Abstract
CAFE (“Conditional Access for Europe”) is an ongoing project in the European Community's ESPRIT program. The goal of CAFE is to develop innovative systems for conditional access, and in particular, digital payment systems. An important aspect of CAFE is high security of all parties concerned, with the least possible requirements that they are forced to trust other parties (so-called multi-party security). This should give legal certainty to everybody at all times. Moreover, both the electronic money issuer and the individual users are less dependent on the tamper-resistance of devices than in usual digital payment systems. Since CAFE aims at the market of small everyday payments that is currently dominated by cash, payments are offline, and privacy is an important issue.
The basic devices used in CAFE are so-called electronic wallets, whose outlook is quite similar to pocket calculators or PDAs (Personal Digital Assistant). Particular advantages of the electronic wallets are that PINs can be entered directly, so that fake-terminal attacks are prevented. Other features are:
-
Loss tolerance: If a user loses an electronic wallet, or the wallet breaks or is stolen, the user can be given the money back, although it is a prepaid payment system.
-
Different currencies.
-
Open architecture and system. The aim is to demonstrate a set of the systems developed in one or more field trials at the end of the project. Note that these will be real hardware systems, suitable for mass production.
This paper concentrates on the basic techniques used in the CAFE protocols.
A preliminary version of this paper was presented at Securicom '94, Paris, June 1994 [BBCM 94].
Chapter PDF
References
Ross Anderson: Why Cryptosystems Fail; 1st ACM Conference on Computer and Communications Security, acm Press, New York 1993, 215–227.
Peter Bauer, Heribert Peuckert: Chipkarten mit Kryptographie erschließen neue Anwendungsfelder; Siemens-Zeitschrift Special, FuE, Frühjahr 1994, 17–20.
Jean-Paul Boly, Antoon Bosselaers, Ronald Cramer, Rolf Michelsen, Stig Mjølsnes, Frank Muller, Torben Pedersen, Birgit Pfitzmann, Peter de Rooij, Berry Schoenmakers, Matthias Schunter, Luc Vallée, Michael Waidner: Digital Payment Systems in the ESPRIT Project CAFE; Proc. of Securicom '94, Paris, June 1994.
Jurjen Bos, David Chaum: SmartCash: a Practical Electronic Payment System; Centrum voor Wiskunde en Informatica, Computer Science/Departement of Algorithmics and Architecture, Report CS-R9035, August 1990.
Stefan Brands: An Efficient Off-line Electronic Cash System Based On The Representation Problem; Centrum voor Wiskunde en Informatica, Computer Science/Departement of Algorithmics and Architecture, Report CS-R9323, March 1993.
Stefan Brands: Untraceable Off-line Cash in Wallets with Observers; Crypto '93, LNCS 773, Springer-Verlag, Berlin 1994, 302–318.
David Chaum: Security without Identification: Transaction Systems to make Big Brother Obsolete; Communications of the ACM 28/10 (1985) 1030–1044.
David Chaum: Privacy Protected Payments — Unconditional Payer and/or Payee Untraceability; SMART CARD 2000: The Future of IC Cards, Proceedings of the IFIP WG 11.6 International Conference; Laxenburg (Austria), 19.–20. 10. 1987, North-Holland, Amsterdam 1989, 69–93.
David Chaum: Achieving Electronic Privacy; Scientific American (August 1992) 96–101.
David Chaum, Amos Fiat, Moni Naor: Untraceable Electronic Cash; Crypto '88, LNCS 403, Springer-Verlag, Berlin 1990, 319–327.
David Chaum, Torben Pryds Pedersen: Wallet Databases with Observers; Crypto '92, LNCS 740, Springer Verlag, Berlin 1993, 89–105.
Ronald J. F. Cramer, Torben Pryds Pedersen: Improved Privacy in Wallets with Observers (Extended Abstract); Eurocrypt '93, LNCS 765, Springer-Verlag, Berlin 1994, 329–343.
Whitfield Diffie, Martin E. Hellman: New Directions in Cryptography; IEEE Transactions on Information Theory 22/6 (1976) 644–654.
Niels Ferguson: Single Term Off-Line Coins; Eurocrypt '93, LNCS 765, Springer-Verlag, Berlin 1994, 318–328.
Niels Ferguson: Extensions of Single-Term Coins; Crypto '93, LNCS 773, Springer-Verlag, Berlin 1994, 292–301.
Matthew Franklin, Moti Yung: Secure and Efficient Off-Line Digital Money; 20th International Colloquium on Automata, Languages and Programming (ICALP), LNCS 700, Springer-Verlag, Heidelberg 1993, 265–276.
Shafi Goldwasser, Silvio Micali, Ronald L. Rivest: A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks; SIAM J. Comput. 17/2 (1988) 281–308.
Louis Claude Guillou, Michel Ugon, Jean-Jacques Quisquater: The Smart Card: A Standardized Security Device Dedicated to Public Cryptology; Gustavus J. Simmons: Contemporary Cryptology — The Science of Information Integrity; IEEE Press, Hoes Lane 1992, 561–613.
Peter G. Neumann: Inside Risks: Fraud by computers; Communications of the ACM 35/8 (1992), 154.
Tatsuaki Okamoto, Kazuo Ohta: Universal Electronic Cash; Crypto '91, LNCS 576, Springer Verlag, Berlin 1992, 324–337.
Birgit Pfitzmann, Michael Waidner, Andreas Pfitzmann: Rechtssicherheit trotz Anonymitäl in offenen digitalen Systemen; Datenschutz und Datensicherung DuD 14/5–6 (1990) 243–253, 305–315.
R. L. Rivest, A. Shamir, L. Adleman: A Method for Obtaining Digital Signatures and Public-Key Cryptosystems; Communications of the ACM 21/2 (1978) 120–126, reprinted: 26/1 (1983) 96–99.
C.P. Schnorr: Efficient Signature Generation by Smart Cards; Journal of Cryptology 4/3 (1991) 161–174.
Michael Waidner: CAFE — Conditional Access for Europe; 4. GMD-SmartCard Workshop, 8.–9. Februar 1994, GMD Darmstadt; Multicard '94, Berlin, 23.–25. Februar 1994.
Michael Waidner, Birgit Pfitzmann: Loss-Tolerance for Electronic Wallets; Proceedings 20th International Symposium on Fault-Tolerant Computing (FTCS 20), Newcastle upon Tyne (UK), 140–147.
Michael Waidner, Birgit Pfitzmann: Loss-tolerant electronic wallet; David Chaum (ed.): Smart Card 2000, Selected Papers from the Second International Smart Card 2000 Conference, North-Holland, Amsterdam 1991, 127–150.
Michael Waidner, Arnd Weber: Europäisches Industrie-und Forschungskonsortium entwickelt neuartiges Zahlungsverfahren; will be published in: Datenschutz-Berater, 1994.
Franz Weikmann: Chipkarten — Entwicklungsstand und weitere Perspektiven; PIK, Praxis der Informationsverarbeitung und Kommunikation 16/1 (1993) 28–34.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1994 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Boly, JP. et al. (1994). The ESPRIT project CAFE —High security digital payment systems. In: Gollmann, D. (eds) Computer Security — ESORICS 94. ESORICS 1994. Lecture Notes in Computer Science, vol 875. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-58618-0_66
Download citation
DOI: https://doi.org/10.1007/3-540-58618-0_66
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-58618-0
Online ISBN: 978-3-540-49034-0
eBook Packages: Springer Book Archive