[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[donau] branch master updated: minor edits to sec #3
|
From: |
gnunet |
|
Subject: |
[donau] branch master updated: minor edits to sec #3 |
|
Date: |
Wed, 22 Jan 2025 16:57:51 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository donau.
The following commit(s) were added to refs/heads/master by this push:
new 735fbb3 minor edits to sec #3
735fbb3 is described below
commit 735fbb3e482b3b9e0fb66abac57f60d01883b964
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Wed Jan 22 16:57:41 2025 +0100
minor edits to sec #3
---
doc/usenix-security-2025/paper/technicaldesign.tex | 39 +++++++++++++---------
1 file changed, 24 insertions(+), 15 deletions(-)
diff --git a/doc/usenix-security-2025/paper/technicaldesign.tex
b/doc/usenix-security-2025/paper/technicaldesign.tex
index b266a73..0289e3b 100644
--- a/doc/usenix-security-2025/paper/technicaldesign.tex
+++ b/doc/usenix-security-2025/paper/technicaldesign.tex
@@ -118,8 +118,10 @@ initial setup steps.
$(K_x^{\pub}, K_x^{\priv})$ for blind signatures, corresponding to different
currency denominations $x$ that a donation can be composed of.
\end{enumerate}
+The Donau publishes all public keys over an authenticated channel.
+It uses fresh Donation Unit keys for each tax period.
-\subsubsection{Charity key generation}\label{charity_key_generation}
+\subsubsection{Charity key generation and
registration}\label{charity_key_generation}
\begin{enumerate}
\item Each charity generates its own Ed25519 {\bf Charity Key} $( C^{\pub},
C^{\priv} )$.
@@ -133,33 +135,38 @@ $C^{\pub}$ is registered in the Donau database.
\end{enumerate}
\subsubsection{Donor Identifier generation}
-Each donor generates a personal \textbf{Donor Identifier} by computing a salted
-hash of their taxpayer ID.
+
A donor uses their Donor Identifier every time they
make a donation and again when requesting a donation receipt from the Donau.
-The donor computes their Donor Identifier $\DI$ as the hash
+Each donor generates a personal \textbf{Donor Identifier} $\DI$ by
+computing a salted hash of their taxpayer ID
\begin{align*}
\DI = H(\texttt{TAXID}, S)
\end{align*}
-where $S$ is a random salt and {\tt TAXID} is their taxpayer ID.
+where $S$ is a random salt with sufficient entropy to
+prevent guessing attacks and {\tt TAXID} is their taxpayer ID.
The donor stores the salt $S$ along with their $\DI$.
-They need to use the salt to link the Donation Identifier to their tax ID and
claim
-the tax benefits for their donation. The use of the salt means the $\DI$ cannot
-be linked to the donor by anybody without $S$, even if they know {\tt TAXID}.
+
+They need to use the salt to link the Donation Identifier to their tax
+ID and claim the tax benefits for their donation. The use of the salt
+ensures that the $\DI$ cannot be linked to the donor by anybody
+without $S$, even if they know {\tt TAXID}.
\subsection{Donating to a charity}\label{donating_to_a_charity}
% \subsection{Donor donates to charity and transmits \textbf{Unique Donor
identifiers} (future donation receipts)}
When a donor wishes to donate to a charity, they first retrieve the Donau's
Donation Unit
-public keys $K_x^{\pub}$ for the current year.
+public keys $K_x^{\pub}$ for the current tax period.
The donor then represents their donation as a sum of the Donation Units
offered by the Donau.
\emph{Example: Assuming the Donau publishes the Donation units $\{1,2,4,8\}$,
a donation of $7$ would be split into 1 unit each of the values $4$, $2$ and
$1$.}
For each necessary Donation Unit the donor generates a \textbf{Unique Donor
-Identifier (UDI)} by appending a random nonce to the value $\DI$.
-If multiple instances of the same Donation Unit are needed to represent the
target sum, the donor creates a different nonce for each instance of that
Donation Unit.
+Identifier (UDI)} by appending a random nonce $N_i$ to the value $\DI$.
+If multiple instances of the same Donation Unit are needed to represent
+the target sum, the donor creates a different nonce $N_i$ for each instance $i$
+of that Donation Unit.
The donor must remember all UDIs.
\emph{In our example, there are $3$ Unique Donor Identifiers needed to
represent the donated value of $7$. We can write them as:}
@@ -267,9 +274,11 @@ These donation receipts are stored on the donor's device.
\subsection{Donor requests an annual donation statement from
Donau}\label{donor_requests_a_donation_statement_from_the_donau}
In order for the donor to claim a tax deduction,
the donor needs to obtain a final donation statement which can be sent to the
tax authority.
-The donor sends their saved donation receipts $\{r_1, \ldots, r_k\}$,
accumulated throughout the year, to the Donau.
-This can be done multiple times during the year, but the receipts are not
automatically in order to achieve
-\emph{unlinkability} between the \emph{issuance} of the receipts (which
happens at the time of donation) and their \emph{submission} for the Donation
Statement.
+The donor sends their saved donation receipts $\{r_1, \ldots, r_k\}$,
accumulated throughout the tax period, to the Donau.
+This can in principle be done multiple times during the tax period;
+however, the receipts must not be submitted at a time strongly correlated with
the donation to achieve
+\emph{unlinkability} between the \emph{issuance} of the receipts (which
happens at the time of donation)
+and their \emph{submission} for the Donation Statement.
Remember that each $\UDI$ is the concatenation of the donor identifier $\DI$
and
a random nonce, i.e., they all start with the same $\DI$.
@@ -290,7 +299,7 @@ donated to, so it does not know where the donor spent money.
They also only see a collection of common denominations, so they are unable to
correlate total donation amounts per charity.
Finally, the receipts are unblinded, so they are unlinkable to any signature
the Donau has seen before.
-The Donau then generates a signature over the total \texttt{amount} of all
receipts, the current \texttt{year} and the Donor Identifier.
+The Donau then generates a signature over the total \texttt{amount} of all
receipts, the current tax period (\texttt{year}) and the Donor Identifier.
This results in a final signature called the \textbf{Donation Statement},
which the Donau returns to the donor:
\begin{align*}
\sigma_s = \sign(( \DI, \textsf{amount}_{\sf Total}, \textsf{year}) ),
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [donau] branch master updated: minor edits to sec #3,
gnunet <=