On the Privacy of "User Efficient Recoverable Off-Line E-Cash Scheme with Fast Anonymity Revoking"
نویسندگان
چکیده
Recently, Fan et al. proposed a novel e-cash scheme which allows a user to recover the e-cash he lost. They claimed their e-cash possesses properties of anonymity, unlinkability (i.e. untraceability), bank-off-line payment, doublespending detection, and anonymity revocation. The ecash untraceability is greatly related to users’ privacy and indicates that no one including the issuer bank can link e-cash to any user when the e-cash is legally spent. Although, the authors have formally proved the unlinkability of their scheme, we still found a loophole to compromise user’s privacy. That is, an issuer bank or an attacker who intrudes the issuer bank’s system can link e-cash to a user by collecting e-cash withdrawal and deposit transaction messages. This may make the user’s shopping behaviors or location information exposed.
منابع مشابه
Crypto-analyses on "user efficient recoverable off-line e-cashs scheme with fast anonymity revoking"
Recently, Fan et al. proposed a user efficient recoverable off-line e-cash scheme with fast anonymity revoking. They claimed that their scheme could achieve security requirements of an e-cash system such as, anonymity, unlinkability, double spending checking, anonymity control, and rapid anonymity revoking on double spending. They further formally prove the unlinkability and the un-forgeability...
متن کاملA PDA Implementation of an Off-line e-Cash Protocol
We present an efficient implementation of a fair e-cash protocol especially designed for mobile wireless environments. Our protocol attempts to offer a reasonable balance between the anonymity feature on one side, and the possibility of revoking that anonymity in case that there exist reasonable doubts about the behavior of a given user. Our system considers two protocols especially designed fo...
متن کاملA new untraceable off-line electronic cash system
Digital content transactions through e-commerce will grow tremendously in the coming years. In this respect, well-designed electronic payment schemes and high-quality digital contents are two critical factors. Untraceable electronic cash schemes make it possible for customers to pay the e-cash to the merchants through communication networks under privacy protection. Therefore, there is a need t...
متن کاملAn Off-Line Electronic Payment Scheme based on Publicly Verifiable Secret Sharing
In this paper, we introduce a new efficient technique allowing to render an off-line e-cash system traceable without need to a trusted party. The main idea is the use of the publicly verifiable secret sharing technique in order to revoke the anonymity of double spending users. The anonymity of honest users is still provided. Security analysis shows that the proposed technique does not undermine...
متن کاملAttribute-based Access Control for Cloud-based Electronic Health Record (EHR) Systems
Electronic health record (EHR) system facilitates integrating patients' medical information and improves service productivity. However, user access to patient data in a privacy-preserving manner is still challenging problem. Many studies concerned with security and privacy in EHR systems. Rezaeibagha and Mu [1] have proposed a hybrid architecture for privacy-preserving accessing patient records...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- I. J. Network Security
دوره 17 شماره
صفحات -
تاریخ انتشار 2015