Abstract

We present a new off-line electronic cash system based on a problem, called the representation problem, of which little use has been made in literature thus far. Our system is the first to be based entirely on discrete logarithms. Using the representation problem as a basic concept, some techniques are introduced that enable us to construct protocols for withdrawal and payment that do not use the cut and choose methodology of earlier systems. As a consequence, our cash system is much more efficient in both computation and communication complexity than previously proposed systems. Another

Citations

2292	New directions in cryptography - Diffie, Hellmen - 1976
1404	How to share a secret - Shamir - 1979
706	A.: How to prove yourself: Practical solutions to identification and signature problems - Fiat, Shamir - 1986
512	Efficient signature generation for smart cards - Schnorr - 1991
432	Group Signatures - Chaum, Heijst - 1991
298	Non-interactive and information-theoretic secure verifiable secret sharing - Pedersen - 1998
289	Zero Knowledge Proofs of Identity - Feige, Fiat, et al. - 1987
241	Untraceable electronic cash - Chaum, Fiat, et al. - 1988
131	Provably secure and practical identification schemes and corresponding signature schemes - Okamoto - 1993
94	Universal electronic cash - Okamoto, Ohta - 1991
62	Cryptographically Strong Undeniable Signatures, Unconditionally Secure for the Signer - Chaum, Heijst, et al. - 1992
47	Disposable zero-knowledge authentications and their applications to untraceable electronic cash - Okamoto, Ohta - 1989
38	An Interactive Identification Scheme Based on Discrete Logarithms and Factoring - Brickell, McCurley - 1992
27	Towards provably secure efficient electronic cash - Franklin, Yung - 1992
23	The discrete logarithm problem - McCurley - 1990
21	Improved privacy in wallets with observers - Cramer, Pedersen - 1993
19	An Improved Protocol for Demonstrating Possession of Discrete Logarithms and Some Generalizations - Chaum, Evertse, et al. - 1988
17	Divertible zero-knowledge interactive proofs and commutative random self-reducibility - Okamoto, Ohta - 1990
14	Fundamental Algorithms, volume 1 of The Art of - Knuth - 1973
13	On Vectorial Addition Chains - Olivos - 1981
11	Achieving Electronic Privacy", Scientific American - Chaum - 1992
9	Zero-knowledge undeniable signatures", Eurocrypt '90, LNCS 473 - Chaum
9	Anonymous one-time signatures and flexible untraceable electronic cash - Hayes - 1990
7	How to make efficient failstop signatures - Heijst, Pedersen - 1992
7	Communication efficient zero-knowledge proofs of knowledge (with applications to electronic cash - Santis, Persiano - 1992
5	Electronic cash - Antwerpen - 1990
5	New constructions of fail-stop signatures and lower bounds - Heijst, Pedersen, et al. - 1993
4	Wallet databases with observers", Preproceeding of Crypto '92 - Chaum, Pedersen
4	New constructions of fail-stop signatures and lower bounds (extended abstract - Heijst, Pedersen, et al.
3	Transaction systems with observers - Brands, Chaum, et al. - 1992
3	Blind signatures for untraceable payments", Crypto '82 - Chaum
3	Some algorithms on addition chains and their complexity", TR CS-R9024, Centrum voor Wiskunde en Informatica - Coster - 1990
3	Distributed provers and verifiable secret sharing based on the discrete logarithm problem - Pedersen - 1992
2	Efficient off-line electronic checks", Eurocrypt '89, LNCS 434 - Chaum, Boer, et al.
1	A voting scheme", Rump session of Crypto '88 (does not appear in the proceedings - Bos, Purdy
1	How to prevent the mafia-fraud by using distance-bounding protocols - Brands, Chaum
1	Transferred money grows in size", presented at Eurocrypt '92 - Chaum, Pedersen
1	Which new RSA-signatures can be computed from given RSA-signatures - Evertse, Heijst - 1992