecode.pdf}
} 


@Inbook{izabachene2013divisible,
  author="Izabach{\`e}ne, Malika
  and Libert, Beno{\^i}t",
  editor="Abdalla, Michel
  and Lange, Tanja",
  title="Divisible E-Cash in the Standard Model",
  bookTitle="Pairing-Based Cryptography -- Pairing 2012: 5th International Conference, Cologne, Germany, May 16-18, 2012, Revised Selected Papers",
  year="2013",
  publisher="Springer Berlin Heidelberg",
  address="Berlin, Heidelberg",
  pages="314--332",
  abstract="Off-line e-cash systems are the digital analogue of regular cash. One of the main desirable properties is anonymity: spending a coin should not reveal the identity of the spender and, at the same time, users should not be able to double-spend coins without being detected. Compact e-cash systems make it possible to store a wallet of O(2                  L                ) coins using O(L{\thinspace}+{\thinspace}$\lambda$) bits, where $\lambda$ is the security parameter. They are called divisible whenever the user has the flexibility of spending an amount of 2ℓ, for some ℓ{\thinspace}≤{\thinspace}L, more efficiently than by repeatedly spending individual coins. This paper presents the first construction of divisible e-cash in the standard model (i.e., without the random oracle heuristic). The scheme allows a user to obtain a wallet of 2                  L                 coins by running a withdrawal protocol with the bank. Our construction is built on the traditional binary tree approach, where the wallet is organized in such a way that the monetary value of a coin depends on how deep the coin is in the tree.",
  isbn="978-3-642-36334-4",
}


@Inbook{pointcheval1996provably,
author="Pointcheval, David
and Stern, Jacques",
editor="Kim, Kwangjo
and Matsumoto, Tsutomu",
title="Provably secure blind signature schemes",
bookTitle="Advances in Cryptology --- ASIACRYPT '96: International Conference on the Theory and Applications of Cryptology and Information Security Kyongju, Korea, November 3--7, 1996 Proceedings",
year="1996",
publisher="Springer Berlin Heidelberg",
address="Berlin, Heidelberg",
pages="252--265",
abstract="In this paper, we give a provably secure design for blind signatures, the most important ingredient for anonymity in off-line electronic cash systems. Previous examples of blind signature schemes were constructed from traditional signature schemes with only the additional proof of blindness. The design of some of the underlying signature schemes can be validated by a proof in the so-called random oracle model, but the security of the original signature scheme does not, by itself, imply the security of the blind version. In this paper, we first propose a definition of security for blind signatures, with application to electronic cash. Next, we focus on a specific example which can be successfully transformed in a provably secure blind signature scheme.",
isbn="978-3-540-70707-3",
doi="10.1007/BFb0034852",
url="https://doi.org/10.1007/BFb0034852"
}


@Article{bellare2003onemore,
author="Bellare
and Namprempre
and Pointcheval
and Semanko",
title="The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme ",
journal="Journal of Cryptology",
year="2003",
month={6},
day="01",
volume="16",
number="3",
pages="185--215",
abstract="We introduce a new class of computational problems which we call the ``one-more-RSA-inversion'' problems. Our main result is that two problems in this class, which we call the chosen-target and known-target inversion problems, respectively, have polynomially equivalent computational complexity. We show how this leads to a proof of security for Chaum's RSA-based blind signature scheme in the random oracle model based on the assumed hardness of either of these problems. We define and prove analogous results for ``one-more-discrete-logarithm'' problems. Since the appearence of the preliminary version of this paper, the new problems we have introduced have found other uses as well.",
issn="1432-1378",
doi="10.1007/s00145-002-0120-1",
url="https://doi.org/10.1007/s00145-002-0120-1"
}


@InProceedings{fc2014murdoch,
  author =       {Stephen Murdoch and Ross Anderson},
  title =        {Security Protocols and Evidence: Where Many Payment Systems Fail},
  booktitle = {Financial Cryptography and Data Security},
  year =      {2014},
}



@Inbook{pointcheval2017cut,
  author="Pointcheval, David
  and Sanders, Olivier
  and Traor{\'e}, Jacques",
  editor="Fehr, Serge",
  title="Cut Down the Tree to Achieve Constant Complexity in Divisible E-cash",
  bookTitle="Public-Key Cryptography -- PKC 2017: 20th IACR International Conference on Practice and Theory in Public-Key Cryptography, Amsterdam, The Netherlands, March 28-31, 2017, Proceedings, Part I",
  year="2017",
  publisher="Springer Berlin Heidelberg",
  address="Berlin, Heidelberg",
  pages="61--90",
  abstract="Divisible e-cash, proposed in 1991 by Okamoto and Ohta, addresses a practical concern of electronic money, the problem of paying the exact amount. Users of such systems can indeed withdraw coins of a large value N and then divide it into many pieces of any desired values                                                                                   {\$}{\$}V{\backslash}le N{\$}{\$}                  . Such a primitive therefore allows to avoid the use of several denominations or change issues. Since its introduction, many constructions have been proposed but all of them make use of the same framework: they associate each coin with a binary tree, which implies, at least, a logarithmic complexity for the spendings.",
  isbn="978-3-662-54365-8",
}



