Browse > Article

Design and Implementation of an Efficient Fair Off-line E-Cash System based on Elliptic Curve Discrete Logarithm Problem  

Lee, Manho (KFTC)
Gookwhan Ahn (SECUi.COM)
Kim, Jinho (KISA)
Park, Jaegwan (LG CNS)
Lee, Byoungcheon (Joongbu Univ)
Kim, Kwangjo (ICU)
Lee, Hyuckjae (ICU)
Publication Information
Journal of Communications and Networks / v.4, no.2, 2002 , pp. 81-89 More about this Journal
Abstract
In this paper, we design and implement an efficient fair off-line electronic cash system based on Elliptic Curve Discrete Logarithm Problem (ECDLP), in which the anonymity of coins is revocable by a trustee in case of dispute. To achieve this, we employ the Petersen and Poupard s electronic cash system [1] and extend it by using an elliptic curve over the finite field GF($2^n$). This naturally reduces message size by 85% compared with the original scheme and makes a smart card to store coins easily. Furthermore, we use the Baek et al. s provably secure public key encryption scheme [2] to improve the security of electronic cash system. As an extension, we propose a method to add atomicity into new electronic cash system. To the best of our knowledge, this is the first result to implement a fair off-line electronic cash system based on ECDLP with provable security.
Keywords
Electronic cash; anonymity revocation; atomicity; elliptic curve discrete logarithm problem.;
Citations & Related Records

