Download presentation
Presentation is loading. Please wait.
Published byCody Jeffrey Walsh Modified over 9 years ago
1
Clemente-Cuervo et al. A PDA Implementation of an Off-line e-Cash Protocol
2
Clemente-Cuervo et al. E-cash basic definitions
3
Clemente-Cuervo et al. Features of the Standard Cash Banknotes: Provides anonymity They are valid virtually everywhere The legitimate owner is the one who carries them Portability of great amounts of money is difficult/risky All transactions must be performed personally
4
Clemente-Cuervo et al. Credit/Debit Cards: transactions of big quantities of money are possible They are portable and secure →People trust them. Electronic transactions are possible They can be used for getting banknotes A legitimate owner must authenticate him/herself They do not provide anonymity The Bank must authorize the transaction via electronic connection → on-line protocols are required Credit/Debit Cards Features
5
Clemente-Cuervo et al. Alternative: E-cash Goals –To substitute standard banknotes –To provide more flexibility than credit/debit cards Requirements –anonymity –Non-traceable protocols –fairness –divisibility –transferability –Off-line protocols –accountability
6
Clemente-Cuervo et al. E-cash: Previous Works (1/2) In 1982, David Chaum proposed a way to make electronic payments anonymously, introducing the concept of e-cash. However the main drawback of the e-cash concept is that electronic money could be copied and reused ( double spending problem ). In ‘88, Chaum, Fiat and Naor proposed an off-line protocol. In ’91, Okamoto and Otha proposed that an ideal e-cash system should have the following properties: independence, security, privacy, off-line payment, transferability, divisibility.
7
Clemente-Cuervo et al. E-cash: Previous Works (2/2) In 1993, S. Brands proposed a new protocol, whose security lies in the Schnorr digital signatures and prime finite field arithmetic. In 1996, Frankel, Tsiounnis and Yung [11], [12] proposed the concept of Fair Off-line e-Cash. There, an entity called the Authority was used to guarantee the anonymity of a purchaser as long as he/she makes legal transactions. If a purchaser tries to commit fraud, the Bank could request the tracing of a coin or the tracing of the owner of a coin. Many other systems have been proposed recently…
8
Clemente-Cuervo et al. Comparison Table of e-cash Protocols
9
Clemente-Cuervo et al. Protocol Description
10
Clemente-Cuervo et al. E-cash Model
11
Clemente-Cuervo et al. Model and Protocols Our system consists of four entities, namely, The Bank. The Purchaser; The Store; The Authority And the scheme consists of five sub-protocols: 1.Initialization Process 2.Withdrawing protocol 3.Payment/purchasing protocol 4.Deposit/collection protocol 5.Owner/coin tracing protocol
12
Clemente-Cuervo et al. Initialization Process
13
Clemente-Cuervo et al. Coin Generation A coin is represented as a six-tuple: {A, B, z, a, b, r}, Where: A, B contain user information (encrypted) z, a, b contain coin information required for verification (encrypted) r Bank signature (under the Schnorr scheme)
14
Clemente-Cuervo et al. Coin Signature
15
Clemente-Cuervo et al. Design and Implementation
16
Clemente-Cuervo et al. The Mobile e-cash system
17
Clemente-Cuervo et al. Architectural Design
18
Clemente-Cuervo et al. PDA Specification SharpZaurus 5600 Operating SystemLinux ProcessorIntel XScale @ 400MHz Memory128MB SDRAM; 48MB ROM
19
Clemente-Cuervo et al. Withdraw protocol using a key of 128 bits
20
Clemente-Cuervo et al. Cryptographic Operations per Protocol ProtocolCrypto OperationsBandwidth Withdrawal15 exponentiations, 2 inverses 1.7KB Payment6 exponentiations, 1 inverse 2.5KB DepositNone1.9KB Tracing1 exponentiation, 1 inverse 657B
21
Clemente-Cuervo et al. Withdraw protocol using a key of 128 bits
22
Clemente-Cuervo et al. Withdraw protocol using a key of 256 bits
23
Clemente-Cuervo et al. Withdraw protocol using a key of 512 bits
24
Clemente-Cuervo et al. Conclusion We present the implementation of a fair e-cash protocol especially designed for mobile wireless environments, with the following features: Our protocol attempts to offer a reasonable balance between anonymity; and the possibility of revoking that anonymity under special circumstances. For that, our system considers two protocols especially designed for tracing purposes: a coin tracing and an owner tracing protocol; Our system was written in Java and it was implemented in a wireless environment with PDA mobile devices.
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.