The need for security is highlighted by the rise of the Internet, which promises to be a leading medium for future electronic commerce.The usual security features for such systems are privacy (protection from eavesdropping), authenticity (provides user identification and message integrity), and nonrepudiation (prevention of later denying having performed a transaction) .Paper cash has such features as being: portable (easily carried), recognizable (as legal tender) hence readily acceptable, transferable (without involvement of the financial network), untraceable (no record of where money is spent), anonymous (no record of who spent the money) and has the ability to make "change.".The designers of electronic cash focused on preserving the features of untraceability and anonymity.In general, electronic cash schemes achieve these security goals via digital signatures.To tell who has signed the information (also called the message), one must be certain one knows who owns a given public key.This is the problem of key management, and its solution requires some kind of authentication infrastructure.In addition, the system must have adequate network and physical security to safeguard the secrecy of the secret keys.This report has surveyed the academic literature for cryptographic techniques for implementing secure electronic cash systems.Although no particular payment system has been thoroughly analyzed, the cryptography itself appears to be sound and to deliver the promised anonymity.These problems exist in any electronic payment system, but they are made much worse by the presence of anonymity.Indeed, the widespread use of electronic cash would increase the vulnerability of the national financial system to Information Warfare attacks.We discuss measures to manage these risks; these steps, however, would have the effect of limiting the users' anonymity.Chapter 2 provides the reader with a high level cryptographic description of electronic cash protocols in terms of basic authentication mechanisms.Chapter 3 technically describes specific implementations that have been proposed in the academic literature.In Chapter 4, the optional features of transferability and divisibility for off-line electronic cash are presented.The authors of this paper wish to acknowledge the following people for their contribution to this research effort through numerous discussions and review of this paper: Kevin Igoe, John Petro, Steve Neal, and Mel Currie.This term is often applied to any electronic payment scheme that superficially resembles cash to the user.One should not confuse the token, which is a sequence of bits, with the physical media used to store and transmit the information.With the rise of telecommunications and the Internet, it is increasingly the case that electronic commerce takes place using a transmission medium not under the control of the financial system.Clearly, any scheme for electronic commerce must require that a user knows with whom she is dealing (if only as an alias or credit card number).In such a setup, privacy is attained by enciphering each message, using a private key known only to the sender and recipient.Key management is carried out using a certification authority, or a trusted agent who is responsible for confirming a user's identity.In addition, the certificates make it possible to set up a private key between users in a secure and authenticated way.We will assume throughout the remainder of this paper that some authentication infrastructure is in place, providing the four security features.Some privacy advocates such as David Chaum (see [2],[3]), however, define the term far more expansively.To them, genuine "privacy" implies that one's history of purchases not be available for inspection by banks and credit card companies (and by extension the government).Token forgery, or creating a valid-looking coin without making a corresponding Bank withdrawal.One can deal with counterfeiting by trying to prevent it from happening, or by trying to detect it after the fact in a way that identifies the culprit.Although it is tempting to imagine electronic cash systems in which the transmission and storage media are secure, there will certainly be applications where this is not the case.To protect against token forgery, one relies on the usual authenticity functions of user identification and message integrity.To protect against multiple spending, the Bank maintains a database of spent electronic coins.In this chapter, we give a high-level description of electronic cash protocols in terms of basic authentication mechanisms.We begin by discussing the basic public-key cryptographic techniques upon which the electronic cash implementations are based.5 One should keep in mind that the term "Bank" refers to the financial system that issues and clears the coins.The authenticity features could have been achieved in other ways, but we need to use digital signatures to allow for the anonymity mechanisms we are about to add.In the withdrawal step, the user changes the message to be signed using a random quantity.