Presentation is loading. Please wait.

Presentation is loading. Please wait.

Digital Cash Present By Kevin, Hiren, Amit, Kai. What is Digital Cash?  A payment message bearing a digital signature which functions as a medium of.

Published byLucy Thomas Modified over 9 years ago

Similar presentations

Presentation on theme: "Digital Cash Present By Kevin, Hiren, Amit, Kai. What is Digital Cash?  A payment message bearing a digital signature which functions as a medium of."— Presentation transcript:

1 Digital Cash Present By Kevin, Hiren, Amit, Kai

2 What is Digital Cash?  A payment message bearing a digital signature which functions as a medium of exchange or store of value  Need to be backed by a trusted third party, usually the government and the banking industry.

3 Key Properties  Secure  Anonymous  Portable  Reusable  User-friendly

4 Digital Cash vs Credit Card AnonymousIdentified Online or Off-lineOnline Store money in digital wallet Money is in the Bank

5 The Online Model  Structure Overview Deposit Coins Bank User Merchant Withdraw Coins Payment Link with other banks

6 Pros and Cons of the online scheme  Pros –Provides fully anonymous and untraceable digital cash. –No double spending problems. –Don't require additional secure hardware – cheaper to implement.  Cons –Communications overhead between merchant and the bank. –Huge database of coin records. –Difficult to scale, need synchronization between bank servers. –Coins are not reusable

7 The Offline Model  Structure Overview Bank Merchan t User Temper- resistant device Others T.R.D.

8 Pros and Cons of the offline model  Advantages –Off-line scheme –User is fully anonymous unless double spend –Bank can detect double spender –Banks don’t need to synchronize database in each transaction. –Coins could be reusable –Reduced the size of the coin database.  Disadvantages –Might not prevent double spending immediately –More expensive to implement

9 Traceable Signature Protocol m message m = amount, serial no (m) d d is secret key of the Bank spend (m) d send m (m) d verify (m) d CustomerBankMerchant

10 Blind Signatures  Add a blinding factor b  r d = (mb e ) d  Bank could keep a record of r  Remove blinding factor  (mb e ) d = (m) d b ed  b -1  m d  r = (m)b e message

11 Untraceable Digital Cash  Create k items of m Random Serial Number m1m1, …, mkmk m 1 = (…, amount, serial number) m k = (…, amount, serial number)

12 Untraceable Digital Cash  Create blinding factors:b 1 e,…, b k e  Blind the units - m 1 b 1 e, …, m k b k e m1b1em1b1e mkbkemkbke, …, Bank  Send to bank for signing

13 Untraceable Digital Cash  Bank chooses k –1 to check  Customer gives all blinding factors except for unit i  Bank checks they are correct i

14 Untraceable Digital Cash  Bank signs the remaining one and sends it back – ( m i b e i ) d = m i d b i Customer Serial no  The customer removes the blind using b i -1  m i d

15 Problem!  When the merchant receives the coin, it still has to be verified  The merchant has to have a connection with the bank at the time of sale  This protocol is anonymous but not portable

16 How to make it off-line

17 Secret Splitting  A method that splits the user ID in to n parts  Each part on its own is useless but when combined will reveal the user ID  Each user ID is XOR with a one time Pad, R

18 Cont…  E.g. User ID = 2510, R = 1500:  2510 XOR 1500 = 3090  The user ID can now be split into 2 parts, I.e. 1500 and 3090  On their own they are useless but when XOR will reveal the user ID  I.e 1500 XOR 3090 = 2510

19 A Typical Coin  User ID: 15003090 45456159 58787992  Header Information  Serial number  Transaction Item – pairs of user ID’s

20 A Typical Coin  User ID: 1500XOR3090 = 2510 4545XOR6159 = 2510 5878XOR7992 = 2510 User ID  Header Information  Serial number  Transaction Item – pairs of user ID’s

21 Blanking  User ID: 03090 45456159 58787992 Randomly blank one side of each identity pair

22 Blanking  User ID: 03090 45450 58787992 Randomly blank one side of each identity pair

23 The coin is now spent  User ID: 03090 45450 58780 You can no longer tell who owns the coin Merchant would now deposit this coin into the bank

24 The coin is copied and spent at another merchant  User ID: 15000 45450 07992 Before the user spent the coin the first time, the user made a copy of it Merchant would now deposit this coin into the bank

25 How can we catch the user?  Original Coin  User ID: 03090 4545 0 5878 0  Duplicate Coin  User ID: 1500 0 4545 0 07992 This is what is in the bank

26 How can we catch the user?  Original Coin  User ID: 03090 4545 0 5878 0  Duplicate Coin  User ID: 1500 0 4545 0 07992 This is what is in the bank 3090 XOR 1500 = 2510 5878 XOR 7992 = 2510 User ID

27 Probability of catching the culprit  Depends on the number of the identity strings used  Probability of catching a user is: –1 - ½ n, where n is the number of identity strings E.g. n = 5, the probability of catching a user is: 0.97

