A Secure and Efficient Off-line Electronic Transaction Protocol
Department of Mathematics and Computer Science, University of Oradea
Oradea 410087, Romania
Abstract: In this paper we propose a secure and efficient off-line electronic transaction protocol based on an ID-based public key encryption system and group signature schemes, which is constructed from bilinear pairings. The anonymity of the customer is revocable by a trustee in case of dispute. Because the amount of communication in the payment protocol is about 1280 bits, our off-line electronic transaction protocol can be used in the wireless networks with the limited bandwidth or the limited-storage environment such as smart card.
Keywords: Cryptography, protocol, electronic cash system, bilinear pairings, group signatures.
CITE THIS PAPER AS:
Constantin POPESCU, A Secure and Efficient Off-line Electronic Transaction Protocol, Studies in Informatics and Control, ISSN 1220-1766, vol. 19 (1), pp. 27-34, 2010.
Recently, a variety of on-line businesses are rapidly emerging over the Internet, which are considered to be some of the most efficient and convenient ways to provide all electronic services. An efficient and secure electronic transaction protocol plays an important role to support these businesses safely as a trustful payment over the Internet.
Since Chaum proposed untraceable electronic cash systems based on blind signatures in 1982 , various extended systems have been proposed, which provide functionalities such as anonymity, double spending prevention, unforgeability, untraceability and efficiency , , , , . Off-line electronic cash systems were first introduced in  and then developed further in , , , , , . In these cases the bank’s involvement in the payment transaction between a customer and a merchant was eliminated. Customers withdraw electronic coins from the bank and use them to pay a merchant (a shop). The merchant subsequently deposits the coins back to the bank. Most off-line electronic cash systems use a restricted form of blind signatures to implement anonymity. The revocable e-cash system ,  (or fair payment system) in which anonymity can be revoked when needed, becomes one of the active research areas of preventing such misuses. In the revocable e-cash scheme, the identification of an illegal user can be traced by the cooperation of a trustee and a bank.
Along with countermeasures ,  against the blackmailing and money laundering, many schemes in , ,  have been proposed to resist against the abuse of anonymity. The scheme suggested by Camenisch et al.  requires the trustee to take part in the initialization phase but does not provide a prevention against extortion and blindfolding attacks. Some schemes were suggested to prevent these attacks. Fujisaki and Okamoto’s scheme  and Jakobsson and Yung’s scheme  are said to be not efficient in the sense that the users need to communicate with a trustee in every payment phase. Recently, Wang, Cao and Zhang  proposed an off-line payment scheme in which the anonymity of consumers is scalable. Consumers can get the required anonymity without showing their identities to any third party. However, the authors in  show that in Wang, Cao and Zhang’s scheme, given a valid coin and without knowing any secret information, everyone is able to spend the coin as many times as he wants.
In this paper we propose a secure off-line electronic transaction protocol based on an ID-based public key encryption system and group signature schemes.
In order to construct our electronic cash system, we use the group signature of X. Chen, F. Zhang, K. Kim  and the blind signature of Schnorr . The proposed off-line electronic cash system is provable secure. Its security is based on the ID-based public key encryption system , which is constructed from bilinear pairings. We discuss some aspects of security of our off-line electronic cash system, such as: the anonymity of the customer and the security against the forgery of the coin. Because the amount of communication in the payment protocol is about 1280 bits, our off-line electronic transaction protocol can be used in the wireless networks with the limited bandwidth or in the Internet environment (payments using smart cards).
The rest of this paper is organized as follows. In the next section we review the properties of bilinear pairings and group signatures. Then we present our off-line electronic transaction protocol in section 3. Furthermore, we discuss some aspects of security and efficiency in section 4. Finally, section 5 concludes the work of this paper.
- CHAUM D., Blind Signature for Untraceable Payments, Proc. of Eurocrypt’82, Plenum Press, 1983, pp. 199-203.
- AU M., W. SUSILO, Y. MU, Practical Anonymous Divisible e-Cash from Bounded Accumulators, Proc. of Fin. Cryptography and Data Security, 2008.
- CANARD S., GOUGET A., Divisible e-Cash Systems Can Be Truly Anonymous, Proceedings of Eurocrypt 2007, pp. 482-497.
- FUN C., Ownership-attached Unblinding of Blind Signatures for Untraceable Electronic Cash, Information Science, 2006, pp. 263-284.
- KU C., C. TSAO, Y. LIN, C. CHEN, An Escrow Electronic Cash System with Limited Traceability, Information Science, 2004, pp. 17-30.
- TROLIN M., A Universally Composable Scheme for Electronic Cash, Proc. of Indocrypt, 2005, pp. 347-360.
- CHAUM D., FIAT A., NAOR M., Untraceable Electronic Cash, Proc. of the Crypto’88, 1990, pp. 319-327.
- FRANKLIN M., YUNG M., Secure and Efficient Off-line Digital Money, Proc. of the 20th Intl. Colloq., Languages and Programming, 1993, pp. 265-276.
- LEE M., G. AHN, J. KIM, J. PARK, B. LEE, K. KIM, H. LEE, Design and Implementation of an Efficient Fair Off-line e-Cash System Based on Elliptic Curve Discrete Logarithm Problem, Journ. of Comm. and Networks 4, 2002, pp. 81-89.
- OKAMOTO T., K. OHTA, Universal Electronic Cash, Proc. of the 11th Ann. Intl. Cryptology Conf. on Advances in Cryptology, 1992, pp. 324-337.
- OKAMOTO T., An Efficient Divisible Electronic Cash Scheme, Proc. of Crypto’95, pp. 302-318.
- POPESCU C., A Fair Off-line Electronic Cash System Based on Elliptic Curve Discrete Logarithm Problem, Studies in Informatics and Control, Vol. 14(4), 2005, pp. 291-298.
- POPESCU C, An Electronic Cash System Based on Group Blind Signatures, Informatica 17(2006), pp. 551-564.
- BRICKELL E., P. GEMMELL, D. KRAVITZ, Trustee-based Tracing Extensions to Anonymous Cash and the Making of Anonymous Exchange, Proc. of 6th Ann. ACM-SIAM Symp. on Discrete Algorithms, 1995, pp. 457-466.
- CAMENISCH J., M. PIVETEAU, M. STADLER, An Efficient Fair Payment System, Proc. of 3rd ACM Conf. on Computer and Commun. Security, ACM Press, 1996, pp. 88-94.
- STADLER M., J. M. PIVETEAU, J. CAMENISCH, Fair-blind Signatures, Proc. of Eurocrypt’95, pp. 209-219.
- FUJISAKI E., T. OKAMOTO, Practical Escrow Cash System, Proc. of Cambridge Workshop on Security Prot., 1997, pp. 3-48.
- JAKOBSSON M., M. YUNG, Revokable and Versatile e-Money, Proc. of 3rd Ann. ACM Conf. on Computer and Commun. Security, 1996, pp. 76-87.
- CAMENISCH J., U. MAURER, M. STADLER, Digital Payment Systems with Passive Anonymity-Revoking Trustees, Journal of Computer Security 5, 1997, pp. 69-90.