(Obviously, it will no longer be possible to do the checking of the withdrawal records that was an optional step in the first two protocols.).To prevent this, we specify that a Bank's digital signature by a given secret key is valid only as authorizing a withdrawal of a fixed amount.7 0ne could also broaden the concept of "blind signature" to include interactive protocols where both parties contribute random elements to the message to be signed.An example of this is the "randomized blind signature" occurring in the Ferguson scheme discussed in 3.3.Bank sends the signed blinded coin to Alice and debits her account.Bank sends the signed blinded coin to Alice and debits her account.The ideal situation (from the point of view of privacy advocates) is that neither payer nor payee should know the identity of the other.This makes remote transactions using electronic cash totally anonymous: no one knows where Alice spends her money and who pays her.If a merchant tries to deposit a previously spent coin, he will be turned down by the Bank, but neither will know who the multiple spender was since she was anonymous.The solution is for the payment step to require the payer to have, in addition to her electronic coin, some sort of identifying information which she is to share with the payee.The withdrawal protocol includes a step in which the Bank verifies that the information is there and corresponds to Alice and to the particular coin being created.Bank sends the signed blinded coin to Alice and debits her account.Alice sends Bob a response (revealing one piece of identifying info).Note that, in this protocol, Bob must verify the Bank's signature before giving Alice the merchandise.We must first be more specific about how to include (and access when necessary) the identifying information meant to catch multiple spenders.When Alice wishes to make a withdrawal, she first constructs and blinds a message consisting of K pairs of numbers, where K is large enough that an event with probability 2-K will never happen in practice.(This is done in such a way that the Bank can check that the K pairs of numbers are present and have the required properties, despite the blinding.).When Alice spends her coins with Bob, his challenge to her is a string of K random bits.When the Bank receives the coin a second time, it takes the two pieces and combines them to reveal Alice's identity.The term zero-knowledge proof refers to any protocol in public-key cryptography that proves knowledge of some quantity without revealing it (or making it any easier to find it).In the payment protocol, she gives Bob the public key as part of the electronic coin.If she responds to two distinct challenges, the identifying information can be put together to reveal the secret key and so her identity.Our next step is to describe the digital signatures that have been used in the implementations of the above protocols, and the techniques that have been used to include identifying information.Thus S SK is said to have a trapdoor, or secret quantity that makes it possible to perform a cryptographic computation which is otherwise infeasible.In this kind of signature, the signer performs an operation on the message using his own secret key.The verifier checks an equation involving the message, the appendix, and the signer's public key.If the equation checks, the verifier knows that the signer's secret key was used in generating the signature.Suppose that Alice wants the Bank to produce a blind signature of the message M. She generates a random number r and sends.The Schnorr family of algorithms includes an identification procedure and a signature with appendix.The slope of the line is taken to be secret quantity m, and the prover chooses the intercept at random, differently for each execution of the protocol.It is easy to convert the Schnorr identification protocol to produce a digital signature scheme.Rather than receiving a challenge from an on-line verifier, the signer simply takes x to be a secure hash of the message and of the shadow of the line.Suppose that Alice wants to obtain a blind Schnorr signature for her coin, which she will spend with Bob.We have described the Schnorr algorithms in terms of integers modulo a prime p.