@Inbook{canard2015divisible,
  author="Canard, S{\'e}bastien
  and Pointcheval, David
  and Sanders, Olivier
  and Traor{\'e}, Jacques",
  editor="Katz, Jonathan",
  title="Divisible E-Cash Made Practical",
  bookTitle="Public-Key Cryptography -- PKC 2015: 18th IACR International Conference on Practice and Theory in Public-Key Cryptography, Gaithersburg, MD, USA, March 30 -- April 1, 2015, Proceedings",
  year="2015",
  publisher="Springer Berlin Heidelberg",
  address="Berlin, Heidelberg",
  pages="77--100",
  abstract="Divisible E-cash systems allow users to withdraw a unique coin of value                                                                                   {\$}{\$}2^n{\$}{\$}                   from a bank, but then to spend it in several times to distinct merchants. In such a system, whereas users want anonymity of their transactions, the bank wants to prevent, or at least detect, double-spending, and trace the defrauders. While this primitive was introduced two decades ago, quite a few (really) anonymous constructions have been introduced. In addition, all but one were just proven secure in the random oracle model, but still with either weak security models or quite complex settings and thus costly constructions. The unique proposal, secure in the standard model, appeared recently and is unpractical. As evidence, the authors left the construction of an efficient scheme secure in this model as an open problem.",
  isbn="978-3-662-46447-2",
}



@Inbook{camenisch2005compact,
  author="Camenisch, Jan
  and Hohenberger, Susan
  and Lysyanskaya, Anna",
  editor="Cramer, Ronald",
  title="Compact E-Cash",
  bookTitle="Advances in Cryptology -- EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005. Proceedings",
  year="2005",
  publisher="Springer Berlin Heidelberg",
  address="Berlin, Heidelberg",
  pages="302--321",
  isbn="978-3-540-32055-5",
}


@misc{maertens2015practical,
    author = {Patrick Märtens},
    title = {Practical Compact E-Cash with Arbitrary Wallet Size},
    howpublished = {Cryptology ePrint Archive, Report 2015/086},
    year = {2015},
    note = {\url{http://eprint.iacr.org/2015/086}},
}

@Inbook{canard2015scalable,
author="Canard, S{\'e}bastien
and Pointcheval, David
and Sanders, Olivier
and Traor{\'e}, Jacques",
editor="Malkin, Tal
and Kolesnikov, Vladimir
and Lewko, Allison Bishop
and Polychronakis, Michalis",
title="Scalable Divisible E-cash",
bookTitle="Applied Cryptography and Network Security: 13th International Conference, ACNS 2015, New York, NY, USA, June 2-5, 2015, Revised Selected Papers",
year="2015",
publisher="Springer International Publishing",
address="Cham",
pages="287--306",
abstract="Divisible E-cash has been introduced twenty years ago but no construction is both fully secure in the standard model and efficiently scalable. In this paper, we fill this gap by providing an anonymous divisible E-cash construction with constant-time withdrawal and spending protocols. Moreover, the deposit protocol is constant-time for the merchant, whatever the spent value is. It just has to compute and store                                                                                   {\$}{\$}2^l{\$}{\$}                   serial numbers when a value                                                                                   {\$}{\$}2^l{\$}{\$}                   is deposited, compared to                                                                                   {\$}{\$}2^n{\$}{\$}                   serial numbers whatever the spent amount (where                                                                                   {\$}{\$}2^n{\$}{\$}                   is the global value of the coin) in the recent state-of-the-art paper. This makes a very huge difference when coins are spent in several times.",
isbn="978-3-319-28166-7",
}




@Inbook{okamoto1995efficient,
author="Okamoto, Tatsuaki",
editor="Coppersmith, Don",
title="An Efficient Divisible Electronic Cash Scheme",
bookTitle="Advances in Cryptology --- CRYPT0' 95: 15th Annual International Cryptology Conference Santa Barbara, California, USA, August 27--31, 1995 Proceedings",
year="1995",
publisher="Springer Berlin Heidelberg",
address="Berlin, Heidelberg",
pages="438--451",
abstract="Recently, several ``divisible'' untraceable off-line electronic cash schemes have been presented [8, 11, 19, 20]. This paper presents the first practical ``divisible'' untraceable1 off-line cash scheme that is ``single-term''2 in which every procedure can be executed in the order of log N, where N is the precision of divisibility, i.e., N = (the total coin value)/(minimum divisible unit value). Therefore, our ``divisible'' off-line cash scheme is more efficient and practical than the previous schemes. For example, when N = 217 (e.g., the total value is about {\$} 1000, and the minimum divisible unit is 1 cent), our scheme requires only about 1 Kbyte of data be transfered from a customer to a shop for one payment and about 20 modular exponentiations for one payment, while all previous divisible cash schemes require more than several Kbytes of transfered data and more than 200 modular exponentiations for one payment.",
isbn="978-3-540-44750-4",
}

@techreport{brands1993efficient,
 author = {Brands, Stefan A.},
 title = {An Efficient Off-line Electronic Cash System Based On The Representation Problem.},
 year = {1993},
 publisher = {CWI (Centre for Mathematics and Computer Science)},
 address = {Amsterdam, The Netherlands, The Netherlands},
} 



@inproceedings{tracz2001fair,
 author = {Tracz, Robert and Wrona, Konrad},
 title = {Fair Electronic Cash Withdrawal and Change Return for Wireless Networks},
 booktitle = {Proceedings of the 1st International Workshop on Mobile Commerce},
 series = {WMC '01},
 year = {2001},
 isbn = {1-58113-376-6},
 location = {Rome, Italy},
 pages = {14--19},
 numpages = {6},
 url = {http://doi.acm.org/10.1145/381461.381464},
 doi = {10.1145/381461.381464},
 acmid = {381464},
 publisher = {ACM},
 address = {New York, NY, USA},
 keywords = {electronic commerce, payment systems, wireless applications},
}


