David Chaum

From Wikipedia, the free encyclopedia
Jump to: navigation, search
David Chaum
Chaum.jpg
Born 1955 (age 58–59)
Residence Sherman Oaks, Los Angeles, California, United States
Occupation inventor, cryptographer
Known for DigiCash, ecash, IACR, mixes, voting systems
Website
http://www.chaum.com/

David Lee Chaum (born 1955) is the inventor of many cryptographic protocols, as well as ecash and DigiCash.[1]:65–70 His 1981 paper, "Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms", laid the groundwork for the field of anonymous communications research.[2]

Life and career[edit]

Chaum gained a doctorate in computer science and business administration from the University of California, Berkeley in 1982.[3][4] Also that year, he founded the International Association for Cryptologic Research (IACR), which currently organizes academic conferences in cryptography research.[5]:47 Subsequently, he taught at the New York University Graduate School of Business Administration and at the University of California. He also formed a cryptography research group at the National Research Institute for Mathematics and Computer Science (CWI) in Amsterdam, The Netherlands. [6] He founded DigiCash, an electronic cash company, in 1990.[1]:119

Chaum received the Information Technology European Award for 1995.[7] In 2004, he was named an IACR Fellow.[8] In 2010, he received the RSA Conference award for excellence in the field of mathematics.[9]

Notable Research Contributions[edit]

Digital Cash[edit]

Chaum is credited as the inventor of secure digital cash for his 1982 paper, which also introduced the cryptographic primitive of a blind signature.[10] These ideas have been described as the technical roots of the vision of the Cypherpunk movement that began in the late 1980s.[11] Chaum's proposal allowed users to obtain digital currency from a bank and spend it in a manner that is untraceable by the bank or any other party.[12] In 1988, he extended this idea (with Amos Fiat and Moni Naor) to prevent double-spending.[13]

In 1990, he founded DigiCash, an electronic cash company, in Amsterdam to commercialize the ideas in his research.[1]:119 The first electronic payment was sent in 1994.[14] In 1999, Chaum left the company.[6]

New Types of Digital Signatures[edit]

In the same 1982 paper that proposed digital cash, Chaum introduced blind signatures.[10] This form of digital signature blinds the content of a message before it is signed, so that the signer cannot determine the content. The resulting blind signature can be publicly verified against the original, unblinded message in the manner of a regular digital signature.[15]

In 1989, he (with Hans van Antwerpen) introduced undeniable signatures.[16] This form of digital signature uses a verification process that is interactive, so that the signatory can limit who can verify the signature. Since signers may refuse to participate in the verification process, signatures are considered valid unless a signer specifically uses a disavowal protocol to prove that a given signature was not authentic.[17]

In 1991, he (with Eugene van Heyst) introduced group signatures, which allow a member of a group to anonymously sign a message on behalf of the entire group.[18] However an appointed group manager holds the power to revoke the anonymity of any signer in the case of disputes.[19]

Anonymous Communication[edit]

In 1981, Chaum proposed the idea of an anonymous communication network in a paper.[20] His proposal, called mix networks, allows a group of senders to submit an encryption of a message and its recipient to a server. Once the server has a batch of messages, it will reorder and obfuscate the messages so that only this server knows which message came from which sender. The batch is then forwarded to another server who does the same process. Eventually, the messages reach the final server where they are fully decrypted and delivered to the recipient. A mechanism to allow return messages is also proposed. Mix networks are the basis of some remailers and are the conceptual ancestor to modern anonymous web browsing tools like Tor (based on onion routing). Chaum has advocated that every router be made, effectively, a Tor node.[21]

In 1988, Chaum introduced a different type of anonymous communication system called a DC-Net, which is a solution to his proposed Dining Cryptographers Problem.[22] DC-Nets is the basis of the software tool Dissent.[23]

Trustworthy Voting Systems[edit]

Chaum has made numerous contributions to secure voting systems, including the first proposal of a system that is end-to-end verifiable. This proposal, made in 1981,[20] was given as an application of mix networks. In this system, the individual ballots of voters were kept private which anyone could verify that the tally was counted correctly. This, and other early cryptographic voting systems, assumed that voters could reliably compute values with their personal computers. In 1991, Chaum introduced SureVote which allowed voters to cast a ballot from an untrustworthy voting system,[24] proposing a process now called "code voting" and used in remote voting systems like Remotegrity.[25]