The protocols, however, work in any setting in which the analogue of the discrete logarithm problem is difficult.The withdrawal step produces a coin which contains the Bank's signature, authenticating both Alice's identifying information and the shadow of the line to be used for the possession proof.The ordinary blind RSA scheme has the drawback that the Bank has absolutely no idea what it is signing.The message to be signed by the Bank contains, in addition to the random data, the shadow of a line whose slope and intercept reveal Alice's identity.Although Ferguson's scheme avoids the cut-and-choose technique, it is the most complicated of the three (due largely to the randomized blind RSA signature).Much of the recent literature on off-line cash has focused on adding features to make it more convenient to use.Transferability is a feature of paper cash that allows a user to spend a coin that he has just received in a payment without having to contact the Bank in between.Figure 2 shows a maximum length path of a coin in a system which allows two transfers.Any transferable electronic cash system has the property that the coin must "grow in size" (i.e., accumulate more bits) each time it is spent.This is because the coin must contain information about every person who has spent it so that the Bank maintains the ability to identify multiple spenders.Any other transactions involving that withdrawal can only be reconstructed with the cooperation of each consecutive spender of that coin.Therefore, detection of multiple spending after the fact may not provide a satisfactory solution for a transferable electronic cash system.A transferable system may need to rely on physical security to prevent multiple spending.Suppose that Alice is enrolled in a non-transferable, off-line cash system, and she wants to purchase an item from Bob that costs, say, $4.99.However, unless Alice has stored a large reserve of coins of each possible denomination, it is unlikely that she will have the exact change for most purchases.This puts the burden of having an exact payment on Bob, and also requires Alice to contact the Bank to deposit the "change.".This allows exact off-line payments to be made without the need to store a supply of coins of different denominations.(Imagine how quickly a cashier would run out of change if paper cash were not transferable and each payment was put in a separate bin set aside for the next bank deposit!).Three divisible off-line cash schemes have been proposed, but at a cost of a longer transaction time and additional storage.Although providing divisibility complicates the protocol, it can be accomplished without forfeiting untraceability or the ability to detect improper spenders.First, we discuss ways to help prevent multiple spending in off-line systems, and we describe the concept of wallet observers.Finally, we describe a solution to some of the law enforcement problems that are created by anonymity.Even in anonymous, untraceable payment schemes, the identity of the multiple-spender can be revealed when the abuse is detected.Detection after the fact may be enough to discourage multiple spending in most cases, but it will not solve the problem.If someone were able to obtain an account under a false identity, or were willing to disappear after re-spending a large sum of money, they could successfully cheat the system.One way to minimize the problem of multiple spending in an off-line system is to set an upper limit on the value of each payment.This would limit the financial losses to a given merchant due to accepting coins that have been previously deposited.In order to prevent multiple spending in off-line payments, we need to rely on physical security.A "tamper-proof" card could prevent multiple spending by removing or disabling a coin once it is spent.Even with a tamper-resistant card, it is still essential to provide cryptographic security to prevent counterfeiting and to detect and identify multiple spenders in case the tamper-protection is somehow defeated.This gives the observer the power to prevent the user from making transactions that it does not approve of, such as spending the same coin more than once.Brands[1] and Ferguson[8] have both shown how to incorporate observers into their respective electronic cash schemes to prevent multiple spending.When a coin is spent, the spender uses his secret to create a valid response to a challenge from the payee.Cooperation of the user and the observer is necessary in order to create a valid response to a challenge during a payment transaction.A security failure in an electronic cash system would result in the ability to forge or duplicate money.One of the most serious types of failure would be that the cryptography (the protocol or the underlying mathematics) does not provide the intended security.11 This could enable someone to create valid looking coins without knowledge of an authorized bank's secret key, or to obtain valid secret keys without physical access to them.The above failure scenarios apply, not only to the electronic cash system, but also to the underlying authentication infrastructure.Any form of electronic commerce depends heavily on the ability of users to trust the authentication mechanisms.So if, for example, an attacker could demonstrate a forgery of the certification authority's digital signature, it would undermine the users' trust in their ability to identify each other.This property has serious consequences in the event of a security failure leading to token forgery.Even the originating bank is unable to recognize its own coins, preventing detection of the compromise.It is conceivable that the compromise will not be detected until the bank realizes that the total value of deposits of its electronic cash exceeds the amount that it has created with a particular key.After the key compromise is discovered, the bank will still be unable to distinguish valid coins from invalid ones since deposits and withdrawals cannot be linked.It is possible to minimize this damage by limiting the number of coins affected by a single