@inproceedings{schoenmakers1997security,
 author = {Schoenmakers, Berry},
 title = {Security Aspects of the Ecash\&\#153; Payment System},
 booktitle = {State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography - Revised Lectures},
 year = {1998},
 isbn = {3-540-65474-7},
 location = {Leuven, Belgium},
 pages = {338--352},
 numpages = {15},
 url = {http://dl.acm.org/citation.cfm?id=647443.726912},
 acmid = {726912},
 publisher = {Springer-Verlag},
 address = {London, UK, UK},
} 





@Inbook{chaum1983blind,
  author="Chaum, David",
  editor="Chaum, David
  and Rivest, Ronald L.
  and Sherman, Alan T.",
  title="Blind Signatures for Untraceable Payments",
  bookTitle="Advances in Cryptology: Proceedings of Crypto 82",
  year="1983",
  publisher="Springer US",
  address="Boston, MA",
  pages="199--203",
  abstract="Automation of the way we pay for goods and services is already underway, as can be seen by the variety and growth of electronic banking services available to consumers. The ultimate structure of the new electronic payments system may have a substantial impact on personal privacy as well as on the nature and extent of criminal use of payments. Ideally a new payments system should address both of these seemingly conflicting sets of concerns.",
  isbn="978-1-4757-0602-4",
}



@Inbook{chaum1990untraceable,
  author="Chaum, David
  and Fiat, Amos
  and Naor, Moni",
  editor="Goldwasser, Shafi",
  title="Untraceable Electronic Cash",
  bookTitle="Advances in Cryptology --- CRYPTO' 88: Proceedings",
  year="1990",
  publisher="Springer New York",
  address="New York, NY",
  pages="319--327",
  abstract="The use of credit cards today is an act of faith on the part of all concerned. Each party is vulnerable to fraud by the others, and the cardholder in particular has no protection against surveillance.",
  isbn="978-0-387-34799-8",
}


@INPROCEEDINGS{camenisch2007endorsed, 
  author={J. Camenisch and A. Lysyanskaya and M. Meyerovich}, 
  booktitle={2007 IEEE Symposium on Security and Privacy (SP '07)}, 
  title={Endorsed E-Cash}, 
  year={2007}, 
  pages={101-115}, 
  keywords={electronic money;protocols;e-cash;electronic cash scheme;fair exchange protocol;lightweight endorsement;onion routing;Authentication;Cryptographic protocols;Cryptography;Digital signatures;Explosions;Information security;Merchandise;Privacy;Routing}, 
  doi={10.1109/SP.2007.15}, 
  ISSN={1081-6011}, 
  month={5},
}



@misc{rfc5869,
  author="H. Krawczyk and P. Eronen",
  title="{HMAC-based Extract-and-Expand Key Derivation Function (HKDF)}",
  series="Request for Comments",
  number="5869",
  howpublished="RFC 5869 (Informational)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2010,
  month={5},
  url="http://www.ietf.org/rfc/rfc5869.txt",
}


@inproceedings{danezis2016rscoin,
  author    = {George Danezis and
               Sarah Meiklejohn},
  title     = {Centrally Banked Cryptocurrencies},
  booktitle = {23nd Annual Network and Distributed System Security Symposium, {NDSS}
               2016, San Diego, California, USA, February 21-24, 2016},
  year      = {2016},
  publisher = {The Internet Society},
}



@Misc{fatf1997,
  title =     {FATF-IX report on money laundering typologies},
  howpublished = {\url{http://www.fatf-gafi.org/media/fatf/documents/reports/1996\%201997\%20ENG.pdf}},
  month =     {2},
  year =      {1998},
}

@article{bellare2003one,
  title={The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme.},
  author={Bellare, Mihir and Namprempre, Chanathip and Pointcheval, David and Semanko, Michael},
  journal={Journal of Cryptology},
  volume={16},
  number={3},
  year={2003},
  publisher={Springer}
}


@inbook{RSA-FDH-KTIvCTI,
  author="Bellare, Mihir and Namprempre, Chanathip and Pointcheval, David and Semanko, Michael",
  editor="Syverson, Paul",
  chapter="The Power of RSA Inversion Oracles and the Security of Chaum's RSA-Based Blind Signature Scheme",
  title="Financial Cryptography: 5th International Conference",
  year="2002",
  publisher="Springer",
  address="Berlin, Heidelberg",
  pages="319--338",
  isbn="978-3-540-46088-6",
}

@misc{LightningNetwork,
  author = {Joseph Poon and Thaddeus Dryja},
  title = {The Bitcoin Lightning Network: Scalable Off-Chain Instant Payments},
  month = {1},
  year = {2016},
  note = {\url{https://lightning.network/lightning-network-paper.pdf}},
}


@misc{RippleFined:FinCEN,
  author = {Steve Hudak},
  title = {FinCEN Fines Ripple Labs Inc. in First Civil Enforcement Action Against a Virtual Currency Exchanger},
  month = {5},
  day = {5},
  year = {2015},
  note = {\url{https://www.fincen.gov/news/news-releases/fincen-fines-ripple-labs-inc-first-civil-enforcement-action-against-virtual}},
}

@misc{RippleFined:ArsTechnica,
  author = {Megan Geuss},
  title = {Cryptocurrency maker Ripple Labs fined \$700K for flouting financial regs.  Virtual currency Wild West is done, registration as a Money Services Business required.},
  month = {5},
  day = {5},
  year = {2015},
  note = {\url{https://arstechnica.com/tech-policy/2015/05/cryptocurrency-maker-ripple-labs-fined-700k-for-flouting-financial-regs/}},
}

