Abstract
In Crypto '93, S. Brands presented a very efficient off-line electronic cash scheme based on the representation problem in groups of prime order. In Crypto '95 a very efficient off-line divisible e-cash scheme based on factoring Williams integers was presented by T. Okamoto. We demonstrate one efficient attack on Okamoto's scheme and two on Brands' scheme which allow users to mis-represent their identities and double-spend in an undetectable manner, hence defeating the most essential security aspect of the schemes. The attack on Brands' scheme (which we suspect, given his previous related results, was an inadvertent omission) is also applicable to T. Eng and T. Okamoto's divisible e-cash scheme (presented in Eurocrypt '94) which uses Brands' protocols as a building block.
We present an efficient modular fix which is applicable to any use of the Brands' idea, and we discuss how to counteract the attack on Okamoto's scheme. Hence the original results remain significant contributions to electronic cash.
This work was performed under U.S. Department of Energy contract number DE-AC04-94AL85000.
This author's research was partially funded by GTE Laboratories Incorporated, Waltham MA.
Preview
Unable to display preview. Download preview PDF.
References
S. Brands. An efficient off-line electronic cash system based on the representation problem. Technical Report CS-R9323, CWI (Centre for Mathematics and Computer Science), Amsterdam, 1993.
S. Brands. Untraceable off-line cash in wallets with observers. In Advances in Cryptology — Crypto '93, Proceedings (Lecture Notes in Computer Science 773), pages 302–318. Springer-Verlag, 1993.
D. Chaum. Blind signatures for untraceable payments. In D. Chaum, R.L. Rivest, and A. T. Sherman, editors, Advances in Cryptology. Proc. Crypto'82, pages 199–203, Santa Barbara, 1983. Plenum Press N. Y.
T. Eng and T. Okamoto. Single-term divisible electronic coins. In Advances in Cryptology — Eurocrypt '94, Proceedings, pages 306–319, New York, 1994. Springer-Verlag.
T. Okamoto. An efficient divisible electronic cash scheme. In Don Coppersmith, editor, Advances in Cryptology, Proc. of Crypto '95 (Lecture Notes in Computer Science 963), pages 438–451. Springer-Verlag, 1995. Santa Barbara, California, U.S.A., August 27–31.
T. Okamoto, 1996. Personal communication.
C. P. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology, 4(3):161–174, 1991.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1996 Springer-Verlag
About this paper
Cite this paper
Chan, A., Frankel, Y., MacKenzie, P., Tsiounis, Y. (1996). Mis-representation of identities in e-cash schemes and how to prevent it. In: Kim, K., Matsumoto, T. (eds) Advances in Cryptology — ASIACRYPT '96. ASIACRYPT 1996. Lecture Notes in Computer Science, vol 1163. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0034854
Download citation
DOI: https://doi.org/10.1007/BFb0034854
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-61872-0
Online ISBN: 978-3-540-70707-3
eBook Packages: Springer Book Archive