Abstract
Fair off-line electronic cash (FOLC) schemes [5, 29] have been introduced for preventing misuse of anonymous payment systems by criminals. In these schemes, the anonymity of suspicious transactions can be revoked by a trusted authority.
One of the most efficient FOLC system has been proposed by de Solages and Traoré [13] at Financial Cryptography’98. Unfortunately, in their scheme, the security for legitimate users (i.e., anonymity) is not clearly established (i.e., based on a standard assumption).
At Asiacrypt’98, Frankel, Tsiounis and Yung [17] improved the security of [13] by proposing a fair cash scheme for which they prove anonymity under the Decision Diffie-Hellman (DDH) assumption.
In this paper, we show that Frankel et al. failed to prove that their scheme satisfies the anonymity property. We focus here on this security problem and investigate the relationships between different notions of indistinguishability in the context of fair electronic cash. As a result, we prove under the DDH assumption, that a straightforward variant of [13], which is more simple and efficient than [17], is secure for users. This proof relies on the subsequent result of Handschuh, Tsiounis and Yung [19] showing equivalences between general decision and matching problems. Our proof is somewhat generic and can be used to prove that [17] is secure as well.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Abe, M., Ohkubo, M.: Provably secure fair blind signatures with tight revocation. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 583–601. Springer, Heidelberg (2001)
Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62–73 (1993)
Boneh, D.: The Decision Diffie-Hellman Problem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 48–63. Springer, Heidelberg (1998)
Brands, S.: Untraceable Off-Line Cash in Wallets with Observers. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 302–318. Springer, Heidelberg (1994)
Brickell, E., Gemmel, P., Kravitz, D.: Trustee-based tracing extensions to anonymous cash and the making of anonymous change. In: Proceedings of the 6th Annual Symposium on Discrete Algorithm, pp. 457–466 (January 1995)
Camenisch, J., Maurer, U., Stadler, M.: Digital payment systems with passive anonymity-revoking trustees. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 33–43. Springer, Heidelberg (1996)
Camenisch, J., Maurer, U., Stadler, M.: Digital payment systems with passive anonymity-revoking trustees. Journal of Computer Security 5(1). IOS Press (1997)
Camenisch, J., Piveteau, J.M., Stadler, M.: An efficient fair payment system. In: Proceedings of 3rd ACM Conference on Computer and Communications Security, pp. 88–94. ACM Press, New York (1996)
Camenisch, J., Stadler, M.: Efficient group signatures for large groups. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 410–424. Springer, Heidelberg (1997)
Chaum, D., Pedersen, T.: Wallet Databases with Observers. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 89–105. Springer, Heidelberg (1993)
Cramer, R., Pedersen, T.: Improved privacy in wallets with observers. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 329–343. Springer, Heidelberg (1994)
Davida, G., Frankel, Y., Tsiounis, Y., Yung, M.: Anonymity Control in E-Cash Systems. In: Luby, M., Rolim, J.D.P., Serna, M. (eds.) FC 1997. LNCS, vol. 1318, pp. 1–16. Springer, Heidelberg (1997)
de Solages, A., Traoré, J.: An Efficient Fair Off-Line Electronic Cash System with Extensions to Checks and Wallets with Observers. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 275–295. Springer, Heidelberg (1998)
El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory IT-31(4), 469–472 (1985)
Fiat, A., Shamir, A.: How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)
Frankel, Y., Tsiounis, Y., Yung, M.: Indirect discourse proofs: achieving fair offline electronic cash. In: Kim, K.-c., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 244–251. Springer, Heidelberg (1996)
Frankel, Y., Tsiounis, Y., Young, M.: Fair Off-Line e-cash Made Easy. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 257–270. Springer, Heidelberg (1998)
Franklin, M., Yung, M.: Secure and efficient off-line digital money. In: Lingas, A., Carlsson, S., Karlsson, R. (eds.) ICALP 1993. LNCS, vol. 700, pp. 265–276. Springer, Heidelberg (1993)
Handschuh, H., Tsiounis, Y., Yung, M.: Decision oracles are equivalent to Matching oracles. In: Imai, H., Zheng, Y. (eds.) PKC 1999. LNCS, vol. 1560, pp. 276–289. Springer, Heidelberg (1999)
Jakobsson, M., Yung, M.: Revokable and versatile electronic money. In: Proceedings of 3rd ACM Conference on Computer and Communications Security, pp. 76–87. ACM Press, New York (1996)
Juels, A., Luby, M., Ostrovsky, R.: Security of blind digital signatures. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 150–164. Springer, Heidelberg (1997)
Juels, A.: Trustee tokens: simple and practical anonymous digital coin tracing. In: Franklin, M.K. (ed.) FC 1999. LNCS, vol. 1648, pp. 29–45. Springer, Heidelberg (1999)
Kügler, D., Vogt, H.: Off-line payments with auditable tracing. In: Blaze, M. (ed.) FC 2002. LNCS, vol. 2357. Springer, Heidelberg (2003)
Meier, L.: Special aspects of escrowed-based e-cash systems, Master’s Thesis, Universit ät des Saarlandes (March 2000)
Okamoto, T., Ohta, K.: Divertible Zero-Knowledge Interactive Proofs and Commutative Random Self-Reducibility. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 481–496. Springer, Heidelberg (1990)
Pfitzmann, B., Sadeghi, A.-R.: Self-escrowed cash against user blackmailing. In: Frankel, Y. (ed.) FC 2000. LNCS, vol. 1962, pp. 42–52. Springer, Heidelberg (2001)
Pointcheval, D., Stern, J.: Security proofs for signatures schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)
Schnorr, C.P.: Efficient Signature Generation by Smart Cards. Journal of Cryptology 4(3), 161–174 (1991)
Stadler, M., Piveteau, J.M., Camenisch, J.: Fair Blind Signatures. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 209–219. Springer, Heidelberg (1995)
Traoré, J.: Group signatures and their relevance to privacy-protecting off-line electronic cash systems. In: Pieprzyk, J.P., Safavi-Naini, R., Seberry, J. (eds.) ACISP 1999. LNCS, vol. 1587, pp. 228–243. Springer, Heidelberg (1999)
Tsiounis, Y., Yung, M.: On the security of El Gamal-based encryption. In: Imai, H., Zheng, Y. (eds.) PKC 1998. LNCS, vol. 1431, pp. 117–134. Springer, Heidelberg (1998)
von Solms, S., Naccache, D.: On blind signatures and perfect crimes. Computer & Security 11, 581–583 (1992)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gaud, M., Traoré, J. (2003). On the Anonymity of Fair Offline E-cash Systems. In: Wright, R.N. (eds) Financial Cryptography. FC 2003. Lecture Notes in Computer Science, vol 2742. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45126-6_3
Download citation
DOI: https://doi.org/10.1007/978-3-540-45126-6_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40663-1
Online ISBN: 978-3-540-45126-6
eBook Packages: Springer Book Archive