@misc{RippleFined:CoinDesk,
  author = {Stan Higgins},
  title = {FinCEN Fines Ripple Labs for Bank Secrecy Act Violations},
  month = {5},
  day = {5},
  year = {2015},
  note = {\url{http://www.coindesk.com/fincen-fines-ripple-labs-700000-bank-secrecy-act/}},
}


@misc{rfc6818,
  author="P. Yee",
  title="{Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile}",
  howpublished="RFC 6818 (Proposed Standard)",
  series="Internet Request for Comments",
  type="RFC",
  number="6818",
  pages="1--8",
  year=2013,
  month={1},
  issn="2070-1721",
  publisher="RFC Editor",
  institution="RFC Editor",
  organization="RFC Editor",
  address="Fremont, CA, USA",
  url="https://www.rfc-editor.org/rfc/rfc6818.txt",
  key="RFC 6818",
  abstract={This document updates RFC 5280, the ``Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile''.  This document changes the set of acceptable encoding methods for the explicitText field of the user notice policy qualifier and clarifies the rules for converting internationalized domain name labels to ASCII.  This document also provides some clarifications on the use of self-signed certificates, trust anchors, and some updated security considerations. [STANDARDS-TRACK]},
  keywords="",
  doi="10.17487/RFC6818",
}



@inproceedings{rivest2004peppercoin,
  title={Peppercoin micropayments},
  author={Rivest, Ronald L},
  booktitle={Financial Cryptography},
  pages={2--8},
  year={2004},
  organization={Springer}
}


@inproceedings{Camenisch05compacte-cash,
  author = {Jan Camenisch and Susan Hohenberger and Anna Lysyanskaya},
  title = {Compact e-cash},
  booktitle = {In EUROCRYPT, volume 3494 of LNCS},
  year = {2005},
  pages = {302--321},
  publisher = {Springer-Verlag},
}



@article{martens2015practical,
  title={Practical Divisible E-Cash.},
  author={M{\"a}rtens, Patrick},
  journal={IACR Cryptology ePrint Archive},
  volume={2015},
  pages={318},
  year={2015}
}

@misc{Martens2015,
  title = {Practical Compact E-Cash with Arbitrary Wallet Size},
  author = {Patrick M{\"a}rtens},
  howpublished = {IACR Cryptology ePrint Archive 2015/086},
  year = {2015},
  note = {\url{http://eprint.iacr.org/2015/086}},
}


@inproceedings{bensasson2014zerocash,
  author = 	 {Eli Ben-Sasson and Alessandro Chiesa and Christina Garman and Matthew Green and Ian Miers and Eran Tromer and Madars Virza},
  title = 	 {Zerocash: Decentralized Anonymous Payments from Bitcoin},
  booktitle = 	 {IEEE Symposium on Security \& Privacy},
  year = 	 {2014},
}


@book{molander1998cyberpayments,
  title={Cyberpayments and money laundering: Problems and promise},
  author={Molander, Roger C and Mussington, David A and Mussington, David and Wilson, Peter A},
  volume={965},
  year={1998},
  publisher={Rand Corporation}
}


@InProceedings{sander1999escrow,
  author =       {Tomas Sander and Amnon Ta-Shma},
  title =        {On Anonymous Electronic Cash and Crime},
  booktitle = {ISW'99},
  year =      {1999},
  series =    {LNCS 1729},
  pages =     {202--206},
}

@inproceedings{stadler1995fair,
  title={Fair blind signatures},
  author={Stadler, Markus and Piveteau, Jean-Marc and Camenisch, Jan},
  booktitle={International Conference on the Theory and Applications of Cryptographic Techniques},
  pages={209--219},
  year={1995},
  organization={Springer}
}

@Article{solms1992perfect,
  author =       {Sebastiaan H. von Solms and David Naccache},
  title =        {On blind signatures and perfect crimes},
  journal = {Computers \& Security},
  year =      {1992},
  volume =    {11},
  number =    {6},
  pages =     {581--583},
}


@Misc{guardian2015cap,
  author =    {Rupert Jones},
  title =     {Cap on card fees could lead to lower prices for consumers},
  howpublished = {\url{http://www.theguardian.com/money/2015/jul/27/cap-on-card-fees-retailers}},
  month =     {7},
  year =      {2015},
}


@Misc{crinkey2011rundle,
  author =    {Guy Rundle},
  title =     {The humble credit card is now a political tool},
  howpublished = {\url{http://www.crikey.com.au/2011/10/25/rundle-humble-credit-card-now-a-political-tool-just-ask-wikileaks/}},
  month =     {10},
  year =      {2011},
}


@unpublished{cryptonote,
    author = {van Saberhagen, Nicolas},
    month = {10},
    posted-at = {2016-09-18 11:44:05},
    priority = {2},
    title = {{CryptoNote v 2.0}},
    url = {https://cryptonote.org/whitepaper.pdf},
    year = {2013}
}


@inproceedings{rupp2013p4r,
  title={P4R: Privacy-preserving pre-payments with refunds for transportation systems},
  author={Rupp, Andy and Hinterw{\"a}lder, Gesine and Baldimtsi, Foteini and Paar, Christof},
  booktitle={International Conference on Financial Cryptography and Data Security},
  pages={205--212},
  year={2013},
  organization={Springer}
}


@inproceedings{tor-design,
  title = {Tor: The Second-Generation Onion Router},
  author = {Roger Dingledine and Nick Mathewson and Paul Syverson},
  booktitle = {Proceedings of the 13th USENIX Security Symposium},
  year = {2004},
  month = {8},
}


