[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-donau] branch master updated: add threats.tex
From: |
gnunet |
Subject: |
[taler-donau] branch master updated: add threats.tex |
Date: |
Fri, 10 Jan 2025 09:25:59 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository donau.
The following commit(s) were added to refs/heads/master by this push:
new f6b44cf add threats.tex
f6b44cf is described below
commit f6b44cf33a0af0eebc67c794cc2557acdde8f67c
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Fri Jan 10 09:25:51 2025 +0100
add threats.tex
---
doc/usenix-security-2025/paper/threats.tex | 27 +++++++++++++++++++++++++++
1 file changed, 27 insertions(+)
diff --git a/doc/usenix-security-2025/paper/threats.tex
b/doc/usenix-security-2025/paper/threats.tex
new file mode 100644
index 0000000..bd7b886
--- /dev/null
+++ b/doc/usenix-security-2025/paper/threats.tex
@@ -0,0 +1,27 @@
+\section{Threat Analysis}\label{sec:threats}
+
+The presented protocol is using similar cryptographic constructions as
+the GNU Taler payment system itself, primarily blind signatures and
+regular signatures. However, it does not use the ``refresh'' protocol
+of GNU Taler, as there is no need to render change. As a result, the
+Donau protocol suffers from a subset of the threats from quantum
+computing.~\cite{lange2024}
+
+A new Donau-specific threat is that donations could be used for
+laundering criminal assets. This does not mean that we expect
+charities themselves to play foul, but tax benefits that could be
+transferred to someone else would indirectly represent actual value
+(even commercially tradeable): donations from someone paying lower tax
+rates could be used to artificially lower the income of a person
+paying a higher rate. The money going to the charity would essentially
+be used to trigger a laundered partial payout in the legitimate world.
+The Donau protocol does not prove that the donor identification $\DI$
+used in the $\UDI$s inside the BKPs is that of the actual donor, as
+that is incompatible with the anonymity and confidentiality guarantees
+of the system. In practice, we expect this threat to be largely
+theoretical: the hypothetical money launderer would need to take a
+significant loss (depending on the tax rate, but generally probably
+more than half, given that common effective tax rates are rarely above
+50\%). Thus, the costs of laundering money with this method would
+most likely substantially exceed the cost of other methods to launder
+criminal assets.
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-donau] branch master updated: add threats.tex,
gnunet <=