28 Reusability  Once the coin has been spent the merchant has to deposit it to the bank  Therefore, coin can only be spent once  Convenience, ability to give change, unnecessary transactions between bank and merchant  Banks database size – less serial numbers  Solution – Add the new User ID to the coin

29 Setup ID=HIREN ID=KEVIN ID=AMIT

30 Coins  Users Coin  User ID: AMIT

31 Amit spends his coin at Hirens shop The coin will now look like this: Amit no longer owns the coin, it is bounded to Hiren User ID: A0 0IT AMI 0 HIREN

32 Hiren can now go and spend his coin at Kevin's shop The coin looks like this: User ID: A0 0IT AMI0 HIREN

33 Hiren can now go and spend his coin at Kevin's shop The coin will now look like this: User ID: A0 0IT AMI0 0REN 0EN H 0 KEVIN

34 Size Matters!  Coin m = (Serial num, denomination, Transaction list (transactions * user ID), Other Header info)  Limit size by Validity Period and/or max Transactions

35 Other proposals  What if you what buy something that costs £4.99 and you have £5 coin?  Would have a ‘file’ for every coin £4 £2 £1 £2 £1 £2 £1

36 Fair Blind Signatures  Possible solution to undetectable money laundering or ransom demands SenderSigner Signing protocol Judge Un-linkable Message-signature pairView of protocol

37 Conclusion  Feasible from a purely technological perspective  Anonymous is at the heart of the government's attack  Cannot attract funding

38 Advantages:  Convenience  Secure  Handling costs  Time saving  Transaction Costs

39 Global Disadvantages  Safety Issue  Physical Securities  Users Issue  Legal problems

40 Questions?

Download ppt "Digital Cash Present By Kevin, Hiren, Amit, Kai. What is Digital Cash?  A payment message bearing a digital signature which functions as a medium of."

Similar presentations

Chapter 8 Payment Systems: Getting the Money

Chapter 8 Payment Systems: Getting the Money
Internet payment systems

Internet payment systems
Digital Cash Mehdi Bazargan Fall 2004.

Digital Cash Mehdi Bazargan Fall 2004.
Chapter 6 E-commerce Payment Systems. Traditional Payment Systems Cash Checking Transfers Credit Card Accounts Stored Value Accounts Accumulating Balance.

Chapter 6 E-commerce Payment Systems. Traditional Payment Systems Cash Checking Transfers Credit Card Accounts Stored Value Accounts Accumulating Balance.
Information Assurance Management Key Escrow Digital Cash Week 12-1.

Information Assurance Management Key Escrow Digital Cash Week 12-1.
Recoverable and Untraceable E-Cash Dr. Joseph K. Liu The Chinese University of HongKong.

Recoverable and Untraceable E-Cash Dr. Joseph K. Liu The Chinese University of HongKong.
Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.

Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
20-763 ELECTRONIC PAYMENT SYSTEMS FALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 11 Electronic Cash.

ELECTRONIC PAYMENT SYSTEMS FALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 11 Electronic Cash.
Slide 1 Vitaly Shmatikov CS 378 Digital Cash. slide 2 Digital Cash: Properties uDigital “payment message” with properties of cash uUnforgeable Users cannot.

Slide 1 Vitaly Shmatikov CS 378 Digital Cash. slide 2 Digital Cash: Properties uDigital “payment message” with properties of cash uUnforgeable Users cannot.
Class 12 Anonymous Digital Currency CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman

Class 12 Anonymous Digital Currency CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.

Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.
Introduction to Modern Cryptography, Lecture 13 Money Related Issues ($$$) and Odds and Ends.

Introduction to Modern Cryptography, Lecture 13 Money Related Issues ($$$) and Odds and Ends.
Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.

Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.
IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2004 -

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©
Quantum Cryptography Qingqing Yuan. Outline No-Cloning Theorem BB84 Cryptography Protocol Quantum Digital Signature.

Quantum Cryptography Qingqing Yuan. Outline No-Cloning Theorem BB84 Cryptography Protocol Quantum Digital Signature.
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS eCommerce Technology 20-763 Lecture 10 Micropayments I.

ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS eCommerce Technology Lecture 10 Micropayments I.
ELECTRONIC PAYMENT SYSTEMS 20-763 SPRING 2004 COPYRIGHT © 2004 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 11 Electronic Cash.

ELECTRONIC PAYMENT SYSTEMS SPRING 2004 COPYRIGHT © 2004 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 11 Electronic Cash.
Your Presenter Amer Sharaf Electronic Payments: Where do we go from here? ByMarkus Jakobsson David Mraihi Yiannis Tsiounis Moti Yung.

Your Presenter Amer Sharaf Electronic Payments: Where do we go from here? ByMarkus Jakobsson David Mraihi Yiannis Tsiounis Moti Yung.
1 Applications of Computers Lecture-3 2 E-Commerce 4 Almost all major companies have their homes on the web, mainly for advertising 4 Companies were.

1 Applications of Computers Lecture-3 2 E-Commerce 4 Almost all major companies have their homes on the web, mainly for advertising 4 Companies were.

Similar presentations

Ads by Google