@Misc{greece2015cash,
  author =    {Reuters},
  title =     {Greek council recommends 60 euro limit on ATM withdrawals from Tuesday},
  howpublished = {\url{http://www.reuters.com/article/2015/06/28/eurozone-greece-limits-idUSA8N0Z302P20150628}},
  month =     {6},
  year =      {2015},
}

@Misc{france2015cash,
  author =    {Heinz-Peter Bader},
  title =     {France steps up monitoring of cash payments to fight low-cost terrorism},
  howpublished = {\url{http://www.reuters.com/article/2015/03/18/us-france-security-financing-idUSKBN0ME14720150318}},
  month =     {3},
  year =      {2015},
}


@article{dent2008extensions,
  title={Extensions to Chaum's Blind Signature Scheme and OpenCoin Requirements},
  author={Dent, AW and Paterson, KG and Wild, PR},
  year={2008}
}

@article{dent2008preliminary,
  title={Preliminary Report on Chaum's Online E-Cash Architecture},
  author={Dent, AW and Paterson, KG and Wild, PR},
  journal={Royal Holloway, University of London},
  year={2008}
}


@Misc{ibi2014,
  author =    {ibi research},
  title =     {Digitalisierung der Gesellschaft 2014 --- Aktuelle Einsch\"atzungen und Trends},
  howpublished = {\url{http://www.ecommerce-leitfaden.de/digitalisierung-der-gesellschaft-2014.html}},
  year =      {2014},
}

@inproceedings{fujisaki-okamoto,
  title={Secure integration of asymmetric and symmetric encryption schemes},
  author={Fujisaki, Eiichiro and Okamoto, Tatsuaki},
  booktitle={Annual International Cryptology Conference},
  pages={537--554},
  year={1999},
  organization={Springer}
}

@article{bernstein2012high,
  title={High-speed high-security signatures},
  author={Bernstein, Daniel J and Duif, Niels and Lange, Tanja and Schwabe, Peter and Yang, Bo-Yin},
  journal={Journal of Cryptographic Engineering},
  volume={2},
  number={2},
  pages={77--89},
  year={2012},
  publisher={Springer}
}


@inproceedings{bernstein2006curve25519,
  title={Curve25519: new Diffie-Hellman speed records},
  author={Bernstein, Daniel J},
  booktitle={International Workshop on Public Key Cryptography},
  pages={207--228},
  year={2006},
  organization={Springer}
}

@techreport{pagnia1999impossibility,
  title={On the impossibility of fair exchange without a trusted third party},
  author={Pagnia, Henning and G{\"a}rtner, Felix C},
  year={1999},
  institution={Technical Report TUD-BS-1999-02, Darmstadt University of Technology, Department of Computer Science, Darmstadt, Germany}
}

@book{katz1996handbook,
  title={Handbook of applied cryptography},
  author={Katz, Jonathan and Menezes, Alfred J and Van Oorschot, Paul C and Vanstone, Scott A},
  year={1996},
  publisher={CRC press}
}


% ===== PROVABLE SECURITY =====

% see also https://www.baigneres.net/downloads/2007_provable_security.pdf

@article{koblitz2007another,
  title={Another look at" provable security"},
  author={Koblitz, Neal and Menezes, Alfred J},
  journal={Journal of Cryptology},
  volume={20},
  number={1},
  pages={3--37},
  year={2007},
  publisher={Springer}
}

@incollection{pointcheval2005provable,
  title={Provable security for public key schemes},
  author={Pointcheval, David},
  booktitle={Contemporary cryptology},
  pages={133--190},
  year={2005},
  publisher={Springer}
}

@article{shoup2004sequences,
  title={Sequences of games: a tool for taming complexity in security proofs.},
  author={Shoup, Victor},
  journal={IACR Cryptology ePrint Archive},
  volume={2004},
  pages={332},
  year={2004}
}


@inproceedings{coron2000exact,
  title={On the exact security of full domain hash},
  author={Coron, Jean-S{\'e}bastien},
  booktitle={Annual International Cryptology Conference},
  pages={229--235},
  year={2000},
  organization={Springer}
}

@inproceedings{damgaard2007proof,
  title={A “proof-reading” of some issues in cryptography},
  author={Damg{\aa}rd, Ivan},
  booktitle={International Colloquium on Automata, Languages, and Programming},
  pages={2--11},
  year={2007},
  organization={Springer}
}

@article{koblitz2010brave,
  title={The brave new world of bodacious assumptions in cryptography},
  author={Koblitz, Neal and Menezes, Alfred},
  journal={Notices of the American Mathematical Society},
  volume={57},
  number={3},
  pages={357--365},
  year={2010}
}

@inproceedings{bellare1993random,
  title={Random oracles are practical: A paradigm for designing efficient protocols},
  author={Bellare, Mihir and Rogaway, Phillip},
  booktitle={Proceedings of the 1st ACM conference on Computer and communications security},
  pages={62--73},
  year={1993},
  organization={ACM}
}

@article{koblitz2015random,
  title={The random oracle model: a twenty-year retrospective},
  author={Koblitz, Neal and Menezes, Alfred J},
  journal={Designs, Codes and Cryptography},
  volume={77},
  number={2-3},
  pages={587--610},
  year={2015},
  publisher={Springer}
}

@article{canetti2004random,
  title={The random oracle methodology, revisited},
  author={Canetti, Ran and Goldreich, Oded and Halevi, Shai},
  journal={Journal of the ACM (JACM)},
  volume={51},
  number={4},
  pages={557--594},
  year={2004},
  publisher={ACM}
}

