• Title/Summary/Keyword: Compact E-cash

Search Result 2, Processing Time 0.014 seconds

Compact E-Cash with Practical and Complete Tracing

  • Lian, Bin;Chen, Gongliang;Cui, Jialin;He, Dake
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.7
    • /
    • pp.3733-3755
    • /
    • 2019

  • E-cash has its merits comparing with other payment modes. However, there are two problems, which are how to achieve practical/complete tracing and how to achieve it in compact E-cash. First, the bank and the TTP (i.e., trusted third party) have different duties and powers in the reality. Therefore, double-spending tracing is bank's task, while unconditional tracing is TTP's task. In addition, it is desirable to provide lost-coin tracing before they are spent by anyone else. Second, compact E-cash is an efficient scheme, but tracing the coins from double-spender without TTP results in poor efficiency. To solve the problems, we present a compact E-cash scheme. For this purpose, we design an embedded structure of knowledge proof based on a new pseudorandom function and improve the computation complexity from O(k) to O(1). Double-spending tracing needs leaking dishonest users' secret knowledge, but preserving the anonymity of honest users needs zero-knowledge property, and our special knowledge proof achieves it with complete proofs. Moreover, the design is also useful for other applications, where both keeping zero-knowledge and leaking information are necessary.

  • https://doi.org/10.3837/tiis.2019.07.022 인용 PDF KSCI HTML

Double-Blind Compact E-cash from Bilinear Map

  • Chen, Jiyang;Lian, Bin;Li, Yongjie;Cui, Jialin;Yu, Ping;Shu, Zhenyu;Tao, Jili
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.16 no.4
    • /
    • pp.1266-1285
    • /
    • 2022

  • Compact E-cash is the first scheme which can withdraw 2l coins within 𝒪(1) operations and then store them in 𝒪(𝑙) bits. Because of its high efficiency, a lot of research has been carried out on its basis, but no previous research pay attention to the privacy of payees and in some cases, payees have the same privacy requirement as payers. We propose a double-blind compact E-cash scheme, which means that both the payer and the payee can keep anonymous while spending. In our scheme, the payer and the bank cannot determine whether the payees of two different transactions are the same one and connect the payee with transactions related to him, in this way, the privacy of the payee is protected. And our protocols disconnect the received coin from previous transaction, then, the coin can be transferred into an unspent coin which belongs to the payee. The proposed e-cash scheme is secure within y-DDHI and LRSW assumption.

  • https://doi.org/10.3837/tiis.2022.04.010 인용 PDF KSCI HTML