compromise.However, this kind of compartmentation reduces the anonymity by shrinking the pool of withdrawals that could correspond to a particular deposit and vice versa.The anonymity properties of electronic cash pose several law enforcement problems because they prevent withdrawals and deposits from being linked to each other.Anonymity also makes it difficult to detect money laundering and tax evasion because there is no way to link the payer and payee.Finally, electronic cash paves the way for new versions of old crimes such as kidnapping and blackmail (see [13]) where money drops can now be carried out safely from the criminal's home computer.12.This would make it more difficult to commit crimes involving large sums of cash.Another way to minimize these concerns is to provide a mechanism to restore traceability under certain conditions, such as a court order.A solution that conditionally restores both forward and backward traceability into the cut-and-choose scheme is presented by Stadler, Piveteau, and Camenisch in [14].If the required conditions for tracing are met, the payment or deposit can be turned over to the trusted entity holding the secret key to decrypt the withdrawal number.To provide a mechanism for restoring forward traceability, the payer must commit to a deposit number at the time that the coin is withdrawn.The bank is able to determine that the payer has not cheated, although it only sees the deposit number in encrypted form.If the required conditions for tracing are met, the withdrawal record can be turned over to the trusted entity holding the secret key to decrypt the deposit number.Stadler et al. have shown that it is possible to provide a mechanism for restoring traceability in either or both directions.This can be used to provide users with anonymity, while solving many of the law enforcement problems that exist in a totally untraceable system.The ability to restore traceability does not solve one very important law enforcement problem: detecting forged coins.Backwards tracing will help identify a forged coin if a particular payment or deposit (or depositor) is under suspicion.However, it may be possible to apply similar ideas to restore traceability in a more efficient electronic cash scheme.These electronic cash schemes have cryptographic mechanisms in place to address the problems of multiple spending and token forgery.However, some serious concerns about the ability of an electronic cash system to recover from a security failure have been identified.Concerns about the impact of anonymity on money laundering and tax evasion have also been discussed.If the system is implemented on-line, then multiple spending can be prevented by maintaining a database of spent coins and checking this list with each payment.If the system is implemented off-line, then there is no way to prevent multiple spending cryptographically, but it can be detected when the coins are deposited.Cryptographic solutions have been proposed that will reveal the identity of the multiple spender while preserving user anonymity otherwise.Token forgery can be prevented in an electronic cash system as long as the cryptography is sound and securely implemented, the secret keys used to sign coins are not compromised, and integrity is maintained on the public keys.However, if there is a security flaw or a key compromise, the anonymity of electronic cash will delay detection of the problem.Even after the existence of a compromise is detected, the Bank will not be able to distinguish its own valid coins from forged ones.The untraceability property of electronic cash creates problems in detecting money laundering and tax evasion because there is no way to link the payer and payee.To counter this problem, it is possible to design a system that has an option to restore traceability using an escrow mechanism.If certain conditions are met (such as a court order), a deposit or withdrawal record can be turned over to a commonly trusted entity who holds a key that can decrypt information connecting the deposit to a withdrawal or vice versa.However, this is not a solution to the token forgery problem because there may be no way to know which deposits are suspect.In that case, identifying forged coins would require turning over all of the Bank's deposit records to the trusted entity to have the withdrawal numbers decrypted.Also, allowing transfers magnifies the problems of detecting counterfeit coins, money laundering, and tax evasion.Coins can be made divisible without losing any security or anonymity features, but at the expense of additional memory requirements and transaction time.In conclusion, the potential risks in electronic commerce are magnified when anonymity is present.Anonymity creates the potential for large sums of counterfeit money to go undetected by preventing identification of forged coins.Anonymity also provides an avenue for laundering money and evading taxes that is difficult to combat without resorting to escrow mechanisms.It may well be concluded that these problems are best avoided by using a secure electronic payment system that provides privacy, but not anonymity.Stefan Brands, Untraceable Off-Line Cash in Wallets with Observers, Advances in Cryptology CRYPTO '93, Springer-Verlag, pp.David Chaum, Security without Identification: Transaction Systems to make Big Brother Obsolete, ACM 28 no.David Chaum, Amos Fiat, and Moni Naor, Untraceable Electronic Cash, Advances in Cryptology CRYPTO '88, Springer-Verlag, pp.David Chaum and Torben Pedersen, Transferred Cash Grows in Size, Advances in Cryptology - EUROCRYPT '92, Springer-Verlag, pp.David Chaum and Torben Pedersen, Wallet Databases with Observers, Advances in Cryptology CRYPTO '92, Springer-Verlag, pp.Tony Eng and Tatsuaki Okamoto, Single-Term Divisible Electronic Coins, Advances in Cryptology EUROCRYPT '94, Springer-Verlag, pp.Niels Ferguson, Extensions of Single-term Coins, Advances in Cryptology - CRYPTO '93, Springer-Verlag, pp.Niels Ferguson, Single Term Off-Line Coins, Advances in Cryptology - EUROCRYPT '93, Springer-Verlag, pp.Alfred J.