Times Cited By Web Of Science : 17  (Related Records In Web of Science)
Times Cited By SCOPUS : 11
연도 인용수 순위
1 D. Pointcheval, 'Chosen-ciphertext security for any one-way cryptosys-tern,' in Proc. of PKC2000, LNCS 1751, Springer-Verlag, 2000, pp. 223-238
2 W. Diffie and M. E. Hellman, 'New directions in cryptography,' IEEE Trans. Inform, Theory, vol.IT-22, no. 6, pp. 644-654, 1976
3 D. Chaum, 'Blind signatures for untraceable payments,' In Advances in Cryptology-Proc. of CRYPTO '82, Plenum Press, 1983, pp.199-203
4 T. Okamoto and K. Ohta, 'Universal electronic cash,' In Advances in Cryptotogy-Proc. of CRYPT0'91, LNCS 576, Springer-Verlag, 1991, pp.324-337
5 J. Camenisch, J. M. Piveteau, and M. Stadler, 'An effcient fair payment system,' in Proc. of 3rd ACM Conference on Computer and Commun. Security, ACM Press, 1996, pp.88-94
6 IEEE Pl 363 draft version 9. 'Standard specifications for public key cryp-tography', 1999, http: //grouper, ieee -org/ groups /1363/
7 D. Chaum, A. Fiat, and M. Noar, 'Untraceable electronic cash,' In Ad-vances in Cryptology-Proc. of CRYPTO '88, LNCS 403, Springer-Verlag, 1988,pp.319-327
8 E. Brickell, P. Gemmell, and D. Kravitz, 'Trustee-based tracing extensions to anonymous cash and the making of anonymous exchange,' in Proc. of 6th Annual ACM-SIAM Symposium on Discrete Algorithms (SODA), 1995, pp. 457-466
9 M. Bellare et al., 'Variety cash: A multi-purpose electronic payment sys tern,' 3rd Usenix in Etectronic Commerce, pp. 9-24, 1998
10 M. Stadler, J. M. Piveteau, and J. Camenisch, 'Fair-blind signatures,' In Advances in Cryptology-Proc. of EUROCRYPT'95, LNCS 921, Springer-Verlag, 1995, pp. 209-219
11 S. Xu et al,, 'Money conservation via atomicity in fair off-line e-cash,' in Proc. of the 2nd Int. Inform, Security Workshop, LNCS 1729, Springer-Verlag, 1999, pp. 14-31
12 M. Jakobsson and M. Yung, 'Revokable and versatile e-money,' in Proc. of 3rd annual ACM Conf. on Computer and Commun. Security, 1996, pp.76-87
13 C. P. Schnorr, 'EfRcient identification and signatures for smart cards,' In Advances in CryploIogy-Proc. of CRYPT0'89, LNCS 435, Springer-Vcrlag, 1990, pp.239-251
14 H. Petersen and G. Poupard, 'Efficient scalable fair cash with off-line ex-tortion prevention,' (Technical Report, ENS, 33 pages, 1997), short ver-sion in Proc. of Int. Conf. on Inform, and Commun. Security (ICICS'97), LNCS 1334, Springer-Verlag, 1997, pp.463-477
15 D. Chaum, 'Privacy protected payments: Unconditional payer and/or payee anonymity,' Smart Card 2000: The future of IC Cards, North-Holland, pp.69-93, 1989
16 S. Brands, 'Untraceable off-line cash in wallets with observers,' in Ad-vances in Cryptotogy-Proc. of CRYPT0'93, LNCS 773, Springer-Verlag, 1994,pp.302-318
17 D. M'Ralhi, 'Cost effective payment schemes with privacy regulations,' In Advances in Cryptology-Proc. of ASIACRYPT'96, LNCS 1163, Sprmger-Verlag, 1996, pp. 266-275
18 M. Sirbu and J. D. Tygar, 'NetBill: An internet commerce system optimized for networked delivered services,' in Proc. IEEE COMPCON'95, 1995,pp.20-25
19 R. Schroeppel et al., 'Fast key exchange with elliptic curve system,' In Ad-vances in Cryptology-Proc. of CRYPT0'96, LNCS 963, Springer-Verlag, 1995,pp.43-56
20 J. Camp et al., 'Anonymous atomic transactions,' 2nd Usenix. in Electronic Commerce, pp. 123-133, 1996
21 J. Camenisch, U. Maurer, and M. Stadler, 'Digital payment systems with passive anonymity-revoking trustees,' in Proc. of ES0RICS'96, LNCS 1146, Springer- Verlag, 1996, PP. 31-43
22 Standard specifications (the latest draft: June 29, 1999): 128-bit symmet-ric block cipher SEED (in Korean)
23 L. Law et al., 'An efficient protocol for authenticated key agreement proto-col,' Technical Report CORR 98-5. University of Waterloo, Canada, 1998
24 D. Pointcheval and J. Stern, 'Provably secure blind signature scheme,' In Advunces in Cryntotosy-Proc. of AS1ACRYPT'96, LNCS Vo1.1163,Springer-Verlag, 1996, pp.252-265
25 J. Baek, B. Lee, and K. Kim, 'Provably secure length-saving public key encryption scheme under the computational Diffie-Hellman assumption,' ETRI J., vol.22, no.4, pp.25-32, 2000   DOI   ScienceOn
26 E. Fujisaki and T. Okamoto, 'Practical escrow cash system,' in Proc. of 1996 Cambridge Workshop on Security Protocols, LNCS 1189, Springer-Verlag, 1997, pp. 33-48
27 M. Rosing, 'Implementing elliptic curve cryptography,' Manning, 1998
28 Y. Frankel, Y. Tsiounis, and M. Yung, 'Indrect discourse proofs : Achiev-ing efficient fair off-line e-cash,' In Advances in Cryptotogy-Proc. of ASIACRYPT'96, LNCS 1163, Sphnger-Verlag, 1996, pp. 286-300
29 S. von Solms and D. Naccache, 'On blind signatures and perfect crimes,' Computers and Security, pp. 581-583, 1992
30 T. Okamoto, 'An efficient divisible electronic cash scheme,' In Advances in Cryptoloey-Proc. of CRYPTO '95, LNCS 963, Springer-Verlag, 1995, pp. 438-451
31 J. D. Tygar, 'Atomicity in electronic commerce,' in Proc. of Fifteen An nual ACM Symposium on Principles of Distributed Computing, Philadel phia, 1996, pp. 8-26