In 1994, Chaum introduced the first in-person voting system in voters cast ballots electronically at a polling station and cryptographically verify that the DRE did not modify their vote (or even learn what it was).[26] In the following years, Chaum proposed (often with others) a series a cryptographically verifiable voting systems that use conventional paper ballots: Pret a Voter,[27] Punchscan,[28] and Scantegrity.[29] The city of Takoma Park, Maryland used Scantegrity for its November, 2009 election.[30] This was the first time a public sector election was run using any cryptographically verifiable voting system.[31]

In 2011, Chaum proposed Random Sample Elections.[32] This electoral system allows a verifiably random selection of voters, who can maintain their anonymity, to cast votes on behalf the entire electorate.[33]

Other Contributions[edit]

In 1979, Chaum proposed a mechanism for splitting a key into partial keys, a predecessor to secret sharing.[34]

In 1985, Chaum proposed the original anonymous credential system,[12] which is sometimes also referred to as a pseudonym system.[35] This stems from the fact that the credentials of such a system are obtained from and shown to organizations using different pseudonyms which cannot be linked.

In 1988, Chaum with Gilles Brassard and Claude Crepeau published a paper[36] that introduced zero-knowledge arguments, as well as a security model using information-theoretic private-channels, and also first formalized the concept of a commitment scheme.

1991, with Torbis Pedersen, he demonstrated a well-cited zero-knowledge proof of a DDH tuple.[37] This proof is particularly useful as it can prove proper reencryption of an Elgamal ciphertext.

Chaum contributed to an important commitment scheme which is often attributed to Pedersen. In fact, Pedersen, in his 1991 paper,[38] cites a rump session talk on an unpublished paper by Jurjen Bos and Chaum for the scheme. It appeared even earlier in a paper by Chaum, Damgard, and Jeroen van de Graaf.[39] The scheme is widely used as it is a simple perfectly hiding commitment, that is binding assuming the hardness of the discrete logarithm problem.

In 1993 with Stefan Brands, Chaum introduced the concept of a distance-bounding protocol.[40] Using round-trip delay based on the speed of light, it allows one party to establish an upper-bound on the physical distance from another in an authenticated way.

See also[edit]

References[edit]

