Flexibly-Configurable and Computation-Efficient Digital Cash with Polynomial-Thresholded Coinage

  • Alwyn Goh
  • Kuan W. Yip
  • David C. L. Ngo
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2828)


This paper describes an extension of the Brands protocol to incorporate flexibly-divisble k-term Coins via application of Shamir polynomial parameterisation and Feldman-Pedersen zero knowledge (ZK) verification. User anonymity is preserved for up to k sub-Coin Payments per k-term Coin, but revoked for over-Payments with (k+1) or more sub-Coins. Poly-cash construction using only discrete logarithm (DL) or elliptic curve (EC) operations enables efficient implementation in terms of the latter; which constitutes an advantage over previous divisble Coin formulations based on quadratic residue (QR) binary-trees, integer factorisation (IF) cryptography or hybrid DL/IF. Comparative analysis of Poly-cash and previous protocols illustrates the advantages of the former for operationally realistic Coin sub-denominations. The advantage of Poly-cash in terms computational overhead is particularly significant, and facilitates implementation on lightweight User Purses and Merchant Payment-terminals. Configurable k-divisibility is also an important consideration for real-world applicability with decimal currency denominations, which is not well addressed by the binarised values of QR-tree divisible Coins.


Elliptic Curve Communication Overhead Discrete Logarithm Quadratic Residue User Anonymity 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Chaum, D., Fiat, A., Noar, M.: Untraceable Electronic Cash. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 319–327. Springer, Heidelberg (1990)CrossRefGoogle Scholar
  2. 2.
    Brands, S.: Untraceable Off-Line Cash in Wallets with Observers. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 302–318. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  3. 3.
    Brands, S.: An Efficient Off-line Electronic Cash System based on the Representation Problem. Tech Rep CS-R9323, CWI (1993)Google Scholar
  4. 4.
    Okamoto, T., Ohta, K.: Universal Electronic Cash. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 324–337. Springer, Heidelberg (1992)Google Scholar
  5. 5.
    Okamoto, T.: An Efficient Divisible Electronic Cash Scheme. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 438–451. Springer, Heidelberg (1995)Google Scholar
  6. 6.
    Chan, A., Frankel, Y., Tsiounnis, Y.: Easy come- easy go divisible cash. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 561–575. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  7. 7.
    Ferguson, N.: Extensions of Single-Term Coins. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 292–301. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  8. 8.
    Shamir, A.: How to Share a Secret. ACM Comms. (1979)Google Scholar
  9. 9.
    Feldman, P.: A Practical Scheme for Non-Interactive VSS. In: IEEE Symp. Foundations Comp. Sc. (1987)Google Scholar
  10. 10.
    Pedersen, T.P.: Non-Interactive and Information-Theoretic Secure VSS. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)Google Scholar
  11. 11.
    Menezes, A.: Comparing the security of ECC and RSA (January 11, 2000), at
  12. 12.
    P1363/D13, Draft Version 13, Standard Specification for PKC (1999)Google Scholar
  13. 13.
    Yip, W.K.: Divisible Digital Cash via Secret Sharing Schemes. Masters in Comp Sc Thesis, Universiti Sains Malaysia (2001)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2003

Authors and Affiliations

  • Alwyn Goh
    • 1
  • Kuan W. Yip
    • 2
  • David C. L. Ngo
    • 3
  1. 1.Corentix LaboratoriesPetaling JayaMalaysia
  2. 2.Help InstituteBZ-2 Pusat Bandar DamansaraKuala LumpurMalaysia
  3. 3.Faculty of Information Science & TechnologyMultimedia UniversityMelakaMalaysia

Personalised recommendations