Journal of Communications and Networks

  • 제4권2호
  • /
  • Pages.81-89
  • /
  • 2002
  • /
  • 1229-2370(pISSN)
  • /
  • 1976-5541(eISSN)
한국통신학회 (The Korean Institute of Commucations and Information Sciences)
권호 표지

Design and Implementation of an Efficient Fair Off-line E-Cash System based on Elliptic Curve Discrete Logarithm Problem

  • 발행 : 2002.06.01
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

In this paper, we design and implement an efficient fair off-line electronic cash system based on Elliptic Curve Discrete Logarithm Problem (ECDLP), in which the anonymity of coins is revocable by a trustee in case of dispute. To achieve this, we employ the Petersen and Poupard s electronic cash system [1] and extend it by using an elliptic curve over the finite field GF($2^n$). This naturally reduces message size by 85% compared with the original scheme and makes a smart card to store coins easily. Furthermore, we use the Baek et al. s provably secure public key encryption scheme [2] to improve the security of electronic cash system. As an extension, we propose a method to add atomicity into new electronic cash system. To the best of our knowledge, this is the first result to implement a fair off-line electronic cash system based on ECDLP with provable security.

키워드

참고문헌

  1. H. Petersen and G. Poupard, 'Efficient scalable fair cash with off-line ex-tortion prevention,' (Technical Report, ENS, 33 pages, 1997), short ver-sion in Proc. of Int. Conf. on Inform, and Commun. Security (ICICS'97), LNCS 1334, Springer-Verlag, 1997, pp.463-477
  2. J. Baek, B. Lee, and K. Kim, 'Provably secure length-saving public key encryption scheme under the computational Diffie-Hellman assumption,' ETRI J., vol.22, no.4, pp.25-32, 2000 https://doi.org/10.4218/etrij.00.0100.0403
  3. D. Chaum, 'Blind signatures for untraceable payments,' In Advances in Cryptology-Proc. of CRYPTO '82, Plenum Press, 1983, pp.199-203
  4. D. Chaum, 'Privacy protected payments: Unconditional payer and/or payee anonymity,' Smart Card 2000: The future of IC Cards, North-Holland, pp.69-93, 1989
  5. D. Chaum, A. Fiat, and M. Noar, 'Untraceable electronic cash,' In Ad-vances in Cryptology-Proc. of CRYPTO '88, LNCS 403, Springer-Verlag, 1988,pp.319-327
  6. T. Okamoto and K. Ohta, 'Universal electronic cash,' In Advances in Cryptotogy-Proc. of CRYPT0'91, LNCS 576, Springer-Verlag, 1991, pp.324-337
  7. T. Okamoto, 'An efficient divisible electronic cash scheme,' In Advances in Cryptoloey-Proc. of CRYPTO '95, LNCS 963, Springer-Verlag, 1995, pp. 438-451
  8. S. Brands, 'Untraceable off-line cash in wallets with observers,' in Ad-vances in Cryptotogy-Proc. of CRYPT0'93, LNCS 773, Springer-Verlag, 1994,pp.302-318
  9. S. von Solms and D. Naccache, 'On blind signatures and perfect crimes,' Computers and Security, pp. 581-583, 1992
  10. E. Brickell, P. Gemmell, and D. Kravitz, 'Trustee-based tracing extensions to anonymous cash and the making of anonymous exchange,' in Proc. of 6th Annual ACM-SIAM Symposium on Discrete Algorithms (SODA), 1995, pp. 457-466
  11. M. Jakobsson and M. Yung, 'Revokable and versatile e-money,' in Proc. of 3rd annual ACM Conf. on Computer and Commun. Security, 1996, pp.76-87
  12. J. Camenisch, J. M. Piveteau, and M. Stadler, 'An effcient fair payment system,' in Proc. of 3rd ACM Conference on Computer and Commun. Security, ACM Press, 1996, pp.88-94
  13. M. Stadler, J. M. Piveteau, and J. Camenisch, 'Fair-blind signatures,' In Advances in Cryptology-Proc. of EUROCRYPT'95, LNCS 921, Springer-Verlag, 1995, pp. 209-219
  14. E. Fujisaki and T. Okamoto, 'Practical escrow cash system,' in Proc. of 1996 Cambridge Workshop on Security Protocols, LNCS 1189, Springer-Verlag, 1997, pp. 33-48
  15. D. M'Ralhi, 'Cost effective payment schemes with privacy regulations,' In Advances in Cryptology-Proc. of ASIACRYPT'96, LNCS 1163, Sprmger-Verlag, 1996, pp. 266-275
  16. J. Camenisch, U. Maurer, and M. Stadler, 'Digital payment systems with passive anonymity-revoking trustees,' in Proc. of ES0RICS'96, LNCS 1146, Springer- Verlag, 1996, PP. 31-43
  17. Y. Frankel, Y. Tsiounis, and M. Yung, 'Indrect discourse proofs : Achiev-ing efficient fair off-line e-cash,' In Advances in Cryptotogy-Proc. of ASIACRYPT'96, LNCS 1163, Sphnger-Verlag, 1996, pp. 286-300
  18. J. D. Tygar, 'Atomicity in electronic commerce,' in Proc. of Fifteen An nual ACM Symposium on Principles of Distributed Computing, Philadel phia, 1996, pp. 8-26
  19. J. Camp et al., 'Anonymous atomic transactions,' 2nd Usenix. in Electronic Commerce, pp. 123-133, 1996
  20. M. Sirbu and J. D. Tygar, 'NetBill: An internet commerce system optimized for networked delivered services,' in Proc. IEEE COMPCON'95, 1995,pp.20-25
  21. M. Bellare et al., 'Variety cash: A multi-purpose electronic payment sys tern,' 3rd Usenix in Etectronic Commerce, pp. 9-24, 1998
  22. S. Xu et al,, 'Money conservation via atomicity in fair off-line e-cash,' in Proc. of the 2nd Int. Inform, Security Workshop, LNCS 1729, Springer-Verlag, 1999, pp. 14-31
  23. D. Pointcheval, 'Chosen-ciphertext security for any one-way cryptosys-tern,' in Proc. of PKC2000, LNCS 1751, Springer-Verlag, 2000, pp. 223-238
  24. W. Diffie and M. E. Hellman, 'New directions in cryptography,' IEEE Trans. Inform, Theory, vol.IT-22, no. 6, pp. 644-654, 1976
  25. Standard specifications (the latest draft: June 29, 1999): 128-bit symmet-ric block cipher SEED (in Korean)
  26. M. Rosing, 'Implementing elliptic curve cryptography,' Manning, 1998
  27. R. Schroeppel et al., 'Fast key exchange with elliptic curve system,' In Ad-vances in Cryptology-Proc. of CRYPT0'96, LNCS 963, Springer-Verlag, 1995,pp.43-56
  28. IEEE Pl 363 draft version 9. 'Standard specifications for public key cryp-tography', 1999, http: //grouper, ieee -org/ groups /1363/
  29. L. Law et al., 'An efficient protocol for authenticated key agreement proto-col,' Technical Report CORR 98-5. University of Waterloo, Canada, 1998
  30. D. Pointcheval and J. Stern, 'Provably secure blind signature scheme,' In Advunces in Cryntotosy-Proc. of AS1ACRYPT'96, LNCS Vo1.1163,Springer-Verlag, 1996, pp.252-265
  31. C. P. Schnorr, 'EfRcient identification and signatures for smart cards,' In Advances in CryploIogy-Proc. of CRYPT0'89, LNCS 435, Springer-Vcrlag, 1990, pp.239-251