Menezes, Elliptic Curve Public Key Cryptosystems, Kluwer Academic Publishers, Boston, 1993.Tatsuaki Okamoto, An Efficient Divisible Electronic Cash Scheme, Advances in Cryptology - CRYPTO '95, Springer-Verlag, pp.Tatsuaki Okamoto and Kazuo Ohta, Universal Electronic Cash, Advances in Cryptology - CRYPTO '91, Springer-Verlag, pp.Sebastiaan von Solms and David Naccache, On Blind Signatures and Perfect Crimes, Computers & Security 11 (1992), 581-583.Markus Stadler, Jean-Marc Piveteau, and Jan Camenisch, Fair Blind Signatures, Advances in Cryptology - EUROCRYPT '95, Springer-Verlag, pp. .

Homemade Mints {Altoids Mints Copycat}

An easy recipe for Homemade Mints that tastes just like Altoids!Gum paste mix (available online or any place with cake decorating products.Put parchment paper on a baking sheet, and dust with powdered sugar.That is a lot of work, so I recommend dusting a pizza cutter with powdered sugar and cut them into strips and pieces.It may not win you the “most uptight and anal retentive” trophy at your neighborhood Pinterest awards, but it gets the job done.Fill a lidded container with the pieces, and sprinkled a bit more powdered sugar in there.Spread the pieces back on the baking sheet with the parchment, and let dry at room temperature for at least 3 days.Place finish mints in a mesh strainer and shake to remove the excess powdered sugar.Transfer to lidded containers and/or cute jars for giving as gifts.Bake the homemade mints at the lowest heat your oven will allow (typically about 170 degrees F) for 2 hours.If you want to make round mints, dip a fat straw into powdered sugar and press it into the dough. .

Mint Julep Cocktail Recipe

But this refresher composed of bourbon, sugar, mint and crushed ice shouldn’t be reserved for only one day a year.After the phylloxera epidemic of the mid-1800s, which infected France’s grapevines and temporarily hindered that counry’s cognac trade, whiskey became the julep’s go-to liquor. .

How to make a classic mint julep recipe — and 2 refreshing

The mint julep, which has been the Kentucky Derby’s official drink since the late 1930s, depending on who you ask, is by far the most famous of the bunch.While juleps are likely to be garnished with a generous sprig or two of mint, this family of drinks goes well beyond that muddled herb, simple syrup and bourbon served on a mound of pebble ice.In fact, juleps have an old and storied history dating to the Sasanian Empire about 2,000 years ago in Persia that started with the gulab, a rosewater bath for imperial princesses.Eventually, the word morphed into julab, and upon the drink’s introduction to the Mediterranean, the rosewater was replaced by the native mint.Juleps, which reached America in the 18th century, were, at first, consumed warm, fortified with rum or brandy, sweetened with honey syrup and flavored with muddled mint.Described as a “dram of spirituous liquor that has mint in it, taken by Virginians in the morning” the julep was also considered a preventive tonic for overall health.Eventually, bourbon, which was domestically produced and distilled, replaced rum and brandy, as Britain’s import taxes made those two spirits cost-prohibitive.Supposedly, it was Kentucky Sen. Henry Clay who introduced the mint julep to Washington, D.C., in the 1830s at the Round Robin Bar at what’s now the Willard Intercontinental hotel, which still serves his recipe to this day.Alba Huerta, owner of Julep bar in Houston and author of a book by the same name, suggests bourbon in the mid-80-to-90s proof, so that as the drink sits in a mound of ice, it doesn’t get too diluted while you sip it.With slightly bitter notes from a splash of grapefruit soda and an Italian amaro made from artichokes, it’s as refreshing as it is sophisticated.Bartender and spirits writer Jim Meehan, in his cookbook “The PDT Cocktail Book,” attributes the version he shares to Jerry Thomas’s “Bart-Tender’s Guide,” which was originally published in 1862.In a chilled julep cup (or rocks glass), gently muddle the mint leaves and simple syrup.Add the bourbon (opt for 2 1/2 ounces if you prefer the drink to be stronger), then fill halfway with crushed or pebble ice.This julep recipe is brimming with tropical flavors, thanks to bright, sweet-tart pineapple juice, which softens the punch of bourbon.This low-alcohol julep is an ideal refresher on a sweltering day, with pleasant bitterness imparted by Cynar, an artichoke-based amaro, and a splash of grapefruit soda.Cocktail writer Adrienne Stillman writes in her book “Spirited” that this recipe was created at the acclaimed bar Floreria Atlantico in Buenos Aires. .