@inproceedings{dreier2015formal,
  title={Formal analysis of e-cash protocols},
  author={Dreier, Jannik and Kassem, Ali and Lafourcade, Pascal},
  booktitle={e-Business and Telecommunications (ICETE), 2015 12th International Joint Conference on},
  volume={4},
  pages={65--75},
  year={2015},
  organization={IEEE}
}

@inproceedings{brickell1995trustee,
  title={Trustee-based Tracing Extensions to Anonymous Cash and the Making of Anonymous Change.},
  author={Brickell, Ernest F and Gemmell, Peter and Kravitz, David W},
  booktitle={SODA},
  volume={95},
  pages={457--466},
  year={1995}
}



% ===== CRYPTO BASICS =====

@inproceedings{boneh1998decision,
  title={The decision diffie-hellman problem},
  author={Boneh, Dan},
  booktitle={International Algorithmic Number Theory Symposium},
  pages={48--63},
  year={1998},
  organization={Springer}
}


@article{goldwasser1988digital,
  title={A digital signature scheme secure against adaptive chosen-message attacks},
  author={Goldwasser, Shafi and Micali, Silvio and Rivest, Ronald L},
  journal={SIAM Journal on Computing},
  volume={17},
  number={2},
  pages={281--308},
  year={1988},
  publisher={SIAM}
}


@inproceedings{bellare1998relations,
  title={Relations among notions of security for public-key encryption schemes},
  author={Bellare, Mihir and Desai, Anand and Pointcheval, David and Rogaway, Phillip},
  booktitle={Annual International Cryptology Conference},
  pages={26--45},
  year={1998},
  organization={Springer}
}


@inproceedings{blanchet2006automated,
  title={Automated security proofs with sequences of games},
  author={Blanchet, Bruno and Pointcheval, David},
  booktitle={Annual International Cryptology Conference},
  pages={537--554},
  year={2006},
  organization={Springer}
}


@inproceedings{bellare2006code,
  title={Code-based game-playing proofs and the security of triple encryption},
  author={Bellare, Mihir and Rogaway, Phillip},
  booktitle={Advances in Cryptology--EUROCRYPT},
  volume={4004},
  pages={10},
  year={2006}
}

@inproceedings{fischlin2009security,
  title={Security of blind signatures under aborts},
  author={Fischlin, Marc and Schr{\"o}der, Dominique},
  booktitle={International Workshop on Public Key Cryptography},
  pages={297--316},
  year={2009},
  organization={Springer}
}


@incollection{lindell2017simulate,
  title={How to simulate it--a tutorial on the simulation proof technique},
  author={Lindell, Yehuda},
  booktitle={Tutorials on the Foundations of Cryptography},
  pages={277--346},
  year={2017},
  publisher={Springer}
}

@book{guo2018introduction,
  title={Introduction to Security Reduction},
  author={Guo, Fuchun and Susilo, Willy and Mu, Yi},
  year={2018},
  publisher={Springer}
}

@article{stallman2002free,
  title={What is free software},
  author={Stallman, Richard M},
  journal={Free Society: Selected Essays of},
  volume={23},
  year={2002}
}

@book{stallman2002essays,
  title={Free software, free society: Selected essays of Richard M. Stallman},
  author={Stallman, Richard},
  year={2002},
  publisher={Lulu. com}
}


@article{adyen2016global,
  title={The Global E-Commerce Payments Guide},
  author={Adyen},
  year={2016}
}

@article{paypers2016ecommerce,
  title={Ecommerce Payment Methods Report 2016},
  author={Lupu, Sebastian and Mual, Melisande and van Stiphout, Mees},
  year={2016}
}


@inproceedings{beikverdi2015trend,
  title={Trend of centralization in Bitcoin's distributed network},
  author={Beikverdi, Alireza and Song, JooSeok},
  booktitle={Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD), 2015 16th IEEE/ACIS International Conference on},
  pages={1--6},
  year={2015},
  organization={IEEE}
}

@article{bohme2015bitcoin,
  title={Bitcoin: Economics, technology, and governance},
  author={B{\"o}hme, Rainer and Christin, Nicolas and Edelman, Benjamin and Moore, Tyler},
  journal={Journal of Economic Perspectives},
  volume={29},
  number={2},
  pages={213--38},
  year={2015}
}


@article{provos2007ghost,
  title={The Ghost in the Browser: Analysis of Web-based Malware.},
  author={Provos, Niels and McNamee, Dean and Mavrommatis, Panayiotis and Wang, Ke and Modadugu, Nagendra and others},
  journal={HotBots},
  volume={7},
  pages={4--4},
  year={2007}
}

@misc{riksbank2017riksbank,
  title={The Riksbank’s e-krona project},
  author={Riksbank, Sveriges},
  year={2017},
  publisher={Report}
}

@inproceedings{fuchsbauer2009transferable,
title={Transferable constant-size fair e-cash},
author={Fuchsbauer, Georg and Pointcheval, David and Vergnaud, Damien},
booktitle={International Conference on Cryptology and Network Security},
pages={226--247},
year={2009},
organization={Springer}
}

@inproceedings{au2011electronic,
  title={Electronic cash with anonymous user suspension},
  author={Au, Man Ho and Susilo, Willy and Mu, Yi},
  booktitle={Australasian Conference on Information Security and Privacy},
  pages={172--188},
  year={2011},
  organization={Springer}
}

@article{schroder2017security,
  title={Security of blind signatures revisited},
  author={Schr{\"o}der, Dominique and Unruh, Dominique},
  journal={Journal of Cryptology},
  volume={30},
  number={2},
  pages={470--494},
  year={2017},
  publisher={Springer}
}

