Fair E-Cash System For Internet Payment

In a fair e-cash system, the trustee holds the ability to revoke the anonymity of a user. Anonymity revocation means tracing where a user has spent the coins ( coin tracing) or tracing whom a spent coin belongs to ( owner tracing ) . The trustee is expected to revoke the anonymity of a user only whe...

Full description

Saved in:
Bibliographic Details
Main Author: Ching , Yen Choon
Format: Thesis
Published: 2001
Subjects:
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In a fair e-cash system, the trustee holds the ability to revoke the anonymity of a user. Anonymity revocation means tracing where a user has spent the coins ( coin tracing) or tracing whom a spent coin belongs to ( owner tracing ) . The trustee is expected to revoke the anonymity of a user only when instructed by the court. This allows the law enforcement authority to catch users who use the e-cash for criminal activities while protecting the anonymity of those that do not misuse it. A fair e-cash system is called off-line if the trustee is only involved during the revocation process. Previous schemes required the tracing information to be constructed for each coins. This resulted in high computation during withdrawal time and the coin size is quite large. Thus, it is not suitable to be implemented on devices with limited memory or processing capability such as smart cards, PDAs or WAP phones. In this thesis, we proposed a different approach to construct an off-line fair e-cash system which resulted in a significant reduction in terms of computation and storage. We use what we call a license to achieve tracing. This license will contain the user's information which the trustee can extract out for tracing purposes. There is no monetary value associated with this license. The user must always present a valid license for every transaction. Since the tracing information is not constructed into the coin, the coin will have a simpler 'structure'. We still require the user to include his identity in the coin. However, the user does not need to prove that this is correctly done during withdrawal time. He only needs to show that the identity embedded in the coin is the same as the identity embedded in the license during payment time. This is to prevent the coins from being used by someone else except the withdrawer. Using this new approach , the coins vannot be traced directly. Instead, one has to trace the licenses withdrawn. This indirectly allows the law enforcement authority to trace the whereabouts of suspicious withdrawal. For the owner tracing, the tracing is accomplished using the license. The design is simple and direct. This allows us to easily analyze the security of the scheme and also to reduce implementation errors.