11 research outputs found
More Compact E-Cash with Efficient Coin Tracing
In 1982, Chaum \cite{Chaum82} pioneered the anonymous e-cash which finds many applications in e-commerce. In 1993, Brands \cite{Brands93apr,Brands93,Brands93tm} and Ferguson \cite Ferguson93c,Ferguson93} published on single-term offline anonymous e-cash which were the first practical e-cash. Their constructions used blind signatures and were inefficient to implement multi-spendable e-cash. In 1995, Camenisch, Hohenberger, and Lysyanskaya
\cite{CaHoLy05} gave the first compact -spendable e-cash, using zero-knowledge-proof techniques. They left an open problem of the simultaneous attainment of -unit wallet size and efficient coin tracing. The latter property is needed to revoke {\em bad} coins from over-spenders. In this paper, we solve \cite{CaHoLy05}\u27s open problem, and thus enable the first practical compact e-cash. We use a new technique whose security reduces to a new intractability Assumption: the {\em Decisional Harmonic-Relationed Diffie-Hellman (DHRDH) Assumption}
Anonymous, authentic, and accountable resource management based on the E-cash paradigm
The prevalence of digital information management in an open network has driven
the need to maintain balance between anonymity, authenticity and accountability (AAA).
Anonymity allows a principal to hide its identity from strangers before trust relationship
is established. Authenticity ensures the correct identity is engaged in the transaction even
though it is hidden. Accountability uncovers the hidden identity when misbehavior of the
principal is detected. The objective of this research is to develop an AAA management
framework for secure resource allocations. Most existing resource management schemes
are designed to manage one or two of the AAA attributes. How to provide high strength
protection to all attributes is an extremely challenging undertaking. Our study shows that
the electronic cash (E-cash) paradigm provides some important knowledge bases for this
purpose. Based on Chaum-Pederson’s general transferable E-cash model, we propose a
timed-zero-knowledge proof (TZKP) protocol, which greatly reduces storage spaces and
communication overheads for resource transfers, without compromising anonymity and
accountability. Based on Eng-Okamoto’s general divisible E-cash model, we propose a hypercube-based divisibility framework, which provides a sophisticated and flexible way
to partition a chunk of resources, with different trade-offs in anonymity protection and
computational costs, when it is integrated with different sub-cube allocation schemes.
Based on the E-cash based resource management framework, we propose a privacy
preserving service oriented architecture (SOA), which allows the service providers and
consumers to exchange services without leaking their sensitive data. Simulation results
show that the secure resource management framework is highly practical for missioncritical
applications in large scale distributed information systems
Transferable Constant-Size Fair E-Cash
International audienceWe propose a new blind certification protocol that provides interesting properties while remaining efficient. It falls in the Groth-Sahai framework for witness-indistinguishable proofs, thus extended to a certified signature it immediately yields non-frameable group signatures. We then use it to build an efficient (offline) e-cash system that guarantees user anonymity and transferability of coins without increasing their size. As required for fair e-cash, in case of fraud, anonymity can be revoked by an authority, which is also crucial to deter from double spending
Advances in signatures, encryption, and E-Cash from bilinear groups
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2006.Includes bibliographical references (p. 147-161).We present new formal definitions, algorithms, and motivating applications for three natural cryptographic constructions. Our constructions are based on a special type of algebraic group called bilinear groups. 1. Re-Signatures: We present the first public key signature scheme where a semi-trusted proxy, given special information, can translate Alice's signature on a message into Bob's signature on the same message. The special information, however, allows nothing else, i.e., the proxy cannot translate from Bob to Alice, nor can it sign on behalf of either Alice or Bob. We show that a path through a graph can be cheaply authenticated using this scheme, with applications to electronic passports. 2. Re-Encryption: We present the first public key cryptosystem where a semi-trusted proxy, given special information, can translate an encryption of a message under Alice's key into an encryption of the same message under Bob's key. Again, the special information allows nothing else, i.e. the proxy cannot translate from Bob to Alice, decrypt on behalf of either Alice or Bob, or learn anything else about the message. We apply this scheme to create a new mechanism for secure distributed storage.(cont.) 3. Compact; E-Cash with Tracing and Bounded-Anonymity: We present an offline e-cash system where 2 coins can be stored in O(e + k) bits and withdrawn or spent in 0(f + k) time, where k is the security parameter. The best previously known schemes required at least one of these complexities to be 0(2t . k). In our system, a user's transactions are anonymous and unlinkable, unless she performs a forbidden action, such as double-spending a coin. Performing a forbidden action reveals the identity of the user, and optionally allows to trace all of her past transactions. We provide solutions without using a trusted party. We argue why features of our system are likely to be crucial to the adoption of any e-cash system.by Susan Hohenberger.Ph.D