Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
The random oracle methodology, revisited (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Secure and Efficient Off-Line Digital Money (Extended Abstract)
ICALP '93 Proceedings of the 20th International Colloquium on Automata, Languages and Programming
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
An Efficient Divisible Electronic Cash Scheme
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
New Protocols for Electronic Money
ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Unlinkable Divisible Electronic Cash
ISW '00 Proceedings of the Third International Workshop on Information Security
Efficient Construction of (Distributed) Verifiable Random Functions
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Efficient Two-Party Secure Computation on Committed Inputs
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Divisible E-Cash Systems Can Be Truly Anonymous
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Improvement of Efficiency in (Unconditional) Anonymous Transferable E-Cash
Financial Cryptography and Data Security
Practical Anonymous Divisible E-Cash from Bounded Accumulators
Financial Cryptography and Data Security
An Accumulator Based on Bilinear Maps and Efficient Revocation for Anonymous Credentials
Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
Compact E-Cash and Simulatable VRFs Revisited
Pairing '09 Proceedings of the 3rd International Conference Palo Alto on Pairing-Based Cryptography
Randomizable Proofs and Delegatable Anonymous Credentials
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Transferable Constant-Size Fair E-Cash
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Group Signatures with Verifier-Local Revocation and Backward Unlinkability in the Standard Model
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Transferred cash grows in size
EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
Full-domain subgroup hiding and constant-size group signatures
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Simulatable VRFs with applications to multi-theorem NIZK
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Efficient non-interactive proof systems for bilinear groups
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Anonymity in transferable e-cash
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
P-signatures and noninteractive anonymous credentials
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Achieving optimal anonymity in transferable e-cash with a judge
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
A verifiable random function with short proofs and keys
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Collusion resistant broadcast encryption with short ciphertexts and private keys
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Multiple denominations in e-cash with compact transaction data
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Balancing accountability and privacy using e-cash (extended abstract)
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Compact e-cash from bounded accumulator
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Hi-index | 0.00 |
Off-line e-cash systems are the digital analogue of regular cash. One of the main desirable properties is anonymity: spending a coin should not reveal the identity of the spender and, at the same time, users should not be able to double-spend coins without being detected. Compact e-cash systems make it possible to store a wallet of O(2L) coins using O(L+λ) bits, where λ is the security parameter. They are called divisible whenever the user has the flexibility of spending an amount of 2ℓ, for some ℓ≤L, more efficiently than by repeatedly spending individual coins. This paper presents the first construction of divisible e-cash in the standard model (i.e., without the random oracle heuristic). The scheme allows a user to obtain a wallet of 2L coins by running a withdrawal protocol with the bank. Our construction is built on the traditional binary tree approach, where the wallet is organized in such a way that the monetary value of a coin depends on how deep the coin is in the tree.