2021-03.html.j2 (3189B)
1 {% extends "common/news.j2" %} 2 {% block body_content %} 3 <h1>2021-3: "Why a Digital Euro should be Online-first and Bearer-based 4 " published</h1> 5 <p> 6 We are happy to announce the publication of our paper on "Why a Digital Euro should be Online-first and Bearer-based". 7 </p> 8 <p> 9 The European Central Bank’s “Report on a Digital Euro” considers 10 two distinct types of designs for a digital euro. It argues that all functional 11 requirements laid out in the report can be fulfilled by operating the two systems 12 in parallel: 13 <ul> 14 <li>A bearer-based digital euro based on trusted hardware that can be used 15 offline, anonymously, and without third-party intervention. 16 <li>An account-based digital euro that can be used online, is fully software- 17 based and excludes the possibility of anonymity. 18 </ul> 19 The report does not discuss other choices of hybrid systems. However, the 20 choice is more arbitrary than it might seem at first sight: bearer-based systems 21 are not necessarily offline payment systems, and online payment systems do not 22 need to exclude anonymity. 23 </p> 24 <p> 25 We argue that operating a bearer-based payment system to complement an 26 account-based CBDC in order to gain offline and privacy features is not a good 27 trade-off. Adding permanent, regular offline capabilities via the bearer-based 28 payment instrument constantly exposes the CBDC to the severe issues inherent 29 in offline-capable payment systems. Instead, the offline mode of operation 30 should be restricted to scenarios where it is actually required, which mitigates 31 the risks. 32 </p> 33 <h4>Download links</h4> 34 <ul> 35 <li><a href="/papers/euro-bearer-online-2021.pdf">PDF (English)</a></li> 36 </ul> 37 <h4>Related exploits published after our article</h4> 38 <ul> 39 <li><a href="https://kb.cert.org/vuls/id/782720">TCG TPM 2.0 (2023)</a></li> 40 <li><a href="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00767.html">Intel SGX (2023)</a></li> 41 <li><a href="https://developer.arm.com/documentation/ka005159/1-0">AMD Trust Zone (2022)</a></li> 42 <li><a href="https://ieeexplore.ieee.org/document/9933270">ATECC608B (2022)</a></li> 43 <li><a href="https://arxiv.org/abs/2304.14717">AMD Platform Security Processor (2023)</a></li> 44 <li><a href="https://downfall.page/">Intel SGX (2023)</a></li> 45 <li><a href="https://arstechnica.com/information-technology/2023/06/hackers-can-steal-cryptographic-keys-by-video-recording-connected-power-leds-60-feet-away/">Smart cards from 60 feet distance</a></li> 46 <li><a href="https://mkukri.xyz/2024/06/01/tpm-gpio-fail.html">Intel TPM (2024)</a></li> 47 <li><a href="https://x.com/_markel___/status/1828112469010596347">Intel SGX root of trust private key extraction (2024)</a></li> 48 <li><a href="https://ninjalab.io/eucleak/">Yubikey, Infineon SLE78 / Infineon Optiga Trust M / Infineon Optiga TPM (2024)</a></li> 49 <li><a href="https://www.heise.de/news/Forscher-entdecken-Schwachstellen-in-Intels-Trust-Domain-Extensions-9974224.html">Intel TDX (2024)</a></li> 50 <li><a href="https://github.com/google/security-research/security/advisories/GHSA-4xq7-4mgh-gp6w">AMD SEV-SNP</a></li> 51 <li><a href="https://wiretap.fail/">Intel SGX (2025)</a></li> 52 </ul> 53 54 {% endblock body_content %}