Anonymous reputation based reservations in e-commerce (AMNESIC)

Online reservation systems have grown over the last recent years to facilitate the purchase of goods and services. Generally, reservation systems require that customers provide some personal data to make a reservation effective. With this data, service providers can check the consumer history and decide if the user is trustable enough to get the reserve. Although the reputation of a user is a good metric to implement the access control of the system, providing personal and sensitive data to the system presents high privacy risks, since the interests of a user are totally known and tracked by an external entity. In this paper we design an anonymous reservation protocol that uses reputations to profile the users and control their access to the offered services, but at the same time it preserves their privacy not only from the seller but the service provider

A Novel Identity Based Blind Signature Scheme using DLP for E-Commerce

Abstract— Blind signatures are used in the most of the application where confidentiality and authenticity are the main issue. Blind signature scheme deals with concept where requester sends the request that the signer should sign on a blind message without looking at the content. Many ID based blind signature are proposed using bilinear pairings and elliptic curve. But the relative computation cost of the pairing in bilinear pairings and ID map into an elliptic curve are huge. In order to save the running time and the size of the signature, this paper proposed a scheme having the property of both concepts identity based blind signature that is based on Discrete Logarithm Problem, so as we know that DLP is a computational hard problem and hence the proposed scheme achieves all essential and secondary security prematurity. With the help of the proposed scheme, this paper implemented an E-commerce system in a secure way. E-commerce is one of the most concern applications of ID based blind signature scheme. E-commerce consisting selling and buying of products or services over the internet and open network. ID based blind signature scheme basically has been used enormously as a part of today’s focussed business. Our proposed scheme can be also be used in E-business, E-voting and E-cashing anywhere without any restriction DOI: 10.17762/ijritcc2321-8169.15060

Formal Analysis of E-Cash Protocols

International audienceElectronic cash (e-cash) aims at achieving client privacy at payment, similar to real cash. Several security protocols have been proposed to ensure privacy in e-cash, as well as the necessary unforgery properties. In this paper, we propose a formal framework to define, analyze, and verify security properties of e-cash systems. To this end, we model e-cash systems in the applied π-calculus, and we define two client privacy properties and three properties to prevent forgery. Finally, we apply our definitions to an e-cash protocol from the literature proposed by Chaum et al., which has two variants and a real implementation based on it. Using ProVerif, we demonstrate that our framework is suitable for an automated analysis of this protocol

Non-conventional digital signatures and their implementations – A review

The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-19713-5_36The current technological scenario determines a profileration of trust domains, which are usually defined by validating the digital identity linked to each user. This validation entails critical assumptions about the way users’ privacy is handled, and this calls for new methods to construct and treat digital identities. Considering cryptography, identity management has been constructed and managed through conventional digital signatures. Nowadays, new types of digital signatures are required, and this transition should be guided by rigorous evaluation of the theoretical basis, but also by the selection of properly verified software means. This latter point is the core of this paper. We analyse the main non-conventional digital signatures that could endorse an adequate tradeoff betweeen security and privacy. This discussion is focused on practical software solutions that are already implemented and available online. The goal is to help security system designers to discern identity management functionalities through standard cryptographic software libraries.This work was supported by Comunidad de Madrid (Spain) under the project S2013/ICE-3095-CM (CIBERDINE) and the Spanish Government project TIN2010-19607

New Blind Muti-signature Schemes based on ECDLP

In various types of electronic transactions, including election systems and digital cash schemes, user anonymity and authentication are always required. Blind signatures are considered the most important solutions to meeting these requirements. Many studies have focused on blind signature schemes; however, most of the studied schemes are single blind signature schemes. Although blind multi-signature schemes are available, few studies have focused on these schemes. In this article, blind multi-signature schemes are proposed based on the Elliptic Curve Discrete Logarithm Problem (ECDLP). The proposed schemes are based on the GOST R34.10-2012 digital signature standard and the EC-Schnorr digital signature scheme, and they satisfy blind multi-signature security requirements and have better computational performance than previously proposed schemes. The proposed schemes can be applied in election systems and digital cash schemes

Development of a certificate less digital signature scheme & implementation in e-cash system

Today’s wireless communication systems having limited computational resources and communication bandwidth find certificate less public-key cryptosystems very attractive and vital to their operations in the sense that they help in reducing a significant amount of data load on the network. To eliminate the need of public key digital certificates Shamir proposed ID based cryptosystems in which the user’s identity (e.g. name or email id) is used as the public key. However this method had a major drawback of the key escrow problem as a result of which certificate less digital signature (CDS) came into light. The main idea behind CDS is that there’s a private key generator (PKG) which generates a partial private key for the user .Then using that key and some of its own private information the user computes its actual private key. PKG’s public parameters and the user’s private key together calculate the user’s public key. Harn, Ren and Lin in 2008 proposed a CDS model which consisted of four generic modules namely PKG, user key generation, signature generation and verification. In this paper, we propose an improvement of the aforesaid CDS scheme in terms of time complexity and signature length and implement the new scheme in an e-cash model proposed by Popescu and Oros. Performance analysis of both the schemes has been carried out in details

How to Issue a Central Bank Digital Currency

With the emergence of Bitcoin and recently proposed stablecoins from BigTechs, such as Diem (formerly Libra), central banks face growing competition from private actors offering their own digital alternative to physical cash. We do not address the normative question whether a central bank should issue a central bank digital currency (CBDC) or not. Instead, we contribute to the current research debate by showing how a central bank could do so, if desired. We propose a token-based system without distributed ledger technology and show how earlier-deployed, software-only electronic cash can be improved upon to preserve transaction privacy, meet regulatory requirements in a compelling way, and offer a level of quantum-resistant protection against systemic privacy risk. Neither monetary policy nor financial stability would be materially affected because a CBDC with this design would replicate physical cash rather than bank deposits.Comment: Swiss National Bank Working Paper3/202