commit 47e1f528b897a0c6e5b3a0e630603893a2620d28
parent 4882359d2857044317e1b1c6a504951658c8e368
Author: Christian Grothoff <christian@grothoff.org>
Date: Thu, 27 Oct 2016 15:25:10 +0200
add reference to zerocash
Diffstat:
2 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/doc/paper/taler.bib b/doc/paper/taler.bib
@@ -97,6 +97,13 @@
organization={Springer}
}
+@inproceedings{zerocash,
+ author = {Eli Ben-Sasson and Alessandro Chiesa and Christina Garman and Matthew Green and Ian Miers and Eran Tromer and Madars Virza},
+ title = {Zerocash: Decentralized Anonymous Payments from Bitcoin},
+ booktitle = {IEEE Symposium on Security \& Privacy},
+ year = {2014},
+}
+
@inproceedings{miers2013zerocoin,
title={Zerocoin: Anonymous distributed e-cash from bitcoin},
author={Miers, Ian and Garman, Christina and Green, Matthew and Rubin, Aviel D},
@@ -204,9 +211,9 @@
author="Bellare, Mihir and Namprempre, Chanathip and Pointcheval, David and Semanko, Michael",
editor="Syverson, Paul",
chapter="The Power of RSA Inversion Oracles and the Security of Chaum's RSA-Based Blind Signature Scheme",
- title="Financial Cryptography: 5th International Conference, FC 2001 Grand Cayman, British West Indies, February 19--22, 2001 Proceedings",
+ title="Financial Cryptography: 5th International Conference",
year="2002",
- publisher="Springer Berlin Heidelberg",
+ publisher="Springer",
address="Berlin, Heidelberg",
pages="319--338",
isbn="978-3-540-46088-6",
diff --git a/doc/paper/taler.tex b/doc/paper/taler.tex
@@ -344,7 +344,7 @@ secure and that each participant is under full control of his system.
The contact information of the exchange is known to both customer and
merchant from the start. We further assume that the customer can
authenticate the merchant, e.g. using X.509
-certificates~\cite{rfc5280}. Finally, we assume that customer has an
+certificates~\cite{rfc6818}. Finally, we assume that customer has an
anonymous bi-directional channel, such as Tor, to communicate with
both the exchange and the merchant.
@@ -805,8 +805,9 @@ protocol does not need to provide cryptographic security: If the
maximum applicable tax is less than $\frac{2}{3}$, then $\kappa = 3$
ensures that cheating results in a negative financial return on
average as $\kappa - 1$ out of $\kappa$ attempts to hide from taxation
-are detected and penalized by a total loss. This makes the use of
-cut-and-choose practical and efficient in this context.
+are detected and penalized by a total loss. This makes our use of
+cut-and-choose practical and efficient, and in particularly faster
+than the comparable use of zk-SNARKs in ZeroCash~\cite{zerocash}.
% FIXME: I'm explicit about the rounds in postquantum.tex