How to Make Fresh Mint Tea (+ Flavor Options)

This flavorful Fresh Mint Tea is easy to make and perfect after meals.Before I lived in the Netherlands, I expected my Dutch diet to involve copious amounts of stroopwafels and cheese.And while this turned out to be true, there was one Dutch speciality that I didn’t expect to fall in love with as hard as I did.In The Netherlands, fresh mint tea is on almost every restaurant menu as a hot drink to have after eating.Its refreshing flavor cleanses your palate and helps calm your belly after a big meal!But after being back in the states for a few weeks and missing my favorite tea, I thought I better whip myself up a batch (or 10, thanks to mom’s exploding mint garden).: Similarly, you can add fresh mint leaves to hot black tea.: Adding a squeeze of fresh lemon juice just before serving makes this tea extra bright and tart. .

Old-Fashioned Cream Cheese Mints Recipe – Cheap Recipe Blog

These homemade cream cheese mints make me feel just a wee bit nostalgic for the 80’s.I hadn’t eaten these for – well, decades – until I went home to visit my parents a few weeks ago.My mom and I made a batch, bringing some to Ladies Aid, giving some away to some friends, and eating some ourselves.Feel free to half the recipe if you don’t need such a large quantity.I bought rubber mint molds at a party supply store.You could also check a kitchen supply store or buy them online:.Mint molds come in all shapes and are suitable for a variety of occasions:.You can make a batch of mints up to a month ahead of time, and they will be ready to go when you need them for your party.I recommend placing them in a medium-sized covered plastic container, dividing layers of mints with parchment paper. .

Cream Cheese Mints Recipe {Wedding Mints}

Cream cheese mints are popular for weddings, at baby showers, and in candy dishes.They are similar to butter mints, but with the addition of cream cheese they have a slightly different texture.We’ll just call them cream cheese butter mints, okay?Package them up and deliver them to friends and neighbors, bring them to book club, or leave them in a bowl on your counter.In a large bowl, combine cream cheese, butter, and powdered sugar.Roll the dough into small balls (about 1/2-1 inch) and place on a cookie sheet lined with wax paper.Just pick a shape, press the mixture into the molds, let them harden, and then pop them out.You can do flowers or hearts for a wedding, and diapers or rattles for a baby shower!STORE cream cheese mints in an airtight container and keep them in the fridge.To save them for much later you can put them into an airtight container or a plastic zip freezer bag and FREEZE.Perfect for if you have a big event down the road, like a wedding, that you want to make these for. .

Mojito Recipe

When Jack and I planted our little back deck garden this summer, I immediately started wondering, “What am I going to do with all this mint?!” The basil looked good, the eggplant was thriving, but the luscious, leafy mint plants were the cream of the crop.This summer, I’ve been tossing mint into salads and blending it into pesto like crazy, but I wanted to find a way to really showcase the pretty, aromatic leaves.The combination of herbaceous mint, tart lime, and fizzy soda water is so refreshing.Garnished with mint leaves and a lime wedge, this mojito looks like a fancy drink you’d get at a restaurant or bar.You’ll muddle some mint leaves to infuse the drink with flavor and add more to your glass for garnish.You’ll muddle some mint leaves to infuse the drink with flavor and add more to your glass for garnish.Simple syrup keeps for several weeks in the fridge, so I like to keep it on hand for anytime I’m in the mood for a fun drink.Simple syrup keeps for several weeks in the fridge, so I like to keep it on hand for anytime I’m in the mood for a fun drink.Club soda or sparkling water – It balances the tart lime and alcohol and gives the cocktail a fun fizz.Add the rum, lime juice, simple syrup, and a handful of ice to the cocktail shaker, and shake it vigorously until the ingredients are completely combined and chilled.Top your glass with soda water, and garnish it with lime slices and more fresh mint sprigs. .


Leave a reply

your email address will not be published. required fields are marked *

Name *
Email *