Abstract
We present an e-cash scheme which provides a trade-off between anonymity and efficiency, by amortizing the cost of zero-knowledge and signature computation in the cash generation phase.
Our work solves an open problem of Okamoto in divisible e-cash. Namely, we achieve results similar to those of Okamoto, but (1) based on traditional complexity assumptions (rather than ad hoc ones), and (2) within a much crisper definitional framework that highlights the anonymity properties, and (3) in a simple fashion.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
S. Brands. Untraceable off-line cash in wallet with observers. In Advances in Cryptology— CRYPTO’93, 1993.
M. Blum, A. De Santis, S. Micali, and G. Persiano. Noninteractive Zero-Knowledge. In SIAM Journal on Computing 20(6): pp. 1084–1118, 1991.
E. Brickell, P. Gemmell, and D. Kravitz. Trustee-Based Tracing Extensions to Anonymous Cash and the Making of Anonymous Change. In Proceedings of SODA’ 95, 1995.
A. Beimel, T. Malkin, and S. Micali. The All-or-Nothing Nature of Two-Party Secure Computation. In Advances in Cryptology: Crypto’99, 1999.
D. Chaum. Blind Signatures for Untraceable Payments. In Advances in Cryptology: Crypto’82, 1983.
J. Camenisch, U. Maurer, and M. Stadler. Digital Payment Systems with Passive Anonymity-Revoking Trustees. In Lecture Notes in Computer Science vol. 1146, 1996.
J. Camenisch, J. Piveteau, and M. Stadler. Fair Blind Signatures. In Proceedings of EuroCrypt’95, 1995.
S. D’amingo and G. Di Crescenzo. Methodology for Digital Money based on General Cryptographic Tools. In Advances in Cryptology: Eurocrypt’94, 1994.
G. Davida, Y. Frankel, Y. Tsionnis, and M. Yung. Anonymity Control in Electronic Cash Systems. In Proceedings of 1st Financial Crypto, 1997.
T. Eng and T. Okamoto. Single-Term Divisible Coins In Advances in Cryptology: Eurocrypt’94, 1994.
E. Fujisaki and T. Okamoto. Practical Escrow Cash System. In Lecture Notes in Computer Science vol. 1189, 1997.
A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In Advances in Cryptology: Crypto’86, 1986.
O. Goldreich, L. Levin. A hard-core predicate for all one-way functions. In Proceedings of the Twenty-First Annual ACM Symposium on Theory of Computing, 1989.
S. Goldwasser, M. Micali, and C. Rackoff. The knowledge complexity of interactive proof systems. In SIAM Journal on Computing 18, pp. 186–208, 1989. Preliminary version in Proceedings of STOC’85, 1985.
S. Goldwasser, S. Micali, and R. Rivest. A digital signature scheme secure against adaptive chosen-message addatcks. In SIAM Journal on Computing 17(2), pp. 21–25, 1988.
O. Goldreich, S. Micalia, and A. Wigderson. Proofs that yield nothing but their validity, or all languages in NP have zero-knowledge proof systems. In Journal of the ACM, 38(3), pp. 691–729, 1991.
Louis Claude Guillou and Jean-Jacques Quisquater. A “paradoxical” indentity-based signature scheme resulting from zero-knowledge. In Advances in Cryptology: Cyrpto’88, 1988.
M. Jakobsson and J. Muller. Improved Magic Ink Signatures Using Hints. In Proceedings of Financial Crypto’99, 1999.
M. Jakobsson and M. Yung. Revokable and Versatile Electronic Money. In 3rd ACM Conference on Computer and Communications Security, 1996.
E. Mohammed, A.-E. Emarah, and K. El-Shennaway. A Blind Signature Scheme Based on ElGamal Signature. In Proceedings of the Seventeenth National Radio Science Conference, 17th NRSC 2000, 2000.
Silvio Micali. A secure and efficient digital signature algorithm. Technical Report MIT/LCS/TM-501, Massachusetts Institute of Technology, Cambridge, MA, March 1994.
R. Molender, D. Mussington, and P. Wilson. Cyberpayments and Money Laundering: Problems and Promise. Document MR-965-OSTP/FinCEN, 1998. Available at http://www.rand.org/publications/MR/MR965/MR965.pdf
R. Merkle. Protocls for Public Key Cryptosystems. In Proceedings of the 1980 Symposium on Security and Privacy, 1980.
D. M’Raihi. Cost-Effective Payment Schemes with Privacy Regulation. In Proceedings of ASIACRYPT’96, 1996.
D. Naccache and S. von Solms. On Blind Signatures and Perfect Crimes. In Computation and Security, 1992.
T. Okamoto. An Efficient Divisible Electronic Cash Scheme. In Advances in Cryptology: Crypto’95, 1995.
K. Ohta and T. Okamoto. Universal Electronic Cash. In Advances in Cryptology: Crypto’91, 1992.
J.C. Pailles. New Protocols for Electronic Money In Proceedings of Auscrypt’92, 1993.
H. Peterson and G. Poupad. Efficient Scalable Fair Cash with Offline Extortion Protection. In Lecture Notes in Computer Science vol. 1334, 1997.
C.P. Schnorr. Efficient Identification and Signatures for Smart Cards. In Advances in Cryptology: EUROCRYPT’89, 1989.
T. Sander and A. Ta-Shma. Auditable, Anonymous Electronic Cash Extended Abstract In Advances in Cryptology: Crypto’99, 1999.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Liskov, M., Micali, S. (2002). Amortized E-Cash. In: Syverson, P. (eds) Financial Cryptography. FC 2001. Lecture Notes in Computer Science, vol 2339. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46088-8_1
Download citation
DOI: https://doi.org/10.1007/3-540-46088-8_1
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44079-6
Online ISBN: 978-3-540-46088-6
eBook Packages: Springer Book Archive