On the Privacy of "User Efficient Recoverable Off-Line E-Cash Scheme with Fast Anonymity Revoking"

نویسندگان

  • Yalin Chen
  • Jue-Sam Chou
چکیده

Recently, Fan et al. proposed a novel e-cash scheme which allows a user to recover the e-cash he lost. They claimed their e-cash possesses properties of anonymity, unlinkability (i.e. untraceability), bank-off-line payment, doublespending detection, and anonymity revocation. The ecash untraceability is greatly related to users’ privacy and indicates that no one including the issuer bank can link e-cash to any user when the e-cash is legally spent. Although, the authors have formally proved the unlinkability of their scheme, we still found a loophole to compromise user’s privacy. That is, an issuer bank or an attacker who intrudes the issuer bank’s system can link e-cash to a user by collecting e-cash withdrawal and deposit transaction messages. This may make the user’s shopping behaviors or location information exposed.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Crypto-analyses on "user efficient recoverable off-line e-cashs scheme with fast anonymity revoking"

Recently, Fan et al. proposed a user efficient recoverable off-line e-cash scheme with fast anonymity revoking. They claimed that their scheme could achieve security requirements of an e-cash system such as, anonymity, unlinkability, double spending checking, anonymity control, and rapid anonymity revoking on double spending. They further formally prove the unlinkability and the un-forgeability...

متن کامل

A PDA Implementation of an Off-line e-Cash Protocol

We present an efficient implementation of a fair e-cash protocol especially designed for mobile wireless environments. Our protocol attempts to offer a reasonable balance between the anonymity feature on one side, and the possibility of revoking that anonymity in case that there exist reasonable doubts about the behavior of a given user. Our system considers two protocols especially designed fo...

متن کامل

A new untraceable off-line electronic cash system

Digital content transactions through e-commerce will grow tremendously in the coming years. In this respect, well-designed electronic payment schemes and high-quality digital contents are two critical factors. Untraceable electronic cash schemes make it possible for customers to pay the e-cash to the merchants through communication networks under privacy protection. Therefore, there is a need t...

متن کامل

An Off-Line Electronic Payment Scheme based on Publicly Verifiable Secret Sharing

In this paper, we introduce a new efficient technique allowing to render an off-line e-cash system traceable without need to a trusted party. The main idea is the use of the publicly verifiable secret sharing technique in order to revoke the anonymity of double spending users. The anonymity of honest users is still provided. Security analysis shows that the proposed technique does not undermine...

متن کامل

Attribute-based Access Control for Cloud-based Electronic Health Record (EHR) Systems

Electronic health record (EHR) system facilitates integrating patients' medical information and improves service productivity. However, user access to patient data in a privacy-preserving manner is still challenging problem. Many studies concerned with security and privacy in EHR systems. Rezaeibagha and Mu [1] have proposed a hybrid architecture for privacy-preserving accessing patient records...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:
  • I. J. Network Security

دوره 17  شماره 

صفحات  -

تاریخ انتشار 2015