Presentation is loading. Please wait.

Presentation is loading. Please wait.

Efficient Anonymous Cash Using the Hash Chain Member:劉岱穎,吳展奇,林智揚

Published byClemence Knight Modified over 6 years ago

Similar presentations

Presentation on theme: "Efficient Anonymous Cash Using the Hash Chain Member:劉岱穎,吳展奇,林智揚"— Presentation transcript:

1 Efficient Anonymous Cash Using the Hash Chain Member:劉岱穎,吳展奇,林智揚
近代電腦密碼學 Efficient Anonymous Cash Using the Hash Chain Member:劉岱穎,吳展奇,林智揚 Source: IEICE TRAN. COMMUN., VOL. E86-B, NO Author: Sangjin KIM and Heekuck OH

2 Outline Introduction Electronic Cash System Security Analysis
Account Setting Withdrawal Protocol Initial payment protocol Subsequent payment protocol Anonymity Control Security Analysis Conclusion

3 Introduction Credit-based and vendor-specific
Debit-based and vendor-independent

4 Advantage Debit-based Vendor-independent
Provide trace mechanisms to counter illegal use

5 The flow User use withdrawal protocol to get money from bank(withdrawal protocol) User use the money that is provide by the bank to buy some things in a shop(payment protocol) The shop store the money to the shop’s account(deposit protocol) Authority can trace the coins and owners

6 Blind Signature signs coins database Bank 2. t 7. Coin 3. td mod N
1. t=SN×ke mod N SN: Serial # k: random number 2. t 7. Coin 3. td mod N Consumer Merchant 5. Coin 4. s=(td)/k mod N=SNd mod N 6. Verify the signature s Coin: SN+s

7 System Setup Four types of players Clients Shops Bank
Trusted authority

8 Initialization Bank: TA: Choose five generators of Gq: gb, gu,gs,gr,gl
Secrete key: xb Public key: TA: Choose gt of Gq Secrete key: xct, xot Public key: ,

9 Initialization User: Secret key: xu , blind factor: r Public key:
Compute: CT: , OT: hash chain (c0,c1,…,cl) of length L where ci = H(ci+1)

10 Withdrawal Protocol

11 Proof(E)

12 BlindSig Sig(C) =

13 Initialization Shop: Secrete key: xs Public key:

14 Initial payment protocol

15 Subsequent payment protocol

16 Anonymity Control Coin tracing Owner tracing
Provide a way to deanonymize withdrawn cash so that the bank can recognize the cash at the time of deposit. Bank send CT to the trusted authority Authority computes CTxct =gbr Bank computes C/gbr=C Owner tracing Provide a way to deanonymize deposited cash so that the identity of the withdrawn is revealed Bank send OT to the trusted authority Authority computes OTxot =guxu Bank computes C/grcogllgtr=guxu ~

17 Security of the System Impersonation Unforgeability Manipulation
Anonymity Straling Double spending

18 Conclusion This system is the only vendor-idependent one that provides full anonymity and variable payments

Download ppt "Efficient Anonymous Cash Using the Hash Chain Member:劉岱穎,吳展奇,林智揚"

Similar presentations

Internet payment systems

Internet payment systems
Design and Security Analysis of Marked Blind Signature

Design and Security Analysis of Marked Blind Signature
Digital Cash Mehdi Bazargan Fall 2004.

Digital Cash Mehdi Bazargan Fall 2004.
Recoverable and Untraceable E-Cash Dr. Joseph K. Liu The Chinese University of HongKong.

Recoverable and Untraceable E-Cash Dr. Joseph K. Liu The Chinese University of HongKong.
Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.

Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Digital Cash Present By Kevin, Hiren, Amit, Kai. What is Digital Cash?  A payment message bearing a digital signature which functions as a medium of.

Digital Cash Present By Kevin, Hiren, Amit, Kai. What is Digital Cash?  A payment message bearing a digital signature which functions as a medium of.
Slide 1 Vitaly Shmatikov CS 378 Digital Cash. slide 2 Digital Cash: Properties uDigital “payment message” with properties of cash uUnforgeable Users cannot.

Slide 1 Vitaly Shmatikov CS 378 Digital Cash. slide 2 Digital Cash: Properties uDigital “payment message” with properties of cash uUnforgeable Users cannot.
Combating Double-Spending Using Cooperative P2P Systems Author : Ivan Osipkov, Eugene Y. Vasserman, Nicholas Hopper, Yongdae Kim Source : International.

Combating Double-Spending Using Cooperative P2P Systems Author : Ivan Osipkov, Eugene Y. Vasserman, Nicholas Hopper, Yongdae Kim Source : International.
Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.

Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.
Introduction to Modern Cryptography, Lecture 13 Money Related Issues ($$$) and Odds and Ends.

Introduction to Modern Cryptography, Lecture 13 Money Related Issues ($$$) and Odds and Ends.
IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2004 -

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©
Your Presenter Amer Sharaf Electronic Payments: Where do we go from here? ByMarkus Jakobsson David Mraihi Yiannis Tsiounis Moti Yung.

Your Presenter Amer Sharaf Electronic Payments: Where do we go from here? ByMarkus Jakobsson David Mraihi Yiannis Tsiounis Moti Yung.
1 Blind Signatures 盲簽章 Chun-I Fan 范俊逸 E-Commerce & Security Engineering Lab. Department of Computer Science and Engineering National Sun Yat-Sen University.

1 Blind Signatures 盲簽章 Chun-I Fan 范俊逸 E-Commerce & Security Engineering Lab. Department of Computer Science and Engineering National Sun Yat-Sen University.
Digital Cash Damodar Nagapuram. Overview ► Monetary Freedom ► Digital Cash and its importance ► Achieving Digital Cash ► Disadvantages with digital cash.

Digital Cash Damodar Nagapuram. Overview ► Monetary Freedom ► Digital Cash and its importance ► Achieving Digital Cash ► Disadvantages with digital cash.
1 A practical off-line digital money system with partially blind signatures based on the discrete logarithm problem From: IEICE TRANS. FUNDAMENTALS, VOL.E83-A,No.1.

1 A practical off-line digital money system with partially blind signatures based on the discrete logarithm problem From: IEICE TRANS. FUNDAMENTALS, VOL.E83-A,No.1.
Electronic Voting Schemes and Other stuff. Requirements Only eligible voters can vote (once only) No one can tell how voter voted Publish who voted (?)

Electronic Voting Schemes and Other stuff. Requirements Only eligible voters can vote (once only) No one can tell how voter voted Publish who voted (?)
1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科 教授 (Prof. Jinn-Ke Jan) 陳育毅.

1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科 教授 (Prof. Jinn-Ke Jan) 陳育毅.
Module 8 – Anonymous Digital Cash Blind Signatures DigiCash coins.

Module 8 – Anonymous Digital Cash Blind Signatures DigiCash coins.
E-Money / Digital Cash Lin Huang. Money / Digital Cash What is Money –Coins, Bill – can’t exist on two places at one time –Bearer bonds: immediate cashable.

E-Money / Digital Cash Lin Huang. Money / Digital Cash What is Money –Coins, Bill – can’t exist on two places at one time –Bearer bonds: immediate cashable.

Similar presentations

Ads by Google