@inproceedings{camenisch2004signature,
  title={Signature schemes and anonymous credentials from bilinear maps},
  author={Camenisch, Jan and Lysyanskaya, Anna},
  booktitle={Annual International Cryptology Conference},
  pages={56--72},
  year={2004},
  organization={Springer}
}

@misc{next1999digicash,
  publisher={NEXT Magazine},
  year={1999},
  author={How DigiCash Blew Everything},
  author={Anonymous}
}

@inproceedings{canard2007divisible,
  title={Divisible e-cash systems can be truly anonymous},
  author={Canard, S{\'e}bastien and Gouget, Aline},
  booktitle={Annual International Conference on the Theory and Applications of Cryptographic Techniques},
  pages={482--497},
  year={2007},
  organization={Springer}
}

@inproceedings{canard2006handy,
  title={A handy multi-coupon system},
  author={Canard, S{\'e}bastien and Gouget, Aline and Hufschmitt, Emeline},
  booktitle={International Conference on Applied Cryptography and Network Security},
  pages={66--81},
  year={2006},
  organization={Springer}
}


@Article{batten2018offline,
  author="Batten, Lynn and Yi, Xun",
  title="Off-line digital cash schemes providing untraceability, anonymity and change",
  journal="Electronic Commerce Research",
  year={2018},
  month={1},
  day={27},
  issn="1572-9362",
  doi="10.1007/s10660-018-9289-8",
  url="https://doi.org/10.1007/s10660-018-9289-8"
}

@inproceedings{chaum1992wallet,
  title={Wallet databases with observers},
  author={Chaum, David and Pedersen, Torben Pryds},
  booktitle={Annual International Cryptology Conference},
  pages={89--105},
  year={1992},
  organization={Springer}
}

@inproceedings{davida1997anonymity,
  title={Anonymity control in e-cash systems},
  author={Davida, George and Frankel, Yair and Tsiounis, Yiannis and Yung, Moti},
  booktitle={International Conference on Financial Cryptography},
  pages={1--16},
  year={1997},
  organization={Springer}
}


@inproceedings{chaum1989efficient,
  title={Efficient offline electronic checks},
  author={Chaum, David and den Boer, Bert and van Heyst, Eug{\`e}ne and Mj{\o}lsnes, Stig and Steenbeek, Adri},
  booktitle={Workshop on the theory and application of of cryptographic techniques},
  pages={294--301},
  year={1989},
  organization={Springer}
}

@article{pointcheval2000security,
  title={Security arguments for digital signatures and blind signatures},
  author={Pointcheval, David and Stern, Jacques},
  journal={Journal of cryptology},
  volume={13},
  number={3},
  pages={361--396},
  year={2000},
  publisher={Springer}
}

@inproceedings{damgaard1988payment,
  title={Payment systems and credential mechanisms with provable security against abuse by individuals},
  author={Damg{\aa}rd, Ivan Bjerre},
  booktitle={Conference on the Theory and Application of Cryptography},
  pages={328--335},
  year={1988},
  organization={Springer}
}

@inproceedings{haber1990time,
  title={How to time-stamp a digital document},
  author={Haber, Stuart and Stornetta, W Scott},
  booktitle={Conference on the Theory and Application of Cryptography},
  pages={437--455},
  year={1990},
  organization={Springer}
}


@article{wust2017you,
  title={Do you need a Blockchain?},
  author={W{\"u}st, Karl and Gervais, Arthur},
  journal={IACR Cryptology ePrint Archive},
  volume={2017},
  pages={375},
  year={2017}
}

@inproceedings{pedersen1996electronic,
  title={Electronic payments of small amounts},
  author={Pedersen, Torben P},
  booktitle={International Workshop on Security Protocols},
  pages={59--68},
  year={1996},
  organization={Springer}
}

@article{poon2016bitcoin,
  title={The bitcoin lightning network: Scalable off-chain instant payments},
  author={Poon, Joseph and Dryja, Thaddeus},
  journal={draft version 0.5},
  pages={14},
  year={2016}
}

@article{poon2017plasma,
  title={Plasma: Scalable autonomous smart contracts},
  author={Poon, Joseph and Buterin, Vitalik},
  journal={White paper},
  year={2017}
}

@article{eyal2018majority,
  title={Majority is not enough: Bitcoin mining is vulnerable},
  author={Eyal, Ittay and Sirer, Emin G{\"u}n},
  journal={Communications of the ACM},
  volume={61},
  number={7},
  pages={95--102},
  year={2018},
  publisher={ACM}
}

@inproceedings{vukolic2015quest,
  title={The quest for scalable blockchain fabric: Proof-of-work vs. BFT replication},
  author={Vukoli{\'c}, Marko},
  booktitle={International Workshop on Open Problems in Network Security},
  pages={112--125},
  year={2015},
  organization={Springer}
}

@inproceedings{eyal2016bitcoin,
  title={Bitcoin-NG: A Scalable Blockchain Protocol.},
  author={Eyal, Ittay and Gencer, Adem Efe and Sirer, Emin G{\"u}n and Van Renesse, Robbert},
  booktitle={NSDI},
  pages={45--59},
  year={2016}
}


@inproceedings{bentov2016cryptocurrencies,
  title={Cryptocurrencies without proof of work},
  author={Bentov, Iddo and Gabizon, Ariel and Mizrahi, Alex},
  booktitle={International Conference on Financial Cryptography and Data Security},
  pages={142--157},
  year={2016},
  organization={Springer}
}

@inproceedings{gilad2017algorand,
  title={Algorand: Scaling byzantine agreements for cryptocurrencies},
  author={Gilad, Yossi and Hemo, Rotem and Micali, Silvio and Vlachos, Georgios and Zeldovich, Nickolai},
  booktitle={Proceedings of the 26th Symposium on Operating Systems Principles},
  pages={51--68},
  year={2017},
  organization={ACM}
}