  1. ^ a b c Greenberg, Andy (2012). This Machine Kills Secrets: How WikiLeakers, Cypherpunks, and Hacktivists Aim to Free the World's Information. Dutton Adult. ISBN 0525953205.
  2. ^ Danezis, George; Diaz, Claudia (January 2008) "Survey of Anonymous Communication Channels". Technical Report MSR-TR-2008-35. Microsoft Research; For the paper, see Chaum, David. (February, 1981). "Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms". Communications of the ACM. 24(2): 84-90. doi:10.1145/358549.358563
  3. ^ David Lee Chaum. "Computer Systems Established, Maintained and Trusted by Mutually Suspicious Groups." University of California, Berkeley, 1982.
  4. ^ Pitta, Julie (November 1, 1999). "Requiem for a Bright Idea". Forbes.
  5. ^ Blanchette, Jean-François (2012). Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents. MIT Press. ISBN 026230080X.
  6. ^ a b http://www.idtrail.org/content/view/28/
  7. ^ Rotenberg, Marc (4.05). "Eurocrats Do Good Privacy". Wired Magazine. Retrieved 17 June 2013.  Check date values in: |date= (help)
  8. ^ "IACR Fellows". IACR. Retrieved 17 June 2013. 
  9. ^ https://365.rsaconference.com/community/__archived_content/rsa-conference-usa-2010/blog/2010/03/02/congratulations-to-this-year-s-rsa-conference-2010-award-winners
  10. ^ a b Chaum, David (1983). "Blind signatures for untraceable payments". Advances in Cryptology Proceedings of Crypto 82 (3): 199–203. 
  11. ^ Arvind Narayanan: What Happened to the Crypto Dream?, Part 1. IEEE Security & Privacy. Volume 11, Issue 2, March–April 2013, pages 75-76, ISSN 1540-7993
  12. ^ a b Chaum, David (October 1985). "Security without identification: transaction systems to make big brother obsolete". Communications of the ACM 28 (10): 1030–1044. doi:10.1145/4372.4373. 
  13. ^ Chaum, D.; Fiat, A.; Naor, M. (1990), "Untraceable electronic cash", Proceedings on Advances in cryptology—CRYPTO '88, Lecture Notes in Computer Science 403, London, UK: Springer-Verlag, pp. 319–327 
  14. ^ http://w2.eff.org/Privacy/Digital_money/?f=digicash.announce.txt
  15. ^ http://www.rsa.com/rsalabs/node.asp?id=2339
  16. ^ David Chaum, Hans van Antwerpen: Undeniable Signatures; Crypto'89, LNCS 435, Springer-Verlag, Berlin 1990, 212-216.
  17. ^ http://www.rsa.com/rsalabs/node.asp?id=2344
  18. ^ Chaum, Eugene; van Heyst (1991). "Group signatures". Advances in Cryptology — EUROCRYPT ’91. Lecture Notes in Computer Science 547: 257–265. 
  19. ^ http://www.rsa.com/rsalabs/node.asp?id=2342
  20. ^ a b Chaum, D. L. (1981). "Untraceable electronic mail, return addresses, and digital pseudonyms". Communications of the ACM 24 (2): 84. doi:10.1145/358549.358563.  edit
  21. ^ http://www.youtube.com/watch?v=WqgHh7KXTFM#t=44m55s
  22. ^ David Chaum (1988). "The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability". Journal of Cryptology 1 (1): 65–75. doi:10.1007/BF00206326. 
  23. ^ http://korz.cs.yale.edu/2010/anon/
  24. ^ David Chaum (2001), "SureVote: Technical Overview," Proceedings of the Workshop on Trustworthy Elections (WOTE ’01).
  25. ^ Filip Zagorski and Richard T. Carback and David Chaum and Jeremy Clark and Aleksander Essex and Poorvi L. Vora (2013), "Remotegrity: Design and Use of an End-to-End Verifiable Remote Voting System," 11th International Conference on Applied Cryptography and Network Security (ACNS 2013).
  26. ^ Declan McCullagh, "High hopes for unscrambling the vote", CNET News, June 8, 2004.
  27. ^ Chaum, D.; P.Y.A. Ryan; S. Schneider (2005), "A Practical Voter-Verifiable Election Scheme", Proceedings of ESORICS 2005, 10th European Symposium on Research in Computer Security,: 118–139 
  28. ^ S. Cherry, "Making Every E-Vote Count", IEEE Spectrum, Jan 1 2007.
  29. ^ M. Lafsky, "Protecting Your Vote With Invisible Ink," Discover Magazine, Oct 2008.
  30. ^ Pilot Study of the Scantegrity II Voting System Planned for the 2009 Takoma Park City Election 
  31. ^ Hardesty, Larry, "Cryptographic voting debuts", MIT news, retrieved 2009-11-30 
  32. ^ http://rs-elections.com/
  33. ^ J. Davis. "How Selecting Voters Randomly Can Lead to Better Elections." Wired, 20.05, 2011.
  34. ^ Chaum, D. (1985). "Advances in Cryptology". Lecture Notes in Computer Science 196. pp. 481–485. doi:10.1007/3-540-39568-7_40. ISBN 978-3-540-15658-1.  |chapter= ignored (help) edit
  35. ^ Lysyanskaya, Anna; Rivest, Ronald L.; Sahai, Amit; Wolf, Stefan (2000). "Pseudonym systems". In Heys, Howard M.; Adams, Carlisle M. Selected Areas in Cryptography. Lecture Notes in Computer Science 1758. Springer. pp. 184–199. doi:10.1007/3-540-46513-8_14. ISBN 978-3-540-67185-5. 
  36. ^ Gilles Brassard, David Chaum, and Claude Crepeau, Minimum Disclosure Proofs of Knowledge, Journal of Computer and System Sciences, vol. 37, pp. 156–189, 1988.
  37. ^ David Chaum and Torben P. Pedersen. 1992. Wallet Databases with Observers. In Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology (CRYPTO '92), Ernest F. Brickell (Ed.). Springer-Verlag, London, UK, UK, 89-105.
  38. ^ Pedersen, T. P. (1992). "Advances in Cryptology — CRYPTO '91". Lecture Notes in Computer Science 576. pp. 129–140. doi:10.1007/3-540-46766-1_9. ISBN 978-3-540-55188-1.  |chapter= ignored (help) edit
  39. ^ Chaum, D.; Damgård, I. B.; Graaf, J. (1988). "Advances in Cryptology — CRYPTO '87". Lecture Notes in Computer Science 293. p. 87. doi:10.1007/3-540-48184-2_7. ISBN 978-3-540-18796-7.  |chapter= ignored (help) edit
  40. ^ Stefan Brands, David Chaum: Distance-bounding protocols (extended abstract). Proceedings Eurocrypt '93.

Further reading[edit]

External links[edit]