@article{kwon2014tendermint,
  title={Tendermint: Consensus without mining},
  author={Kwon, Jae},
  journal={Draft v. 0.6, fall},
  year={2014}
}


@article{rocket2018snowflake,
  title={Snowflake to Avalanche: A Novel Metastable Consensus Protocol Family for Cryptocurrencies},
  author={Team Rocket},
  journal={IPFS},
  year={2018}
}

@inproceedings{androulaki2018hyperledger,
  title={Hyperledger fabric: a distributed operating system for permissioned blockchains},
  author={Androulaki, Elli and Barger, Artem and Bortnikov, Vita and Cachin, Christian and Christidis, Konstantinos and De Caro, Angelo and Enyeart, David and Ferris, Christopher and Laventman, Gennady and Manevich, Yacov and others},
  booktitle={Proceedings of the Thirteenth EuroSys Conference},
  pages={30},
  year={2018},
  organization={ACM}
}

@article{wood2014ethereum,
  title={Ethereum: A secure decentralised generalised transaction ledger},
  author={Wood, Gavin},
  journal={Ethereum project yellow paper},
  volume={151},
  pages={1--32},
  year={2014}
}

@article{reijers2016governance,
  title={Governance in blockchain technologies \& social contract theories},
  author={Reijers, Wessel and O'Brolch{\'a}in, Fiachra and Haynes, Paul},
  journal={Ledger},
  volume={1},
  pages={134--151},
  year={2016}
}

@article{levy2017book,
  title={Book-smart, not street-smart: blockchain-based smart contracts and the social workings of law},
  author={Levy, Karen EC},
  journal={Engaging Science, Technology, and Society},
  volume={3},
  pages={1--15},
  year={2017}
}

@incollection{reid2013analysis,
  title={An analysis of anonymity in the bitcoin system},
  author={Reid, Fergal and Harrigan, Martin},
  booktitle={Security and privacy in social networks},
  pages={197--223},
  year={2013},
  publisher={Springer}
}

@inproceedings{bonneau2014mixcoin,
  title={Mixcoin: Anonymity for Bitcoin with accountable mixes},
  author={Bonneau, Joseph and Narayanan, Arvind and Miller, Andrew and Clark, Jeremy and Kroll, Joshua A and Felten, Edward W},
  booktitle={International Conference on Financial Cryptography and Data Security},
  pages={486--504},
  year={2014},
  organization={Springer}
}

@inproceedings{heilman2017tumblebit,
  title={TumbleBit: An untrusted Bitcoin-compatible anonymous payment hub},
  author={Heilman, Ethan and Alshenibr, Leen and Baldimtsi, Foteini and Scafuro, Alessandra and Goldberg, Sharon},
  booktitle={Network and Distributed System Security Symposium},
  year={2017}
}

@inproceedings{sun2017ringct,
  title={RingCT 2.0: a compact accumulator-based (linkable ring signature) protocol for blockchain cryptocurrency monero},
  author={Sun, Shi-Feng and Au, Man Ho and Liu, Joseph K and Yuen, Tsz Hon},
  booktitle={European Symposium on Research in Computer Security},
  pages={456--474},
  year={2017},
  organization={Springer}
}

@inproceedings{wahby2018doubly,
  title={Doubly-efficient zkSNARKs without trusted setup},
  author={Wahby, Riad S and Tzialla, Ioanna and Shelat, Abhi and Thaler, Justin and Walfish, Michael},
  booktitle={2018 IEEE Symposium on Security and Privacy (SP)},
  pages={926--943},
  year={2018},
  organization={IEEE}
}

@article{ben2018scalable,
  title={Scalable, transparent, and post-quantum secure computational integrity},
  author={Ben-Sasson, Eli and Bentov, Iddo and Horesh, Yinon and Riabzev, Michael},
  journal={Cryptol. ePrint Arch., Tech. Rep},
  volume={46},
  pages={2018},
  year={2018}
}

@inproceedings{garman2016accountable,
  title={Accountable privacy for decentralized anonymous payments},
  author={Garman, Christina and Green, Matthew and Miers, Ian},
  booktitle={International Conference on Financial Cryptography and Data Security},
  pages={81--98},
  year={2016},
  organization={Springer}
}

@online{crockford_base32,
author = {Crockford, Douglas},
title  = {Base32 Encoding},
url    = {https://www.crockford.com/wrmg/base32.html}
}

@misc{rfc4634,
	series =	{Request for Comments},
	number =	4634,
	howpublished =	{RFC 4634},
	publisher =	{RFC Editor},
	doi =		{10.17487/RFC4634},
	url =		{https://rfc-editor.org/rfc/rfc4634.txt},
        author =	{Tony Hansen and Donald E. Eastlake 3rd},
	title =		{{US Secure Hash Algorithms (SHA and HMAC-SHA)}},
	pagetotal =	108,
	year =		2006,
	month =		aug,
}

@misc{rfc5869,
	series =	{Request for Comments},
	number =	5869,
	howpublished =	{RFC 5869},
	publisher =	{RFC Editor},
	doi =		{10.17487/RFC5869},
	url =		{https://rfc-editor.org/rfc/rfc5869.txt},
        author =	{Dr. Hugo Krawczyk and Pasi Eronen},
	title =		{{HMAC-based Extract-and-Expand Key Derivation Function (HKDF)}},
	pagetotal =	14,
	year =		2010,
	month =		may,
}